Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/2b8b2d-c023-4dfb-a504-41f62da4edab/1/5HFSzn0BSL3DGhzhcfERGN8wpWY.roa
File: 5HFSzn0BSL3DGhzhcfERGN8wpWY.roa (raw, json)
Hash identifier: K1nmNpy8dT+5N/mDit1n7ZZjugQFcvQF2xZS4+26cFQ=
Subject key identifier: E4:71:52:CE:7D:01:48:BD:C3:1A:1C:E1:71:F1:11:18:DF:30:A5:66
Certificate issuer: /CN=796d29ee381b51f645e05415668d92a9ce7a8dd2
Certificate serial: 018571D7BF0F5B4576A4F9140AE95D27F636
Authority key identifier: 79:6D:29:EE:38:1B:51:F6:45:E0:54:15:66:8D:92:A9:CE:7A:8D:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eW0p7jgbUfZF4FQVZo2Sqc56jdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/2b8b2d-c023-4dfb-a504-41f62da4edab/1/5HFSzn0BSL3DGhzhcfERGN8wpWY.roa
Signing time: Mon 02 Jan 2023 09:37:22 +0000
ROA not before: Mon 02 Jan 2023 09:37:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44763
IP address blocks: 176.241.232.0/21 maxlen: 24
93.93.72.0/21 maxlen: 21
185.79.85.0/24 maxlen: 24
185.79.84.0/24 maxlen: 24
2a00:1548::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:bf:0f:5b:45:76:a4:f9:14:0a:e9:5d:27:f6:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=796d29ee381b51f645e05415668d92a9ce7a8dd2
Validity
Not Before: Jan 2 09:37:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e47152ce7d0148bdc31a1ce171f11118df30a566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:20:80:4e:6d:1a:1f:a5:ba:d5:57:75:be:4b:
18:ad:82:e3:d9:16:30:9d:fd:0a:32:46:a3:0b:19:
4a:2a:81:82:17:f5:b2:ea:66:bd:e9:7e:2e:2b:06:
e1:a1:b8:ef:0a:c9:89:c6:25:57:09:d6:25:1d:07:
da:05:20:82:04:44:88:76:af:16:cb:5c:e4:88:3b:
97:17:a0:9d:86:69:6e:06:24:2c:b0:1a:7e:0f:57:
8c:d7:44:23:8c:3d:3e:6d:b8:7a:f9:6a:39:bc:19:
d3:28:8c:2a:7b:ce:58:2c:56:ba:2c:94:9d:af:3a:
4c:58:39:85:07:4a:ef:38:64:48:3a:b7:c1:44:16:
ca:e7:20:bc:36:33:bd:1d:50:77:ec:4b:6a:5c:4b:
b9:f5:b3:f3:6b:f8:41:e4:5e:4b:6f:3f:ec:fa:ab:
9b:3e:49:5a:27:74:3e:68:4f:44:27:9c:a4:e1:91:
9b:66:05:7b:c3:c6:57:c1:da:2e:2e:cd:e3:db:52:
37:0b:07:4d:ac:98:11:10:49:d2:1f:3e:bb:dd:77:
2b:17:75:4f:8e:30:d4:d1:b1:ca:9f:54:d3:c5:5c:
3a:3a:16:2a:af:bd:17:96:08:55:dd:e8:14:27:1c:
fe:71:ac:6f:24:4c:c3:46:35:8d:ff:1c:4c:75:46:
05:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:71:52:CE:7D:01:48:BD:C3:1A:1C:E1:71:F1:11:18:DF:30:A5:66
X509v3 Authority Key Identifier:
keyid:79:6D:29:EE:38:1B:51:F6:45:E0:54:15:66:8D:92:A9:CE:7A:8D:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eW0p7jgbUfZF4FQVZo2Sqc56jdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/2b8b2d-c023-4dfb-a504-41f62da4edab/1/5HFSzn0BSL3DGhzhcfERGN8wpWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/2b8b2d-c023-4dfb-a504-41f62da4edab/1/eW0p7jgbUfZF4FQVZo2Sqc56jdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.93.72.0/21
176.241.232.0/21
185.79.84.0/23
IPv6:
2a00:1548::/32
Signature Algorithm: sha256WithRSAEncryption
1c:76:4f:d4:8c:77:fd:35:76:32:90:2c:0e:9a:fb:97:70:96:
82:3f:c1:e8:dd:57:9f:d8:5c:86:1b:5c:63:57:ee:a4:3d:d4:
a7:0f:24:56:35:3d:5c:f8:5e:f5:f0:13:31:ff:62:da:69:62:
ec:e2:04:03:c5:48:2c:ce:49:81:cf:15:52:88:d0:6c:64:45:
38:97:97:28:68:e8:2c:46:fc:5d:62:ae:17:a5:13:91:c5:4f:
69:e6:29:5c:90:61:07:46:83:a9:6f:54:45:62:a8:d6:75:69:
09:ef:a4:23:10:5a:2d:c1:3b:51:4a:94:f8:cb:44:dd:7e:59:
15:2d:b5:68:fd:83:03:b0:c7:22:87:68:be:a2:43:e4:ba:ee:
0d:8d:e3:9b:1a:02:25:12:ca:38:c4:6f:33:04:57:af:82:fd:
b4:ea:3f:e1:2c:08:12:04:be:09:01:df:51:a6:28:ab:11:00:
a1:79:e4:8c:9e:8e:ad:7d:22:b2:47:7b:a5:48:c1:e9:0f:2f:
43:17:27:d9:a8:cb:e5:32:95:1e:ae:52:cb:38:09:48:c2:70:
d0:0d:0e:50:27:76:36:ad:55:35:b0:36:cc:cd:49:d2:38:4b:
79:71:f2:fb:0f:3f:c3:14:a4:e0:13:95:4b:e2:cd:c2:39:54:
7b:bc:0b:04
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVx178PW0V2pPkUCuldJ/Y2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NmQyOWVlMzgxYjUxZjY0NWUwNTQxNTY2OGQ5MmE5Y2U3
YThkZDIwHhcNMjMwMTAyMDkzNzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDcxNTJjZTdkMDE0OGJkYzMxYTFjZTE3MWYxMTExOGRmMzBhNTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyCATm0aH6W61Vd1vksYrYLj2RYw
nf0KMkajCxlKKoGCF/Wy6ma96X4uKwbhobjvCsmJxiVXCdYlHQfaBSCCBESIdq8W
y1zkiDuXF6CdhmluBiQssBp+D1eM10QjjD0+bbh6+Wo5vBnTKIwqe85YLFa6LJSd
rzpMWDmFB0rvOGRIOrfBRBbK5yC8NjO9HVB37EtqXEu59bPza/hB5F5Lbz/s+qub
PklaJ3Q+aE9EJ5yk4ZGbZgV7w8ZXwdouLs3j21I3CwdNrJgREEnSHz673XcrF3VP
jjDU0bHKn1TTxVw6OhYqr70XlghV3egUJxz+caxvJEzDRjWN/xxMdUYFQQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFORxUs59AUi9wxoc4XHxERjfMKVmMB8GA1UdIwQY
MBaAFHltKe44G1H2ReBUFWaNkqnOeo3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVcwcDdqZ2JVZlpGNEZRVlpvMlNxYzU2amRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8yYjhiMmQtYzAyMy00ZGZiLWE1MDQt
NDFmNjJkYTRlZGFiLzEvNUhGU3puMEJTTDNER2h6aGNmRVJHTjh3cFdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8yYjhiMmQtYzAyMy00ZGZiLWE1MDQtNDFmNjJkYTRlZGFi
LzEvZVcwcDdqZ2JVZlpGNEZRVlpvMlNxYzU2amRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDXV1IAwQD
sPHoAwQBuU9UMA0EAgACMAcDBQAqABVIMA0GCSqGSIb3DQEBCwUAA4IBAQAcdk/U
jHf9NXYykCwOmvuXcJaCP8Ho3Vef2FyGG1xjV+6kPdSnDyRWNT1c+F718BMx/2La
aWLs4gQDxUgszkmBzxVSiNBsZEU4l5coaOgsRvxdYq4XpRORxU9p5ilckGEHRoOp
b1RFYqjWdWkJ76QjEFotwTtRSpT4y0TdflkVLbVo/YMDsMcih2i+okPkuu4NjeOb
GgIlEso4xG8zBFevgv206j/hLAgSBL4JAd9RpiirEQCheeSMno6tfSKyR3ulSMHp
Dy9DFyfZqMvlMpUerlLLOAlIwnDQDQ5QJ3Y2rVU1sDbMzUnSOEt5cfL7Dz/DFKTg
E5VL4s3COVR7vAsE
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:57 2025 by rpki-client