Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/i5k11YQ3U4pwCXdScKn6Xa572_U.roa
File: i5k11YQ3U4pwCXdScKn6Xa572_U.roa (raw, json)
Hash identifier: kxNg6kZ4KiRLNs6RimMl1/ZfVRH30RWELAOqP7PP9jM=
Subject key identifier: 8B:99:35:D5:84:37:53:8A:70:09:77:52:70:A9:FA:5D:AE:7B:DB:F5
Certificate issuer: /CN=efa70cb849e3837451bd79af7dc7e035963e6043
Certificate serial: 018C21C0F018D90A827D229A69671ADD6B30
Authority key identifier: EF:A7:0C:B8:49:E3:83:74:51:BD:79:AF:7D:C7:E0:35:96:3E:60:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76cMuEnjg3RRvXmvfcfgNZY-YEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/i5k11YQ3U4pwCXdScKn6Xa572_U.roa
Signing time: Thu 30 Nov 2023 19:42:21 +0000
ROA not before: Thu 30 Nov 2023 19:42:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34916
IP address blocks: 89.44.238.0/23 maxlen: 23
89.42.118.0/23 maxlen: 23
86.106.27.0/24 maxlen: 24
86.104.231.0/24 maxlen: 24
86.105.204.0/23 maxlen: 23
85.204.193.0/24 maxlen: 24
86.105.226.0/24 maxlen: 24
89.35.250.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:21:c0:f0:18:d9:0a:82:7d:22:9a:69:67:1a:dd:6b:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efa70cb849e3837451bd79af7dc7e035963e6043
Validity
Not Before: Nov 30 19:42:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b9935d58437538a7009775270a9fa5dae7bdbf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:01:56:ff:aa:a8:96:cf:46:1c:35:bf:e5:62:
24:f2:b6:71:40:0b:f4:0a:83:93:2b:79:3b:23:1a:
5d:2f:b8:ea:83:aa:12:16:8a:e4:81:a7:aa:be:50:
6d:bc:71:0d:33:7c:82:fc:4a:8f:70:e8:a1:ac:50:
a1:50:89:f0:b3:77:55:8d:28:af:41:27:2e:4c:5c:
9d:d8:39:f2:60:c0:3c:13:b9:f1:d6:7f:76:ce:ab:
7d:2a:d7:4e:7d:ac:d1:41:b8:c4:79:1e:fc:9c:7d:
97:71:3c:fa:cf:ad:13:f0:5d:8c:31:72:12:94:7c:
7f:7a:66:29:45:c0:ac:82:14:fd:3c:23:26:a1:35:
44:45:c0:59:19:e3:3f:55:eb:54:d9:3a:21:8f:c0:
91:23:2a:72:5e:fc:40:23:b8:44:fc:34:be:51:5a:
89:01:20:cc:b2:49:0c:b1:d0:4b:4b:51:76:c0:fe:
1e:32:f8:6f:5b:a1:e4:bf:61:73:c3:f8:aa:44:fb:
fa:c6:c8:99:4a:99:5a:2c:8a:76:61:46:8d:62:48:
b9:22:3b:21:d4:ba:d2:a5:f5:8a:86:2a:13:74:7e:
a8:63:eb:ce:9f:60:bc:a0:b3:29:1d:90:e0:63:d2:
d0:7d:ed:85:89:4a:92:89:b3:23:68:a4:5d:8e:84:
0b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:99:35:D5:84:37:53:8A:70:09:77:52:70:A9:FA:5D:AE:7B:DB:F5
X509v3 Authority Key Identifier:
keyid:EF:A7:0C:B8:49:E3:83:74:51:BD:79:AF:7D:C7:E0:35:96:3E:60:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76cMuEnjg3RRvXmvfcfgNZY-YEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/i5k11YQ3U4pwCXdScKn6Xa572_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/76cMuEnjg3RRvXmvfcfgNZY-YEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.193.0/24
86.104.231.0/24
86.105.204.0/23
86.105.226.0/24
86.106.27.0/24
89.35.250.0/23
89.42.118.0/23
89.44.238.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:16:c1:af:cb:27:c4:c1:e3:1c:90:5b:a1:44:2e:38:cb:16:
8d:5b:2f:5c:e3:45:50:e1:7c:94:0d:d4:d2:b1:ec:1c:6d:b1:
f7:65:ec:7c:4d:35:7c:ef:40:18:74:64:2d:a6:63:df:69:74:
f7:03:7f:b4:5b:da:4f:00:02:70:e0:7d:2a:c6:43:36:7a:b2:
ca:9d:ed:06:4d:72:47:f5:b1:c5:a1:89:1c:0e:84:23:2c:5c:
0b:75:cd:3d:ca:26:ce:8b:e5:05:07:5b:51:a1:3e:ad:c6:45:
d1:a6:c9:5a:86:21:68:5b:24:e2:47:1a:8f:49:2b:42:5f:78:
b8:21:62:b3:51:81:d5:72:da:c1:6e:8d:a8:b2:7e:52:d3:cb:
3f:98:2c:b8:58:38:b3:de:20:ed:9d:7e:89:fc:17:76:9c:df:
41:68:08:f4:84:18:1d:2c:25:b8:d5:05:69:21:dd:95:51:82:
67:0a:a4:ca:7d:f7:03:11:29:45:1f:3a:0e:71:84:76:af:a6:
09:e3:d5:1c:dc:54:31:50:a4:c5:46:05:2f:77:c4:d6:7c:55:
8d:22:13:92:29:fd:8d:00:a0:31:91:c3:6a:b4:e0:3b:44:9d:
50:cc:81:c9:08:64:0f:e9:67:46:85:d2:74:37:8c:2d:f4:7d:
f4:c6:54:c8
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYwhwPAY2QqCfSKaaWca3WswMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYTcwY2I4NDllMzgzNzQ1MWJkNzlhZjdkYzdlMDM1OTYz
ZTYwNDMwHhcNMjMxMTMwMTk0MjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjk5MzVkNTg0Mzc1MzhhNzAwOTc3NTI3MGE5ZmE1ZGFlN2JkYmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwFW/6qols9GHDW/5WIk8rZxQAv0
CoOTK3k7IxpdL7jqg6oSForkgaeqvlBtvHENM3yC/EqPcOihrFChUInws3dVjSiv
QScuTFyd2DnyYMA8E7nx1n92zqt9KtdOfazRQbjEeR78nH2XcTz6z60T8F2MMXIS
lHx/emYpRcCsghT9PCMmoTVERcBZGeM/VetU2Tohj8CRIypyXvxAI7hE/DS+UVqJ
ASDMskkMsdBLS1F2wP4eMvhvW6Hkv2Fzw/iqRPv6xsiZSplaLIp2YUaNYki5Ijsh
1LrSpfWKhioTdH6oY+vOn2C8oLMpHZDgY9LQfe2FiUqSibMjaKRdjoQLjQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFIuZNdWEN1OKcAl3UnCp+l2ue9v1MB8GA1UdIwQY
MBaAFO+nDLhJ44N0Ub15r33H4DWWPmBDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZjTXVFbmpnM1JSdlhtdmZjZmdOWlktWUVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS82OTJiMWUtYzlmZS00M2UwLWI3MjIt
NTNhNjA0ODA3NjFkLzEvaTVrMTFZUTNVNHB3Q1hkU2NLbjZYYTU3Ml9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS82OTJiMWUtYzlmZS00M2UwLWI3MjItNTNhNjA0ODA3NjFk
LzEvNzZjTXVFbmpnM1JSdlhtdmZjZmdOWlktWUVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVczBAwQA
VmjnAwQBVmnMAwQAVmniAwQAVmobAwQBWSP6AwQBWSp2AwQBWSzuMA0GCSqGSIb3
DQEBCwUAA4IBAQAtFsGvyyfEweMckFuhRC44yxaNWy9c40VQ4XyUDdTSsewcbbH3
Zex8TTV870AYdGQtpmPfaXT3A3+0W9pPAAJw4H0qxkM2erLKne0GTXJH9bHFoYkc
DoQjLFwLdc09yibOi+UFB1tRoT6txkXRpslahiFoWyTiRxqPSStCX3i4IWKzUYHV
ctrBbo2osn5S08s/mCy4WDiz3iDtnX6J/Bd2nN9BaAj0hBgdLCW41QVpId2VUYJn
CqTKffcDESlFHzoOcYR2r6YJ49Uc3FQxUKTFRgUvd8TWfFWNIhOSKf2NAKAxkcNq
tOA7RJ1QzIHJCGQP6WdGhdJ0N4wt9H30xlTI
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:55:36 2025 by rpki-client