Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/93d460-368c-46d7-8e7a-cdbd3b6ce777/1/cNd2wZgyQW0eWO4gXcnhZ5vlYz8.roa
File: cNd2wZgyQW0eWO4gXcnhZ5vlYz8.roa (raw, json)
Hash identifier: SQwC9TEPosCDuTfTygS/3FVVpgKSxkxvNys0y38mv1Y=
Subject key identifier: 70:D7:76:C1:98:32:41:6D:1E:58:EE:20:5D:C9:E1:67:9B:E5:63:3F
Certificate issuer: /CN=0f0f9f044e2b929878d747c5ffbb80ad10e3d6bd
Certificate serial: 018809B976E3DB71AE7CA8ACEDE0745306C3
Authority key identifier: 0F:0F:9F:04:4E:2B:92:98:78:D7:47:C5:FF:BB:80:AD:10:E3:D6:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dw-fBE4rkph410fF_7uArRDj1r0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/93d460-368c-46d7-8e7a-cdbd3b6ce777/1/cNd2wZgyQW0eWO4gXcnhZ5vlYz8.roa
Signing time: Thu 11 May 2023 07:32:09 +0000
ROA not before: Thu 11 May 2023 07:32:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201589
IP address blocks: 5.101.71.0/24 maxlen: 24
185.238.152.0/24 maxlen: 24
185.238.153.0/24 maxlen: 24
185.238.155.0/24 maxlen: 24
185.238.154.0/24 maxlen: 24
5.101.37.0/24 maxlen: 24
5.101.38.0/24 maxlen: 24
5.101.36.0/24 maxlen: 24
5.101.39.0/24 maxlen: 24
31.184.233.0/24 maxlen: 24
31.184.232.0/24 maxlen: 24
31.184.235.0/24 maxlen: 24
31.184.234.0/24 maxlen: 24
2a13:1ec0::/44 maxlen: 44
2a13:1ec0:1010::/44 maxlen: 44
2a13:1ec0:1000::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:09:b9:76:e3:db:71:ae:7c:a8:ac:ed:e0:74:53:06:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f0f9f044e2b929878d747c5ffbb80ad10e3d6bd
Validity
Not Before: May 11 07:32:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70d776c19832416d1e58ee205dc9e1679be5633f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7e:04:03:e0:b5:f0:30:c5:d2:9d:18:89:7b:
ef:ae:4e:8a:2f:b7:52:f4:50:05:6c:4f:d8:ed:30:
05:5b:66:ff:84:ba:47:7e:9e:f1:fb:e7:3e:94:12:
3a:96:6b:5e:1f:e8:3b:2f:5e:9b:71:6f:4e:72:d9:
3e:5f:b5:13:f7:ad:55:a6:94:86:a5:a4:b2:65:e2:
e2:10:dd:af:0c:2a:87:a2:b8:6b:4a:91:bf:18:98:
75:50:d3:d6:30:6a:d4:cf:4e:18:4e:7d:61:0b:b9:
41:c9:39:e9:3a:07:0f:18:96:2f:26:d6:53:41:bc:
1b:2d:59:49:3d:42:94:fd:31:8c:80:54:40:f0:28:
c0:58:6d:0e:f2:bd:85:54:22:a0:45:cb:a4:af:a1:
87:92:d9:3e:ff:72:7e:ea:f8:8d:16:22:1a:35:7f:
00:99:ec:cf:22:8e:7b:d3:6d:de:2f:f2:67:cc:e8:
05:62:7d:91:1b:ce:bc:68:e9:db:37:d3:a8:51:02:
7a:b8:8a:a2:74:4c:1e:3c:cc:a7:73:2a:7a:d2:16:
e5:07:64:e4:8e:b7:a3:35:5a:09:72:6b:a7:bc:c6:
40:be:cd:dc:66:2f:e6:ad:98:ac:71:ad:1f:44:0a:
ee:54:43:b8:83:5f:5a:a0:44:af:9d:10:b2:ea:cc:
77:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:D7:76:C1:98:32:41:6D:1E:58:EE:20:5D:C9:E1:67:9B:E5:63:3F
X509v3 Authority Key Identifier:
keyid:0F:0F:9F:04:4E:2B:92:98:78:D7:47:C5:FF:BB:80:AD:10:E3:D6:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dw-fBE4rkph410fF_7uArRDj1r0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/93d460-368c-46d7-8e7a-cdbd3b6ce777/1/cNd2wZgyQW0eWO4gXcnhZ5vlYz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/93d460-368c-46d7-8e7a-cdbd3b6ce777/1/Dw-fBE4rkph410fF_7uArRDj1r0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.36.0/22
5.101.71.0/24
31.184.232.0/22
185.238.152.0/22
IPv6:
2a13:1ec0::/44
2a13:1ec0:1000::/43
Signature Algorithm: sha256WithRSAEncryption
64:ea:81:31:0e:50:5b:52:b5:7b:66:f9:d9:2f:91:54:4f:5f:
0f:e1:de:08:9a:f8:6c:96:a0:64:6c:cd:8b:fc:40:47:19:62:
30:4a:1b:c5:fb:48:c6:e3:4a:53:29:bf:a7:d2:98:99:34:1b:
37:d8:50:25:ec:c2:3b:74:18:3b:13:ad:dd:1c:f2:e8:69:ab:
0e:03:b3:24:eb:73:b5:36:4e:bb:26:b7:14:f7:98:c5:d0:b1:
76:ea:5d:a4:fc:87:fa:ec:d0:f1:53:05:4b:98:ec:1a:90:e1:
0d:87:ea:b0:60:b7:72:56:0e:16:73:54:50:d1:9d:97:5c:2a:
f4:93:09:54:57:f1:af:03:47:e7:c3:79:c3:ae:67:53:2f:be:
26:95:0c:2c:b9:d9:aa:3c:9f:1f:54:8d:c9:19:fa:61:50:11:
59:8b:f8:a2:8f:10:36:99:ac:67:28:86:48:ad:08:5b:04:93:
a7:4d:07:f2:fe:2c:68:06:3c:a1:a6:04:38:79:e2:54:33:0c:
66:10:ae:ea:6a:2b:88:0b:7b:d4:58:f3:4f:24:2c:49:21:e1:
00:4e:08:d6:87:61:d8:ac:94:c0:08:bc:90:7b:10:2a:f4:98:
3c:ba:a0:b4:d2:6d:e4:78:15:e0:79:91:e7:2b:f7:3c:26:a9:
1f:7e:74:6c
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYgJuXbj23GufKis7eB0UwbDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMGY5ZjA0NGUyYjkyOTg3OGQ3NDdjNWZmYmI4MGFkMTBl
M2Q2YmQwHhcNMjMwNTExMDczMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGQ3NzZjMTk4MzI0MTZkMWU1OGVlMjA1ZGM5ZTE2NzliZTU2MzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh34EA+C18DDF0p0YiXvvrk6KL7dS
9FAFbE/Y7TAFW2b/hLpHfp7x++c+lBI6lmteH+g7L16bcW9Octk+X7UT961VppSG
paSyZeLiEN2vDCqHorhrSpG/GJh1UNPWMGrUz04YTn1hC7lByTnpOgcPGJYvJtZT
QbwbLVlJPUKU/TGMgFRA8CjAWG0O8r2FVCKgRcukr6GHktk+/3J+6viNFiIaNX8A
mezPIo57023eL/JnzOgFYn2RG868aOnbN9OoUQJ6uIqidEwePMyncyp60hblB2Tk
jrejNVoJcmunvMZAvs3cZi/mrZisca0fRAruVEO4g19aoESvnRCy6sx34wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFHDXdsGYMkFtHljuIF3J4Web5WM/MB8GA1UdIwQY
MBaAFA8PnwROK5KYeNdHxf+7gK0Q49a9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHctZkJFNHJrcGg0MTBmRl83dUFyUkRqMXIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85M2Q0NjAtMzY4Yy00NmQ3LThlN2Et
Y2RiZDNiNmNlNzc3LzEvY05kMndaZ3lRVzBlV080Z1hjbmhaNXZsWXo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85M2Q0NjAtMzY4Yy00NmQ3LThlN2EtY2RiZDNiNmNlNzc3
LzEvRHctZkJFNHJrcGg0MTBmRl83dUFyUkRqMXIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQCBWUkAwQA
BWVHAwQCH7joAwQCue6YMBgEAgACMBIDBwQqEx7AAAADBwUqEx7AEAAwDQYJKoZI
hvcNAQELBQADggEBAGTqgTEOUFtStXtm+dkvkVRPXw/h3gia+GyWoGRszYv8QEcZ
YjBKG8X7SMbjSlMpv6fSmJk0GzfYUCXswjt0GDsTrd0c8uhpqw4DsyTrc7U2Trsm
txT3mMXQsXbqXaT8h/rs0PFTBUuY7BqQ4Q2H6rBgt3JWDhZzVFDRnZdcKvSTCVRX
8a8DR+fDecOuZ1MvviaVDCy52ao8nx9UjckZ+mFQEVmL+KKPEDaZrGcohkitCFsE
k6dNB/L+LGgGPKGmBDh54lQzDGYQrupqK4gLe9RY808kLEkh4QBOCNaHYdislMAI
vJB7ECr0mDy6oLTSbeR4FeB5kecr9zwmqR9+dGw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:39 2025 by rpki-client