Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/6abcd1-eeee-46d5-9f6c-df6871e2f735/1/tn7lmssJMUCIFuylOpUjJxNZnsY.roa
File: tn7lmssJMUCIFuylOpUjJxNZnsY.roa (raw, json)
Hash identifier: hEFzp01b5Aw5/iUmWJPf5h+sB4r7E8SPlYuSPGX81ec=
Subject key identifier: B6:7E:E5:9A:CB:09:31:40:88:16:EC:A5:3A:95:23:27:13:59:9E:C6
Certificate issuer: /CN=07ead29889dbf62f398f64bc614916673056d45e
Certificate serial: 01856D0ACEBE1B3DE67F741B6404108F7A00
Authority key identifier: 07:EA:D2:98:89:DB:F6:2F:39:8F:64:BC:61:49:16:67:30:56:D4:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B-rSmInb9i85j2S8YUkWZzBW1F4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/6abcd1-eeee-46d5-9f6c-df6871e2f735/1/tn7lmssJMUCIFuylOpUjJxNZnsY.roa
Signing time: Sun 01 Jan 2023 11:15:02 +0000
ROA not before: Sun 01 Jan 2023 11:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44668
IP address blocks: 193.168.55.0/24 maxlen: 24
176.122.88.0/21 maxlen: 21
91.202.104.0/22 maxlen: 22
193.194.112.0/22 maxlen: 22
77.87.40.0/21 maxlen: 21
195.18.28.0/22 maxlen: 22
185.255.48.0/22 maxlen: 22
195.5.126.0/24 maxlen: 24
193.168.51.0/24 maxlen: 24
2a0c:5940::/48 maxlen: 48
2a0c:5940::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:ce:be:1b:3d:e6:7f:74:1b:64:04:10:8f:7a:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07ead29889dbf62f398f64bc614916673056d45e
Validity
Not Before: Jan 1 11:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b67ee59acb0931408816eca53a95232713599ec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:27:3d:38:69:12:4a:1b:19:2a:59:7d:44:be:
53:d8:63:41:a4:f9:86:7d:fb:ed:a1:04:0b:94:9d:
c6:a7:55:2f:04:bb:4a:6b:b4:ae:42:49:19:9d:74:
f1:a7:3a:c0:da:11:f6:ee:18:2f:ef:cd:93:1e:69:
9e:07:0f:69:8e:20:f1:50:94:66:01:d9:58:2d:86:
29:f0:4b:39:5e:3a:b5:c9:0e:45:04:87:66:7d:ab:
b6:e1:7d:e3:20:0a:cf:d2:6c:90:56:43:32:a4:28:
06:45:65:78:b6:65:b4:78:3c:17:11:6f:e0:ce:a3:
d4:cf:f4:7f:f3:93:0a:3e:c5:9f:bb:4f:eb:43:c7:
c9:f1:9e:20:f3:cb:60:4a:9c:89:a7:c3:c4:f0:0a:
45:41:2d:6c:15:4d:7d:67:d3:87:f2:e5:db:f4:cf:
41:4e:04:4f:1b:ec:18:3e:9d:8e:d2:4c:bb:72:11:
09:18:9f:8f:40:97:35:2a:f5:51:f1:df:66:32:f5:
a8:e0:93:e3:7e:26:ce:08:a2:8e:58:f9:96:45:9b:
7e:c7:aa:41:d2:b6:2d:60:63:43:70:35:ac:15:a9:
db:f4:15:f4:e4:40:cc:25:7f:22:27:d6:91:c9:6f:
9c:bd:94:e2:f2:4c:2e:87:27:1f:d6:91:27:e0:ef:
c3:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:7E:E5:9A:CB:09:31:40:88:16:EC:A5:3A:95:23:27:13:59:9E:C6
X509v3 Authority Key Identifier:
keyid:07:EA:D2:98:89:DB:F6:2F:39:8F:64:BC:61:49:16:67:30:56:D4:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B-rSmInb9i85j2S8YUkWZzBW1F4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/6abcd1-eeee-46d5-9f6c-df6871e2f735/1/tn7lmssJMUCIFuylOpUjJxNZnsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/6abcd1-eeee-46d5-9f6c-df6871e2f735/1/B-rSmInb9i85j2S8YUkWZzBW1F4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.40.0/21
91.202.104.0/22
176.122.88.0/21
185.255.48.0/22
193.168.51.0/24
193.168.55.0/24
193.194.112.0/22
195.5.126.0/24
195.18.28.0/22
IPv6:
2a0c:5940::/29
Signature Algorithm: sha256WithRSAEncryption
6e:ab:16:d5:e2:40:c8:fb:de:31:e2:70:f8:13:00:ed:d9:f7:
a4:a4:47:a1:86:0c:e6:49:bd:5f:2f:3c:6d:45:38:51:d5:eb:
0b:5b:c3:1c:15:6d:8a:f2:b1:7d:a1:47:86:d2:a4:59:8e:c4:
d6:28:c8:6a:d4:6f:7f:40:d5:8e:8e:09:01:c7:8e:6f:3b:f5:
2e:56:a3:d0:18:90:c4:b9:4b:3b:11:d1:ef:cd:e6:01:3c:15:
d5:c9:28:0d:b1:77:e2:37:86:c8:2e:a6:2a:24:eb:3f:11:fe:
89:b4:03:11:cf:10:84:b9:18:22:7a:6b:eb:bb:cc:7a:4a:b5:
a8:c4:7f:df:dc:25:92:78:f4:bf:6e:d2:63:5e:b5:75:d2:df:
d3:d3:97:d6:60:c6:c8:18:78:b5:ff:4b:40:2b:45:93:d5:f1:
b8:6e:4d:14:ec:1b:1f:d1:34:aa:a6:98:13:17:a5:ae:04:73:
fb:0b:8d:2a:6a:06:aa:49:85:bc:64:1d:a1:96:7b:75:db:a4:
77:30:a1:d4:42:39:f9:35:1f:03:c3:78:58:34:f5:f5:92:7c:
7d:6f:48:0b:41:0a:aa:47:0b:e2:9c:1c:a0:f9:c0:29:54:5e:
df:e4:5f:c2:33:4b:0c:f2:1e:78:1d:04:f3:69:33:f0:a7:83:
aa:14:06:b5
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYVtCs6+Gz3mf3QbZAQQj3oAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZWFkMjk4ODlkYmY2MmYzOThmNjRiYzYxNDkxNjY3MzA1
NmQ0NWUwHhcNMjMwMTAxMTExNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjdlZTU5YWNiMDkzMTQwODgxNmVjYTUzYTk1MjMyNzEzNTk5ZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCc9OGkSShsZKll9RL5T2GNBpPmG
ffvtoQQLlJ3Gp1UvBLtKa7SuQkkZnXTxpzrA2hH27hgv782THmmeBw9pjiDxUJRm
AdlYLYYp8Es5Xjq1yQ5FBIdmfau24X3jIArP0myQVkMypCgGRWV4tmW0eDwXEW/g
zqPUz/R/85MKPsWfu0/rQ8fJ8Z4g88tgSpyJp8PE8ApFQS1sFU19Z9OH8uXb9M9B
TgRPG+wYPp2O0ky7chEJGJ+PQJc1KvVR8d9mMvWo4JPjfibOCKKOWPmWRZt+x6pB
0rYtYGNDcDWsFanb9BX05EDMJX8iJ9aRyW+cvZTi8kwuhycf1pEn4O/D7QIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFLZ+5ZrLCTFAiBbspTqVIycTWZ7GMB8GA1UdIwQY
MBaAFAfq0piJ2/YvOY9kvGFJFmcwVtReMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQi1yU21JbmI5aTg1ajJTOFlVa1daekJXMUY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC82YWJjZDEtZWVlZS00NmQ1LTlmNmMt
ZGY2ODcxZTJmNzM1LzEvdG43bG1zc0pNVUNJRnV5bE9wVWpKeE5abnNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC82YWJjZDEtZWVlZS00NmQ1LTlmNmMtZGY2ODcxZTJmNzM1
LzEvQi1yU21JbmI5aTg1ajJTOFlVa1daekJXMUY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDTVcoAwQC
W8poAwQDsHpYAwQCuf8wAwQAwagzAwQAwag3AwQCwcJwAwQAwwV+AwQCwxIcMA0E
AgACMAcDBQMqDFlAMA0GCSqGSIb3DQEBCwUAA4IBAQBuqxbV4kDI+94x4nD4EwDt
2fekpEehhgzmSb1fLzxtRThR1esLW8McFW2K8rF9oUeG0qRZjsTWKMhq1G9/QNWO
jgkBx45vO/UuVqPQGJDEuUs7EdHvzeYBPBXVySgNsXfiN4bILqYqJOs/Ef6JtAMR
zxCEuRgiemvru8x6SrWoxH/f3CWSePS/btJjXrV10t/T05fWYMbIGHi1/0tAK0WT
1fG4bk0U7Bsf0TSqppgTF6WuBHP7C40qagaqSYW8ZB2hlnt126R3MKHUQjn5NR8D
w3hYNPX1knx9b0gLQQqqRwvinByg+cApVF7f5F/CM0sM8h54HQTzaTPwp4OqFAa1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:39 2025 by rpki-client