Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/d5MIrTeEA0iUllySlgrQlBTeyZU.roa
File: d5MIrTeEA0iUllySlgrQlBTeyZU.roa (raw, json)
Hash identifier: Kf3RdwGA8V49bt6gka0VBCQybR7Gc+7AM4CcmDUjYCs=
Subject key identifier: 77:93:08:AD:37:84:03:48:94:96:5C:92:96:0A:D0:94:14:DE:C9:95
Certificate issuer: /CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Certificate serial: 018571D7939897709D04CD37E4F39CC422FD
Authority key identifier: 65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/d5MIrTeEA0iUllySlgrQlBTeyZU.roa
Signing time: Mon 02 Jan 2023 09:37:11 +0000
ROA not before: Mon 02 Jan 2023 09:37:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48747
IP address blocks: 178.75.196.0/24 maxlen: 24
178.75.197.0/24 maxlen: 24
178.75.199.0/24 maxlen: 24
178.75.198.0/24 maxlen: 24
94.139.204.0/22 maxlen: 22
94.139.206.0/24 maxlen: 24
94.139.205.0/24 maxlen: 24
94.139.204.0/24 maxlen: 24
94.139.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:93:98:97:70:9d:04:cd:37:e4:f3:9c:c4:22:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Validity
Not Before: Jan 2 09:37:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=779308ad3784034894965c92960ad09414dec995
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fd:55:93:f5:6b:7f:af:c4:19:46:7a:a6:d3:
f0:85:67:5c:51:11:9d:d7:44:5c:e0:9f:74:07:fa:
7e:d1:ce:15:27:9f:1c:db:10:55:de:92:80:56:14:
b9:d6:10:aa:86:7d:64:58:dd:06:73:e4:0d:cd:84:
e6:70:d9:62:0f:ce:41:d2:8f:ba:c3:0f:38:5d:ea:
22:9c:a1:9c:1f:ca:72:8e:e8:26:bd:29:cd:b4:3e:
1b:bf:4a:fc:de:dc:f0:e5:99:63:8c:42:e8:7d:7b:
5f:dd:c2:c2:c4:b9:0a:f2:8a:ee:ee:fa:04:f5:5d:
06:2b:f9:5b:f0:af:86:d5:07:9e:dd:85:62:f5:ad:
b1:6c:12:c3:24:20:ea:20:34:fc:58:8e:cb:68:5b:
f7:f5:34:05:6e:28:d4:7d:0a:49:d6:5b:eb:5f:52:
5d:6c:88:b3:97:26:d9:2e:c3:39:37:4f:e3:e4:25:
25:b9:d2:dd:d8:5b:2b:e3:b3:4d:88:10:09:e0:3e:
7f:71:38:30:03:38:5c:74:8c:e0:ea:26:34:63:ef:
11:b4:86:53:82:5a:ad:3c:e2:d3:0e:6c:71:b7:eb:
87:d6:0f:b4:43:ac:f3:43:28:92:77:82:79:bb:14:
81:2e:b1:f0:d3:b9:bb:b2:20:ea:26:1e:03:29:f3:
d7:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:93:08:AD:37:84:03:48:94:96:5C:92:96:0A:D0:94:14:DE:C9:95
X509v3 Authority Key Identifier:
keyid:65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/d5MIrTeEA0iUllySlgrQlBTeyZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/ZYFndLfFZl1nqGwgzrZIe1t4s40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.139.204.0/22
178.75.196.0/22
Signature Algorithm: sha256WithRSAEncryption
cf:df:6b:53:bd:65:0a:c8:52:0d:2e:d6:2c:2d:7e:39:5c:ac:
46:b7:ea:af:96:99:a0:6e:41:73:30:79:70:67:e3:d7:c8:be:
c2:b6:8a:58:27:dd:20:05:8b:1f:98:f1:e6:71:80:be:8a:80:
c6:1e:a4:40:5f:86:1e:93:53:f0:3b:d1:ac:e8:37:fa:d6:1b:
0d:01:ec:60:97:c7:bc:26:c5:96:22:42:28:b7:2b:0e:7d:f9:
83:bf:c1:92:d5:35:35:ab:91:55:bf:c3:e7:b4:59:11:eb:c3:
e0:54:a6:85:3e:4a:87:af:34:0e:34:d1:24:e2:70:9a:a7:00:
46:d8:93:d1:b7:61:f7:52:8c:6b:cf:04:cd:3c:31:48:be:23:
1c:6b:99:68:50:7f:b5:8b:10:3b:8f:50:fb:5d:6a:60:1f:cb:
8c:53:1e:c1:5c:d0:c4:36:ef:c7:30:76:80:c1:c2:3d:54:f2:
46:c2:4f:82:7c:71:22:f4:1e:db:85:8f:aa:37:9e:90:06:22:
25:ea:05:5f:0b:36:6d:6d:79:dd:47:2a:4e:72:27:ff:0a:a9:
3c:38:e0:80:53:d3:c0:5b:11:be:2f:80:94:cd:64:5e:a7:89:
9b:48:9d:c3:c4:62:56:4b:0e:e3:f3:bb:66:25:5d:59:82:85:
bd:30:54:ea
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx15OYl3CdBM035POcxCL9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ODE2Nzc0YjdjNTY2NWQ2N2E4NmMyMGNlYjY0ODdiNWI3
OGIzOGQwHhcNMjMwMTAyMDkzNzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzkzMDhhZDM3ODQwMzQ4OTQ5NjVjOTI5NjBhZDA5NDE0ZGVjOTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsv1Vk/Vrf6/EGUZ6ptPwhWdcURGd
10Rc4J90B/p+0c4VJ58c2xBV3pKAVhS51hCqhn1kWN0Gc+QNzYTmcNliD85B0o+6
ww84XeoinKGcH8pyjugmvSnNtD4bv0r83tzw5ZljjELofXtf3cLCxLkK8oru7voE
9V0GK/lb8K+G1Qee3YVi9a2xbBLDJCDqIDT8WI7LaFv39TQFbijUfQpJ1lvrX1Jd
bIizlybZLsM5N0/j5CUludLd2Fsr47NNiBAJ4D5/cTgwAzhcdIzg6iY0Y+8RtIZT
glqtPOLTDmxxt+uH1g+0Q6zzQyiSd4J5uxSBLrHw07m7siDqJh4DKfPXbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHeTCK03hANIlJZckpYK0JQU3smVMB8GA1UdIwQY
MBaAFGWBZ3S3xWZdZ6hsIM62SHtbeLONMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWllGbmRMZkZabDFucUd3Z3pyWkllMXQ0czQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9mM2I4MjUtY2JjMC00OWQyLThiNzYt
NmIxNDY5YzNiOTVhLzEvZDVNSXJUZUVBMGlVbGx5U2xnclFsQlRleVpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9mM2I4MjUtY2JjMC00OWQyLThiNzYtNmIxNDY5YzNiOTVh
LzEvWllGbmRMZkZabDFucUd3Z3pyWkllMXQ0czQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXovMAwQC
skvEMA0GCSqGSIb3DQEBCwUAA4IBAQDP32tTvWUKyFINLtYsLX45XKxGt+qvlpmg
bkFzMHlwZ+PXyL7CtopYJ90gBYsfmPHmcYC+ioDGHqRAX4Yek1PwO9Gs6Df61hsN
Aexgl8e8JsWWIkIotysOffmDv8GS1TU1q5FVv8PntFkR68PgVKaFPkqHrzQONNEk
4nCapwBG2JPRt2H3UoxrzwTNPDFIviMca5loUH+1ixA7j1D7XWpgH8uMUx7BXNDE
Nu/HMHaAwcI9VPJGwk+CfHEi9B7bhY+qN56QBiIl6gVfCzZtbXndRypOcif/Cqk8
OOCAU9PAWxG+L4CUzWRep4mbSJ3DxGJWSw7j87tmJV1ZgoW9MFTq
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:33 2025 by rpki-client