Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2eede6-fc20-4f8a-ae29-72537526aee2/1/aygLzyHw2R1YXEufziQByomLF60.roa
File: aygLzyHw2R1YXEufziQByomLF60.roa (raw, json)
Hash identifier: Y+DRQc9jfQapxxiJe2XfNvWnifUo1d4iPNdl+I/rA0M=
Subject key identifier: 6B:28:0B:CF:21:F0:D9:1D:58:5C:4B:9F:CE:24:01:CA:89:8B:17:AD
Certificate issuer: /CN=5b9a40fc3f350abda59dbfc01ca37a46d8d74764
Certificate serial: 1A7E5F55
Authority key identifier: 5B:9A:40:FC:3F:35:0A:BD:A5:9D:BF:C0:1C:A3:7A:46:D8:D7:47:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W5pA_D81Cr2lnb_AHKN6RtjXR2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2eede6-fc20-4f8a-ae29-72537526aee2/1/aygLzyHw2R1YXEufziQByomLF60.roa
Signing time: Mon 10 Jan 2022 16:16:26 +0000
ROA not before: Mon 10 Jan 2022 16:16:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43623
IP address blocks: 194.156.7.0/24 maxlen: 24
185.17.246.0/24 maxlen: 24
185.17.244.0/22 maxlen: 22
194.113.143.0/24 maxlen: 24
91.195.78.0/23 maxlen: 23
2a04:880:affe::/48 maxlen: 48
2a04:880::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 444489557 (0x1a7e5f55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b9a40fc3f350abda59dbfc01ca37a46d8d74764
Validity
Not Before: Jan 10 16:16:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b280bcf21f0d91d585c4b9fce2401ca898b17ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:2d:06:fa:08:47:e9:09:61:aa:0c:41:59:44:
67:4b:ee:ae:57:50:c5:55:1e:3c:ab:7e:0a:70:e9:
17:aa:33:e5:a5:04:0a:4a:2b:d9:da:25:74:83:1b:
69:4e:56:c7:8b:0b:04:5f:9d:fc:6a:5e:44:ac:30:
75:ea:ce:cd:fa:90:f1:70:64:b0:a7:7f:83:55:59:
29:46:ce:a3:52:40:4c:d0:e4:9f:e0:91:3a:64:70:
48:2d:3e:b2:8c:0f:e7:36:b4:b3:af:56:55:07:57:
e5:42:bc:9a:3f:de:2a:09:03:e5:9b:15:34:a5:8a:
ff:d6:57:eb:94:43:8e:6d:f5:c0:02:f4:5d:ba:57:
0e:50:8a:df:fa:27:60:da:e0:2c:d5:64:43:0b:0d:
0f:c4:64:52:ac:43:12:10:78:52:0d:91:21:9c:1a:
f0:78:6f:b2:06:26:4f:96:97:42:b6:1c:f8:d0:cd:
0f:a8:1e:3a:5f:f3:f8:c7:74:c1:a9:52:0d:3b:b7:
d1:35:9c:7c:35:a2:a3:b5:db:9b:37:b2:08:6e:68:
57:04:cf:af:bd:bf:18:0a:7c:b8:23:2f:15:22:0f:
d7:53:2d:95:fc:2f:11:db:1b:94:ca:46:c3:93:48:
d6:66:0f:f3:b6:f9:f3:91:43:49:12:70:30:aa:cf:
d9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:28:0B:CF:21:F0:D9:1D:58:5C:4B:9F:CE:24:01:CA:89:8B:17:AD
X509v3 Authority Key Identifier:
keyid:5B:9A:40:FC:3F:35:0A:BD:A5:9D:BF:C0:1C:A3:7A:46:D8:D7:47:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W5pA_D81Cr2lnb_AHKN6RtjXR2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2eede6-fc20-4f8a-ae29-72537526aee2/1/aygLzyHw2R1YXEufziQByomLF60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2eede6-fc20-4f8a-ae29-72537526aee2/1/W5pA_D81Cr2lnb_AHKN6RtjXR2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.78.0/23
185.17.244.0/22
194.113.143.0/24
194.156.7.0/24
IPv6:
2a04:880::/29
Signature Algorithm: sha256WithRSAEncryption
64:13:7b:20:4d:42:88:c4:be:53:30:7a:f6:07:d0:20:6b:e9:
1e:3e:9f:a6:af:31:dd:31:54:29:0c:c4:5c:20:de:f5:8a:04:
80:2d:8f:63:f3:3b:ab:e8:fa:d3:bc:03:6f:42:37:9c:44:89:
5f:f2:0e:a9:c3:b4:f9:e5:f4:e7:98:11:c1:55:ea:fe:05:25:
76:9c:ae:63:aa:2f:e3:f4:15:13:fd:0d:77:de:bf:4a:05:5d:
c8:9f:c9:9c:56:bf:22:2c:08:46:68:8b:2b:da:c7:06:5f:a0:
00:b3:dd:31:54:40:28:57:ad:ad:82:c2:0f:ad:7e:ea:58:69:
27:6b:a5:59:91:b1:74:7d:69:de:c3:36:97:e1:ae:8c:bb:a6:
5c:d0:8c:13:8c:8d:cb:69:78:98:50:44:17:4e:49:99:d9:00:
da:49:97:7a:73:fe:b9:d5:15:22:c3:64:d5:f5:a8:33:29:7f:
8d:33:33:66:7d:d0:4a:0f:1a:8a:e4:2f:66:72:ee:4c:f8:5c:
12:85:81:40:88:1b:db:4f:69:2f:a6:fd:4e:bb:ea:ed:6f:1d:
42:5f:7b:2a:e8:78:16:b3:04:6d:bc:1c:4f:a5:42:4c:34:f8:
1e:11:f7:72:77:89:05:e4:71:05:2a:68:fd:12:5e:e4:fb:50:
ea:d9:12:ba
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEGn5fVTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YjlhNDBmYzNmMzUwYWJkYTU5ZGJmYzAxY2EzN2E0NmQ4ZDc0NzY0MB4XDTIyMDEx
MDE2MTYyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmIyODBiY2YyMWYw
ZDkxZDU4NWM0YjlmY2UyNDAxY2E4OThiMTdhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJAtBvoIR+kJYaoMQVlEZ0vurldQxVUePKt+CnDpF6oz5aUE
Ckor2doldIMbaU5Wx4sLBF+d/GpeRKwwderOzfqQ8XBksKd/g1VZKUbOo1JATNDk
n+CROmRwSC0+sowP5za0s69WVQdX5UK8mj/eKgkD5ZsVNKWK/9ZX65RDjm31wAL0
XbpXDlCK3/onYNrgLNVkQwsND8RkUqxDEhB4Ug2RIZwa8HhvsgYmT5aXQrYc+NDN
D6geOl/z+Md0walSDTu30TWcfDWio7XbmzeyCG5oVwTPr72/GAp8uCMvFSIP11Mt
lfwvEdsblMpGw5NI1mYP87b585FDSRJwMKrP2b0CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRrKAvPIfDZHVhcS5/OJAHKiYsXrTAfBgNVHSMEGDAWgBRbmkD8PzUKvaWd
v8Aco3pG2NdHZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1c1cEFfRDgxQ3IybG5iX0FIS042UnRqWFIyUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvMmVlZGU2LWZjMjAtNGY4YS1hZTI5LTcyNTM3NTI2YWVlMi8x
L2F5Z0x6eUh3MlIxWVhFdWZ6aVFCeW9tTEY2MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
MmVlZGU2LWZjMjAtNGY4YS1hZTI5LTcyNTM3NTI2YWVlMi8xL1c1cEFfRDgxQ3Iy
bG5iX0FIS042UnRqWFIyUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAVvDTgMEArkR9AMEAMJxjwMEAMKc
BzANBAIAAjAHAwUDKgQIgDANBgkqhkiG9w0BAQsFAAOCAQEAZBN7IE1CiMS+UzB6
9gfQIGvpHj6fpq8x3TFUKQzEXCDe9YoEgC2PY/M7q+j607wDb0I3nESJX/IOqcO0
+eX055gRwVXq/gUldpyuY6ov4/QVE/0Nd96/SgVdyJ/JnFa/IiwIRmiLK9rHBl+g
ALPdMVRAKFetrYLCD61+6lhpJ2ulWZGxdH1p3sM2l+GujLumXNCME4yNy2l4mFBE
F05JmdkA2kmXenP+udUVIsNk1fWoMyl/jTMzZn3QSg8aiuQvZnLuTPhcEoWBQIgb
209pL6b9Trvq7W8dQl97Kuh4FrMEbbwcT6VCTDT4HhH3cneJBeRxBSpo/RJe5PtQ
6tkSug==
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:38:50 2025 by rpki-client