Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AdI3Fnas15oZIpDKC3UlCGq9UBY.roa
File: AdI3Fnas15oZIpDKC3UlCGq9UBY.roa (raw, json)
Hash identifier: z4YTLAoS6y9jn7SWIMUbNddXU/yylOZUKqrO+hGPQgM=
Subject key identifier: 01:D2:37:16:76:AC:D7:9A:19:22:90:CA:0B:75:25:08:6A:BD:50:16
Certificate issuer: /CN=015b6d1596ac0501a71a393447051a62ff1dda16
Certificate serial: 0183F034218DCCE9DC4A296BF017C29A890E
Authority key identifier: 01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AdI3Fnas15oZIpDKC3UlCGq9UBY.roa
Signing time: Wed 19 Oct 2022 12:24:51 +0000
ROA not before: Wed 19 Oct 2022 12:24:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47626
IP address blocks: 193.7.216.0/22 maxlen: 22
5.180.240.0/22 maxlen: 22
176.96.189.0/24 maxlen: 24
78.24.100.0/22 maxlen: 22
91.208.35.0/24 maxlen: 24
188.93.64.0/22 maxlen: 22
2a05:9c00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f0:34:21:8d:cc:e9:dc:4a:29:6b:f0:17:c2:9a:89:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=015b6d1596ac0501a71a393447051a62ff1dda16
Validity
Not Before: Oct 19 12:24:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=01d2371676acd79a192290ca0b7525086abd5016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c7:3d:a3:e9:66:ab:e5:60:28:4c:f4:a2:a0:
8a:a1:01:cd:18:b7:1b:fe:99:2d:8c:0c:e9:9b:f6:
a5:67:25:c9:17:41:a5:35:a3:fd:cb:7e:e1:e2:f5:
c3:e8:43:ca:84:8a:0b:8b:06:dd:01:65:94:61:67:
c8:f1:58:16:3e:10:96:f8:14:51:db:8a:8a:d0:a4:
bb:9a:9c:6e:fb:28:55:22:33:f0:b4:17:9d:a2:50:
04:2a:4a:b2:c7:13:93:4b:fd:a0:55:57:2c:02:fb:
72:42:2e:79:ea:cd:63:cc:83:4e:0e:48:71:55:2c:
79:24:28:72:da:a5:00:f7:71:77:ac:75:88:82:90:
e6:40:f7:d4:39:8b:af:d9:10:30:9c:55:b1:08:0b:
58:37:12:70:d5:91:ff:a3:00:c9:3d:e5:d1:e8:65:
96:c1:16:91:62:b6:37:01:d1:5d:fa:31:c5:2a:a6:
86:0c:b7:7b:65:06:32:4f:a7:70:1a:4a:d8:a6:95:
61:24:d8:38:81:ec:3b:b3:67:c9:93:00:a6:59:e3:
2c:40:5b:8f:38:1a:49:0e:7b:7c:9f:c8:1d:d4:53:
0e:eb:25:a1:38:bc:0d:d9:26:0a:50:72:09:9e:f2:
34:19:c6:f1:ce:1a:66:9a:aa:1f:f9:8e:5e:df:0b:
76:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:D2:37:16:76:AC:D7:9A:19:22:90:CA:0B:75:25:08:6A:BD:50:16
X509v3 Authority Key Identifier:
keyid:01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AdI3Fnas15oZIpDKC3UlCGq9UBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.240.0/22
78.24.100.0/22
91.208.35.0/24
176.96.189.0/24
188.93.64.0/22
193.7.216.0/22
IPv6:
2a05:9c00::/29
Signature Algorithm: sha256WithRSAEncryption
15:d5:cb:08:70:a8:b4:98:04:0e:73:44:27:cb:5d:1f:d7:df:
89:84:bf:f4:ae:36:ba:d3:59:e3:3f:8d:cc:58:b0:f1:4e:a9:
76:bc:a3:d2:20:ce:bc:7c:26:cf:7d:49:61:68:45:7a:7f:3a:
6a:73:7f:20:0f:7e:a4:f9:64:a7:0e:f8:b0:0e:5d:c2:f5:16:
df:5a:28:42:40:c1:0a:cb:41:60:31:5a:55:8d:b2:ee:1d:9e:
93:ad:f8:62:5b:b8:6a:d4:e2:0a:e5:81:d3:8a:12:7d:b5:e1:
59:d9:ea:a3:2d:88:48:ad:94:fe:c9:36:58:af:9a:54:7c:b5:
ee:08:cc:fa:c9:95:c4:91:0b:d0:d5:4b:c0:79:97:9a:08:76:
89:f8:37:06:19:d9:65:98:72:9e:4b:08:27:92:af:34:09:d4:
e0:57:05:ac:13:0f:a0:34:5b:2d:cc:1f:97:9e:ba:de:f3:7b:
e5:89:6c:6f:c6:95:44:0d:2c:aa:24:22:83:02:78:90:cc:6f:
ce:b1:c2:40:c3:ef:90:f4:42:9c:46:b6:d5:6a:14:00:93:85:
a8:75:5c:bf:af:59:2a:fd:e6:9c:cd:d3:0f:9c:78:30:50:a3:
49:50:87:4d:75:92:1d:cc:ea:cc:10:79:6f:9e:0e:13:cf:8f:
83:19:98:9f
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYPwNCGNzOncSilr8BfCmokOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNWI2ZDE1OTZhYzA1MDFhNzFhMzkzNDQ3MDUxYTYyZmYx
ZGRhMTYwHhcNMjIxMDE5MTIyNDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWQyMzcxNjc2YWNkNzlhMTkyMjkwY2EwYjc1MjUwODZhYmQ1MDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMc9o+lmq+VgKEz0oqCKoQHNGLcb
/pktjAzpm/alZyXJF0GlNaP9y37h4vXD6EPKhIoLiwbdAWWUYWfI8VgWPhCW+BRR
24qK0KS7mpxu+yhVIjPwtBedolAEKkqyxxOTS/2gVVcsAvtyQi556s1jzINODkhx
VSx5JChy2qUA93F3rHWIgpDmQPfUOYuv2RAwnFWxCAtYNxJw1ZH/owDJPeXR6GWW
wRaRYrY3AdFd+jHFKqaGDLd7ZQYyT6dwGkrYppVhJNg4gew7s2fJkwCmWeMsQFuP
OBpJDnt8n8gd1FMO6yWhOLwN2SYKUHIJnvI0Gcbxzhpmmqof+Y5e3wt2/QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFAHSNxZ2rNeaGSKQygt1JQhqvVAWMB8GA1UdIwQY
MBaAFAFbbRWWrAUBpxo5NEcFGmL/HdoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgt
ZmVlOGYzNzkwNTY3LzEvQWRJM0ZuYXMxNW9aSXBES0MzVWxDR3E5VUJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgtZmVlOGYzNzkwNTY3
LzEvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCBbTwAwQC
ThhkAwQAW9AjAwQAsGC9AwQCvF1AAwQCwQfYMA0EAgACMAcDBQMqBZwAMA0GCSqG
SIb3DQEBCwUAA4IBAQAV1csIcKi0mAQOc0Qny10f19+JhL/0rja601njP43MWLDx
Tql2vKPSIM68fCbPfUlhaEV6fzpqc38gD36k+WSnDviwDl3C9RbfWihCQMEKy0Fg
MVpVjbLuHZ6TrfhiW7hq1OIK5YHTihJ9teFZ2eqjLYhIrZT+yTZYr5pUfLXuCMz6
yZXEkQvQ1UvAeZeaCHaJ+DcGGdllmHKeSwgnkq80CdTgVwWsEw+gNFstzB+Xnrre
83vliWxvxpVEDSyqJCKDAniQzG/OscJAw++Q9EKcRrbVahQAk4WodVy/r1kq/eac
zdMPnHgwUKNJUIdNdZIdzOrMEHlvng4Tz4+DGZif
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:42:32 2025 by rpki-client