Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/9fc395-98bc-4aed-939e-886f66bb6ee8/1/k5MlkNh0TKsEnP1o1ELdg5lrE9c.roa
File: k5MlkNh0TKsEnP1o1ELdg5lrE9c.roa (raw, json)
Hash identifier: DZOFRWC3NDeXu/b0/eKN2uZFPmykrNKigzUz7+QjO3g=
Subject key identifier: 93:93:25:90:D8:74:4C:AB:04:9C:FD:68:D4:42:DD:83:99:6B:13:D7
Certificate issuer: /CN=00855dd897256e86da3cbe6994e94ce2e969af26
Certificate serial: 01856F14BCC567755472C6921E210A198CAE
Authority key identifier: 00:85:5D:D8:97:25:6E:86:DA:3C:BE:69:94:E9:4C:E2:E9:69:AF:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AIVd2JclbobaPL5plOlM4ulpryY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/9fc395-98bc-4aed-939e-886f66bb6ee8/1/k5MlkNh0TKsEnP1o1ELdg5lrE9c.roa
Signing time: Sun 01 Jan 2023 20:45:08 +0000
ROA not before: Sun 01 Jan 2023 20:45:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49242
IP address blocks: 80.68.224.0/21 maxlen: 21
80.68.232.0/21 maxlen: 21
185.21.148.0/22 maxlen: 22
93.158.232.0/22 maxlen: 22
188.121.0.0/19 maxlen: 19
89.35.144.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:bc:c5:67:75:54:72:c6:92:1e:21:0a:19:8c:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00855dd897256e86da3cbe6994e94ce2e969af26
Validity
Not Before: Jan 1 20:45:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93932590d8744cab049cfd68d442dd83996b13d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:35:b8:ed:41:d9:46:6c:41:82:06:54:06:e5:
7c:e1:66:fb:cc:8a:03:6f:3d:ba:4d:18:30:b5:c6:
20:37:3b:26:78:9e:9e:4f:71:91:8f:50:71:18:74:
0e:d6:0d:05:e4:96:8d:e8:dc:ec:2a:a0:98:6b:da:
9c:27:64:f4:22:f9:f5:53:75:7f:35:71:d8:c8:d3:
77:fc:76:6c:e3:64:4e:ad:65:d4:00:0a:28:c4:3b:
1e:3b:e5:52:b1:1e:d2:6b:82:f3:b8:0d:da:72:3f:
44:74:64:f0:d0:33:fe:d5:a5:2c:2d:bf:5a:e3:a6:
d5:7a:12:09:c4:20:2f:f9:43:83:c2:7a:ce:a8:f0:
41:a8:7d:06:d9:28:e8:12:11:9e:23:4e:35:46:95:
00:23:28:dc:00:01:ff:a2:3e:b0:e5:a1:24:ea:2c:
a7:40:4e:39:48:35:a0:0b:3e:e7:32:ea:85:c4:e0:
e5:19:8d:c4:f3:98:3f:ab:21:4e:7d:de:4d:4f:2e:
20:b4:14:a0:05:e5:99:81:35:b5:4f:bf:56:00:ae:
b5:2f:54:8f:47:ae:55:3c:6a:04:e3:a0:16:72:f3:
34:37:8f:7c:dd:52:68:d6:f5:20:93:f1:9b:fa:b9:
03:d6:54:e2:92:1a:5f:36:1e:6a:cd:22:78:73:2a:
7b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:93:25:90:D8:74:4C:AB:04:9C:FD:68:D4:42:DD:83:99:6B:13:D7
X509v3 Authority Key Identifier:
keyid:00:85:5D:D8:97:25:6E:86:DA:3C:BE:69:94:E9:4C:E2:E9:69:AF:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AIVd2JclbobaPL5plOlM4ulpryY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/9fc395-98bc-4aed-939e-886f66bb6ee8/1/k5MlkNh0TKsEnP1o1ELdg5lrE9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/9fc395-98bc-4aed-939e-886f66bb6ee8/1/AIVd2JclbobaPL5plOlM4ulpryY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.68.224.0/20
89.35.144.0/22
93.158.232.0/22
185.21.148.0/22
188.121.0.0/19
Signature Algorithm: sha256WithRSAEncryption
15:d6:8a:73:b8:b0:25:6a:86:19:c2:79:8b:ff:b8:e6:71:39:
0e:be:36:27:65:a6:6e:c4:40:ef:56:1d:1c:8c:3f:d6:67:05:
b0:d2:dd:ae:fc:44:42:a1:cb:08:65:4b:57:bf:1f:55:18:1c:
71:89:c8:8b:ec:5f:15:ea:28:84:20:fc:0c:5e:a6:f6:c4:3e:
ec:dd:27:5e:3a:e5:b1:20:aa:d8:8c:3b:11:d0:9a:a9:aa:2d:
5c:30:00:ee:d4:f5:70:37:82:70:24:e8:c8:cf:30:bd:5a:5c:
ef:aa:a4:87:bc:8c:ed:a0:9b:6b:0d:fa:42:c7:a1:74:9f:0b:
17:db:ce:67:31:29:aa:86:70:34:5e:87:58:98:f4:be:f1:f6:
4a:6e:b3:e3:ab:ba:0e:7c:4d:a1:9b:7d:ca:cd:4f:02:da:6e:
c5:98:0c:5c:58:6c:c8:35:81:e3:3e:d9:f8:fd:27:4b:ca:57:
a5:9a:ef:51:04:fd:15:95:1e:76:2f:3f:80:65:53:34:f1:8e:
35:76:59:ee:5d:44:0c:9c:e6:a5:03:44:74:c6:a5:3b:71:5d:
9f:e9:4c:a7:66:9d:09:76:b2:ce:f2:7c:81:c3:6b:35:d2:1f:
5c:9e:95:75:f9:f3:a8:8a:26:2a:8c:8d:f8:89:94:7f:db:e9:
2f:24:72:95
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVvFLzFZ3VUcsaSHiEKGYyuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwODU1ZGQ4OTcyNTZlODZkYTNjYmU2OTk0ZTk0Y2UyZTk2
OWFmMjYwHhcNMjMwMTAxMjA0NTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzkzMjU5MGQ4NzQ0Y2FiMDQ5Y2ZkNjhkNDQyZGQ4Mzk5NmIxM2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDW47UHZRmxBggZUBuV84Wb7zIoD
bz26TRgwtcYgNzsmeJ6eT3GRj1BxGHQO1g0F5JaN6NzsKqCYa9qcJ2T0Ivn1U3V/
NXHYyNN3/HZs42ROrWXUAAooxDseO+VSsR7Sa4LzuA3acj9EdGTw0DP+1aUsLb9a
46bVehIJxCAv+UODwnrOqPBBqH0G2SjoEhGeI041RpUAIyjcAAH/oj6w5aEk6iyn
QE45SDWgCz7nMuqFxODlGY3E85g/qyFOfd5NTy4gtBSgBeWZgTW1T79WAK61L1SP
R65VPGoE46AWcvM0N4983VJo1vUgk/Gb+rkD1lTikhpfNh5qzSJ4cyp7SQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJOTJZDYdEyrBJz9aNRC3YOZaxPXMB8GA1UdIwQY
MBaAFACFXdiXJW6G2jy+aZTpTOLpaa8mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUlWZDJKY2xib2JhUEw1cGxPbE00dWxwcnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC85ZmMzOTUtOThiYy00YWVkLTkzOWUt
ODg2ZjY2YmI2ZWU4LzEvazVNbGtOaDBUS3NFblAxbzFFTGRnNWxyRTljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC85ZmMzOTUtOThiYy00YWVkLTkzOWUtODg2ZjY2YmI2ZWU4
LzEvQUlWZDJKY2xib2JhUEw1cGxPbE00dWxwcnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEUETgAwQC
WSOQAwQCXZ7oAwQCuRWUAwQFvHkAMA0GCSqGSIb3DQEBCwUAA4IBAQAV1opzuLAl
aoYZwnmL/7jmcTkOvjYnZaZuxEDvVh0cjD/WZwWw0t2u/ERCocsIZUtXvx9VGBxx
iciL7F8V6iiEIPwMXqb2xD7s3SdeOuWxIKrYjDsR0Jqpqi1cMADu1PVwN4JwJOjI
zzC9WlzvqqSHvIztoJtrDfpCx6F0nwsX285nMSmqhnA0XodYmPS+8fZKbrPjq7oO
fE2hm33KzU8C2m7FmAxcWGzINYHjPtn4/SdLylelmu9RBP0VlR52Lz+AZVM08Y41
dlnuXUQMnOalA0R0xqU7cV2f6UynZp0JdrLO8nyBw2s10h9cnpV1+fOoiiYqjI34
iZR/2+kvJHKV
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:34:07 2025 by rpki-client