Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/af1f72-ce8e-42b1-be5a-a283c9048f0f/1/r-5dYZ8PxH7hgLHqdgtiqJ31h28.roa
File: r-5dYZ8PxH7hgLHqdgtiqJ31h28.roa (raw, json)
Hash identifier: +D77BvJmwIv9F3+Yo0gt2d6QKXGf2xxcuS16ahnnmss=
Subject key identifier: AF:EE:5D:61:9F:0F:C4:7E:E1:80:B1:EA:76:0B:62:A8:9D:F5:87:6F
Certificate issuer: /CN=b19549d68305e29dfb00069a52d3d4e1f2c5604c
Certificate serial: 01856E8B56286497C1A820738C679E8A012C
Authority key identifier: B1:95:49:D6:83:05:E2:9D:FB:00:06:9A:52:D3:D4:E1:F2:C5:60:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sZVJ1oMF4p37AAaaUtPU4fLFYEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/af1f72-ce8e-42b1-be5a-a283c9048f0f/1/r-5dYZ8PxH7hgLHqdgtiqJ31h28.roa
Signing time: Sun 01 Jan 2023 18:15:03 +0000
ROA not before: Sun 01 Jan 2023 18:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28909
IP address blocks: 213.167.4.0/24 maxlen: 24
213.167.3.0/24 maxlen: 24
213.167.2.0/24 maxlen: 24
213.167.1.0/24 maxlen: 24
213.167.0.0/24 maxlen: 24
213.167.11.0/24 maxlen: 24
213.167.10.0/24 maxlen: 24
213.167.9.0/24 maxlen: 24
213.167.8.0/24 maxlen: 24
213.167.7.0/24 maxlen: 24
213.167.6.0/24 maxlen: 24
213.167.5.0/24 maxlen: 24
213.167.17.0/24 maxlen: 24
213.167.16.0/24 maxlen: 24
213.167.15.0/24 maxlen: 24
213.167.14.0/24 maxlen: 24
213.167.13.0/24 maxlen: 24
213.167.12.0/24 maxlen: 24
213.167.18.0/24 maxlen: 24
213.167.24.0/24 maxlen: 24
213.167.23.0/24 maxlen: 24
213.167.22.0/24 maxlen: 24
213.167.21.0/24 maxlen: 24
213.167.20.0/24 maxlen: 24
213.167.19.0/24 maxlen: 24
213.167.31.0/24 maxlen: 24
213.167.30.0/24 maxlen: 24
213.167.29.0/24 maxlen: 24
213.167.28.0/24 maxlen: 24
213.167.27.0/24 maxlen: 24
213.167.26.0/24 maxlen: 24
213.167.25.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:56:28:64:97:c1:a8:20:73:8c:67:9e:8a:01:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b19549d68305e29dfb00069a52d3d4e1f2c5604c
Validity
Not Before: Jan 1 18:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=afee5d619f0fc47ee180b1ea760b62a89df5876f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b1:ea:6d:bd:d8:38:3a:c2:44:05:84:0f:be:
f2:67:2f:24:09:77:c1:17:7b:cd:e2:09:19:95:6c:
3a:8d:ef:35:eb:df:75:3b:ec:e2:a6:2c:3a:46:9a:
89:a2:93:6f:27:a9:04:11:a9:d4:44:9b:03:b9:c7:
09:fc:2e:cc:59:09:ea:70:70:64:58:5f:d9:62:59:
9b:61:56:ea:38:54:eb:16:04:7b:aa:26:27:81:04:
51:94:e5:ca:69:0e:1a:bf:49:b6:75:9d:1d:b0:fc:
6d:90:83:e0:13:90:45:14:a2:66:9b:10:fb:d0:95:
cd:e9:01:dc:48:f6:08:c3:af:0c:03:6a:25:16:34:
7d:7b:1a:b4:c7:9d:c6:3b:c6:44:e3:d0:a0:d6:66:
6f:92:d9:94:8d:84:c2:33:0d:5b:60:83:b3:1c:60:
01:82:09:8b:f9:b4:a8:0d:82:c1:e0:63:02:f9:fb:
37:73:b2:85:db:f7:00:c5:76:43:56:11:37:ff:8f:
6e:10:06:e9:f9:c9:f7:84:94:12:15:b9:b3:42:0c:
e9:d4:94:cc:8e:df:d4:1b:54:77:58:20:58:f0:6c:
68:df:44:0e:65:03:a0:c8:03:25:87:f7:fd:50:bd:
b9:f6:35:7c:c3:b2:2c:de:8c:28:1f:77:54:e0:ac:
f6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:EE:5D:61:9F:0F:C4:7E:E1:80:B1:EA:76:0B:62:A8:9D:F5:87:6F
X509v3 Authority Key Identifier:
keyid:B1:95:49:D6:83:05:E2:9D:FB:00:06:9A:52:D3:D4:E1:F2:C5:60:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sZVJ1oMF4p37AAaaUtPU4fLFYEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/af1f72-ce8e-42b1-be5a-a283c9048f0f/1/r-5dYZ8PxH7hgLHqdgtiqJ31h28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/af1f72-ce8e-42b1-be5a-a283c9048f0f/1/sZVJ1oMF4p37AAaaUtPU4fLFYEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.167.0.0/19
Signature Algorithm: sha256WithRSAEncryption
58:6a:a9:9c:2d:2c:5b:71:ff:bd:e8:f0:53:b6:03:bd:a7:fb:
66:d3:8e:c1:70:21:1b:12:a4:17:42:57:f7:e7:0b:8d:68:94:
5f:9a:4d:16:8e:d7:81:14:2f:87:a4:f7:8e:b7:00:37:36:d3:
3a:f1:06:37:db:78:de:8b:8c:3e:dc:6a:4e:35:86:9c:ce:2e:
6d:a8:2e:81:f0:4f:18:7d:89:73:9b:ba:0b:b6:e8:65:05:74:
35:b4:a6:1a:52:7b:2e:84:b7:49:9c:6b:23:fd:64:00:f7:a2:
b0:75:3a:06:c9:5f:2e:5e:89:0c:d2:c3:15:e4:d0:a1:ee:f5:
74:f8:13:53:f1:f1:34:71:26:fa:bf:04:89:e7:1c:fe:bf:fa:
41:88:60:a4:b7:c0:4b:d3:f6:6e:6a:66:d8:04:94:ed:22:9d:
00:e8:b0:4b:ef:06:96:18:52:cb:39:7e:99:f1:82:bc:e9:76:
2e:e5:72:de:be:48:5b:24:19:32:da:da:cf:22:be:f2:08:bf:
82:fb:dd:5c:10:3d:89:94:52:dc:c0:26:df:14:47:a0:8d:2f:
f8:4b:c5:f1:c0:bb:b4:b1:d3:a8:89:30:a0:d7:fa:4a:44:a9:
67:ed:c9:1c:bf:53:3d:ab:8d:74:15:13:cf:df:60:e5:23:53:
70:e1:27:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVui1YoZJfBqCBzjGeeigEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxOTU0OWQ2ODMwNWUyOWRmYjAwMDY5YTUyZDNkNGUxZjJj
NTYwNGMwHhcNMjMwMTAxMTgxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmVlNWQ2MTlmMGZjNDdlZTE4MGIxZWE3NjBiNjJhODlkZjU4NzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7Hqbb3YODrCRAWED77yZy8kCXfB
F3vN4gkZlWw6je816991O+zipiw6RpqJopNvJ6kEEanURJsDuccJ/C7MWQnqcHBk
WF/ZYlmbYVbqOFTrFgR7qiYngQRRlOXKaQ4av0m2dZ0dsPxtkIPgE5BFFKJmmxD7
0JXN6QHcSPYIw68MA2olFjR9exq0x53GO8ZE49Cg1mZvktmUjYTCMw1bYIOzHGAB
ggmL+bSoDYLB4GMC+fs3c7KF2/cAxXZDVhE3/49uEAbp+cn3hJQSFbmzQgzp1JTM
jt/UG1R3WCBY8Gxo30QOZQOgyAMlh/f9UL259jV8w7Is3owoH3dU4Kz2GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK/uXWGfD8R+4YCx6nYLYqid9YdvMB8GA1UdIwQY
MBaAFLGVSdaDBeKd+wAGmlLT1OHyxWBMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1pWSjFvTUY0cDM3QUFhYVV0UFU0ZkxGWUV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9hZjFmNzItY2U4ZS00MmIxLWJlNWEt
YTI4M2M5MDQ4ZjBmLzEvci01ZFlaOFB4SDdoZ0xIcWRndGlxSjMxaDI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9hZjFmNzItY2U4ZS00MmIxLWJlNWEtYTI4M2M5MDQ4ZjBm
LzEvc1pWSjFvTUY0cDM3QUFhYVV0UFU0ZkxGWUV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1acAMA0G
CSqGSIb3DQEBCwUAA4IBAQBYaqmcLSxbcf+96PBTtgO9p/tm047BcCEbEqQXQlf3
5wuNaJRfmk0WjteBFC+HpPeOtwA3NtM68QY323jei4w+3GpONYaczi5tqC6B8E8Y
fYlzm7oLtuhlBXQ1tKYaUnsuhLdJnGsj/WQA96KwdToGyV8uXokM0sMV5NCh7vV0
+BNT8fE0cSb6vwSJ5xz+v/pBiGCkt8BL0/ZuambYBJTtIp0A6LBL7waWGFLLOX6Z
8YK86XYu5XLevkhbJBky2trPIr7yCL+C+91cED2JlFLcwCbfFEegjS/4S8XxwLu0
sdOoiTCg1/pKRKln7ckcv1M9q410FRPP32DlI1Nw4SdV
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:18:48 2025 by rpki-client