Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c1876a-fae1-43cc-a2d7-334e6f332180/1/ATh2RpjEfYRclPjgrCIwNB_edFM.roa
File: ATh2RpjEfYRclPjgrCIwNB_edFM.roa (raw, json)
Hash identifier: IheNnMHY0NHC89gRVJPcFPHT68AT7BlwG1kHPp9Lx9I=
Subject key identifier: 01:38:76:46:98:C4:7D:84:5C:94:F8:E0:AC:22:30:34:1F:DE:74:53
Certificate issuer: /CN=aaca4f4a737ec09f335ac40633133328213efc3d
Certificate serial: 50A733
Authority key identifier: AA:CA:4F:4A:73:7E:C0:9F:33:5A:C4:06:33:13:33:28:21:3E:FC:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qspPSnN-wJ8zWsQGMxMzKCE-_D0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/c1876a-fae1-43cc-a2d7-334e6f332180/1/ATh2RpjEfYRclPjgrCIwNB_edFM.roa
Signing time: Mon 16 May 2022 13:53:29 +0000
ROA not before: Mon 16 May 2022 13:53:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205876
IP address blocks: 194.5.132.0/24 maxlen: 24
194.5.145.0/24 maxlen: 24
45.152.249.0/24 maxlen: 24
45.152.250.0/24 maxlen: 24
2a12:5040:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5285683 (0x50a733)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaca4f4a737ec09f335ac40633133328213efc3d
Validity
Not Before: May 16 13:53:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0138764698c47d845c94f8e0ac2230341fde7453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:16:f6:92:48:42:65:b7:44:da:aa:01:f0:57:
64:e5:e4:a3:75:e3:72:45:a5:d3:cb:f0:ca:a7:26:
7a:be:00:7d:ab:83:1e:98:23:87:aa:05:38:1d:18:
8b:b1:24:b7:3d:64:36:cd:a0:07:5e:35:70:d2:d6:
ea:bf:d9:7e:97:3e:10:9f:12:1c:fc:e0:77:96:c7:
24:62:fb:79:5a:fb:0e:4a:53:27:aa:29:00:3c:6c:
30:54:89:a5:e1:4d:ab:83:07:70:47:5e:de:c6:b8:
f7:7f:4c:f5:db:2a:bd:36:7b:1c:ef:81:b9:1b:dc:
09:16:56:ae:cb:07:5f:56:00:7e:9f:68:35:d2:e6:
b2:ba:c4:6f:1e:9a:91:1f:06:96:9e:96:89:5b:84:
0e:58:b1:52:09:c9:f7:14:dc:b5:10:98:31:2e:0f:
a2:e8:9b:ca:1e:6e:0e:ab:5e:a0:d4:57:2c:d5:9f:
a7:1c:71:f8:4f:56:99:66:bc:0a:92:fd:36:c7:2e:
f2:e8:fd:bf:51:90:55:b7:85:12:97:31:a6:2e:fb:
bf:a7:d2:fa:24:4c:a3:0f:84:5a:33:0e:59:b7:81:
97:33:36:2f:c6:59:f5:a5:30:a8:2e:31:62:94:5a:
91:fa:18:c6:17:73:e9:52:a5:0d:2e:1e:a2:1e:23:
94:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:38:76:46:98:C4:7D:84:5C:94:F8:E0:AC:22:30:34:1F:DE:74:53
X509v3 Authority Key Identifier:
keyid:AA:CA:4F:4A:73:7E:C0:9F:33:5A:C4:06:33:13:33:28:21:3E:FC:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qspPSnN-wJ8zWsQGMxMzKCE-_D0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c1876a-fae1-43cc-a2d7-334e6f332180/1/ATh2RpjEfYRclPjgrCIwNB_edFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c1876a-fae1-43cc-a2d7-334e6f332180/1/qspPSnN-wJ8zWsQGMxMzKCE-_D0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.249.0-45.152.250.255
194.5.132.0/24
194.5.145.0/24
IPv6:
2a12:5040:1::/48
Signature Algorithm: sha256WithRSAEncryption
be:7f:6f:79:b5:ae:02:a8:a8:82:32:7b:56:43:02:eb:4b:ae:
fe:f8:28:42:93:63:4f:82:f9:4d:96:73:1e:55:2c:17:74:8f:
d7:7c:be:84:b3:15:c7:ad:3e:84:81:2a:22:b5:70:ca:34:a3:
b5:bd:4c:12:4d:cd:13:35:83:97:75:82:1c:43:27:90:20:5e:
8d:72:ef:6f:db:45:f4:81:d4:ec:94:b6:03:73:94:c0:fb:8b:
9e:6e:19:96:cf:7d:65:3e:5c:b5:74:d7:2f:20:3e:54:d3:76:
62:bd:ff:37:21:dc:d3:a7:54:d2:20:40:ad:b9:86:33:58:3c:
27:93:86:72:0a:e6:77:5e:f7:30:fb:74:50:de:25:8f:43:95:
4e:f0:43:36:1d:c9:d8:fb:ef:6d:37:ab:c2:ae:23:91:70:ef:
18:f1:8d:a4:05:57:b4:83:78:42:5c:5d:05:a1:55:f4:36:02:
6d:a4:df:e7:30:b7:9a:aa:32:36:15:c0:7e:f5:0a:69:81:b9:
17:08:89:b7:38:04:6e:a2:06:dc:86:d3:65:be:c2:96:cd:bd:
7c:87:d7:91:89:18:62:c0:f1:85:54:a6:e9:52:20:12:d4:f9:
8e:d7:60:1f:97:7b:74:d1:15:58:39:66:94:69:0a:b2:1e:43:
61:6a:20:d4
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIDUKczMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGFh
Y2E0ZjRhNzM3ZWMwOWYzMzVhYzQwNjMzMTMzMzI4MjEzZWZjM2QwHhcNMjIwNTE2
MTM1MzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwMTM4NzY0Njk4YzQ3
ZDg0NWM5NGY4ZTBhYzIyMzAzNDFmZGU3NDUzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArBb2kkhCZbdE2qoB8Fdk5eSjdeNyRaXTy/DKpyZ6vgB9q4Me
mCOHqgU4HRiLsSS3PWQ2zaAHXjVw0tbqv9l+lz4QnxIc/OB3lsckYvt5WvsOSlMn
qikAPGwwVIml4U2rgwdwR17exrj3f0z12yq9Nnsc74G5G9wJFlauywdfVgB+n2g1
0uayusRvHpqRHwaWnpaJW4QOWLFSCcn3FNy1EJgxLg+i6JvKHm4Oq16g1Fcs1Z+n
HHH4T1aZZrwKkv02xy7y6P2/UZBVt4USlzGmLvu/p9L6JEyjD4RaMw5Zt4GXMzYv
xln1pTCoLjFilFqR+hjGF3PpUqUNLh6iHiOUTwIDAQABo4ICLjCCAiowHQYDVR0O
BBYEFAE4dkaYxH2EXJT44KwiMDQf3nRTMB8GA1UdIwQYMBaAFKrKT0pzfsCfM1rE
BjMTMyghPvw9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cXNwUFNuTi13Sjh6V3NRR014TXpLQ0UtX0QwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC82Ny9jMTg3NmEtZmFlMS00M2NjLWEyZDctMzM0ZTZmMzMyMTgwLzEv
QVRoMlJwakVmWVJjbFBqZ3JDSXdOQl9lZEZNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9j
MTg3NmEtZmFlMS00M2NjLWEyZDctMzM0ZTZmMzMyMTgwLzEvcXNwUFNuTi13Sjh6
V3NRR014TXpLQ0UtX0QwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEQG
CCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaMAwDBAAtmPkDBAAtmPoDBADCBYQDBADC
BZEwDwQCAAIwCQMHACoSUEAAATANBgkqhkiG9w0BAQsFAAOCAQEAvn9vebWuAqio
gjJ7VkMC60uu/vgoQpNjT4L5TZZzHlUsF3SP13y+hLMVx60+hIEqIrVwyjSjtb1M
Ek3NEzWDl3WCHEMnkCBejXLvb9tF9IHU7JS2A3OUwPuLnm4Zls99ZT5ctXTXLyA+
VNN2Yr3/NyHc06dU0iBArbmGM1g8J5OGcgrmd173MPt0UN4lj0OVTvBDNh3J2Pvv
bTerwq4jkXDvGPGNpAVXtIN4QlxdBaFV9DYCbaTf5zC3mqoyNhXAfvUKaYG5FwiJ
tzgEbqIG3IbTZb7Cls29fIfXkYkYYsDxhVSm6VIgEtT5jtdgH5d7dNEVWDlmlGkK
sh5DYWog1A==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:33 2025 by rpki-client