Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/p531JLZ-VGPC1J5JcpBnHv_iS18.roa
File: p531JLZ-VGPC1J5JcpBnHv_iS18.roa (raw, json)
Hash identifier: 72zXtANOJfSFYpMIFgRXNpj1Q6i6SzkbLqM8Wj+twIk=
Subject key identifier: A7:9D:F5:24:B6:7E:54:63:C2:D4:9E:49:72:90:67:1E:FF:E2:4B:5F
Certificate issuer: /CN=510b419f0c17b4c8be217f64388d268d14dc261e
Certificate serial: 018750A97047073ACDED4CF37ED4C8CCEA86
Authority key identifier: 51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/p531JLZ-VGPC1J5JcpBnHv_iS18.roa
Signing time: Wed 05 Apr 2023 09:04:54 +0000
ROA not before: Wed 05 Apr 2023 09:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 206.204.0.0/20 maxlen: 32
206.204.16.0/20 maxlen: 32
43.252.28.0/22 maxlen: 32
103.211.184.0/23 maxlen: 32
206.204.32.0/20 maxlen: 32
203.78.168.0/21 maxlen: 32
206.204.48.0/20 maxlen: 32
37.61.226.0/24 maxlen: 32
94.176.48.0/20 maxlen: 32
92.255.86.0/23 maxlen: 32
216.194.80.0/20 maxlen: 32
103.225.128.0/22 maxlen: 32
89.223.14.0/23 maxlen: 32
89.223.18.0/23 maxlen: 32
45.130.120.0/22 maxlen: 32
92.255.32.0/21 maxlen: 32
103.207.152.0/23 maxlen: 32
213.188.64.0/22 maxlen: 32
193.151.52.0/22 maxlen: 32
116.212.188.0/22 maxlen: 32
180.94.216.0/22 maxlen: 32
213.188.80.0/20 maxlen: 32
85.208.148.0/22 maxlen: 32
103.30.12.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:50:a9:70:47:07:3a:cd:ed:4c:f3:7e:d4:c8:cc:ea:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=510b419f0c17b4c8be217f64388d268d14dc261e
Validity
Not Before: Apr 5 09:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a79df524b67e5463c2d49e497290671effe24b5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c4:ae:26:b3:0c:c2:dd:ba:90:1c:cf:b2:8c:
f0:41:df:fe:c4:a2:18:7f:fb:29:41:59:ab:fa:66:
be:28:bc:87:f6:72:51:60:72:c6:7b:8f:70:68:15:
21:85:8e:14:c0:69:41:6a:66:c1:35:c4:05:d2:28:
e4:21:c4:66:62:da:73:95:bb:5a:fa:ac:4c:be:b6:
55:8a:29:28:1e:8c:d8:67:6a:5a:9d:27:f5:b8:09:
a7:f3:8c:2e:b9:71:5a:04:40:08:e4:e4:07:25:6f:
6f:f5:31:62:a2:0e:2c:16:a9:92:ae:9a:8e:87:2a:
2c:b9:c5:ff:7b:b7:27:2c:71:ac:a6:70:4e:8b:5d:
5d:d8:0e:15:e2:39:50:26:a8:6b:69:39:8a:5a:25:
2f:ae:5c:72:4d:f1:c2:b6:0f:00:be:45:5a:1f:37:
db:9d:f3:80:26:98:fc:a5:88:d2:6d:1e:de:4b:64:
ba:eb:45:fd:40:7e:65:b9:17:c7:53:d4:31:08:91:
df:c4:0f:dc:be:91:bc:5b:2a:b9:30:ed:3a:6c:47:
62:d2:dd:cf:e1:10:6c:74:ea:76:27:f3:e2:80:1c:
11:09:88:24:18:32:01:8d:d5:fa:53:fe:37:28:68:
6e:c5:9f:b7:98:6a:00:79:b5:8b:0e:41:30:c8:80:
30:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:9D:F5:24:B6:7E:54:63:C2:D4:9E:49:72:90:67:1E:FF:E2:4B:5F
X509v3 Authority Key Identifier:
keyid:51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/p531JLZ-VGPC1J5JcpBnHv_iS18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.226.0/24
43.252.28.0/22
45.130.120.0/22
85.208.148.0/22
89.223.14.0/23
89.223.18.0/23
92.255.32.0/21
92.255.86.0/23
94.176.48.0/20
103.30.12.0/22
103.207.152.0/23
103.211.184.0/23
103.225.128.0/22
116.212.188.0/22
180.94.216.0/22
193.151.52.0/22
203.78.168.0/21
206.204.0.0/18
213.188.64.0/22
213.188.80.0/20
216.194.80.0/20
Signature Algorithm: sha256WithRSAEncryption
69:3d:72:e8:ba:cd:8f:01:b4:89:f1:8b:87:55:7d:64:9f:51:
42:6d:e9:87:50:d9:f9:24:91:17:43:ef:63:76:2a:92:93:fa:
17:e1:df:e9:f3:69:ea:cf:2b:20:f3:e9:73:f7:56:b1:df:74:
f9:53:4b:c9:63:28:77:9d:58:91:8c:a2:6e:96:70:2a:7d:b7:
7d:7a:5e:a9:1b:8c:87:81:9c:5f:3e:cd:d1:2c:73:4c:04:07:
59:bb:54:5f:01:e0:e8:38:70:a9:c9:0a:b7:4d:d9:69:63:0a:
09:14:ea:0b:9c:7b:5e:f2:ee:de:df:bf:2f:2d:5b:b3:0e:82:
9d:f3:6e:bd:cc:4d:50:ed:e3:3d:0a:19:02:1b:ba:fa:25:24:
34:45:f1:03:ca:1f:71:a3:f4:fe:44:df:31:20:8a:e3:16:07:
0a:0a:9b:cb:96:7b:b2:b9:5a:59:f4:4a:e4:f0:83:91:0e:82:
0f:b2:68:ea:87:3f:ea:c4:46:1f:a0:38:b7:cc:2f:3d:d4:bf:
a1:56:a9:5b:50:54:33:f4:8c:7e:2c:fa:db:3e:9b:ed:83:88:
eb:79:09:44:18:0a:69:bc:d1:d4:da:5f:4f:fa:24:0e:07:10:
cc:89:8a:95:43:e1:b7:e2:7d:fb:b5:4a:e4:19:20:98:3f:98:
ab:e7:c8:58
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYdQqXBHBzrN7UzzftTIzOqGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMGI0MTlmMGMxN2I0YzhiZTIxN2Y2NDM4OGQyNjhkMTRk
YzI2MWUwHhcNMjMwNDA1MDkwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzlkZjUyNGI2N2U1NDYzYzJkNDllNDk3MjkwNjcxZWZmZTI0YjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4MSuJrMMwt26kBzPsozwQd/+xKIY
f/spQVmr+ma+KLyH9nJRYHLGe49waBUhhY4UwGlBambBNcQF0ijkIcRmYtpzlbta
+qxMvrZViikoHozYZ2panSf1uAmn84wuuXFaBEAI5OQHJW9v9TFiog4sFqmSrpqO
hyosucX/e7cnLHGspnBOi11d2A4V4jlQJqhraTmKWiUvrlxyTfHCtg8AvkVaHzfb
nfOAJpj8pYjSbR7eS2S660X9QH5luRfHU9QxCJHfxA/cvpG8Wyq5MO06bEdi0t3P
4RBsdOp2J/PigBwRCYgkGDIBjdX6U/43KGhuxZ+3mGoAebWLDkEwyIAw6wIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFKed9SS2flRjwtSeSXKQZx7/4ktfMB8GA1UdIwQY
MBaAFFELQZ8MF7TIviF/ZDiNJo0U3CYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYt
MTRhMDk5OTNkNjcxLzEvcDUzMUpMWi1WR1BDMUo1SmNwQm5Idl9pUzE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYtMTRhMDk5OTNkNjcx
LzEvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEACU9
4gMEAiv8HAMEAi2CeAMEAlXQlAMEAVnfDgMEAVnfEgMEA1z/IAMEAVz/VgMEBF6w
MAMEAmceDAMEAWfPmAMEAWfTuAMEAmfhgAMEAnTUvAMEArRe2AMEAsGXNAMEA8tO
qAMEBs7MAAMEAtW8QAMEBNW8UAMEBNjCUDANBgkqhkiG9w0BAQsFAAOCAQEAaT1y
6LrNjwG0ifGLh1V9ZJ9RQm3ph1DZ+SSRF0PvY3YqkpP6F+Hf6fNp6s8rIPPpc/dW
sd90+VNLyWMod51YkYyibpZwKn23fXpeqRuMh4GcXz7N0SxzTAQHWbtUXwHg6Dhw
qckKt03ZaWMKCRTqC5x7XvLu3t+/Ly1bsw6CnfNuvcxNUO3jPQoZAhu6+iUkNEXx
A8ofcaP0/kTfMSCK4xYHCgqby5Z7srlaWfRK5PCDkQ6CD7Jo6oc/6sRGH6A4t8wv
PdS/oVapW1BUM/SMfiz62z6b7YOI63kJRBgKabzR1NpfT/okDgcQzImKlUPht+J9
+7VK5BkgmD+Yq+fIWA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:58 2025 by rpki-client