Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/7CiaFqds6gMywAprsMPlgDdWuoc.roa
File: 7CiaFqds6gMywAprsMPlgDdWuoc.roa (raw, json)
Hash identifier: 60xcx6UP8boOBb/ROA7ZaD4d1JJk8P6piD9hq0wahh4=
Subject key identifier: EC:28:9A:16:A7:6C:EA:03:32:C0:0A:6B:B0:C3:E5:80:37:56:BA:87
Certificate issuer: /CN=6daacc448c4a23afc94a45a79b76dfbe830b2598
Certificate serial: 3402F95E
Authority key identifier: 6D:AA:CC:44:8C:4A:23:AF:C9:4A:45:A7:9B:76:DF:BE:83:0B:25:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/barMRIxKI6_JSkWnm3bfvoMLJZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/7CiaFqds6gMywAprsMPlgDdWuoc.roa
Signing time: Thu 30 Jun 2022 09:06:02 +0000
ROA not before: Thu 30 Jun 2022 09:06:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57704
IP address blocks: 193.7.223.0/24 maxlen: 24
193.7.220.0/24 maxlen: 24
193.7.222.0/24 maxlen: 24
193.7.221.0/24 maxlen: 24
45.146.15.0/24 maxlen: 24
45.146.12.0/24 maxlen: 24
45.146.14.0/24 maxlen: 24
45.146.13.0/24 maxlen: 24
5.133.24.0/21 maxlen: 24
5.253.71.0/24 maxlen: 24
5.253.68.0/22 maxlen: 22
5.253.68.0/24 maxlen: 24
5.253.70.0/24 maxlen: 24
5.253.69.0/24 maxlen: 24
185.132.248.0/22 maxlen: 24
2a09:9900::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 872610142 (0x3402f95e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6daacc448c4a23afc94a45a79b76dfbe830b2598
Validity
Not Before: Jun 30 09:06:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ec289a16a76cea0332c00a6bb0c3e5803756ba87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:14:c4:7b:12:e0:cb:1f:9c:f2:cb:b9:e8:46:
c6:3a:e1:49:ad:03:c6:57:e2:5a:6e:6f:82:d4:8e:
11:9c:7b:fa:7a:1c:c5:e9:9c:46:79:9f:04:4e:4b:
e3:3d:d1:9f:16:d8:4b:04:c8:5a:a2:02:7d:5a:11:
b7:38:48:15:9a:8b:eb:80:5d:d4:5a:d5:ae:44:0a:
74:f1:11:22:89:b1:e1:50:4d:fc:e3:f4:93:62:bf:
7a:d7:71:e5:35:80:92:f0:c4:87:70:42:61:a9:0f:
5f:42:ff:b0:9e:2f:65:96:de:74:0f:89:d0:a9:ab:
f6:7f:1f:25:94:8c:cd:29:24:87:7b:71:f5:0a:b9:
49:ea:a0:40:30:c6:a0:98:3a:64:6c:3b:9f:f8:8a:
3d:9d:93:f7:47:9e:6b:db:2a:60:c6:17:93:d4:13:
6e:77:7e:9d:9f:8c:84:a2:f6:0e:3c:87:ca:38:ad:
91:78:c9:81:00:39:1e:ff:52:2c:28:7c:5c:dc:4b:
c4:d6:24:c8:12:c0:ca:05:1c:dd:15:48:67:fb:72:
b0:1a:bf:94:09:c9:c6:59:d2:54:f5:4b:11:ec:75:
af:3a:e9:3b:0c:f6:24:9d:5b:2b:12:9f:fd:e9:17:
86:c2:ff:69:e7:8c:2a:a5:91:85:84:ed:75:65:41:
57:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:28:9A:16:A7:6C:EA:03:32:C0:0A:6B:B0:C3:E5:80:37:56:BA:87
X509v3 Authority Key Identifier:
keyid:6D:AA:CC:44:8C:4A:23:AF:C9:4A:45:A7:9B:76:DF:BE:83:0B:25:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/barMRIxKI6_JSkWnm3bfvoMLJZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/7CiaFqds6gMywAprsMPlgDdWuoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/barMRIxKI6_JSkWnm3bfvoMLJZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.24.0/21
5.253.68.0/22
45.146.12.0/22
185.132.248.0/22
193.7.220.0/22
IPv6:
2a09:9900::/32
Signature Algorithm: sha256WithRSAEncryption
55:1c:5f:de:7c:10:43:c6:51:59:c9:0a:97:dc:b5:36:ae:66:
0a:6f:65:4f:71:f5:a2:b6:9f:bd:11:20:89:83:72:7c:b1:77:
42:b4:b9:bf:41:52:91:40:f5:e6:01:c6:e8:32:1d:36:e8:2b:
ee:94:9b:5b:2a:4e:fb:48:81:85:21:0c:fc:39:e9:d7:82:0c:
29:87:fd:55:e9:cc:48:fa:05:11:10:4d:20:f8:98:1d:e7:a9:
c8:21:60:e3:ea:34:47:35:3e:64:43:78:b8:e1:c4:46:1e:63:
7f:ac:07:f7:b9:af:b9:93:b2:3e:22:7e:eb:4b:7b:f5:32:05:
26:b6:48:5a:a1:ee:12:85:c1:86:db:10:58:44:0e:5d:38:1b:
31:66:63:94:76:33:7a:ff:96:45:9c:22:db:e3:f4:49:f9:78:
ca:af:d6:85:50:d2:2a:13:4f:94:42:f8:c7:0c:85:39:4b:e3:
f1:81:7c:72:8f:15:c7:61:10:d4:ce:c0:be:36:f6:9c:9d:1c:
fe:6b:f4:99:84:c7:36:14:bb:31:d8:3a:ef:3d:0d:79:cc:1a:
22:b6:00:aa:6a:a9:d5:2e:8a:3e:d0:67:6c:67:38:49:74:4c:
1c:8e:bf:2a:bd:87:25:32:b3:37:01:08:1f:a6:92:0c:60:d8:
f6:34:79:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIENAL5XjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZGFhY2M0NDhjNGEyM2FmYzk0YTQ1YTc5Yjc2ZGZiZTgzMGIyNTk4MB4XDTIyMDYz
MDA5MDYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWMyODlhMTZhNzZj
ZWEwMzMyYzAwYTZiYjBjM2U1ODAzNzU2YmE4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI0UxHsS4MsfnPLLuehGxjrhSa0DxlfiWm5vgtSOEZx7+noc
xemcRnmfBE5L4z3RnxbYSwTIWqICfVoRtzhIFZqL64Bd1FrVrkQKdPERIomx4VBN
/OP0k2K/etdx5TWAkvDEh3BCYakPX0L/sJ4vZZbedA+J0Kmr9n8fJZSMzSkkh3tx
9Qq5SeqgQDDGoJg6ZGw7n/iKPZ2T90eea9sqYMYXk9QTbnd+nZ+MhKL2DjyHyjit
kXjJgQA5Hv9SLCh8XNxLxNYkyBLAygUc3RVIZ/tysBq/lAnJxlnSVPVLEex1rzrp
Owz2JJ1bKxKf/ekXhsL/aeeMKqWRhYTtdWVBV8kCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTsKJoWp2zqAzLACmuww+WAN1a6hzAfBgNVHSMEGDAWgBRtqsxEjEojr8lK
Raebdt++gwslmDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Jhck1SSXhLSTZfSlNrV25tM2Jmdm9NTEpaZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvMzQ2NDllLTliYzQtNDAxOC1iM2EwLTc1NmYzY2MzZWMzMy8x
LzdDaWFGcWRzNmdNeXdBcHJzTVBsZ0RkV3VvYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
MzQ2NDllLTliYzQtNDAxOC1iM2EwLTc1NmYzY2MzZWMzMy8xL2Jhck1SSXhLSTZf
SlNrV25tM2Jmdm9NTEpaZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAwWFGAMEAgX9RAMEAi2SDAMEArmE
+AMEAsEH3DANBAIAAjAHAwUAKgmZADANBgkqhkiG9w0BAQsFAAOCAQEAVRxf3nwQ
Q8ZRWckKl9y1Nq5mCm9lT3H1orafvREgiYNyfLF3QrS5v0FSkUD15gHG6DIdNugr
7pSbWypO+0iBhSEM/Dnp14IMKYf9VenMSPoFERBNIPiYHeepyCFg4+o0RzU+ZEN4
uOHERh5jf6wH97mvuZOyPiJ+60t79TIFJrZIWqHuEoXBhtsQWEQOXTgbMWZjlHYz
ev+WRZwi2+P0Sfl4yq/WhVDSKhNPlEL4xwyFOUvj8YF8co8Vx2EQ1M7Avjb2nJ0c
/mv0mYTHNhS7Mdg67z0NecwaIrYAqmqp1S6KPtBnbGc4SXRMHI6/Kr2HJTKzNwEI
H6aSDGDY9jR59Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:45 2025 by rpki-client