Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/InI7IbnCh30CoSHlPVaNnFI0rE0.roa
File: InI7IbnCh30CoSHlPVaNnFI0rE0.roa (raw, json)
Hash identifier: c66WUX0PnO4u+hH1JEetRIM6KitAJpbWz8zbp4RJRg0=
Subject key identifier: 22:72:3B:21:B9:C2:87:7D:02:A1:21:E5:3D:56:8D:9C:52:34:AC:4D
Certificate issuer: /CN=1759436869089cd9c7e6d02028f24a2fe49b86d5
Certificate serial: 3321AB11
Authority key identifier: 17:59:43:68:69:08:9C:D9:C7:E6:D0:20:28:F2:4A:2F:E4:9B:86:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1lDaGkInNnH5tAgKPJKL-SbhtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/InI7IbnCh30CoSHlPVaNnFI0rE0.roa
Signing time: Sat 01 Jan 2022 02:56:56 +0000
ROA not before: Sat 01 Jan 2022 02:56:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57888
IP address blocks: 5.149.66.0/24 maxlen: 24
217.9.20.0/22 maxlen: 22
5.149.78.0/23 maxlen: 23
5.149.85.0/24 maxlen: 24
5.149.84.0/22 maxlen: 22
5.149.84.0/24 maxlen: 24
5.149.80.0/22 maxlen: 22
5.149.87.0/24 maxlen: 24
5.149.86.0/24 maxlen: 24
85.235.84.0/22 maxlen: 22
194.99.16.0/22 maxlen: 22
194.53.156.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 857844497 (0x3321ab11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1759436869089cd9c7e6d02028f24a2fe49b86d5
Validity
Not Before: Jan 1 02:56:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22723b21b9c2877d02a121e53d568d9c5234ac4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:7a:02:ec:f2:b1:52:16:41:31:3b:a3:27:db:
a1:47:aa:f9:77:d8:38:55:bf:a1:ec:10:a8:82:de:
ed:61:ff:0a:96:23:34:42:1b:46:e0:d7:55:b5:4d:
db:91:6f:78:d0:af:33:b4:54:1f:9e:ac:83:2a:14:
73:bd:5f:e6:84:e2:b6:21:3f:09:09:70:4c:35:dd:
32:42:7e:25:71:c9:75:58:b3:60:86:a1:91:5e:a1:
42:f7:7d:40:ab:e1:a4:81:85:7e:46:86:ef:14:79:
24:cd:1c:26:09:1a:53:cb:87:c0:bb:ee:64:ad:56:
54:98:a8:29:56:68:3b:93:9d:7b:a0:ec:6d:b2:6d:
98:8f:68:6d:27:88:71:10:0b:c0:e7:8d:bd:31:23:
82:d9:b1:4a:ac:50:c7:bc:09:42:ae:fc:0c:e3:c9:
33:74:d9:8c:b3:1c:ab:7b:04:2d:7d:fc:03:8b:10:
45:c3:00:35:92:75:9a:db:c7:d8:35:30:7a:e0:3e:
93:f0:b5:be:13:0b:1d:f2:ca:02:0d:73:a7:25:37:
12:35:fe:53:b1:83:89:6e:bb:af:bd:b7:a3:56:14:
74:94:52:6c:c3:17:79:4f:e8:d5:03:46:68:a2:17:
9a:55:93:18:12:a3:bc:52:6d:0b:87:dd:8f:19:ca:
b2:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:72:3B:21:B9:C2:87:7D:02:A1:21:E5:3D:56:8D:9C:52:34:AC:4D
X509v3 Authority Key Identifier:
keyid:17:59:43:68:69:08:9C:D9:C7:E6:D0:20:28:F2:4A:2F:E4:9B:86:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1lDaGkInNnH5tAgKPJKL-SbhtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/InI7IbnCh30CoSHlPVaNnFI0rE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/F1lDaGkInNnH5tAgKPJKL-SbhtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.66.0/24
5.149.78.0-5.149.87.255
85.235.84.0/22
194.53.156.0/22
194.99.16.0/22
217.9.20.0/22
Signature Algorithm: sha256WithRSAEncryption
07:aa:63:34:bb:72:90:d3:de:49:c0:a3:ef:b5:30:1d:5f:6c:
83:65:cc:df:5a:77:fc:2a:c0:ff:3e:d8:fa:5f:19:98:3d:1f:
44:c2:30:27:13:ab:8d:13:70:44:de:c5:14:a8:83:37:36:37:
1e:51:28:ea:1e:e6:08:25:ce:e5:b6:5f:89:bd:6b:39:b4:be:
6a:95:f0:b2:c9:ed:6b:e2:eb:59:f4:62:45:b6:ba:75:3b:ae:
3d:41:77:d8:71:7e:80:d2:84:34:53:a8:a8:ea:fe:b6:73:c2:
19:9a:8a:80:60:ac:c1:1a:7d:9e:40:aa:ee:d3:79:1f:92:c3:
a8:59:d2:ac:ec:d4:88:27:d9:d1:0c:92:db:ee:3f:02:e0:28:
85:63:f3:df:78:fa:8c:e8:f1:ed:2f:7f:b3:1f:04:3e:ae:db:
0e:62:28:45:8f:6a:7c:db:b9:e5:80:40:82:d0:e3:35:c7:37:
55:15:c3:21:ad:f8:f0:85:55:4e:e5:1e:67:ea:fc:dd:f7:52:
af:4d:e8:12:3b:08:60:42:d9:f7:7d:03:fa:25:c2:6c:ca:5f:
49:5a:69:33:bb:d4:90:72:50:eb:70:0d:37:e0:cf:30:e5:c3:
34:a9:96:56:e4:80:c1:74:60:04:ef:bf:3b:93:60:41:37:b1:
29:5f:a2:2d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEMyGrETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NzU5NDM2ODY5MDg5Y2Q5YzdlNmQwMjAyOGYyNGEyZmU0OWI4NmQ1MB4XDTIyMDEw
MTAyNTY1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjI3MjNiMjFiOWMy
ODc3ZDAyYTEyMWU1M2Q1NjhkOWM1MjM0YWM0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN56AuzysVIWQTE7oyfboUeq+XfYOFW/oewQqILe7WH/CpYj
NEIbRuDXVbVN25FveNCvM7RUH56sgyoUc71f5oTitiE/CQlwTDXdMkJ+JXHJdViz
YIahkV6hQvd9QKvhpIGFfkaG7xR5JM0cJgkaU8uHwLvuZK1WVJioKVZoO5Ode6Ds
bbJtmI9obSeIcRALwOeNvTEjgtmxSqxQx7wJQq78DOPJM3TZjLMcq3sELX38A4sQ
RcMANZJ1mtvH2DUweuA+k/C1vhMLHfLKAg1zpyU3EjX+U7GDiW67r723o1YUdJRS
bMMXeU/o1QNGaKIXmlWTGBKjvFJtC4fdjxnKstcCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBQicjshucKHfQKhIeU9Vo2cUjSsTTAfBgNVHSMEGDAWgBQXWUNoaQic2cfm
0CAo8kov5JuG1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0YxbERhR2tJbk5uSDV0QWdLUEpLTC1TYmh0VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvNzI0N2QyLTBhMjgtNGU0YS1hYTBjLWZlZjQxZGQ4NzZjMC8x
L0luSTdJYm5DaDMwQ29TSGxQVmFObkZJMHJFMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
NzI0N2QyLTBhMjgtNGU0YS1hYTBjLWZlZjQxZGQ4NzZjMC8xL0YxbERhR2tJbk5u
SDV0QWdLUEpLTC1TYmh0VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLAMEAAWVQjAMAwQBBZVOAwQDBZVQAwQC
VetUAwQCwjWcAwQCwmMQAwQC2QkUMA0GCSqGSIb3DQEBCwUAA4IBAQAHqmM0u3KQ
095JwKPvtTAdX2yDZczfWnf8KsD/Ptj6XxmYPR9EwjAnE6uNE3BE3sUUqIM3Njce
USjqHuYIJc7ltl+JvWs5tL5qlfCyye1r4utZ9GJFtrp1O649QXfYcX6A0oQ0U6io
6v62c8IZmoqAYKzBGn2eQKru03kfksOoWdKs7NSIJ9nRDJLb7j8C4CiFY/PfePqM
6PHtL3+zHwQ+rtsOYihFj2p827nlgECC0OM1xzdVFcMhrfjwhVVO5R5n6vzd91Kv
TegSOwhgQtn3fQP6JcJsyl9JWmkzu9SQclDrcA034M8w5cM0qZZW5IDBdGAE7787
k2BBN7EpX6It
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:17 2025 by rpki-client