Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/U79N5eSuoouPC1VPyx9NFC9Uyfg.roa
File: U79N5eSuoouPC1VPyx9NFC9Uyfg.roa (raw, json)
Hash identifier: mcUa2TsFiQ7ekyZua8sJjWOSE2wG1+XObIdJcZsR7C4=
Subject key identifier: 53:BF:4D:E5:E4:AE:A2:8B:8F:0B:55:4F:CB:1F:4D:14:2F:54:C9:F8
Certificate issuer: /CN=4b405caab34bbfde6b8ee66c600860c6ce96f32b
Certificate serial: 01857315D16E08DD0AE89AE7825A16B2F39F
Authority key identifier: 4B:40:5C:AA:B3:4B:BF:DE:6B:8E:E6:6C:60:08:60:C6:CE:96:F3:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0BcqrNLv95rjuZsYAhgxs6W8ys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/U79N5eSuoouPC1VPyx9NFC9Uyfg.roa
Signing time: Mon 02 Jan 2023 15:24:47 +0000
ROA not before: Mon 02 Jan 2023 15:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35434
IP address blocks: 195.82.188.0/22 maxlen: 22
83.230.48.0/22 maxlen: 22
213.227.72.0/22 maxlen: 22
212.106.138.0/23 maxlen: 23
212.106.160.0/21 maxlen: 21
195.82.160.0/21 maxlen: 21
195.82.168.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:d1:6e:08:dd:0a:e8:9a:e7:82:5a:16:b2:f3:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b405caab34bbfde6b8ee66c600860c6ce96f32b
Validity
Not Before: Jan 2 15:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53bf4de5e4aea28b8f0b554fcb1f4d142f54c9f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5f:8e:75:b6:82:fa:0d:5f:2a:2f:c8:3a:9d:
a6:e7:8b:1c:e4:5b:52:d4:79:8c:e8:d0:42:bb:d6:
fe:29:01:1f:75:85:5b:d4:20:f4:b4:0b:29:7d:95:
71:b0:c6:c5:47:10:58:71:cf:a4:94:ae:00:a8:cf:
77:41:99:5e:fe:78:05:94:52:11:d5:21:26:1b:e1:
ea:18:34:6d:76:cd:59:cb:ef:2c:da:c2:63:cb:e5:
ac:da:18:08:be:ab:28:84:08:34:13:2d:00:4e:91:
08:9a:51:ca:74:95:cf:51:f2:46:a6:76:01:c7:1f:
83:bc:1d:67:9c:fe:73:2b:3e:1d:c1:e2:ee:98:5b:
4b:53:b1:16:11:8f:45:09:30:f3:12:9c:db:63:02:
d4:bb:93:b7:ac:ac:b7:d4:68:07:a9:eb:7f:06:6a:
5f:8c:45:c3:67:30:2b:96:bb:42:81:2f:d6:25:22:
75:f0:6d:6a:1c:ae:a8:98:75:e9:4f:60:ca:69:07:
ec:d9:7b:f0:57:54:96:20:e3:ab:e3:2c:8d:8b:71:
fc:61:ba:38:1e:ed:69:00:bf:53:cc:1e:60:46:b0:
1a:03:6e:72:cd:10:2e:5d:1c:64:b1:d2:1d:2f:26:
61:51:04:85:93:68:5e:d1:26:23:e3:f7:eb:d6:c2:
fd:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:BF:4D:E5:E4:AE:A2:8B:8F:0B:55:4F:CB:1F:4D:14:2F:54:C9:F8
X509v3 Authority Key Identifier:
keyid:4B:40:5C:AA:B3:4B:BF:DE:6B:8E:E6:6C:60:08:60:C6:CE:96:F3:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0BcqrNLv95rjuZsYAhgxs6W8ys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/U79N5eSuoouPC1VPyx9NFC9Uyfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/S0BcqrNLv95rjuZsYAhgxs6W8ys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.230.48.0/22
195.82.160.0-195.82.171.255
195.82.188.0/22
212.106.138.0/23
212.106.160.0/21
213.227.72.0/22
Signature Algorithm: sha256WithRSAEncryption
50:9d:d3:bf:8d:c0:53:5a:17:00:1a:51:b6:81:43:8b:01:d9:
1f:81:f6:9c:7b:07:b8:b4:02:dd:c6:69:11:0b:d4:9f:66:74:
f2:a7:35:cd:59:b8:19:ee:65:91:8b:30:fa:d9:45:e4:68:f3:
4f:2d:7f:f2:10:61:b7:5e:4e:26:c1:c8:7a:90:93:0f:2d:77:
77:82:58:53:e5:50:32:cc:94:e6:90:15:3c:aa:8b:cf:25:a8:
65:a0:96:33:78:1e:e2:f0:3b:0c:e8:e2:fb:19:17:26:16:e1:
f6:d0:61:8d:1f:0f:ed:59:f1:c8:de:ce:db:cc:24:1c:4a:e5:
f0:60:0c:6d:d9:ef:de:52:11:47:00:1d:b1:2b:83:2c:55:3b:
2c:ce:f5:6e:96:d2:bb:f4:5c:c5:5d:31:cc:b2:f4:a2:24:1b:
63:a4:2d:0e:39:3f:81:4b:1a:80:c4:5e:41:e9:d5:01:0c:b0:
b0:be:1d:aa:87:5d:f4:41:30:2b:ae:ae:97:75:0a:b6:ea:74:
48:be:16:98:fa:19:3f:b8:d5:41:19:50:1e:a2:34:08:86:27:
54:e8:0c:eb:02:1a:b3:bb:25:7f:cb:3b:48:42:ca:5a:11:b4:
26:ad:dd:97:76:f8:9c:aa:21:1e:47:ff:de:5f:b1:64:1c:5c:
89:61:33:a0
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVzFdFuCN0K6JrngloWsvOfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDA1Y2FhYjM0YmJmZGU2YjhlZTY2YzYwMDg2MGM2Y2U5
NmYzMmIwHhcNMjMwMTAyMTUyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2JmNGRlNWU0YWVhMjhiOGYwYjU1NGZjYjFmNGQxNDJmNTRjOWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1+OdbaC+g1fKi/IOp2m54sc5FtS
1HmM6NBCu9b+KQEfdYVb1CD0tAspfZVxsMbFRxBYcc+klK4AqM93QZle/ngFlFIR
1SEmG+HqGDRtds1Zy+8s2sJjy+Ws2hgIvqsohAg0Ey0ATpEImlHKdJXPUfJGpnYB
xx+DvB1nnP5zKz4dweLumFtLU7EWEY9FCTDzEpzbYwLUu5O3rKy31GgHqet/Bmpf
jEXDZzArlrtCgS/WJSJ18G1qHK6omHXpT2DKaQfs2XvwV1SWIOOr4yyNi3H8Ybo4
Hu1pAL9TzB5gRrAaA25yzRAuXRxksdIdLyZhUQSFk2he0SYj4/fr1sL9HwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFFO/TeXkrqKLjwtVT8sfTRQvVMn4MB8GA1UdIwQY
MBaAFEtAXKqzS7/ea47mbGAIYMbOlvMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBCY3FyTkx2OTVyanVac1lBaGd4czZXOHlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85MTRkMzktMzAyMC00Yjc5LWFkMjYt
ZDg3YWZmYjhiYzYxLzEvVTc5TjVlU3Vvb3VQQzFWUHl4OU5GQzlVeWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85MTRkMzktMzAyMC00Yjc5LWFkMjYtZDg3YWZmYjhiYzYx
LzEvUzBCY3FyTkx2OTVyanVac1lBaGd4czZXOHlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCU+YwMAwD
BAXDUqADBALDUqgDBALDUrwDBAHUaooDBAPUaqADBALV40gwDQYJKoZIhvcNAQEL
BQADggEBAFCd07+NwFNaFwAaUbaBQ4sB2R+B9px7B7i0At3GaREL1J9mdPKnNc1Z
uBnuZZGLMPrZReRo808tf/IQYbdeTibByHqQkw8td3eCWFPlUDLMlOaQFTyqi88l
qGWgljN4HuLwOwzo4vsZFyYW4fbQYY0fD+1Z8cjeztvMJBxK5fBgDG3Z795SEUcA
HbErgyxVOyzO9W6W0rv0XMVdMcyy9KIkG2OkLQ45P4FLGoDEXkHp1QEMsLC+HaqH
XfRBMCuurpd1CrbqdEi+Fpj6GT+41UEZUB6iNAiGJ1ToDOsCGrO7JX/LO0hCyloR
tCat3Zd2+JyqIR5H/95fsWQcXIlhM6A=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:01 2025 by rpki-client