Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/aDEFUN01sxKY8-3psg3RPW62efI.roa
File: aDEFUN01sxKY8-3psg3RPW62efI.roa (raw, json)
Hash identifier: gMXfkBv2uzVL8Lz6rCD+qKoWNYKQCnTtlZ9Ookr1awY=
Subject key identifier: 68:31:05:50:DD:35:B3:12:98:F3:ED:E9:B2:0D:D1:3D:6E:B6:79:F2
Certificate issuer: /CN=a24b48edc7a325d7f1ae0f257c0e2835171bc9ae
Certificate serial: 0186FEB03966EFA91798B22765B87C48A3C2
Authority key identifier: A2:4B:48:ED:C7:A3:25:D7:F1:AE:0F:25:7C:0E:28:35:17:1B:C9:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oktI7cejJdfxrg8lfA4oNRcbya4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/aDEFUN01sxKY8-3psg3RPW62efI.roa
Signing time: Mon 20 Mar 2023 11:03:27 +0000
ROA not before: Mon 20 Mar 2023 11:03:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39704
IP address blocks: 5.22.248.0/21 maxlen: 24
185.103.16.0/22 maxlen: 24
185.94.168.0/24 maxlen: 24
194.50.163.0/24 maxlen: 24
213.132.192.0/19 maxlen: 24
46.182.216.0/21 maxlen: 24
91.192.36.0/22 maxlen: 24
94.124.88.0/21 maxlen: 24
2a00:1bd0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fe:b0:39:66:ef:a9:17:98:b2:27:65:b8:7c:48:a3:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24b48edc7a325d7f1ae0f257c0e2835171bc9ae
Validity
Not Before: Mar 20 11:03:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68310550dd35b31298f3ede9b20dd13d6eb679f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:dc:1c:61:fb:56:a4:cf:cf:af:5c:a1:c2:32:
e7:5c:6f:6e:63:50:e3:a0:b6:d4:8c:1c:b4:9f:a6:
a5:23:5b:17:de:97:5d:98:86:fe:55:a8:56:4d:ea:
77:56:51:51:a7:ed:de:3b:39:4f:31:40:d0:d9:9c:
00:51:3c:6d:e1:29:cd:25:57:d0:c3:b0:21:06:32:
e4:16:d9:d4:54:14:09:f2:b5:ab:a9:29:44:3c:24:
32:dc:0e:ef:6b:38:e9:84:2f:bb:e4:51:81:7d:c4:
e3:a9:1c:91:34:d9:e9:39:21:c8:ca:dd:de:9f:44:
f8:f0:c3:7b:c5:96:3d:54:5f:b9:4e:b3:70:c6:ea:
62:9f:d0:96:eb:17:c0:fc:ea:ee:0b:9e:17:2b:03:
0a:0e:b7:d2:24:c8:eb:b6:02:eb:90:22:33:45:b9:
23:72:13:d5:4d:a2:c6:f0:7a:73:56:bd:fd:49:cb:
45:a3:1e:39:69:e6:63:3e:93:d7:a1:44:ab:38:ce:
11:cc:4f:cd:87:72:a1:9e:c8:11:35:29:45:46:bc:
b3:29:23:5a:ce:df:f4:8e:83:ba:f1:8a:4a:5d:e6:
e5:33:6a:71:71:9e:ee:8f:f7:8d:6c:a7:ba:98:48:
8d:57:b3:37:c8:41:66:ca:e5:68:1f:88:67:66:dd:
5b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:31:05:50:DD:35:B3:12:98:F3:ED:E9:B2:0D:D1:3D:6E:B6:79:F2
X509v3 Authority Key Identifier:
keyid:A2:4B:48:ED:C7:A3:25:D7:F1:AE:0F:25:7C:0E:28:35:17:1B:C9:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oktI7cejJdfxrg8lfA4oNRcbya4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/aDEFUN01sxKY8-3psg3RPW62efI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/oktI7cejJdfxrg8lfA4oNRcbya4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.248.0/21
46.182.216.0/21
91.192.36.0/22
94.124.88.0/21
185.94.168.0/24
185.103.16.0/22
194.50.163.0/24
213.132.192.0/19
IPv6:
2a00:1bd0::/32
Signature Algorithm: sha256WithRSAEncryption
6a:44:76:bd:20:d7:cd:62:b2:0e:d6:17:f1:bb:cf:59:8f:eb:
af:25:cc:d7:6c:ed:13:a2:c5:16:6f:4e:fb:cc:a2:24:cf:1a:
44:c5:c9:8f:93:2c:4e:ef:be:6d:ff:5d:ee:b9:0e:b4:9d:a7:
2f:d1:0d:e5:87:90:11:d7:48:82:25:20:41:79:ff:dc:72:05:
75:29:26:c4:cf:10:56:d8:a3:57:43:ff:8d:78:31:73:5d:94:
3c:50:18:0b:5d:f6:d1:38:3b:f8:24:0d:37:24:86:e9:9c:ab:
ed:1b:01:14:ac:cb:0a:1b:f5:5c:70:d0:0a:49:83:82:2e:6e:
cc:b9:9c:96:95:63:37:8d:ea:81:7c:11:18:20:b9:ed:79:64:
6f:34:fd:fb:3c:03:ef:1e:1d:cc:ae:0b:12:95:88:29:86:0d:
f5:6a:cd:73:02:26:f3:36:e3:58:3d:90:a1:16:16:4c:8b:25:
67:c3:cd:01:eb:49:2f:2c:c3:fc:5f:6d:92:be:15:1c:6e:6c:
c4:ba:05:1f:63:f8:5d:bc:17:af:da:b5:9b:41:59:02:60:df:
17:a4:bc:28:ff:9c:3f:c4:cf:12:3c:52:fd:c1:0d:27:0d:77:
b4:30:c5:af:ed:45:40:fc:f3:68:f0:2b:46:ae:92:61:b6:61:
b6:97:2d:f0
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYb+sDlm76kXmLInZbh8SKPCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNGI0OGVkYzdhMzI1ZDdmMWFlMGYyNTdjMGUyODM1MTcx
YmM5YWUwHhcNMjMwMzIwMTEwMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODMxMDU1MGRkMzViMzEyOThmM2VkZTliMjBkZDEzZDZlYjY3OWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9wcYftWpM/Pr1yhwjLnXG9uY1Dj
oLbUjBy0n6alI1sX3pddmIb+VahWTep3VlFRp+3eOzlPMUDQ2ZwAUTxt4SnNJVfQ
w7AhBjLkFtnUVBQJ8rWrqSlEPCQy3A7vazjphC+75FGBfcTjqRyRNNnpOSHIyt3e
n0T48MN7xZY9VF+5TrNwxupin9CW6xfA/OruC54XKwMKDrfSJMjrtgLrkCIzRbkj
chPVTaLG8HpzVr39SctFox45aeZjPpPXoUSrOM4RzE/Nh3KhnsgRNSlFRryzKSNa
zt/0joO68YpKXeblM2pxcZ7uj/eNbKe6mEiNV7M3yEFmyuVoH4hnZt1bswIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFGgxBVDdNbMSmPPt6bIN0T1utnnyMB8GA1UdIwQY
MBaAFKJLSO3HoyXX8a4PJXwOKDUXG8muMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2t0STdjZWpKZGZ4cmc4bGZBNG9OUmNieWE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni82MmFmZWYtNzBkMS00ZmUyLTllZGYt
N2YxZTU3NDg3YzFhLzEvYURFRlVOMDFzeEtZOC0zcHNnM1JQVzYyZWZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni82MmFmZWYtNzBkMS00ZmUyLTllZGYtN2YxZTU3NDg3YzFh
LzEvb2t0STdjZWpKZGZ4cmc4bGZBNG9OUmNieWE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDBRb4AwQD
LrbYAwQCW8AkAwQDXnxYAwQAuV6oAwQCuWcQAwQAwjKjAwQF1YTAMA0EAgACMAcD
BQAqABvQMA0GCSqGSIb3DQEBCwUAA4IBAQBqRHa9INfNYrIO1hfxu89Zj+uvJczX
bO0TosUWb077zKIkzxpExcmPkyxO775t/13uuQ60nacv0Q3lh5AR10iCJSBBef/c
cgV1KSbEzxBW2KNXQ/+NeDFzXZQ8UBgLXfbRODv4JA03JIbpnKvtGwEUrMsKG/Vc
cNAKSYOCLm7MuZyWlWM3jeqBfBEYILnteWRvNP37PAPvHh3MrgsSlYgphg31as1z
AibzNuNYPZChFhZMiyVnw80B60kvLMP8X22SvhUcbmzEugUfY/hdvBev2rWbQVkC
YN8XpLwo/5w/xM8SPFL9wQ0nDXe0MMWv7UVA/PNo8CtGrpJhtmG2ly3w
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:33 2025 by rpki-client