Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/P5EsR3jc2C1RMNqGSkYfprAvdeo.roa
File: P5EsR3jc2C1RMNqGSkYfprAvdeo.roa (raw, json)
Hash identifier: f7DhJSOPptSdyffz1Azc6pc8jjVwTbsD23zm6vYmL9A=
Subject key identifier: 3F:91:2C:47:78:DC:D8:2D:51:30:DA:86:4A:46:1F:A6:B0:2F:75:EA
Certificate issuer: /CN=10543a5197eb2544447e9d36b3ebf14452c777eb
Certificate serial: 018505C257CFA754B07A2796EFFF876562B9
Authority key identifier: 10:54:3A:51:97:EB:25:44:44:7E:9D:36:B3:EB:F1:44:52:C7:77:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/P5EsR3jc2C1RMNqGSkYfprAvdeo.roa
Signing time: Mon 12 Dec 2022 09:55:00 +0000
ROA not before: Mon 12 Dec 2022 09:55:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199256
IP address blocks: 193.120.55.0/24 maxlen: 24
193.120.164.0/23 maxlen: 23
194.125.118.0/24 maxlen: 24
193.120.22.0/24 maxlen: 24
193.120.40.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:c2:57:cf:a7:54:b0:7a:27:96:ef:ff:87:65:62:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10543a5197eb2544447e9d36b3ebf14452c777eb
Validity
Not Before: Dec 12 09:55:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f912c4778dcd82d5130da864a461fa6b02f75ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:78:12:30:ba:17:35:19:37:23:7a:66:fa:99:
43:84:21:95:57:21:25:0e:48:eb:a4:b7:61:d5:82:
dc:36:7b:1e:6d:f6:95:b3:54:d8:b1:6b:e6:d1:97:
78:41:01:e2:b3:f1:3f:4a:1c:d1:21:39:3a:11:8d:
bb:02:ab:8e:86:39:be:a9:79:d1:4b:2a:20:90:06:
94:39:7b:11:83:ae:6e:5a:99:e1:40:82:af:10:f8:
a0:04:a0:06:0c:03:ca:5b:31:32:51:8d:07:28:3d:
70:ba:5f:79:77:8d:6d:7f:50:09:25:fa:35:6f:4b:
ee:31:e1:21:a4:ec:74:1b:05:3d:e3:ed:07:c0:1a:
84:d7:67:b1:a0:c3:bd:ff:10:11:db:ba:fc:f9:c7:
e2:3a:60:de:36:e9:a7:4e:ed:f8:50:af:67:83:8b:
c3:28:4b:31:3d:fb:35:be:be:bd:80:db:3c:7b:8a:
21:10:aa:bc:c4:c5:24:ce:3c:bc:44:16:ce:0c:f1:
35:07:94:4c:77:ad:be:da:01:2b:83:e2:5b:63:64:
41:5e:a3:3d:65:25:d7:1e:1f:bc:92:12:e5:0f:e6:
53:27:aa:f9:b7:f7:2e:ff:c4:c8:47:75:2e:4c:77:
37:c7:c7:b5:80:c6:c4:90:9e:5d:7a:48:0e:26:89:
2e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:91:2C:47:78:DC:D8:2D:51:30:DA:86:4A:46:1F:A6:B0:2F:75:EA
X509v3 Authority Key Identifier:
keyid:10:54:3A:51:97:EB:25:44:44:7E:9D:36:B3:EB:F1:44:52:C7:77:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/P5EsR3jc2C1RMNqGSkYfprAvdeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.120.22.0/24
193.120.40.0/23
193.120.55.0/24
193.120.164.0/23
194.125.118.0/24
Signature Algorithm: sha256WithRSAEncryption
57:f4:dc:2e:04:0f:25:93:d6:4d:9d:75:d5:f4:d6:58:c4:dc:
5a:6c:6f:90:ed:a0:ea:78:6a:f7:03:50:47:fe:51:b5:d8:73:
64:30:92:9d:98:5c:7e:bb:91:b9:fa:b8:55:42:46:3b:39:e3:
be:70:17:27:b9:b9:6b:5b:8b:d6:a2:e8:6e:ff:84:96:2b:c6:
b0:9f:95:64:c9:1b:49:f7:e2:54:fd:d5:06:33:34:a7:27:a0:
06:d9:de:3c:59:5b:e4:04:87:ce:4f:ed:98:61:89:ce:19:4c:
f3:a6:f6:cd:1c:09:3f:e7:80:fc:fc:48:f6:0e:80:64:a9:ed:
d0:03:a5:77:85:d9:5a:a8:15:a6:10:9b:8c:2a:44:49:87:de:
25:03:8b:28:41:75:60:57:18:c6:f7:00:c1:28:1f:0f:0d:67:
e1:8b:d6:cb:54:a5:37:fc:43:f5:69:22:60:05:be:ed:a9:36:
ae:91:22:c1:dc:b3:e5:83:e2:e5:ec:1f:4b:a1:9d:17:c2:fc:
c4:33:bc:6b:40:1b:5b:cf:cc:60:b0:d6:51:a0:7f:6c:7e:ab:
7f:bf:87:ef:e5:f4:99:44:95:98:c5:0b:d4:28:62:5f:b6:45:
32:27:e5:3f:3f:23:e0:20:dc:fd:94:5a:f3:eb:1e:e2:4a:56:
16:e6:b1:d1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYUFwlfPp1SweieW7/+HZWK5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTQzYTUxOTdlYjI1NDQ0NDdlOWQzNmIzZWJmMTQ0NTJj
Nzc3ZWIwHhcNMjIxMjEyMDk1NTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjkxMmM0Nzc4ZGNkODJkNTEzMGRhODY0YTQ2MWZhNmIwMmY3NWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXgSMLoXNRk3I3pm+plDhCGVVyEl
DkjrpLdh1YLcNnsebfaVs1TYsWvm0Zd4QQHis/E/ShzRITk6EY27AquOhjm+qXnR
SyogkAaUOXsRg65uWpnhQIKvEPigBKAGDAPKWzEyUY0HKD1wul95d41tf1AJJfo1
b0vuMeEhpOx0GwU94+0HwBqE12exoMO9/xAR27r8+cfiOmDeNumnTu34UK9ng4vD
KEsxPfs1vr69gNs8e4ohEKq8xMUkzjy8RBbODPE1B5RMd62+2gErg+JbY2RBXqM9
ZSXXHh+8khLlD+ZTJ6r5t/cu/8TIR3UuTHc3x8e1gMbEkJ5dekgOJokuMQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFD+RLEd43NgtUTDahkpGH6awL3XqMB8GA1UdIwQY
MBaAFBBUOlGX6yVERH6dNrPr8URSx3frMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZRNlVaZnJKVVJFZnAwMnMtdnhSRkxIZC1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8xYmU3YmMtYjY0Mi00YTBkLThlNmIt
ZjdlMGM1ZTI3MDJlLzEvUDVFc1IzamMyQzFSTU5xR1NrWWZwckF2ZGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8xYmU3YmMtYjY0Mi00YTBkLThlNmItZjdlMGM1ZTI3MDJl
LzEvRUZRNlVaZnJKVVJFZnAwMnMtdnhSRkxIZC1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXgWAwQB
wXgoAwQAwXg3AwQBwXikAwQAwn12MA0GCSqGSIb3DQEBCwUAA4IBAQBX9NwuBA8l
k9ZNnXXV9NZYxNxabG+Q7aDqeGr3A1BH/lG12HNkMJKdmFx+u5G5+rhVQkY7OeO+
cBcnublrW4vWouhu/4SWK8awn5VkyRtJ9+JU/dUGMzSnJ6AG2d48WVvkBIfOT+2Y
YYnOGUzzpvbNHAk/54D8/Ej2DoBkqe3QA6V3hdlaqBWmEJuMKkRJh94lA4soQXVg
VxjG9wDBKB8PDWfhi9bLVKU3/EP1aSJgBb7tqTaukSLB3LPlg+Ll7B9LoZ0XwvzE
M7xrQBtbz8xgsNZRoH9sfqt/v4fv5fSZRJWYxQvUKGJftkUyJ+U/PyPgINz9lFrz
6x7iSlYW5rHR
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:16 2023 by rpki-client on console-fra.rpki-client.org