Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/1-R5TCVh8c4W89G162hLYeYrXUmY.roa
File: 1-R5TCVh8c4W89G162hLYeYrXUmY.roa (raw, json)
Hash identifier: Fdd8IOa0YT3iwgmQQFM7W93r0HXfzxaKcl9PZ4xprUo=
Subject key identifier: F9:1E:53:09:58:7C:73:85:BC:F4:6D:7A:DA:12:D8:79:8A:D7:52:66
Certificate issuer: /CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Certificate serial: 018BECD40BE686CF07C5FB96E18EAEBB56FB
Authority key identifier: B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/1-R5TCVh8c4W89G162hLYeYrXUmY.roa
Signing time: Mon 20 Nov 2023 13:03:21 +0000
ROA not before: Mon 20 Nov 2023 13:03:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47952
IP address blocks: 185.82.222.0/24 maxlen: 24
185.82.220.0/24 maxlen: 24
185.82.223.0/24 maxlen: 24
91.194.52.0/24 maxlen: 24
91.194.54.0/24 maxlen: 24
185.201.213.0/24 maxlen: 24
185.201.212.0/24 maxlen: 24
185.201.214.0/24 maxlen: 24
185.201.215.0/24 maxlen: 24
2a0a:c4c0:1::/48 maxlen: 48
2a0a:c4c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:d4:0b:e6:86:cf:07:c5:fb:96:e1:8e:ae:bb:56:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Validity
Not Before: Nov 20 13:03:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f91e5309587c7385bcf46d7ada12d8798ad75266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:29:c9:eb:40:d5:b0:ca:6a:d3:bb:ff:46:82:
ec:2d:61:59:a1:5e:3f:fd:23:61:94:e7:48:4e:5c:
ad:c8:59:62:24:d8:af:3d:37:ed:1f:fb:5c:c5:86:
8e:89:65:ae:80:5b:a9:cc:30:6c:cf:a6:9e:65:49:
75:22:c6:df:a4:d3:c2:58:8c:c7:c5:8b:eb:ee:ed:
40:b8:e1:8d:81:75:63:ff:0d:60:39:81:93:96:68:
28:18:b1:32:5a:92:e4:89:d9:6e:55:29:b4:17:b3:
c8:b8:ae:59:b6:fd:f5:8c:19:15:f2:a1:40:d2:e3:
32:81:2d:9e:83:08:b9:36:04:14:8f:bd:21:24:76:
9c:1c:93:8a:41:15:3b:aa:8b:7f:86:e7:68:9a:a9:
06:e8:9b:03:54:9b:4e:c7:77:b1:b1:33:22:6d:54:
67:54:4f:9a:09:6b:3e:96:5b:d3:bc:25:2b:db:a2:
ce:d3:66:a9:c7:e6:8d:cb:f5:7f:43:17:9c:9f:c2:
99:ca:b6:4c:32:f4:a8:d1:3d:98:9c:da:11:24:fb:
c8:c3:a0:78:b9:9a:fa:a9:9d:16:0d:53:b4:6c:82:
05:a5:3d:c5:68:f4:72:19:9f:1d:93:a7:ec:5a:5f:
ab:54:78:ea:a6:4a:2e:32:05:1f:f0:74:a8:e5:a3:
2c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:1E:53:09:58:7C:73:85:BC:F4:6D:7A:DA:12:D8:79:8A:D7:52:66
X509v3 Authority Key Identifier:
keyid:B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/1-R5TCVh8c4W89G162hLYeYrXUmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.52.0/24
91.194.54.0/24
185.82.220.0/24
185.82.222.0/23
185.201.212.0/22
IPv6:
2a0a:c4c0::/47
Signature Algorithm: sha256WithRSAEncryption
68:63:ad:54:1e:10:0e:d3:43:f2:35:3c:6e:58:cf:ba:0a:4f:
52:79:9f:e0:d8:27:6e:32:be:29:f0:d5:df:9f:d7:ed:b6:8a:
77:29:85:d0:85:a7:62:7c:f3:b3:b2:be:68:87:58:f0:28:92:
09:0c:5b:24:b2:52:e4:f1:80:91:1b:c2:9b:81:c7:86:ed:54:
ce:5c:1d:d3:0d:4a:90:60:04:c0:c4:84:27:8a:a0:d1:b5:3a:
f2:d2:28:c0:7b:eb:ab:28:53:66:61:6e:01:a6:19:21:6e:42:
36:90:9a:3c:fc:d6:8b:08:fd:ee:3f:0e:d1:8f:f9:74:68:fa:
80:f1:b7:08:ef:e6:52:06:c1:5d:f7:01:fa:42:37:ca:32:ab:
96:c6:58:c0:3d:dc:ce:d8:08:f2:b6:e3:2a:11:e0:00:3d:e6:
b3:9d:9b:57:b9:f2:20:d8:36:86:31:65:2c:c2:1e:fe:d5:2e:
69:ad:7e:6f:6f:50:cc:e4:26:a2:f6:21:94:bc:4e:45:6f:09:
26:dd:29:24:1f:42:1e:b5:49:ef:05:c1:69:b6:d2:37:b7:8d:
71:85:37:fe:fd:a9:8f:98:36:15:34:c9:f9:19:85:e7:a6:86:
89:b1:bc:ce:ac:35:c8:53:61:ae:9e:25:85:33:d0:4c:f2:40:
54:5d:ba:68
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYvs1Avmhs8HxfuW4Y6uu1b7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MzBiNzNiNTFjYmM1MzgwZGQ0YWRiM2Q1YWFmZjRkN2Ez
MzRjNWUwHhcNMjMxMTIwMTMwMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTFlNTMwOTU4N2M3Mzg1YmNmNDZkN2FkYTEyZDg3OThhZDc1MjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgynJ60DVsMpq07v/RoLsLWFZoV4/
/SNhlOdITlytyFliJNivPTftH/tcxYaOiWWugFupzDBsz6aeZUl1IsbfpNPCWIzH
xYvr7u1AuOGNgXVj/w1gOYGTlmgoGLEyWpLkidluVSm0F7PIuK5Ztv31jBkV8qFA
0uMygS2egwi5NgQUj70hJHacHJOKQRU7qot/hudomqkG6JsDVJtOx3exsTMibVRn
VE+aCWs+llvTvCUr26LO02apx+aNy/V/Qxecn8KZyrZMMvSo0T2YnNoRJPvIw6B4
uZr6qZ0WDVO0bIIFpT3FaPRyGZ8dk6fsWl+rVHjqpkouMgUf8HSo5aMsVwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPkeUwlYfHOFvPRtetoS2HmK11JmMB8GA1UdIwQY
MBaAFLYwtztRy8U4DdSts9Wq/016M0xeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGpDM08xSEx4VGdOMUsyejFhcl9UWG96VEY0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC80NzQ4YzctY2Q5ZS00MDFlLWE4YTQt
MGQ0OGU2ODk1ZjEyLzEvMS1SNVRDVmg4YzRXODlHMTYyaExZZVlyWFVtWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2QvNDc0OGM3LWNkOWUtNDAxZS1hOGE0LTBkNDhlNjg5NWYx
Mi8xL3RqQzNPMUhMeFRnTjFLMnoxYXJfVFhvelRGNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBIBggrBgEFBQcBBwEB/wQ5MDcwJAQCAAEwHgMEAFvCNAME
AFvCNgMEALlS3AMEAblS3gMEArnJ1DAPBAIAAjAJAwcBKgrEwAAAMA0GCSqGSIb3
DQEBCwUAA4IBAQBoY61UHhAO00PyNTxuWM+6Ck9SeZ/g2CduMr4p8NXfn9fttop3
KYXQhadifPOzsr5oh1jwKJIJDFskslLk8YCRG8KbgceG7VTOXB3TDUqQYATAxIQn
iqDRtTry0ijAe+urKFNmYW4BphkhbkI2kJo8/NaLCP3uPw7Rj/l0aPqA8bcI7+ZS
BsFd9wH6QjfKMquWxljAPdzO2AjytuMqEeAAPeaznZtXufIg2DaGMWUswh7+1S5p
rX5vb1DM5Cai9iGUvE5Fbwkm3SkkH0IetUnvBcFpttI3t41xhTf+/amPmDYVNMn5
GYXnpoaJsbzOrDXIU2GuniWFM9BM8kBUXbpo
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:32:44 2025 by rpki-client