Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/wH5ZgE92kgjWLp6Y7L3zq5iustY.roa
File: wH5ZgE92kgjWLp6Y7L3zq5iustY.roa (raw, json)
Hash identifier: 6SZIgZ2v3gA4WE2k4lGSZ2lnU/Tup/N5myRT7LDNhew=
Subject key identifier: C0:7E:59:80:4F:76:92:08:D6:2E:9E:98:EC:BD:F3:AB:98:AE:B2:D6
Certificate issuer: /CN=e1e8f41f6b02b93f85d1a7b48b48cfa322f088f8
Certificate serial: 01856F26C4105A3ECD6EAC8F941A6086ADB0
Authority key identifier: E1:E8:F4:1F:6B:02:B9:3F:85:D1:A7:B4:8B:48:CF:A3:22:F0:88:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4ej0H2sCuT-F0ae0i0jPoyLwiPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/wH5ZgE92kgjWLp6Y7L3zq5iustY.roa
Signing time: Sun 01 Jan 2023 21:04:49 +0000
ROA not before: Sun 01 Jan 2023 21:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28924
IP address blocks: 195.90.98.0/24 maxlen: 24
195.90.99.0/24 maxlen: 24
195.90.114.0/23 maxlen: 23
195.90.114.0/24 maxlen: 24
212.52.160.0/22 maxlen: 22
212.52.160.0/24 maxlen: 24
212.52.160.0/19 maxlen: 19
212.52.163.0/24 maxlen: 24
212.52.164.0/24 maxlen: 24
212.52.161.0/24 maxlen: 24
212.52.162.0/24 maxlen: 24
212.52.165.0/24 maxlen: 24
212.52.166.0/24 maxlen: 24
212.52.170.0/24 maxlen: 24
212.52.171.0/24 maxlen: 24
212.52.168.0/22 maxlen: 22
212.52.168.0/24 maxlen: 24
212.52.169.0/24 maxlen: 24
212.52.172.0/24 maxlen: 24
212.52.167.0/24 maxlen: 24
212.52.174.0/24 maxlen: 24
212.52.173.0/24 maxlen: 24
212.52.177.0/24 maxlen: 24
212.52.178.0/24 maxlen: 24
212.52.175.0/24 maxlen: 24
212.52.176.0/24 maxlen: 24
212.52.179.0/24 maxlen: 24
212.52.184.0/24 maxlen: 24
212.52.185.0/24 maxlen: 24
212.52.182.0/24 maxlen: 24
212.52.183.0/24 maxlen: 24
212.52.186.0/24 maxlen: 24
212.52.181.0/24 maxlen: 24
212.52.180.0/24 maxlen: 24
212.52.187.0/24 maxlen: 24
212.52.188.0/24 maxlen: 24
212.52.191.0/24 maxlen: 24
212.52.189.0/24 maxlen: 24
212.52.190.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:c4:10:5a:3e:cd:6e:ac:8f:94:1a:60:86:ad:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1e8f41f6b02b93f85d1a7b48b48cfa322f088f8
Validity
Not Before: Jan 1 21:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c07e59804f769208d62e9e98ecbdf3ab98aeb2d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:0f:02:cd:1b:fd:14:48:5f:2b:bf:d2:de:ea:
ed:2f:f6:f4:ce:5f:78:78:b7:8c:86:f6:a2:c9:9f:
01:98:f8:e3:52:a6:63:53:4d:aa:3d:85:cd:7d:6c:
7f:20:bf:9b:cf:c0:38:eb:17:e3:08:52:9b:19:5a:
da:86:75:ab:e4:c2:fd:0e:9b:25:0d:e0:1a:bf:87:
e0:db:48:c3:97:5d:8c:41:10:b9:03:3f:28:2a:62:
fd:90:47:cb:ac:bb:13:51:33:ee:0e:32:48:b5:9e:
0b:94:5a:28:72:3f:27:6a:5b:e1:0b:dc:c9:91:33:
7d:90:04:76:fa:62:37:5f:85:85:25:20:26:14:dd:
c6:7a:62:4f:85:13:22:c7:db:c4:97:44:19:17:05:
23:f9:56:1b:18:28:07:f7:69:e1:1f:4e:02:d8:67:
bc:bf:cf:d9:57:cd:e8:bb:81:f4:3b:c3:95:b5:30:
ec:e1:a8:4b:43:55:33:1a:47:d0:23:81:e6:bf:69:
b3:7a:13:9d:42:39:ac:1b:83:29:a5:af:98:16:ca:
6e:6c:95:5b:a3:94:d5:d8:d9:8b:1f:12:2c:c1:74:
5e:6d:4b:62:68:ff:c8:0d:a3:4d:99:d1:73:18:28:
6f:fe:b5:97:75:28:17:69:bc:37:77:82:8e:30:c1:
32:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:7E:59:80:4F:76:92:08:D6:2E:9E:98:EC:BD:F3:AB:98:AE:B2:D6
X509v3 Authority Key Identifier:
keyid:E1:E8:F4:1F:6B:02:B9:3F:85:D1:A7:B4:8B:48:CF:A3:22:F0:88:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ej0H2sCuT-F0ae0i0jPoyLwiPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/wH5ZgE92kgjWLp6Y7L3zq5iustY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/4ej0H2sCuT-F0ae0i0jPoyLwiPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.90.98.0/23
195.90.114.0/23
212.52.160.0/19
Signature Algorithm: sha256WithRSAEncryption
85:69:45:05:eb:54:9f:f2:83:6d:04:51:4b:7c:1f:c8:a5:c1:
ed:60:7d:79:db:a8:03:02:07:24:d8:5a:2e:56:a2:b1:31:f9:
3a:96:ca:90:64:31:1d:6b:c1:90:d6:76:3f:06:0c:2c:8e:01:
3d:76:b0:5e:b1:be:50:ca:88:35:aa:f8:80:32:eb:a6:0d:a3:
08:f2:a3:79:97:14:e3:b8:11:86:59:ab:9e:c2:eb:93:df:c0:
6e:a8:ab:40:05:70:3b:53:a6:b6:b9:4d:1b:af:7c:82:a1:8c:
ac:1f:1c:25:76:4c:c4:28:3f:e5:ed:bd:bf:40:9a:8d:db:3b:
ce:ca:68:4a:11:7b:20:90:8e:fb:3c:ee:7c:10:b2:37:b8:95:
f9:e2:39:09:31:2d:2d:2b:a8:79:c6:5b:90:6e:78:41:1b:3f:
34:93:d7:ad:f8:a7:e0:15:26:a8:15:31:f1:0e:d3:de:58:48:
9a:02:f0:f6:64:1d:6d:a2:9a:4b:70:81:42:af:99:72:d1:05:
3d:73:62:dd:32:3f:38:19:85:90:c6:65:a4:74:f1:84:5d:48:
dc:fd:4d:f7:9e:82:d0:d2:38:7a:11:5e:40:e2:a6:6a:71:e4:
e8:87:f8:20:cf:d3:2c:5a:e2:1a:4f:35:29:5d:e9:7d:1f:0c:
22:ef:0f:db
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvJsQQWj7NbqyPlBpghq2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZThmNDFmNmIwMmI5M2Y4NWQxYTdiNDhiNDhjZmEzMjJm
MDg4ZjgwHhcNMjMwMTAxMjEwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDdlNTk4MDRmNzY5MjA4ZDYyZTllOThlY2JkZjNhYjk4YWViMmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgw8CzRv9FEhfK7/S3urtL/b0zl94
eLeMhvaiyZ8BmPjjUqZjU02qPYXNfWx/IL+bz8A46xfjCFKbGVrahnWr5ML9Dpsl
DeAav4fg20jDl12MQRC5Az8oKmL9kEfLrLsTUTPuDjJItZ4LlFoocj8nalvhC9zJ
kTN9kAR2+mI3X4WFJSAmFN3GemJPhRMix9vEl0QZFwUj+VYbGCgH92nhH04C2Ge8
v8/ZV83ou4H0O8OVtTDs4ahLQ1UzGkfQI4Hmv2mzehOdQjmsG4Mppa+YFspubJVb
o5TV2NmLHxIswXRebUtiaP/IDaNNmdFzGChv/rWXdSgXabw3d4KOMMEyQwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMB+WYBPdpII1i6emOy986uYrrLWMB8GA1UdIwQY
MBaAFOHo9B9rArk/hdGntItIz6Mi8Ij4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGVqMEgyc0N1VC1GMGFlMGkwalBveUx3aVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85YmE5NDAtMDA3OC00ZmQwLWFmZGUt
NTM3YTJiMGI0ZGRhLzEvd0g1WmdFOTJrZ2pXTHA2WTdMM3pxNWl1c3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85YmE5NDAtMDA3OC00ZmQwLWFmZGUtNTM3YTJiMGI0ZGRh
LzEvNGVqMEgyc0N1VC1GMGFlMGkwalBveUx3aVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBw1piAwQB
w1pyAwQF1DSgMA0GCSqGSIb3DQEBCwUAA4IBAQCFaUUF61Sf8oNtBFFLfB/IpcHt
YH1526gDAgck2FouVqKxMfk6lsqQZDEda8GQ1nY/BgwsjgE9drBesb5Qyog1qviA
MuumDaMI8qN5lxTjuBGGWauewuuT38BuqKtABXA7U6a2uU0br3yCoYysHxwldkzE
KD/l7b2/QJqN2zvOymhKEXsgkI77PO58ELI3uJX54jkJMS0tK6h5xluQbnhBGz80
k9et+KfgFSaoFTHxDtPeWEiaAvD2ZB1toppLcIFCr5ly0QU9c2LdMj84GYWQxmWk
dPGEXUjc/U33noLQ0jh6EV5A4qZqceToh/ggz9MsWuIaTzUpXel9Hwwi7w/b
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:43 2025 by rpki-client