Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/e37d1d-d4fb-496c-af49-3420684c7e41/1/5BKRiKmFLrxpd3RpsUsS7Zlvqmo.roa
File: 5BKRiKmFLrxpd3RpsUsS7Zlvqmo.roa (raw, json)
Hash identifier: +fY2EtzyBcVMgdr7mTL4J0MSltDhc+7Sgvv/GHISh1E=
Subject key identifier: E4:12:91:88:A9:85:2E:BC:69:77:74:69:B1:4B:12:ED:99:6F:AA:6A
Certificate issuer: /CN=0a41a925f8d6684c86107d2756b4aa93881f02ae
Certificate serial: 018571A793B823EEDF37765BBAF1897F78D8
Authority key identifier: 0A:41:A9:25:F8:D6:68:4C:86:10:7D:27:56:B4:AA:93:88:1F:02:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkGpJfjWaEyGEH0nVrSqk4gfAq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/e37d1d-d4fb-496c-af49-3420684c7e41/1/5BKRiKmFLrxpd3RpsUsS7Zlvqmo.roa
Signing time: Mon 02 Jan 2023 08:44:45 +0000
ROA not before: Mon 02 Jan 2023 08:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12601
IP address blocks: 185.113.40.0/22 maxlen: 22
80.94.176.0/22 maxlen: 22
80.94.185.0/24 maxlen: 24
80.94.182.0/23 maxlen: 23
80.94.184.0/24 maxlen: 24
185.211.140.0/22 maxlen: 22
185.194.80.0/22 maxlen: 22
213.159.9.0/24 maxlen: 24
64.126.192.0/23 maxlen: 23
80.94.188.0/23 maxlen: 23
64.126.194.0/23 maxlen: 23
194.5.134.0/24 maxlen: 24
64.126.200.0/22 maxlen: 22
64.126.208.0/24 maxlen: 24
64.126.212.0/22 maxlen: 22
64.126.212.0/24 maxlen: 24
194.126.236.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:93:b8:23:ee:df:37:76:5b:ba:f1:89:7f:78:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a41a925f8d6684c86107d2756b4aa93881f02ae
Validity
Not Before: Jan 2 08:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4129188a9852ebc69777469b14b12ed996faa6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:59:8a:3f:a9:6d:74:01:93:8c:bc:ec:eb:b3:
80:d1:fd:44:55:36:9c:b2:96:34:70:66:31:60:16:
c5:10:ed:21:6b:69:46:1d:16:f1:2b:55:c3:51:1c:
4e:f8:df:7c:ef:86:cb:ea:cf:16:e7:93:52:87:ce:
dc:fa:f0:5e:41:ac:9d:99:ea:12:74:13:4e:b8:75:
c3:6a:8b:9e:a9:be:b5:6d:b6:c8:3a:4e:c8:4d:bd:
43:9a:19:e6:ac:f8:5c:ce:99:61:27:2b:f3:66:56:
7e:62:6b:50:46:8e:ea:9f:12:2b:e2:24:9d:51:25:
5e:25:3a:e5:a7:05:6d:62:c4:88:1e:99:1a:b8:21:
42:99:87:07:f7:61:5a:cf:30:48:9e:cb:a8:0e:2f:
5c:96:bb:75:ac:b1:f9:1e:21:52:65:b0:71:f4:a6:
f4:be:11:de:d3:e0:7b:33:45:97:65:21:6f:e6:fd:
0d:a7:8e:f5:9d:05:3c:ae:d5:d6:67:84:5c:a4:87:
08:c9:1c:b4:7e:8c:2b:9d:3d:e1:b6:ef:9c:a3:14:
e8:a4:b4:54:7c:cc:40:06:82:8d:27:2b:03:8b:78:
bb:f0:87:34:35:00:8a:bc:2b:95:9e:7c:b5:1f:96:
b3:bd:ba:2f:10:ed:9d:b6:06:8c:fb:86:5f:99:97:
dd:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:12:91:88:A9:85:2E:BC:69:77:74:69:B1:4B:12:ED:99:6F:AA:6A
X509v3 Authority Key Identifier:
keyid:0A:41:A9:25:F8:D6:68:4C:86:10:7D:27:56:B4:AA:93:88:1F:02:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkGpJfjWaEyGEH0nVrSqk4gfAq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e37d1d-d4fb-496c-af49-3420684c7e41/1/5BKRiKmFLrxpd3RpsUsS7Zlvqmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e37d1d-d4fb-496c-af49-3420684c7e41/1/CkGpJfjWaEyGEH0nVrSqk4gfAq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.126.192.0/22
64.126.200.0/22
64.126.208.0/24
64.126.212.0/22
80.94.176.0/22
80.94.182.0-80.94.185.255
80.94.188.0/23
185.113.40.0/22
185.194.80.0/22
185.211.140.0/22
194.5.134.0/24
194.126.236.0/24
213.159.9.0/24
Signature Algorithm: sha256WithRSAEncryption
94:17:22:67:9a:4e:45:da:15:0f:a0:f6:b4:9d:22:09:65:a1:
05:62:d2:2d:ba:33:46:a8:85:47:c4:2c:95:f4:37:dc:1c:a7:
e9:13:7d:72:62:86:d5:b7:3f:76:3f:93:a3:37:da:7a:48:2b:
09:dc:4c:57:7f:12:85:9b:15:16:f9:d3:b3:67:c8:33:4a:e7:
7e:05:cc:90:46:56:b6:d3:76:d8:64:e9:dd:9e:11:7e:8b:cd:
6e:68:d3:59:95:50:41:ff:4d:44:08:2c:e8:4e:80:e6:38:b5:
84:e1:7e:6a:8c:32:df:09:3e:0d:0d:40:e9:28:69:fa:e5:39:
4b:de:b8:ba:9c:16:41:cd:83:89:f5:47:9d:d0:4b:38:07:96:
b1:b9:ec:4e:8a:50:b3:db:65:d2:df:ea:e5:9f:d4:9f:be:c3:
5a:b6:25:a6:c2:1b:4e:00:0e:c1:01:f8:ce:31:76:77:1f:f7:
b0:69:45:ca:41:83:61:80:fc:06:4e:8c:2d:72:65:0c:71:55:
34:b7:14:f0:35:49:44:de:0c:8b:13:45:dc:93:50:cd:a3:96:
5d:cb:50:72:44:74:4c:dd:89:c5:9c:be:2e:05:13:1f:65:fc:
ba:af:10:df:46:f0:29:4c:37:ea:f4:11:51:85:da:c7:0f:9b:
2a:62:bd:0c
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYVxp5O4I+7fN3ZbuvGJf3jYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNDFhOTI1ZjhkNjY4NGM4NjEwN2QyNzU2YjRhYTkzODgx
ZjAyYWUwHhcNMjMwMTAyMDg0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDEyOTE4OGE5ODUyZWJjNjk3Nzc0NjliMTRiMTJlZDk5NmZhYTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFmKP6ltdAGTjLzs67OA0f1EVTac
spY0cGYxYBbFEO0ha2lGHRbxK1XDURxO+N9874bL6s8W55NSh87c+vBeQaydmeoS
dBNOuHXDaoueqb61bbbIOk7ITb1DmhnmrPhczplhJyvzZlZ+YmtQRo7qnxIr4iSd
USVeJTrlpwVtYsSIHpkauCFCmYcH92FazzBInsuoDi9clrt1rLH5HiFSZbBx9Kb0
vhHe0+B7M0WXZSFv5v0Np471nQU8rtXWZ4RcpIcIyRy0fowrnT3htu+coxTopLRU
fMxABoKNJysDi3i78Ic0NQCKvCuVnny1H5azvbovEO2dtgaM+4ZfmZfdHwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFOQSkYiphS68aXd0abFLEu2Zb6pqMB8GA1UdIwQY
MBaAFApBqSX41mhMhhB9J1a0qpOIHwKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2tHcEpmaldhRXlHRUgwblZyU3FrNGdmQXE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9lMzdkMWQtZDRmYi00OTZjLWFmNDkt
MzQyMDY4NGM3ZTQxLzEvNUJLUmlLbUZMcnhwZDNScHNVc1M3Wmx2cW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9lMzdkMWQtZDRmYi00OTZjLWFmNDktMzQyMDY4NGM3ZTQx
LzEvQ2tHcEpmaldhRXlHRUgwblZyU3FrNGdmQXE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQCQH7AAwQC
QH7IAwQAQH7QAwQCQH7UAwQCUF6wMAwDBAFQXrYDBAFQXrgDBAFQXrwDBAK5cSgD
BAK5wlADBAK504wDBADCBYYDBADCfuwDBADVnwkwDQYJKoZIhvcNAQELBQADggEB
AJQXImeaTkXaFQ+g9rSdIglloQVi0i26M0aohUfELJX0N9wcp+kTfXJihtW3P3Y/
k6M32npIKwncTFd/EoWbFRb507NnyDNK534FzJBGVrbTdthk6d2eEX6LzW5o01mV
UEH/TUQILOhOgOY4tYThfmqMMt8JPg0NQOkoafrlOUveuLqcFkHNg4n1R53QSzgH
lrG57E6KULPbZdLf6uWf1J++w1q2JabCG04ADsEB+M4xdncf97BpRcpBg2GA/AZO
jC1yZQxxVTS3FPA1SUTeDIsTRdyTUM2jll3LUHJEdEzdicWcvi4FEx9l/LqvEN9G
8ClMN+r0EVGF2scPmypivQw=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:41:55 2025 by rpki-client