Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/_7h6n3ODjEits0Nah0O6A_A8U8w.roa
File: _7h6n3ODjEits0Nah0O6A_A8U8w.roa (raw, json)
Hash identifier: RJ5P/1lCBTOazsfrmGJeyGsTIB/TShCVJdJMZqJWDhE=
Subject key identifier: FF:B8:7A:9F:73:83:8C:48:AD:B3:43:5A:87:43:BA:03:F0:3C:53:CC
Certificate issuer: /CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Certificate serial: 01856B530E86C757CB0F4E13344F263F36C5
Authority key identifier: 4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/_7h6n3ODjEits0Nah0O6A_A8U8w.roa
Signing time: Sun 01 Jan 2023 03:14:43 +0000
ROA not before: Sun 01 Jan 2023 03:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25160
IP address blocks: 185.120.204.0/22 maxlen: 22
158.41.64.0/18 maxlen: 18
193.221.128.0/19 maxlen: 24
165.65.0.0/16 maxlen: 16
206.245.208.0/20 maxlen: 20
206.245.224.0/19 maxlen: 24
91.238.221.0/24 maxlen: 24
185.237.48.0/22 maxlen: 24
185.28.240.0/22 maxlen: 24
144.98.0.0/16 maxlen: 24
82.163.192.0/19 maxlen: 24
193.0.176.0/23 maxlen: 24
5.10.144.0/20 maxlen: 24
194.8.254.0/23 maxlen: 24
2a00:e346::/32 maxlen: 32
2a00:e347::/32 maxlen: 32
2a00:e345::/32 maxlen: 32
2a00:e340::/29 maxlen: 29
2a00:e342::/32 maxlen: 32
2a00:e340:3::/48 maxlen: 48
2a00:e341::/32 maxlen: 32
2a00:e344::/32 maxlen: 32
2a00:e344:3f00::/48 maxlen: 48
2a00:e340::/32 maxlen: 32
2a00:e343::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:53:0e:86:c7:57:cb:0f:4e:13:34:4f:26:3f:36:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Validity
Not Before: Jan 1 03:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ffb87a9f73838c48adb3435a8743ba03f03c53cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:73:24:8f:97:81:79:ad:a4:f4:bd:83:39:60:
b5:3e:09:70:b2:8e:f7:74:92:1c:61:70:d6:71:c0:
23:ad:b5:90:d4:78:f6:8e:21:b5:94:6a:4b:3f:95:
3c:fb:3a:8c:2e:db:51:c5:23:23:11:90:e5:d5:40:
aa:8a:44:1d:77:91:23:1d:e1:30:43:62:4f:c3:53:
38:f7:87:6f:68:82:8f:b6:18:a6:ce:9e:20:80:ba:
e9:c6:98:4a:ae:75:0f:57:f8:23:fc:33:7e:14:0a:
cc:d5:87:3f:73:85:c2:dd:c0:63:61:39:f3:e4:5d:
f9:e7:26:6b:23:9e:1a:35:41:f1:25:45:60:06:66:
3e:80:c7:73:ab:7f:08:8f:55:83:a8:6e:79:34:60:
fe:14:70:8e:1c:09:09:a0:84:7e:4b:2d:41:85:fa:
3c:2c:01:e5:00:ee:33:11:21:d4:e2:a3:12:37:f4:
a3:df:e6:f4:53:1e:58:fd:de:cb:98:4b:92:4d:df:
78:e2:85:03:4a:05:d5:1b:ab:a5:99:1d:35:70:00:
6f:44:39:67:57:5c:d2:af:7a:81:9e:59:fa:47:ad:
ad:e9:dc:8e:78:18:dc:95:a2:a0:78:67:5e:cc:7b:
01:57:1b:b5:77:88:5d:e4:c7:d2:e1:5e:5b:b9:09:
d3:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:B8:7A:9F:73:83:8C:48:AD:B3:43:5A:87:43:BA:03:F0:3C:53:CC
X509v3 Authority Key Identifier:
keyid:4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/_7h6n3ODjEits0Nah0O6A_A8U8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.144.0/20
82.163.192.0/19
91.238.221.0/24
144.98.0.0/16
158.41.64.0/18
165.65.0.0/16
185.28.240.0/22
185.120.204.0/22
185.237.48.0/22
193.0.176.0/23
193.221.128.0/19
194.8.254.0/23
206.245.208.0-206.245.255.255
IPv6:
2a00:e340::/29
Signature Algorithm: sha256WithRSAEncryption
7d:a5:1e:d4:aa:74:a9:de:e0:04:18:d3:d4:50:20:86:bb:55:
8f:07:5a:29:ce:66:02:4c:ca:7c:d3:86:d0:14:32:c4:32:05:
f3:2f:05:c1:6a:b3:f6:0b:49:78:15:0e:61:08:a7:66:60:7e:
aa:89:de:12:83:77:bb:18:ef:ef:3d:3f:d8:c4:5c:0b:95:d8:
bf:f7:ff:61:67:51:15:39:f8:2e:fe:ae:df:5a:7b:dd:6d:e6:
dc:22:22:10:69:e9:9c:ef:09:02:44:c0:4a:0e:b5:ea:00:fd:
ff:58:1b:74:6f:7b:bb:45:c5:7f:83:1a:33:d2:cf:e3:f4:78:
fa:a6:af:78:96:e6:a2:a6:96:2d:3e:6a:f7:6a:cb:72:94:47:
a2:f8:5f:3d:c5:fa:0c:0a:62:7d:d0:78:6a:c2:1b:33:6a:f9:
68:e9:be:1e:76:f9:61:69:b8:00:fe:ed:ca:58:13:06:0c:d2:
7c:dc:04:69:83:3d:34:47:79:9d:71:48:32:70:30:b6:5d:27:
13:dd:4d:4b:db:6d:4b:9a:ad:51:52:4e:c0:30:74:2f:7d:3f:
d5:4c:8b:b2:91:6f:c2:4b:3b:5f:3f:fd:f0:3f:6a:51:05:af:
1c:99:9b:7d:c1:67:a5:86:30:46:c9:db:11:93:c2:ab:30:08:
67:14:92:c9
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYVrUw6Gx1fLD04TNE8mPzbFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTg0M2E4NWRkNjY0ZTlkYzAzMTA4OTJiZDdkZDljZTUy
NTkxYzcwHhcNMjMwMTAxMDMxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmI4N2E5ZjczODM4YzQ4YWRiMzQzNWE4NzQzYmEwM2YwM2M1M2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnMkj5eBea2k9L2DOWC1Pglwso73
dJIcYXDWccAjrbWQ1Hj2jiG1lGpLP5U8+zqMLttRxSMjEZDl1UCqikQdd5EjHeEw
Q2JPw1M494dvaIKPthimzp4ggLrpxphKrnUPV/gj/DN+FArM1Yc/c4XC3cBjYTnz
5F355yZrI54aNUHxJUVgBmY+gMdzq38Ij1WDqG55NGD+FHCOHAkJoIR+Sy1Bhfo8
LAHlAO4zESHU4qMSN/Sj3+b0Ux5Y/d7LmEuSTd944oUDSgXVG6ulmR01cABvRDln
V1zSr3qBnln6R62t6dyOeBjclaKgeGdezHsBVxu1d4hd5MfS4V5buQnTtQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFP+4ep9zg4xIrbNDWodDugPwPFPMMB8GA1UdIwQY
MBaAFE7oQ6hd1mTp3AMQiSvX3ZzlJZHHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjct
NDhjZjQxMmIzODdiLzEvXzdoNm4zT0RqRWl0czBOYWgwTzZBX0E4VTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjctNDhjZjQxMmIzODdi
LzEvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBZBAIAATBTAwQEBQqQAwQF
UqPAAwQAW+7dAwMAkGIDBAaeKUADAwClQQMEArkc8AMEArl4zAMEArntMAMEAcEA
sAMEBcHdgAMEAcII/jALAwQEzvXQAwMBzvQwDQQCAAIwBwMFAyoA40AwDQYJKoZI
hvcNAQELBQADggEBAH2lHtSqdKne4AQY09RQIIa7VY8HWinOZgJMynzThtAUMsQy
BfMvBcFqs/YLSXgVDmEIp2ZgfqqJ3hKDd7sY7+89P9jEXAuV2L/3/2FnURU5+C7+
rt9ae91t5twiIhBp6ZzvCQJEwEoOteoA/f9YG3Rve7tFxX+DGjPSz+P0ePqmr3iW
5qKmli0+avdqy3KUR6L4Xz3F+gwKYn3QeGrCGzNq+Wjpvh52+WFpuAD+7cpYEwYM
0nzcBGmDPTRHeZ1xSDJwMLZdJxPdTUvbbUuarVFSTsAwdC99P9VMi7KRb8JLO18/
/fA/alEFrxyZm33BZ6WGMEbJ2xGTwqswCGcUksk=
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:35:49 2025 by rpki-client