Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/M1ou5xDaCT1jHKfB5xpTIO63qUg.roa
File: M1ou5xDaCT1jHKfB5xpTIO63qUg.roa (raw, json)
Hash identifier: 1Q5L+bFpMBwRrBtb79hjMlmjLGflO189Ijuu6w8NcZA=
Subject key identifier: 33:5A:2E:E7:10:DA:09:3D:63:1C:A7:C1:E7:1A:53:20:EE:B7:A9:48
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 01887AA19EB1A86476213DADDAA67E1E6EC3
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/M1ou5xDaCT1jHKfB5xpTIO63qUg.roa
Signing time: Fri 02 Jun 2023 05:43:12 +0000
ROA not before: Fri 02 Jun 2023 05:43:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197343
IP address blocks: 5.56.128.0/22 maxlen: 22
37.32.42.0/24 maxlen: 24
37.32.41.0/24 maxlen: 24
37.32.40.0/22 maxlen: 24
5.57.34.0/24 maxlen: 24
5.57.33.0/24 maxlen: 24
5.57.36.0/24 maxlen: 24
5.57.35.0/24 maxlen: 24
185.212.48.0/24 maxlen: 24
185.212.49.0/24 maxlen: 24
178.239.150.0/24 maxlen: 24
178.239.156.0/23 maxlen: 23
178.239.156.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7a:a1:9e:b1:a8:64:76:21:3d:ad:da:a6:7e:1e:6e:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jun 2 05:43:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=335a2ee710da093d631ca7c1e71a5320eeb7a948
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:6d:c7:be:f5:6d:b2:65:ca:93:d0:72:b9:26:
10:2c:38:c9:19:bf:89:4b:a9:87:02:34:69:f9:30:
45:42:6a:98:1a:33:86:b3:be:02:e3:5b:96:11:05:
9e:bd:ca:56:90:ac:c4:91:20:e7:d2:57:0a:c7:74:
79:c6:15:0b:5c:2e:e9:83:65:bd:43:e6:4a:d9:21:
bb:f0:82:18:67:65:8a:8e:8a:88:3a:d4:6c:f3:45:
ef:ab:86:0a:33:6b:61:d1:b6:5e:6e:71:4f:2a:6a:
b9:0c:90:a3:0b:92:a3:e7:a3:04:a1:d0:53:33:91:
12:29:1e:94:ca:2b:9b:5d:cc:93:b7:ec:70:98:e1:
41:12:36:7f:9d:fc:99:46:e5:83:6b:48:b1:c9:6d:
a5:aa:ec:8e:f2:7e:bf:10:1e:d7:db:83:fb:ea:f9:
5e:4c:f3:4c:ce:46:61:61:ca:7c:86:ca:d2:f9:c3:
81:7e:36:3d:64:02:71:5c:fd:59:da:93:85:61:bc:
c0:e4:1d:fe:b9:88:f4:5b:6d:fa:01:97:5b:bc:a5:
74:e6:f7:7e:74:b9:15:7f:0b:32:d7:c7:2a:bd:54:
3b:4b:f0:c2:13:61:5f:64:10:19:6c:7f:e4:df:e0:
1a:6b:99:f0:39:06:9b:85:34:f2:6c:26:69:b8:4c:
41:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:5A:2E:E7:10:DA:09:3D:63:1C:A7:C1:E7:1A:53:20:EE:B7:A9:48
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/M1ou5xDaCT1jHKfB5xpTIO63qUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.128.0/22
5.57.33.0-5.57.36.255
37.32.40.0/22
178.239.150.0/24
178.239.156.0/22
185.212.48.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:7f:3d:8b:44:0e:e7:0d:2b:e1:ac:49:4c:b2:8f:e2:52:29:
63:e7:ff:de:91:4f:3d:ff:87:80:fd:88:2d:df:7d:94:aa:87:
68:00:60:bb:d7:35:dd:a4:98:16:40:1c:26:d2:ba:44:ba:fb:
0e:db:06:77:b4:06:a0:7f:61:ed:11:8d:76:b9:3e:18:73:38:
de:72:39:83:c4:ca:2d:dc:aa:fe:98:3e:fb:df:2a:d6:4c:8c:
01:c8:64:a7:e5:d4:e6:cc:47:2a:ac:01:b5:e3:01:80:3f:e0:
94:e3:4a:bc:a8:b8:85:f9:d6:96:31:a7:56:e5:6a:4a:cb:76:
03:c2:50:09:23:58:b1:dc:3c:fa:f2:ca:34:e0:6d:81:dd:bb:
ab:81:b2:85:fb:c1:e2:8b:2c:c4:96:4f:3e:48:ee:a7:14:e4:
60:ff:d7:a0:bb:c4:4c:87:9f:04:b8:ae:1d:f6:0c:46:9d:e3:
27:61:21:e5:57:70:88:eb:6e:54:b2:7e:7d:e1:2d:1c:f8:00:
45:4d:50:c3:aa:e1:75:f6:1c:77:4e:ff:1b:50:4c:49:65:ed:
a7:8a:28:39:60:2e:59:d5:fb:fb:9a:39:4f:50:ee:d1:b6:d7:
ac:35:e2:9c:b4:fd:5d:68:27:c5:f4:b3:21:02:80:d2:d9:14:
d0:39:a2:b3
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYh6oZ6xqGR2IT2t2qZ+Hm7DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMwNjAyMDU0MzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzVhMmVlNzEwZGEwOTNkNjMxY2E3YzFlNzFhNTMyMGVlYjdhOTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl23HvvVtsmXKk9ByuSYQLDjJGb+J
S6mHAjRp+TBFQmqYGjOGs74C41uWEQWevcpWkKzEkSDn0lcKx3R5xhULXC7pg2W9
Q+ZK2SG78IIYZ2WKjoqIOtRs80Xvq4YKM2th0bZebnFPKmq5DJCjC5Kj56MEodBT
M5ESKR6UyiubXcyTt+xwmOFBEjZ/nfyZRuWDa0ixyW2lquyO8n6/EB7X24P76vle
TPNMzkZhYcp8hsrS+cOBfjY9ZAJxXP1Z2pOFYbzA5B3+uYj0W236AZdbvKV05vd+
dLkVfwsy18cqvVQ7S/DCE2FfZBAZbH/k3+Aaa5nwOQabhTTybCZpuExBMQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFDNaLucQ2gk9YxynwecaUyDut6lIMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvTTFvdTV4RGFDVDFqSEtmQjV4cFRJTzYzcVVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCBTiAMAwD
BAAFOSEDBAAFOSQDBAIlICgDBACy75YDBAKy75wDBAG51DAwDQYJKoZIhvcNAQEL
BQADggEBADx/PYtEDucNK+GsSUyyj+JSKWPn/96RTz3/h4D9iC3ffZSqh2gAYLvX
Nd2kmBZAHCbSukS6+w7bBne0BqB/Ye0RjXa5PhhzON5yOYPEyi3cqv6YPvvfKtZM
jAHIZKfl1ObMRyqsAbXjAYA/4JTjSryouIX51pYxp1blakrLdgPCUAkjWLHcPPry
yjTgbYHdu6uBsoX7weKLLMSWTz5I7qcU5GD/16C7xEyHnwS4rh32DEad4ydhIeVX
cIjrblSyfn3hLRz4AEVNUMOq4XX2HHdO/xtQTEll7aeKKDlgLlnV+/uaOU9Q7tG2
16w14py0/V1oJ8X0syECgNLZFNA5orM=
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:01:09 2025 by rpki-client