Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/tPUMfzbxZcnMZMHZ7AXPQF1cr8U.roa
File: tPUMfzbxZcnMZMHZ7AXPQF1cr8U.roa (raw, json)
Hash identifier: VFufrHGCQytdM0njdxKOJ7zzdq0p1GhfLMmOXtlMik4=
Subject key identifier: B4:F5:0C:7F:36:F1:65:C9:CC:64:C1:D9:EC:05:CF:40:5D:5C:AF:C5
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 0185D444336F9C8D2A4B7B5BE6A28F944EED
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/tPUMfzbxZcnMZMHZ7AXPQF1cr8U.roa
Signing time: Sat 21 Jan 2023 12:18:37 +0000
ROA not before: Sat 21 Jan 2023 12:18:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197343
IP address blocks: 185.215.230.0/24 maxlen: 24
5.56.128.0/22 maxlen: 22
37.32.42.0/24 maxlen: 24
37.32.41.0/24 maxlen: 24
37.32.40.0/22 maxlen: 24
5.57.34.0/24 maxlen: 24
5.57.33.0/24 maxlen: 24
5.57.36.0/24 maxlen: 24
5.57.35.0/24 maxlen: 24
185.212.48.0/24 maxlen: 24
185.212.49.0/24 maxlen: 24
178.239.150.0/24 maxlen: 24
178.239.156.0/23 maxlen: 23
178.239.156.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:d4:44:33:6f:9c:8d:2a:4b:7b:5b:e6:a2:8f:94:4e:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jan 21 12:18:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4f50c7f36f165c9cc64c1d9ec05cf405d5cafc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b8:a8:24:b8:a3:e9:24:2c:c2:e4:1a:e5:6f:
ca:ff:78:26:f4:e8:8c:42:a9:9a:82:be:19:b1:ab:
d7:ce:4f:6e:33:93:50:e9:85:fe:f6:58:fc:44:9a:
23:dc:6e:e6:fc:3d:5d:ef:b8:17:fe:c9:30:c4:fb:
c8:d8:b0:70:34:2a:80:2d:7d:fc:e1:ac:8a:9b:5c:
d6:64:48:fb:16:1c:15:d9:77:38:c8:e5:2a:85:29:
5b:c4:a9:88:8a:fd:32:1c:4b:7e:22:13:02:cb:72:
0c:fd:c6:ee:84:82:9e:15:f4:79:06:d6:5a:c8:8d:
8f:08:0d:5f:bb:f9:f4:e4:a2:4f:b9:d1:b4:5e:8d:
65:8f:97:34:3a:6a:c2:c5:c6:d1:92:5f:58:54:ec:
0d:2b:f6:95:f4:00:ff:bf:76:9b:84:12:e3:fa:a3:
2b:35:32:93:2b:de:6b:bc:92:8a:e3:ec:31:23:08:
52:32:9f:b5:3d:5b:ab:5f:8e:9d:38:4e:27:b1:00:
33:99:f3:83:97:f1:37:2a:80:3b:07:b6:ff:9b:d7:
be:a2:61:84:41:58:be:f0:17:6e:60:e1:75:ff:ab:
e2:89:25:0c:a3:9c:c5:68:29:78:5a:30:7e:9e:35:
db:51:c2:a4:4a:48:ee:13:8d:c8:4a:49:26:43:de:
80:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:F5:0C:7F:36:F1:65:C9:CC:64:C1:D9:EC:05:CF:40:5D:5C:AF:C5
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/tPUMfzbxZcnMZMHZ7AXPQF1cr8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.128.0/22
5.57.33.0-5.57.36.255
37.32.40.0/22
178.239.150.0/24
178.239.156.0/22
185.212.48.0/23
185.215.230.0/24
Signature Algorithm: sha256WithRSAEncryption
37:c2:fc:55:c1:b9:ae:e2:c0:ed:0c:8e:bb:ad:a0:13:44:8e:
20:b3:60:e2:c4:c7:c7:2b:8c:3b:8b:8b:b1:0d:c6:24:f5:de:
5e:b5:b6:d1:60:ba:41:17:dc:89:52:ce:d4:09:c6:f2:35:75:
da:6b:ee:85:1d:07:03:91:09:4a:0b:6b:bb:c6:d8:29:22:b4:
05:83:25:54:76:a9:47:18:9a:8a:df:82:76:aa:3c:bc:94:51:
2b:7c:7d:97:6c:5e:23:f6:80:e3:2b:03:91:f1:78:5f:5c:26:
c7:4f:1a:40:4b:4d:a1:71:ff:bf:b3:93:96:9c:08:04:3e:96:
f0:2c:bc:eb:ba:ce:cb:f8:07:17:0b:c9:19:68:cc:18:1e:d1:
e6:61:bb:fa:82:09:71:10:2f:c3:72:71:ee:6f:57:1c:be:28:
fa:ed:28:c3:05:0c:6a:78:3b:fc:ed:4f:18:da:ca:12:7a:2f:
d1:4f:c2:b6:35:f1:6d:a5:43:2a:cd:63:89:24:7e:99:e9:c0:
54:6e:a5:de:49:61:90:5b:06:4e:ea:d8:89:25:92:c6:c3:0e:
4a:58:b1:50:86:a9:53:3e:67:1e:73:9f:5e:7c:9c:4b:4e:0c:
11:c2:0e:75:ae:14:c9:10:5d:d6:1a:de:f6:3d:ad:d9:54:1b:
3a:16:d7:f6
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYXURDNvnI0qS3tb5qKPlE7tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMwMTIxMTIxODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGY1MGM3ZjM2ZjE2NWM5Y2M2NGMxZDllYzA1Y2Y0MDVkNWNhZmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7ioJLij6SQswuQa5W/K/3gm9OiM
Qqmagr4ZsavXzk9uM5NQ6YX+9lj8RJoj3G7m/D1d77gX/skwxPvI2LBwNCqALX38
4ayKm1zWZEj7FhwV2Xc4yOUqhSlbxKmIiv0yHEt+IhMCy3IM/cbuhIKeFfR5BtZa
yI2PCA1fu/n05KJPudG0Xo1lj5c0OmrCxcbRkl9YVOwNK/aV9AD/v3abhBLj+qMr
NTKTK95rvJKK4+wxIwhSMp+1PVurX46dOE4nsQAzmfODl/E3KoA7B7b/m9e+omGE
QVi+8BduYOF1/6viiSUMo5zFaCl4WjB+njXbUcKkSkjuE43ISkkmQ96AAwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFLT1DH828WXJzGTB2ewFz0BdXK/FMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvdFBVTWZ6YnhaY25NWk1IWjdBWFBRRjFjcjhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCBTiAMAwD
BAAFOSEDBAAFOSQDBAIlICgDBACy75YDBAKy75wDBAG51DADBAC51+YwDQYJKoZI
hvcNAQELBQADggEBADfC/FXBua7iwO0MjrutoBNEjiCzYOLEx8crjDuLi7ENxiT1
3l61ttFgukEX3IlSztQJxvI1ddpr7oUdBwORCUoLa7vG2CkitAWDJVR2qUcYmorf
gnaqPLyUUSt8fZdsXiP2gOMrA5HxeF9cJsdPGkBLTaFx/7+zk5acCAQ+lvAsvOu6
zsv4BxcLyRlozBge0eZhu/qCCXEQL8Nyce5vVxy+KPrtKMMFDGp4O/ztTxjayhJ6
L9FPwrY18W2lQyrNY4kkfpnpwFRupd5JYZBbBk7q2IklksbDDkpYsVCGqVM+Zx5z
n158nEtODBHCDnWuFMkQXdYa3vY9rdlUGzoW1/Y=
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:24:10 2025 by rpki-client