Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/SoAH21_lT7eFch9DzhJMqlVktzY.roa
File: SoAH21_lT7eFch9DzhJMqlVktzY.roa (raw, json)
Hash identifier: 1d8kCF64DAZa+dS3sYinKSz7etDlL1GH1x/uXmsu2GQ=
Subject key identifier: 4A:80:07:DB:5F:E5:4F:B7:85:72:1F:43:CE:12:4C:AA:55:64:B7:36
Certificate issuer: /CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Certificate serial: 01891CF90A53DCDAF7F5AE4FC506BFE93AF6
Authority key identifier: DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/SoAH21_lT7eFch9DzhJMqlVktzY.roa
Signing time: Mon 03 Jul 2023 18:17:10 +0000
ROA not before: Mon 03 Jul 2023 18:17:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28907
IP address blocks: 195.39.197.0/24 maxlen: 24
195.39.196.0/24 maxlen: 24
195.39.196.0/23 maxlen: 23
5.149.120.0/21 maxlen: 21
193.178.144.0/23 maxlen: 23
193.178.146.0/23 maxlen: 23
77.87.192.0/21 maxlen: 21
89.184.64.0/19 maxlen: 24
89.184.72.0/21 maxlen: 21
89.184.88.0/21 maxlen: 21
78.27.192.0/19 maxlen: 24
2a02:2278:235::/48 maxlen: 48
2a02:2278:204::/48 maxlen: 48
2a02:2278:100::/44 maxlen: 56
2a02:2278:236::/48 maxlen: 48
2a02:2278:ff00::/40 maxlen: 56
2a02:2278:7000::/40 maxlen: 56
2a02:2278:800::/40 maxlen: 56
2a02:2278:200::/40 maxlen: 56
2a02:2278::/40 maxlen: 56
2a02:2278::/32 maxlen: 32
2a02:2278:220::/48 maxlen: 48
2a02:2278:234::/48 maxlen: 48
2a02:2278:208::/48 maxlen: 48
2a02:2278:221::/48 maxlen: 48
2a02:2278:237::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:f9:0a:53:dc:da:f7:f5:ae:4f:c5:06:bf:e9:3a:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Validity
Not Before: Jul 3 18:17:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a8007db5fe54fb785721f43ce124caa5564b736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:0b:01:90:1c:6d:f8:a3:97:4a:61:a2:87:e4:
b9:ac:fd:01:8d:a8:28:a8:0b:9d:10:b5:48:c0:b4:
eb:d3:ff:e8:88:fc:d5:8f:94:27:ca:7a:fe:2c:03:
3c:0a:02:18:44:34:bc:35:26:26:5e:db:36:53:d9:
63:cb:60:44:ef:02:93:dd:da:fc:03:36:79:ec:06:
b6:24:48:f1:3c:89:67:c2:9a:a0:cb:7f:59:d5:91:
e1:1a:a6:ae:8d:94:3e:a5:a9:4a:56:95:87:08:b8:
cc:e5:48:b6:b1:28:bb:b6:cd:69:c2:d8:52:7f:ca:
39:b0:14:9e:a0:45:9a:23:51:ee:62:3b:e9:14:8c:
61:47:11:e1:3c:36:58:7d:be:d0:31:e2:49:cb:ae:
92:f5:ec:48:7a:92:90:3b:95:f2:1a:6b:80:4e:90:
d7:24:bf:29:ab:a5:21:c3:24:6f:03:ee:30:c1:fb:
91:db:a6:96:6f:ea:10:e3:4c:7d:0c:d2:1c:6b:65:
ac:68:4f:6d:84:ac:1e:5c:7d:ff:88:de:2a:2f:63:
3e:64:0b:98:b0:f1:0a:37:61:e2:c8:69:b8:ff:85:
31:0c:6a:ed:74:49:8e:7c:10:f2:45:0f:cb:be:6d:
aa:98:d0:f8:c4:47:1f:31:12:ff:a5:56:c9:2a:df:
71:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:80:07:DB:5F:E5:4F:B7:85:72:1F:43:CE:12:4C:AA:55:64:B7:36
X509v3 Authority Key Identifier:
keyid:DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/SoAH21_lT7eFch9DzhJMqlVktzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/3R2uzTCut0ZSu92l2tlnbOSIqkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.120.0/21
77.87.192.0/21
78.27.192.0/19
89.184.64.0/19
193.178.144.0/22
195.39.196.0/23
IPv6:
2a02:2278::/32
Signature Algorithm: sha256WithRSAEncryption
23:5f:c5:ba:a4:45:5d:d8:78:15:68:d4:28:84:42:97:5e:7e:
58:95:35:da:99:51:a6:b4:b9:cc:26:ac:ac:7b:21:31:07:68:
06:49:11:d6:2d:21:39:38:d4:99:58:0f:09:65:56:5c:fb:70:
47:85:69:54:7a:17:91:fc:ab:ee:d1:ea:96:6e:9d:99:e4:58:
2e:30:49:45:22:c5:7a:56:99:98:10:f7:73:75:42:45:ff:65:
b2:84:d5:f0:eb:33:3d:ff:06:0c:3a:c6:82:02:98:ae:ce:9d:
3e:82:7e:21:95:c9:6e:79:68:f4:5b:1c:f9:3e:4f:6c:b1:5b:
49:b6:43:87:51:03:c6:a0:72:5a:2a:46:1f:7c:2a:6e:ce:ca:
e4:e8:3f:a2:44:cf:ff:78:e9:b3:b4:61:b3:e0:45:59:ed:c7:
a3:74:42:ee:53:d6:30:47:ae:6e:bb:ce:cf:77:aa:a9:14:31:
3e:4e:92:c5:c1:e0:a1:76:8c:3d:8c:f9:2c:cd:24:64:72:2a:
db:be:97:cd:41:a8:84:f8:4e:1a:9c:ce:d3:4f:36:e4:7b:b9:
38:67:e5:0d:1b:1b:94:04:6c:d9:d8:29:32:bc:71:3b:40:eb:
c8:71:ee:8d:5a:fa:2f:cd:29:42:ff:35:cb:3b:45:e4:c1:c6:
f9:52:04:7f
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYkc+QpT3Nr39a5PxQa/6Tr2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMWRhZWNkMzBhZWI3NDY1MmJiZGRhNWRhZDk2NzZjZTQ4
OGFhNDkwHhcNMjMwNzAzMTgxNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTgwMDdkYjVmZTU0ZmI3ODU3MjFmNDNjZTEyNGNhYTU1NjRiNzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngsBkBxt+KOXSmGih+S5rP0Bjago
qAudELVIwLTr0//oiPzVj5Qnynr+LAM8CgIYRDS8NSYmXts2U9ljy2BE7wKT3dr8
AzZ57Aa2JEjxPIlnwpqgy39Z1ZHhGqaujZQ+palKVpWHCLjM5Ui2sSi7ts1pwthS
f8o5sBSeoEWaI1HuYjvpFIxhRxHhPDZYfb7QMeJJy66S9exIepKQO5XyGmuATpDX
JL8pq6UhwyRvA+4wwfuR26aWb+oQ40x9DNIca2WsaE9thKweXH3/iN4qL2M+ZAuY
sPEKN2HiyGm4/4UxDGrtdEmOfBDyRQ/Lvm2qmND4xEcfMRL/pVbJKt9xiQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFEqAB9tf5U+3hXIfQ84STKpVZLc2MB8GA1UdIwQY
MBaAFN0drs0wrrdGUrvdpdrZZ2zkiKpJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTct
MDYwYWMwODkwOTY2LzEvU29BSDIxX2xUN2VGY2g5RHpoSk1xbFZrdHpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTctMDYwYWMwODkwOTY2
LzEvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDBZV4AwQD
TVfAAwQFThvAAwQFWbhAAwQCwbKQAwQBwyfEMA0EAgACMAcDBQAqAiJ4MA0GCSqG
SIb3DQEBCwUAA4IBAQAjX8W6pEVd2HgVaNQohEKXXn5YlTXamVGmtLnMJqyseyEx
B2gGSRHWLSE5ONSZWA8JZVZc+3BHhWlUeheR/Kvu0eqWbp2Z5FguMElFIsV6VpmY
EPdzdUJF/2WyhNXw6zM9/wYMOsaCApiuzp0+gn4hlclueWj0Wxz5Pk9ssVtJtkOH
UQPGoHJaKkYffCpuzsrk6D+iRM//eOmztGGz4EVZ7cejdELuU9YwR65uu87Pd6qp
FDE+TpLFweChdow9jPkszSRkcirbvpfNQaiE+E4anM7TTzbke7k4Z+UNGxuUBGzZ
2CkyvHE7QOvIce6NWvovzSlC/zXLO0Xkwcb5UgR/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:32 2025 by rpki-client