Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/Xq7bs5aZ9uiEuSgqRMVGqGH2TuM.roa
File: Xq7bs5aZ9uiEuSgqRMVGqGH2TuM.roa (raw, json)
Hash identifier: UHcRd6SMa4vZ+7QbKLhL3VQoMsyzguH20gBG4WU4Y3k=
Subject key identifier: 5E:AE:DB:B3:96:99:F6:E8:84:B9:28:2A:44:C5:46:A8:61:F6:4E:E3
Certificate issuer: /CN=80a9fff63a3477957ff75ccdc003dab68cf9d155
Certificate serial: 0182E9FB22D73E77ECCDDAB9AF530CAB40FD
Authority key identifier: 80:A9:FF:F6:3A:34:77:95:7F:F7:5C:CD:C0:03:DA:B6:8C:F9:D1:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/Xq7bs5aZ9uiEuSgqRMVGqGH2TuM.roa
Signing time: Mon 29 Aug 2022 14:22:05 +0000
ROA not before: Mon 29 Aug 2022 14:22:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16276
IP address blocks: 152.228.128.0/17 maxlen: 17
141.95.128.0/17 maxlen: 17
135.125.0.0/17 maxlen: 17
135.125.128.0/17 maxlen: 17
162.19.128.0/17 maxlen: 17
164.132.0.0/16 maxlen: 16
141.95.0.0/17 maxlen: 17
145.239.0.0/16 maxlen: 16
137.74.0.0/16 maxlen: 16
149.202.0.0/16 maxlen: 16
147.135.128.0/17 maxlen: 17
162.19.0.0/17 maxlen: 17
141.94.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e9:fb:22:d7:3e:77:ec:cd:da:b9:af:53:0c:ab:40:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80a9fff63a3477957ff75ccdc003dab68cf9d155
Validity
Not Before: Aug 29 14:22:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5eaedbb39699f6e884b9282a44c546a861f64ee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5d:53:f5:54:23:7f:e5:1f:d9:9d:fd:b7:ff:
f5:b5:86:b7:af:a8:32:81:b0:a5:27:fb:cf:5e:92:
bc:90:d1:c7:dc:01:8c:cd:bb:89:89:be:b6:31:51:
df:12:1a:b9:a8:b9:17:1a:4d:8d:e0:99:fc:5d:c1:
8d:10:d0:c5:5d:9d:c9:0f:48:3c:dd:8d:95:6e:e3:
d9:bd:f0:8a:f5:94:b8:32:f1:5c:82:67:aa:9f:16:
ce:b1:e3:dd:f1:a9:37:79:9e:8d:c8:b8:c7:af:e0:
f8:7a:7f:74:17:1a:74:fa:55:c0:74:f8:8f:89:7c:
43:8a:6e:41:cf:e1:91:52:91:75:71:ca:b9:fc:fc:
f2:f0:23:68:b1:43:c8:7d:f0:e2:c6:ba:43:4e:8f:
b4:e2:a8:8e:fd:11:a4:01:61:f5:df:ad:58:a0:2c:
a6:4d:79:0e:63:df:89:a5:27:fd:7a:29:bb:3e:db:
7a:86:29:c9:8d:d4:d6:ab:96:99:65:dc:8f:31:69:
c0:85:7e:59:4b:f5:12:09:9b:49:22:ad:b4:65:c7:
e8:51:fe:c1:01:44:1c:f7:80:d8:1e:de:aa:80:26:
25:0b:30:c6:a5:cd:da:7d:cc:a7:68:f7:6f:01:c8:
a6:2f:c6:f9:3c:18:d5:68:0b:c8:54:6a:de:34:af:
0a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:AE:DB:B3:96:99:F6:E8:84:B9:28:2A:44:C5:46:A8:61:F6:4E:E3
X509v3 Authority Key Identifier:
keyid:80:A9:FF:F6:3A:34:77:95:7F:F7:5C:CD:C0:03:DA:B6:8C:F9:D1:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/Xq7bs5aZ9uiEuSgqRMVGqGH2TuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/gKn_9jo0d5V_91zNwAPatoz50VU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
135.125.0.0/16
137.74.0.0/16
141.94.0.0/15
145.239.0.0/16
147.135.128.0/17
149.202.0.0/16
152.228.128.0/17
162.19.0.0/16
164.132.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0e:10:90:3d:73:6d:71:bd:99:65:cb:d1:c8:d4:fe:70:9f:ca:
b2:e9:d3:94:f8:75:7e:d2:06:1a:bc:95:55:4f:da:6d:ce:9c:
fe:ab:8c:cc:80:72:0d:f2:f0:52:9f:99:5f:e1:02:a3:d1:0b:
84:6c:b9:04:d8:72:fa:b7:60:68:23:8f:94:96:94:47:30:64:
e0:6f:26:4f:0f:a4:2d:61:4c:75:ec:2b:a1:45:2d:a7:aa:5d:
18:25:02:ea:fd:b0:d5:0a:39:58:19:5c:16:67:5b:15:12:bb:
60:70:37:bd:00:1f:84:55:c2:b7:ff:6b:3b:b5:cd:15:bd:a6:
ca:47:9f:97:ce:da:df:22:59:56:61:57:38:97:e3:22:fc:b2:
27:7d:25:35:22:c1:f9:bf:b8:5b:f7:23:00:b2:29:ad:c7:9d:
6d:f3:87:ff:f1:fd:a6:50:fb:03:43:98:c7:96:a9:4a:84:b3:
b3:f5:b3:6f:f0:9d:a8:88:9e:01:c9:94:48:18:ec:78:2a:e2:
21:b9:f2:76:0b:bf:03:e7:c5:de:ba:47:5a:1f:8f:fa:11:86:
de:a2:ab:33:f6:96:e6:11:76:6b:cc:d6:66:1b:a5:e1:95:d8:
30:a1:3c:30:2e:f1:37:67:aa:82:e1:26:4a:41:68:48:6c:d4:
fa:da:4c:be
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYLp+yLXPnfszdq5r1MMq0D9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYTlmZmY2M2EzNDc3OTU3ZmY3NWNjZGMwMDNkYWI2OGNm
OWQxNTUwHhcNMjIwODI5MTQyMjA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWFlZGJiMzk2OTlmNmU4ODRiOTI4MmE0NGM1NDZhODYxZjY0ZWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyV1T9VQjf+Uf2Z39t//1tYa3r6gy
gbClJ/vPXpK8kNHH3AGMzbuJib62MVHfEhq5qLkXGk2N4Jn8XcGNENDFXZ3JD0g8
3Y2VbuPZvfCK9ZS4MvFcgmeqnxbOsePd8ak3eZ6NyLjHr+D4en90Fxp0+lXAdPiP
iXxDim5Bz+GRUpF1ccq5/Pzy8CNosUPIffDixrpDTo+04qiO/RGkAWH1361YoCym
TXkOY9+JpSf9eim7Ptt6hinJjdTWq5aZZdyPMWnAhX5ZS/USCZtJIq20ZcfoUf7B
AUQc94DYHt6qgCYlCzDGpc3afcynaPdvAcimL8b5PBjVaAvIVGreNK8KeQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFF6u27OWmfbohLkoKkTFRqhh9k7jMB8GA1UdIwQY
MBaAFICp//Y6NHeVf/dczcAD2raM+dFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0tuXzlqbzBkNVZfOTF6TndBUGF0b3o1MFZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9iMDg0YmYtYTQ1NC00M2NmLWFjOTIt
NDdkOThlNTg1NDVhLzEvWHE3YnM1YVo5dWlFdVNncVJNVkdxR0gyVHVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9iMDg0YmYtYTQ1NC00M2NmLWFjOTItNDdkOThlNTg1NDVh
LzEvZ0tuXzlqbzBkNVZfOTF6TndBUGF0b3o1MFZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAATAvAwMAh30DAwCJ
SgMDAY1eAwMAke8DBAeTh4ADAwCVygMEB5jkgAMDAKITAwMApIQwDQYJKoZIhvcN
AQELBQADggEBAA4QkD1zbXG9mWXL0cjU/nCfyrLp05T4dX7SBhq8lVVP2m3OnP6r
jMyAcg3y8FKfmV/hAqPRC4RsuQTYcvq3YGgjj5SWlEcwZOBvJk8PpC1hTHXsK6FF
LaeqXRglAur9sNUKOVgZXBZnWxUSu2BwN70AH4RVwrf/azu1zRW9pspHn5fO2t8i
WVZhVziX4yL8sid9JTUiwfm/uFv3IwCyKa3HnW3zh//x/aZQ+wNDmMeWqUqEs7P1
s2/wnaiIngHJlEgY7Hgq4iG58nYLvwPnxd66R1ofj/oRht6iqzP2luYRdmvM1mYb
peGV2DChPDAu8TdnqoLhJkpBaEhs1PraTL4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:09 2025 by rpki-client