Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/9ZM7Ab2PnRzSCxjx20rwAe9sGWc.roa
File: 9ZM7Ab2PnRzSCxjx20rwAe9sGWc.roa (raw, json)
Hash identifier: RfvRcyxT8ccunnqxhYX/Q4R/WjsqC82H908E5xq6tjY=
Subject key identifier: F5:93:3B:01:BD:8F:9D:1C:D2:0B:18:F1:DB:4A:F0:01:EF:6C:19:67
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 018905D5B089A130B710452BB39FD7E501DA
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/9ZM7Ab2PnRzSCxjx20rwAe9sGWc.roa
Signing time: Thu 29 Jun 2023 06:27:17 +0000
ROA not before: Thu 29 Jun 2023 06:27:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47232
IP address blocks: 5.39.200.0/22 maxlen: 32
185.15.108.0/22 maxlen: 32
78.111.114.0/23 maxlen: 32
78.111.116.0/23 maxlen: 32
78.111.112.0/20 maxlen: 32
46.29.224.0/21 maxlen: 32
213.108.162.0/23 maxlen: 32
217.75.208.0/20 maxlen: 32
185.64.220.0/22 maxlen: 32
185.125.128.0/22 maxlen: 32
91.192.32.0/22 maxlen: 22
93.91.150.0/23 maxlen: 32
93.91.152.0/24 maxlen: 32
93.91.149.0/24 maxlen: 32
93.91.153.0/24 maxlen: 32
93.91.154.0/24 maxlen: 32
46.29.228.0/23 maxlen: 32
185.52.172.0/24 maxlen: 32
93.91.144.0/20 maxlen: 32
2a02:17a0::/32 maxlen: 48
2a02:17a0::/29 maxlen: 48
2a03:2a82::/31 maxlen: 48
2a04:7bc0::/29 maxlen: 48
2a03:2a80::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:05:d5:b0:89:a1:30:b7:10:45:2b:b3:9f:d7:e5:01:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jun 29 06:27:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5933b01bd8f9d1cd20b18f1db4af001ef6c1967
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7d:bf:31:a1:5b:c5:62:da:e3:7b:92:d7:d8:
8b:06:62:72:43:62:57:f9:0f:cb:55:d4:cb:d8:c9:
7d:29:27:7c:f9:7e:33:2d:d8:8b:19:81:ac:22:cf:
d2:46:b7:9e:87:34:82:7a:66:ff:f9:72:a3:25:7d:
26:bc:fe:9d:62:3c:61:0d:79:5a:93:19:6c:ae:35:
8b:52:6a:c0:12:ae:73:51:12:2d:0b:e9:2d:08:25:
79:79:ff:a1:f5:8e:f7:70:5e:ab:3a:86:34:55:9b:
45:c9:f9:e6:17:a8:58:9c:81:02:f6:3f:21:19:a5:
b5:04:5c:84:c0:c5:77:c0:b2:1c:f0:ed:12:69:d2:
51:59:bb:7d:7c:79:c2:9e:6e:88:71:d1:84:ef:98:
f8:66:12:24:23:9b:f4:2e:c9:7d:c6:e7:31:a3:79:
47:29:11:82:cc:90:08:39:2c:70:d1:ed:7d:8b:45:
a0:48:7b:54:48:5c:8a:4b:65:04:01:15:7b:c8:cd:
77:73:96:85:6a:c3:9c:74:cf:e1:b5:eb:8a:e6:cf:
6c:1e:f8:8a:06:8c:34:c4:f9:f9:14:71:d0:de:2d:
69:15:af:fe:4a:d8:10:49:4c:33:11:76:1c:ba:0b:
a9:cf:e1:9f:f9:2e:9d:8a:f6:3d:80:01:e8:96:4b:
d3:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:93:3B:01:BD:8F:9D:1C:D2:0B:18:F1:DB:4A:F0:01:EF:6C:19:67
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/9ZM7Ab2PnRzSCxjx20rwAe9sGWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.200.0/22
46.29.224.0/21
78.111.112.0/20
91.192.32.0/22
93.91.144.0/20
185.15.108.0/22
185.52.172.0/24
185.64.220.0/22
185.125.128.0/22
213.108.162.0/23
217.75.208.0/20
IPv6:
2a02:17a0::/29
2a03:2a80::/29
2a04:7bc0::/29
Signature Algorithm: sha256WithRSAEncryption
7d:82:80:05:76:9c:fd:19:06:fe:71:b3:da:ba:8f:44:7e:43:
79:81:61:0a:fa:42:5d:e1:49:59:0d:6d:8a:a5:77:95:93:23:
6b:9e:ac:93:71:4d:7c:f4:be:ce:2a:ab:e5:5b:f9:c6:90:90:
20:1b:ed:c2:30:bb:fe:94:cd:f9:2a:05:c9:e5:8a:d0:07:74:
33:00:92:87:1d:03:a7:19:48:68:c8:c0:16:28:d5:ae:c4:3b:
2d:1e:10:5c:db:3d:0f:ed:f1:5e:16:d3:bf:f2:91:aa:e3:30:
26:e1:51:65:0c:5a:68:c7:5b:d8:be:4d:80:8c:16:d9:5b:c7:
4a:fc:5a:d8:34:19:e0:df:17:6f:09:71:b8:60:2b:8c:52:e4:
f6:5a:83:e6:fc:9e:4d:76:f6:79:b7:9c:fa:7f:91:54:b3:b4:
2b:ab:1f:a8:1d:1d:98:55:73:e1:d9:6b:51:d0:a1:c6:1d:a8:
e9:49:a9:09:9c:f0:88:f7:a2:b3:10:bf:a8:d7:35:2a:b2:aa:
e6:53:d0:f0:f0:f9:13:04:43:c7:89:be:a3:55:2f:50:eb:fd:
2e:60:99:86:81:f8:cc:ad:55:58:08:13:af:e4:48:ae:98:d2:
bc:4f:06:e2:13:80:35:ee:62:35:4b:61:be:cc:2e:ef:af:6e:
c0:b6:62:e5
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAYkF1bCJoTC3EEUrs5/X5QHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjMwNjI5MDYyNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTkzM2IwMWJkOGY5ZDFjZDIwYjE4ZjFkYjRhZjAwMWVmNmMxOTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqX2/MaFbxWLa43uS19iLBmJyQ2JX
+Q/LVdTL2Ml9KSd8+X4zLdiLGYGsIs/SRreehzSCemb/+XKjJX0mvP6dYjxhDXla
kxlsrjWLUmrAEq5zURItC+ktCCV5ef+h9Y73cF6rOoY0VZtFyfnmF6hYnIEC9j8h
GaW1BFyEwMV3wLIc8O0SadJRWbt9fHnCnm6IcdGE75j4ZhIkI5v0Lsl9xucxo3lH
KRGCzJAIOSxw0e19i0WgSHtUSFyKS2UEARV7yM13c5aFasOcdM/hteuK5s9sHviK
Bow0xPn5FHHQ3i1pFa/+StgQSUwzEXYcugupz+Gf+S6divY9gAHolkvTCwIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFPWTOwG9j50c0gsY8dtK8AHvbBlnMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvOVpNN0FiMlBuUnpTQ3hqeDIwcndBZTlzR1djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBIBAIAATBCAwQCBSfIAwQD
Lh3gAwQETm9wAwQCW8AgAwQEXVuQAwQCuQ9sAwQAuTSsAwQCuUDcAwQCuX2AAwQB
1WyiAwQE2UvQMBsEAgACMBUDBQMqAhegAwUDKgMqgAMFAyoEe8AwDQYJKoZIhvcN
AQELBQADggEBAH2CgAV2nP0ZBv5xs9q6j0R+Q3mBYQr6Ql3hSVkNbYqld5WTI2ue
rJNxTXz0vs4qq+Vb+caQkCAb7cIwu/6UzfkqBcnlitAHdDMAkocdA6cZSGjIwBYo
1a7EOy0eEFzbPQ/t8V4W07/ykarjMCbhUWUMWmjHW9i+TYCMFtlbx0r8Wtg0GeDf
F28JcbhgK4xS5PZag+b8nk129nm3nPp/kVSztCurH6gdHZhVc+HZa1HQocYdqOlJ
qQmc8Ij3orMQv6jXNSqyquZT0PDw+RMEQ8eJvqNVL1Dr/S5gmYaB+MytVVgIE6/k
SK6Y0rxPBuITgDXuYjVLYb7MLu+vbsC2YuU=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:49:22 2025 by rpki-client