Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/elo3KcVmXvpcG73IrCGDCYL2HRs.roa
File: elo3KcVmXvpcG73IrCGDCYL2HRs.roa (raw, json)
Hash identifier: KYWwMa3TgQQV/3MI0qG+gKJGlbQmzGcJsJEiFIof8e4=
Subject key identifier: 7A:5A:37:29:C5:66:5E:FA:5C:1B:BD:C8:AC:21:83:09:82:F6:1D:1B
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 0189FF442A5780EC1A3A723D91C129B490DA
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/elo3KcVmXvpcG73IrCGDCYL2HRs.roa
Signing time: Wed 16 Aug 2023 16:53:24 +0000
ROA not before: Wed 16 Aug 2023 16:53:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47232
IP address blocks: 5.39.200.0/22 maxlen: 32
185.15.108.0/22 maxlen: 32
78.111.114.0/23 maxlen: 32
78.111.116.0/23 maxlen: 32
78.111.112.0/20 maxlen: 32
46.29.224.0/21 maxlen: 32
213.108.162.0/23 maxlen: 32
217.75.208.0/20 maxlen: 32
185.64.220.0/22 maxlen: 32
185.125.128.0/22 maxlen: 32
91.192.32.0/22 maxlen: 22
93.91.150.0/23 maxlen: 32
93.91.152.0/24 maxlen: 32
93.91.149.0/24 maxlen: 32
93.91.153.0/24 maxlen: 32
93.91.154.0/24 maxlen: 32
46.29.228.0/23 maxlen: 32
185.52.172.0/24 maxlen: 32
93.91.144.0/20 maxlen: 32
2a02:17a0::/29 maxlen: 48
2a03:2a82::/31 maxlen: 48
2a04:7bc0::/29 maxlen: 48
2a03:2a80::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ff:44:2a:57:80:ec:1a:3a:72:3d:91:c1:29:b4:90:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Aug 16 16:53:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a5a3729c5665efa5c1bbdc8ac21830982f61d1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8f:7d:a5:6d:ce:b8:d7:af:54:99:65:4c:91:
af:f8:ca:7b:4c:87:e3:2b:b4:52:3d:ee:a7:c1:61:
aa:62:f4:b4:27:10:b3:3a:21:53:c4:b6:84:25:bb:
17:f2:8d:1f:e5:fb:ce:63:9e:f2:6c:35:2c:83:1f:
99:43:83:7e:ee:b5:31:0f:8f:9e:36:4a:b1:26:21:
78:56:0f:aa:af:4d:fc:50:a3:a2:10:65:1f:86:60:
73:e4:16:79:14:cd:f6:41:1f:76:16:aa:c9:45:62:
c1:f1:d9:bb:28:2a:13:c4:b0:97:a1:5a:9c:ab:42:
c8:cb:59:1f:21:a6:89:b0:72:a3:33:53:9a:45:3c:
ec:c7:df:c5:63:1e:b9:b8:82:16:e4:3d:19:fe:30:
2c:92:e0:20:31:87:f4:e7:b3:a5:35:e9:c5:e1:e4:
dc:86:6d:d5:56:5b:23:10:b8:d2:6e:2a:44:8c:97:
e2:98:9d:5c:02:96:1b:db:60:29:91:e3:1f:ce:7e:
4b:89:f7:fe:41:9c:80:1a:55:0a:59:ef:03:45:10:
91:3a:1c:cb:04:c8:fe:10:54:77:47:22:04:85:a3:
d0:e7:06:10:67:5d:6c:9b:b3:e4:67:b7:80:36:31:
25:9f:f4:dc:0c:0f:fd:77:97:db:9d:54:cd:27:48:
8c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:5A:37:29:C5:66:5E:FA:5C:1B:BD:C8:AC:21:83:09:82:F6:1D:1B
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/elo3KcVmXvpcG73IrCGDCYL2HRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.200.0/22
46.29.224.0/21
78.111.112.0/20
91.192.32.0/22
93.91.144.0/20
185.15.108.0/22
185.52.172.0/24
185.64.220.0/22
185.125.128.0/22
213.108.162.0/23
217.75.208.0/20
IPv6:
2a02:17a0::/29
2a03:2a80::/29
2a04:7bc0::/29
Signature Algorithm: sha256WithRSAEncryption
04:94:eb:9d:9d:d9:2e:7e:9b:22:8e:91:d7:3a:96:2a:22:3c:
67:b1:b8:13:2a:ca:47:36:3d:80:7f:b9:a4:c3:c1:eb:67:bb:
73:81:a2:8b:c2:ca:d6:cc:ce:09:f8:23:2c:9b:96:d0:43:e7:
62:12:eb:54:35:b5:1b:dd:6e:20:a3:64:36:e6:0e:bd:c5:bd:
50:ed:fd:21:4d:a6:6c:da:70:3b:c3:00:95:c5:ec:ad:6e:88:
60:e2:30:48:e5:17:ba:67:50:03:0e:f0:6f:4f:02:e6:42:72:
32:d5:d4:45:18:2a:73:65:83:73:e5:e9:c1:52:fa:37:4d:87:
2a:91:7f:c7:7b:ca:04:2f:a1:79:ca:ac:3a:b9:8b:56:6f:76:
e4:fb:0e:45:b9:ab:02:7b:99:06:f3:9b:45:39:f2:be:42:33:
73:8c:46:59:ca:50:19:71:d9:28:07:32:b5:62:db:76:ae:a1:
7c:81:8c:05:cb:43:ba:24:b8:32:51:f3:bf:48:f5:43:73:2f:
39:25:5a:bf:0d:4c:fb:7d:f4:51:ac:77:36:69:7e:e9:87:44:
b5:5e:66:0b:fa:6b:8c:c7:25:ba:16:11:35:94:bc:74:d3:24:
d0:02:85:06:47:f2:35:73:5b:5b:42:dd:67:c8:f0:cd:27:af:
5c:ea:f2:8d
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAYn/RCpXgOwaOnI9kcEptJDaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjMwODE2MTY1MzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTVhMzcyOWM1NjY1ZWZhNWMxYmJkYzhhYzIxODMwOTgyZjYxZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhI99pW3OuNevVJllTJGv+Mp7TIfj
K7RSPe6nwWGqYvS0JxCzOiFTxLaEJbsX8o0f5fvOY57ybDUsgx+ZQ4N+7rUxD4+e
NkqxJiF4Vg+qr038UKOiEGUfhmBz5BZ5FM32QR92FqrJRWLB8dm7KCoTxLCXoVqc
q0LIy1kfIaaJsHKjM1OaRTzsx9/FYx65uIIW5D0Z/jAskuAgMYf057OlNenF4eTc
hm3VVlsjELjSbipEjJfimJ1cApYb22ApkeMfzn5Liff+QZyAGlUKWe8DRRCROhzL
BMj+EFR3RyIEhaPQ5wYQZ11sm7PkZ7eANjEln/TcDA/9d5fbnVTNJ0iMVwIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFHpaNynFZl76XBu9yKwhgwmC9h0bMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvZWxvM0tjVm1YdnBjRzczSXJDR0RDWUwySFJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBIBAIAATBCAwQCBSfIAwQD
Lh3gAwQETm9wAwQCW8AgAwQEXVuQAwQCuQ9sAwQAuTSsAwQCuUDcAwQCuX2AAwQB
1WyiAwQE2UvQMBsEAgACMBUDBQMqAhegAwUDKgMqgAMFAyoEe8AwDQYJKoZIhvcN
AQELBQADggEBAASU652d2S5+myKOkdc6lioiPGexuBMqykc2PYB/uaTDwetnu3OB
oovCytbMzgn4IyybltBD52IS61Q1tRvdbiCjZDbmDr3FvVDt/SFNpmzacDvDAJXF
7K1uiGDiMEjlF7pnUAMO8G9PAuZCcjLV1EUYKnNlg3Pl6cFS+jdNhyqRf8d7ygQv
oXnKrDq5i1ZvduT7DkW5qwJ7mQbzm0U58r5CM3OMRlnKUBlx2SgHMrVi23auoXyB
jAXLQ7okuDJR879I9UNzLzklWr8NTPt99FGsdzZpfumHRLVeZgv6a4zHJboWETWU
vHTTJNAChQZH8jVzW1tC3WfI8M0nr1zq8o0=
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:05:45 2025 by rpki-client