Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/9ldQ6LXtEHjBRRFtjhlrkIpPTr8.roa
File: 9ldQ6LXtEHjBRRFtjhlrkIpPTr8.roa (raw, json)
Hash identifier: MoBvVca45FyjyZY6pBPI/7zI0V3EDfTkG7GlO2I3nks=
Subject key identifier: F6:57:50:E8:B5:ED:10:78:C1:45:11:6D:8E:19:6B:90:8A:4F:4E:BF
Certificate issuer: /CN=578d854bd2bee242a82fb83922d149bccf19ed02
Certificate serial: 173AE3A9
Authority key identifier: 57:8D:85:4B:D2:BE:E2:42:A8:2F:B8:39:22:D1:49:BC:CF:19:ED:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V42FS9K-4kKoL7g5ItFJvM8Z7QI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/9ldQ6LXtEHjBRRFtjhlrkIpPTr8.roa
Signing time: Sat 01 Jan 2022 14:04:40 +0000
ROA not before: Sat 01 Jan 2022 14:04:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212865
IP address blocks: 185.164.153.0/24 maxlen: 24
185.164.154.0/24 maxlen: 24
185.164.155.0/24 maxlen: 24
5.57.201.0/24 maxlen: 24
5.57.202.0/23 maxlen: 23
5.57.204.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 389735337 (0x173ae3a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=578d854bd2bee242a82fb83922d149bccf19ed02
Validity
Not Before: Jan 1 14:04:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f65750e8b5ed1078c145116d8e196b908a4f4ebf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a8:f5:52:08:b5:63:1c:89:d1:81:27:7d:2c:
ed:68:74:cb:36:0e:43:64:35:66:03:eb:f4:c9:e3:
47:68:03:27:db:c5:f7:0e:81:11:dd:20:7b:e7:13:
6e:ce:08:1c:45:57:06:64:36:49:29:3e:e1:c3:72:
99:d3:e0:cb:d7:a3:0b:68:db:2c:f4:e9:12:9d:35:
a8:d6:cb:e6:db:39:17:72:4f:e6:47:cf:bd:83:2a:
95:12:55:b5:6e:5d:21:6e:c7:14:cd:a3:89:80:ee:
24:cb:f1:97:c2:9c:14:ea:2c:95:d5:4f:3b:3a:06:
9e:ed:06:82:7d:e5:ad:d2:96:af:be:79:2a:73:c4:
4c:9c:7c:54:79:f9:81:ab:e0:7d:fb:6e:ea:19:88:
86:7a:cb:d3:81:4e:18:0c:f5:58:f5:3b:17:f7:6a:
e9:78:02:5d:da:8d:7a:04:e7:e7:77:90:c7:08:50:
91:ba:98:4c:a5:25:9f:38:3e:0e:aa:7e:a4:cc:70:
59:ef:fc:e3:9f:df:ce:65:c3:61:73:88:05:db:f1:
41:4e:6e:10:93:17:c7:e6:81:78:7f:e7:0e:f2:80:
cd:ac:b0:d7:5c:f7:da:6f:83:f2:ec:69:8f:39:8a:
03:f0:fc:dd:f4:8e:df:ca:b7:ce:a8:7b:bc:4e:0e:
ac:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:57:50:E8:B5:ED:10:78:C1:45:11:6D:8E:19:6B:90:8A:4F:4E:BF
X509v3 Authority Key Identifier:
keyid:57:8D:85:4B:D2:BE:E2:42:A8:2F:B8:39:22:D1:49:BC:CF:19:ED:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V42FS9K-4kKoL7g5ItFJvM8Z7QI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/9ldQ6LXtEHjBRRFtjhlrkIpPTr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/V42FS9K-4kKoL7g5ItFJvM8Z7QI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.201.0-5.57.207.255
185.164.153.0-185.164.155.255
Signature Algorithm: sha256WithRSAEncryption
4c:30:cc:f9:f0:34:61:46:9b:1c:e6:3e:db:60:04:3b:df:f6:
7c:aa:d9:50:63:57:27:0f:e9:ec:44:9a:c2:5d:f8:bf:b2:a5:
0e:91:48:5c:38:bc:87:3c:84:29:43:e6:3b:49:31:cd:8a:1a:
ff:d3:9c:a9:9a:20:2c:0d:ad:05:9e:5e:d9:27:fe:1f:5f:2a:
b3:5f:cb:9e:e7:08:4e:d6:1c:cb:ee:e0:f0:4b:fb:27:50:d7:
28:2f:18:e0:a2:73:bf:9d:f5:41:66:ee:f7:74:9d:1b:b0:f8:
2c:fe:b1:9e:39:3b:46:71:67:92:eb:39:14:29:c2:9b:47:3a:
bb:09:de:09:16:49:fa:64:87:99:b0:df:15:ff:79:ea:4a:49:
b4:93:2b:7b:f9:14:f9:a1:a7:30:6a:27:91:8d:35:d2:8a:a3:
e2:c0:d8:95:2c:e4:75:6b:ac:0d:cc:95:ae:12:e9:49:25:a1:
8b:27:fc:e2:c4:d8:b8:57:42:bc:dc:b6:a1:f2:92:ba:08:dd:
72:e0:dc:3d:33:f1:ee:dc:93:c4:5d:42:c8:24:f4:7a:eb:4c:
77:db:dd:fe:74:6e:96:7d:ce:30:46:38:5c:94:34:2c:63:43:
57:c3:3a:a5:cd:3a:c2:a7:54:46:56:9b:4c:79:94:1c:4c:99:
51:a3:1e:c3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEFzrjqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NzhkODU0YmQyYmVlMjQyYTgyZmI4MzkyMmQxNDliY2NmMTllZDAyMB4XDTIyMDEw
MTE0MDQ0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjY1NzUwZThiNWVk
MTA3OGMxNDUxMTZkOGUxOTZiOTA4YTRmNGViZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALio9VIItWMcidGBJ30s7Wh0yzYOQ2Q1ZgPr9MnjR2gDJ9vF
9w6BEd0ge+cTbs4IHEVXBmQ2SSk+4cNymdPgy9ejC2jbLPTpEp01qNbL5ts5F3JP
5kfPvYMqlRJVtW5dIW7HFM2jiYDuJMvxl8KcFOosldVPOzoGnu0Ggn3lrdKWr755
KnPETJx8VHn5gavgfftu6hmIhnrL04FOGAz1WPU7F/dq6XgCXdqNegTn53eQxwhQ
kbqYTKUlnzg+Dqp+pMxwWe/845/fzmXDYXOIBdvxQU5uEJMXx+aBeH/nDvKAzayw
11z32m+D8uxpjzmKA/D83fSO38q3zqh7vE4OrHsCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBT2V1Dote0QeMFFEW2OGWuQik9OvzAfBgNVHSMEGDAWgBRXjYVL0r7iQqgv
uDki0Um8zxntAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Y0MkZTOUstNGtLb0w3ZzVJdEZKdk04WjdRSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvMTI4YmM2LWY2ZmYtNGM5MC04YjVhLTFhYjVmNTM5OWQzYS8x
LzlsZFE2TFh0RUhqQlJSRnRqaGxya0lwUFRyOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
MTI4YmM2LWY2ZmYtNGM5MC04YjVhLTFhYjVmNTM5OWQzYS8xL1Y0MkZTOUstNGtL
b0w3ZzVJdEZKdk04WjdRSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwIgQCAAEwHDAMAwQABTnJAwQEBTnAMAwDBAC5pJkD
BAK5pJgwDQYJKoZIhvcNAQELBQADggEBAEwwzPnwNGFGmxzmPttgBDvf9nyq2VBj
VycP6exEmsJd+L+ypQ6RSFw4vIc8hClD5jtJMc2KGv/TnKmaICwNrQWeXtkn/h9f
KrNfy57nCE7WHMvu4PBL+ydQ1ygvGOCic7+d9UFm7vd0nRuw+Cz+sZ45O0ZxZ5Lr
ORQpwptHOrsJ3gkWSfpkh5mw3xX/eepKSbSTK3v5FPmhpzBqJ5GNNdKKo+LA2JUs
5HVrrA3Mla4S6UkloYsn/OLE2LhXQrzctqHykroI3XLg3D0z8e7ck8RdQsgk9Hrr
THfb3f50bpZ9zjBGOFyUNCxjQ1fDOqXNOsKnVEZWm0x5lBxMmVGjHsM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:53 2024 by rpki-client on console-fra.rpki-client.org