Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/AqQqwZaNwXXh272ZFDMvulKbD8c.roa
File: AqQqwZaNwXXh272ZFDMvulKbD8c.roa (raw, json)
Hash identifier: ls/4EUxCRT4RussrOp/WBe0O4hPQSjYTuC8TLL1IPKM=
Subject key identifier: 02:A4:2A:C1:96:8D:C1:75:E1:DB:BD:99:14:33:2F:BA:52:9B:0F:C7
Certificate issuer: /CN=578d854bd2bee242a82fb83922d149bccf19ed02
Certificate serial: 01856C65E972F26B85D2DE6A726CF664E665
Authority key identifier: 57:8D:85:4B:D2:BE:E2:42:A8:2F:B8:39:22:D1:49:BC:CF:19:ED:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V42FS9K-4kKoL7g5ItFJvM8Z7QI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/AqQqwZaNwXXh272ZFDMvulKbD8c.roa
Signing time: Sun 01 Jan 2023 08:14:56 +0000
ROA not before: Sun 01 Jan 2023 08:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199554
IP address blocks: 185.164.152.0/22 maxlen: 22
185.164.152.0/24 maxlen: 24
5.57.200.0/21 maxlen: 21
5.57.200.0/24 maxlen: 24
2a01:4540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:e9:72:f2:6b:85:d2:de:6a:72:6c:f6:64:e6:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=578d854bd2bee242a82fb83922d149bccf19ed02
Validity
Not Before: Jan 1 08:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02a42ac1968dc175e1dbbd9914332fba529b0fc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:75:cc:58:1f:2f:88:6e:12:e5:3d:59:65:9c:
19:4a:4d:11:19:b7:f2:c0:f2:a5:b3:a3:ee:59:cb:
e2:22:c7:b8:84:55:20:1b:7c:f1:2a:96:82:07:8e:
ce:09:e9:0e:cc:41:7e:02:c1:f8:d4:04:a9:57:4b:
0b:a1:f9:68:d8:cf:c5:cf:e6:79:d2:51:a3:ed:07:
68:1d:6e:ef:bb:71:55:b3:62:c2:5b:f9:b6:fb:53:
71:a2:ac:e3:2b:84:37:4d:72:52:16:a8:3b:84:70:
a8:0d:71:f1:ae:93:ae:1d:59:0f:54:76:49:9b:3e:
d9:ae:57:14:f3:bf:f1:98:ba:f3:a7:23:2f:64:ab:
97:92:1b:79:3c:11:82:d2:37:b7:ee:28:ff:1b:1a:
3e:01:ba:c7:d2:f6:9f:ba:30:2f:3a:df:d3:c3:f6:
76:60:e7:e4:24:7b:bb:9a:85:8a:8c:7f:8e:45:15:
8d:7f:5c:15:1f:7a:b7:40:21:a0:79:50:ab:ee:5b:
08:35:70:04:a5:49:98:74:59:d8:18:a5:eb:90:b6:
41:5a:88:99:26:ef:67:60:19:69:ab:9e:93:87:1c:
10:23:f5:13:46:9e:d3:78:64:e0:53:98:0a:a3:cf:
20:6d:59:37:79:70:11:4d:fe:55:39:fe:dc:97:a0:
68:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:A4:2A:C1:96:8D:C1:75:E1:DB:BD:99:14:33:2F:BA:52:9B:0F:C7
X509v3 Authority Key Identifier:
keyid:57:8D:85:4B:D2:BE:E2:42:A8:2F:B8:39:22:D1:49:BC:CF:19:ED:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V42FS9K-4kKoL7g5ItFJvM8Z7QI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/AqQqwZaNwXXh272ZFDMvulKbD8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/V42FS9K-4kKoL7g5ItFJvM8Z7QI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.200.0/21
185.164.152.0/22
IPv6:
2a01:4540::/29
Signature Algorithm: sha256WithRSAEncryption
8d:8d:f7:0b:79:76:36:bd:ef:ed:8c:92:a9:bd:b6:c6:c8:13:
5e:90:8b:42:40:95:48:01:66:66:86:ac:b1:45:8c:23:13:68:
9d:03:bb:b1:f1:ef:e1:02:2e:d0:9e:d8:8c:60:9a:d2:f3:a1:
72:ce:fe:47:3b:d4:4b:14:2d:68:19:5a:fe:09:dc:5f:46:8a:
ca:05:04:57:fb:61:b0:d7:57:75:2f:f5:a0:53:46:02:b5:7f:
1e:2d:a3:5d:59:86:b1:ad:0e:3d:87:5a:fb:57:aa:56:7c:99:
c6:7c:36:95:7f:54:45:49:f0:3b:c0:b8:60:7e:21:d6:a3:2d:
45:a0:dc:1e:11:f1:27:96:31:cb:e6:ce:2f:f8:83:d5:a4:f0:
ef:fb:41:0f:83:88:77:11:9d:8e:0a:f3:db:05:5d:ea:e0:af:
f0:83:9c:cc:7e:f2:c4:da:02:14:88:88:b6:e1:da:6c:2e:94:
49:10:00:43:53:55:ff:8c:50:22:64:5c:c4:15:20:5e:45:aa:
d6:1c:52:0d:cf:5e:36:e9:2a:9a:47:1c:f0:e6:82:92:fb:19:
33:3a:66:08:b9:b6:f2:88:8a:83:ec:29:48:9e:5b:91:06:d1:
5f:64:a5:7d:d3:c9:27:82:7d:fe:d3:5b:ac:4a:7c:c3:9c:04:
6e:9c:48:3c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsZely8muF0t5qcmz2ZOZlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OGQ4NTRiZDJiZWUyNDJhODJmYjgzOTIyZDE0OWJjY2Yx
OWVkMDIwHhcNMjMwMTAxMDgxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmE0MmFjMTk2OGRjMTc1ZTFkYmJkOTkxNDMzMmZiYTUyOWIwZmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHXMWB8viG4S5T1ZZZwZSk0RGbfy
wPKls6PuWcviIse4hFUgG3zxKpaCB47OCekOzEF+AsH41ASpV0sLoflo2M/Fz+Z5
0lGj7QdoHW7vu3FVs2LCW/m2+1NxoqzjK4Q3TXJSFqg7hHCoDXHxrpOuHVkPVHZJ
mz7ZrlcU87/xmLrzpyMvZKuXkht5PBGC0je37ij/Gxo+AbrH0vafujAvOt/Tw/Z2
YOfkJHu7moWKjH+ORRWNf1wVH3q3QCGgeVCr7lsINXAEpUmYdFnYGKXrkLZBWoiZ
Ju9nYBlpq56ThxwQI/UTRp7TeGTgU5gKo88gbVk3eXARTf5VOf7cl6BoDwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAKkKsGWjcF14du9mRQzL7pSmw/HMB8GA1UdIwQY
MBaAFFeNhUvSvuJCqC+4OSLRSbzPGe0CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjQyRlM5Sy00a0tvTDdnNUl0Rkp2TThaN1FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8xMjhiYzYtZjZmZi00YzkwLThiNWEt
MWFiNWY1Mzk5ZDNhLzEvQXFRcXdaYU53WFhoMjcyWkZETXZ1bEtiRDhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8xMjhiYzYtZjZmZi00YzkwLThiNWEtMWFiNWY1Mzk5ZDNh
LzEvVjQyRlM5Sy00a0tvTDdnNUl0Rkp2TThaN1FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBTnIAwQC
uaSYMA0EAgACMAcDBQMqAUVAMA0GCSqGSIb3DQEBCwUAA4IBAQCNjfcLeXY2ve/t
jJKpvbbGyBNekItCQJVIAWZmhqyxRYwjE2idA7ux8e/hAi7QntiMYJrS86Fyzv5H
O9RLFC1oGVr+CdxfRorKBQRX+2Gw11d1L/WgU0YCtX8eLaNdWYaxrQ49h1r7V6pW
fJnGfDaVf1RFSfA7wLhgfiHWoy1FoNweEfEnljHL5s4v+IPVpPDv+0EPg4h3EZ2O
CvPbBV3q4K/wg5zMfvLE2gIUiIi24dpsLpRJEABDU1X/jFAiZFzEFSBeRarWHFIN
z1426SqaRxzw5oKS+xkzOmYIubbyiIqD7ClInluRBtFfZKV908kngn3+01usSnzD
nARunEg8
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:11:20 2025 by rpki-client