Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/d8fngmqfIJHXmquXaYiz1GMqySo.roa
File: d8fngmqfIJHXmquXaYiz1GMqySo.roa (raw, json)
Hash identifier: pWqlRdgPd87spR/mkoXC4NSCgsXHVF3FuD4WcefHjRU=
Subject key identifier: 77:C7:E7:82:6A:9F:20:91:D7:9A:AB:97:69:88:B3:D4:63:2A:C9:2A
Certificate issuer: /CN=5a4a47d582bb0e9680f89258ab96d05867d352ef
Certificate serial: 01856EF42597093FAA695DC905A4DEC500D8
Authority key identifier: 5A:4A:47:D5:82:BB:0E:96:80:F8:92:58:AB:96:D0:58:67:D3:52:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkpH1YK7DpaA-JJYq5bQWGfTUu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/d8fngmqfIJHXmquXaYiz1GMqySo.roa
Signing time: Sun 01 Jan 2023 20:09:31 +0000
ROA not before: Sun 01 Jan 2023 20:09:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61137
IP address blocks: 91.229.65.0/24 maxlen: 24
185.76.128.0/22 maxlen: 22
185.76.130.0/24 maxlen: 24
185.76.131.0/24 maxlen: 24
5.53.96.0/21 maxlen: 21
5.53.96.0/22 maxlen: 22
5.53.100.0/24 maxlen: 24
109.205.28.0/23 maxlen: 23
91.229.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:f4:25:97:09:3f:aa:69:5d:c9:05:a4:de:c5:00:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a4a47d582bb0e9680f89258ab96d05867d352ef
Validity
Not Before: Jan 1 20:09:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77c7e7826a9f2091d79aab976988b3d4632ac92a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b9:12:86:11:43:5c:e7:a3:66:01:2f:ef:ae:
57:b1:23:1f:13:82:22:c0:d3:c4:89:3e:ad:08:07:
d6:2f:74:74:a3:af:87:75:8d:2e:1f:22:9f:15:05:
c7:e9:ca:32:0b:5e:0c:87:ed:2c:fa:e7:51:3c:71:
bd:fb:7d:15:3f:11:bd:83:63:fb:35:b5:5e:3d:ed:
dc:d5:20:ec:27:af:4d:4e:b2:b6:69:69:2d:db:a8:
9a:d5:04:99:f8:98:26:92:2e:50:88:73:59:50:9a:
1e:ee:f8:1a:b4:47:0b:ab:20:b4:29:8b:16:de:ed:
0a:f4:03:35:d9:14:f2:fc:2b:2a:81:65:76:3e:d1:
d1:9d:c0:b2:cc:7f:ee:f9:b5:c8:43:2b:b6:32:7b:
98:a8:8a:9b:c2:6b:f4:17:bd:5a:25:bd:fe:99:b4:
2d:69:95:e8:fd:2f:0e:a2:23:dd:59:ac:15:ef:4a:
2f:e4:3b:b1:c1:39:7a:93:76:ed:77:37:98:3c:72:
4d:e9:dc:f6:6f:79:41:77:d5:61:f7:c8:c4:62:ae:
2e:61:7d:ef:2c:9d:9a:d4:59:8b:93:bf:7e:bc:7b:
2f:25:34:ca:bc:81:25:02:04:14:c5:c8:56:5f:7e:
31:17:ba:43:e7:5f:87:d8:77:5d:86:42:75:5d:df:
be:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:C7:E7:82:6A:9F:20:91:D7:9A:AB:97:69:88:B3:D4:63:2A:C9:2A
X509v3 Authority Key Identifier:
keyid:5A:4A:47:D5:82:BB:0E:96:80:F8:92:58:AB:96:D0:58:67:D3:52:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkpH1YK7DpaA-JJYq5bQWGfTUu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/d8fngmqfIJHXmquXaYiz1GMqySo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/WkpH1YK7DpaA-JJYq5bQWGfTUu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.53.96.0/21
91.229.64.0/23
109.205.28.0/23
185.76.128.0/22
Signature Algorithm: sha256WithRSAEncryption
cb:62:fe:e7:61:22:8d:cb:70:f2:22:4b:26:b2:29:0f:99:41:
05:93:6b:d0:58:75:c9:10:8f:a4:b0:9f:77:ad:64:f5:c1:11:
d2:ff:46:78:12:86:10:69:17:57:05:6e:52:80:9a:ad:42:71:
41:50:ed:13:74:8c:59:83:ee:11:91:14:61:6b:43:b9:b7:99:
98:67:5a:ff:41:c2:dd:25:cd:c1:fe:ea:13:5a:2a:60:3e:fe:
54:5d:0b:a9:90:38:44:3d:6e:a7:7d:2e:d4:2c:ab:e9:60:d9:
31:b2:17:5e:0f:7c:47:68:7b:21:9c:08:1b:0a:2b:25:d2:0d:
ab:fc:a3:ad:7e:71:fd:85:4e:18:eb:60:8a:64:ce:51:d4:51:
79:1a:8e:d5:2d:17:ee:33:27:11:04:60:e7:e4:87:1c:48:82:
8a:d5:9f:45:83:48:97:41:b2:7b:a1:39:00:c5:22:68:90:99:
d3:52:ee:78:b9:1d:2a:f6:4f:ff:fb:d0:46:07:98:a7:b8:9f:
b6:0b:fd:c2:e1:6a:4a:17:53:c4:9a:72:50:2f:65:53:f8:f5:
1e:56:08:6f:6f:00:b2:62:fc:fb:f9:72:82:eb:0b:f0:e2:e6:
ac:bc:aa:f1:45:e9:bb:ce:f8:1d:98:1f:d0:c6:6f:11:55:e6:
de:a3:71:77
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVu9CWXCT+qaV3JBaTexQDYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNGE0N2Q1ODJiYjBlOTY4MGY4OTI1OGFiOTZkMDU4Njdk
MzUyZWYwHhcNMjMwMTAxMjAwOTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2M3ZTc4MjZhOWYyMDkxZDc5YWFiOTc2OTg4YjNkNDYzMmFjOTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLkShhFDXOejZgEv765XsSMfE4Ii
wNPEiT6tCAfWL3R0o6+HdY0uHyKfFQXH6coyC14Mh+0s+udRPHG9+30VPxG9g2P7
NbVePe3c1SDsJ69NTrK2aWkt26ia1QSZ+Jgmki5QiHNZUJoe7vgatEcLqyC0KYsW
3u0K9AM12RTy/CsqgWV2PtHRncCyzH/u+bXIQyu2MnuYqIqbwmv0F71aJb3+mbQt
aZXo/S8OoiPdWawV70ov5DuxwTl6k3btdzeYPHJN6dz2b3lBd9Vh98jEYq4uYX3v
LJ2a1FmLk79+vHsvJTTKvIElAgQUxchWX34xF7pD51+H2HddhkJ1Xd++PQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHfH54JqnyCR15qrl2mIs9RjKskqMB8GA1UdIwQY
MBaAFFpKR9WCuw6WgPiSWKuW0Fhn01LvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2twSDFZSzdEcGFBLUpKWXE1YlFXR2ZUVXU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS80Yjc1NzYtMmI5Yy00M2FmLTg4MTct
NmIwMDY1NTA4OTk2LzEvZDhmbmdtcWZJSkhYbXF1WGFZaXoxR01xeVNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS80Yjc1NzYtMmI5Yy00M2FmLTg4MTctNmIwMDY1NTA4OTk2
LzEvV2twSDFZSzdEcGFBLUpKWXE1YlFXR2ZUVXU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBTVgAwQB
W+VAAwQBbc0cAwQCuUyAMA0GCSqGSIb3DQEBCwUAA4IBAQDLYv7nYSKNy3DyIksm
sikPmUEFk2vQWHXJEI+ksJ93rWT1wRHS/0Z4EoYQaRdXBW5SgJqtQnFBUO0TdIxZ
g+4RkRRha0O5t5mYZ1r/QcLdJc3B/uoTWipgPv5UXQupkDhEPW6nfS7ULKvpYNkx
shdeD3xHaHshnAgbCisl0g2r/KOtfnH9hU4Y62CKZM5R1FF5Go7VLRfuMycRBGDn
5IccSIKK1Z9Fg0iXQbJ7oTkAxSJokJnTUu54uR0q9k//+9BGB5inuJ+2C/3C4WpK
F1PEmnJQL2VT+PUeVghvbwCyYvz7+XKC6wvw4uasvKrxRem7zvgdmB/Qxm8RVebe
o3F3
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:06 2025 by rpki-client