Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/b44488-0500-4538-93b1-2688d346f6ab/1/5Ytp5YEz3NoGhlFpT4uL1g3R3mk.roa
File: 5Ytp5YEz3NoGhlFpT4uL1g3R3mk.roa (raw, json)
Hash identifier: mKmZCuffYlkribLONHU3IEM6H5xExeaAL2Lv35eShFc=
Subject key identifier: E5:8B:69:E5:81:33:DC:DA:06:86:51:69:4F:8B:8B:D6:0D:D1:DE:69
Certificate issuer: /CN=afe3f1ed1b49c5ba7cc1f192a4024765a253664e
Certificate serial: 03991E8A
Authority key identifier: AF:E3:F1:ED:1B:49:C5:BA:7C:C1:F1:92:A4:02:47:65:A2:53:66:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r-Px7RtJxbp8wfGSpAJHZaJTZk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/b44488-0500-4538-93b1-2688d346f6ab/1/5Ytp5YEz3NoGhlFpT4uL1g3R3mk.roa
Signing time: Sat 01 Jan 2022 02:58:52 +0000
ROA not before: Sat 01 Jan 2022 02:58:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213089
IP address blocks: 193.178.128.0/24 maxlen: 24
193.178.139.0/24 maxlen: 24
193.178.137.0/24 maxlen: 24
185.133.232.0/22 maxlen: 24
193.178.142.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60366474 (0x3991e8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afe3f1ed1b49c5ba7cc1f192a4024765a253664e
Validity
Not Before: Jan 1 02:58:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e58b69e58133dcda068651694f8b8bd60dd1de69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fd:f6:96:97:79:48:3d:e8:7e:02:98:a4:09:
1d:73:2f:8f:b7:a0:8a:e7:c2:17:db:ca:e2:f2:d5:
6c:cc:9e:a2:84:cd:6b:0a:c2:40:3f:66:10:78:b6:
9f:30:42:d5:44:df:7a:7d:55:6d:0b:49:3c:6a:ee:
31:b4:fe:f6:1a:a0:30:f5:8b:a1:36:87:4b:fd:3c:
78:74:43:c9:fd:2c:70:f1:7c:1f:b1:83:06:88:ad:
9f:51:8a:95:0e:57:34:75:41:34:ae:39:38:7e:a4:
f8:ab:8a:b4:05:0e:ab:75:1e:e1:dd:44:ed:8d:0b:
e8:d8:d3:f3:fd:ba:7d:61:36:8f:57:4b:a8:80:22:
76:26:30:b1:c9:59:40:aa:8d:57:fa:ef:d9:d1:a4:
3b:df:13:ef:12:6b:d8:59:3d:9d:9b:59:c1:f6:14:
e3:c9:b4:20:77:66:9f:5c:c6:c5:53:06:58:22:be:
d0:78:4e:55:95:1f:93:b9:6d:fa:c2:9e:18:28:95:
52:e3:6e:d9:bd:d7:39:43:0a:bc:8f:c0:fc:d8:da:
40:03:01:84:96:1b:5e:f4:3a:a6:f0:cc:99:35:77:
b3:29:98:bc:fd:50:01:b9:8f:fc:18:26:5a:93:3e:
dc:a9:e7:13:28:cd:37:eb:61:5b:1e:a0:85:ef:b0:
f7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:8B:69:E5:81:33:DC:DA:06:86:51:69:4F:8B:8B:D6:0D:D1:DE:69
X509v3 Authority Key Identifier:
keyid:AF:E3:F1:ED:1B:49:C5:BA:7C:C1:F1:92:A4:02:47:65:A2:53:66:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r-Px7RtJxbp8wfGSpAJHZaJTZk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/b44488-0500-4538-93b1-2688d346f6ab/1/5Ytp5YEz3NoGhlFpT4uL1g3R3mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/b44488-0500-4538-93b1-2688d346f6ab/1/r-Px7RtJxbp8wfGSpAJHZaJTZk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.232.0/22
193.178.128.0/24
193.178.137.0/24
193.178.139.0/24
193.178.142.0/24
Signature Algorithm: sha256WithRSAEncryption
58:72:7f:d2:50:6b:cb:2d:9c:25:74:26:0c:27:de:85:fc:ef:
91:e5:fc:2f:2e:3a:e2:0a:c8:88:7b:a5:d0:6b:a1:b4:b9:51:
a8:eb:26:4e:44:d0:03:c0:b1:11:c0:53:2c:20:00:c2:3b:4f:
13:88:5f:2b:e1:b9:47:09:4a:b8:38:19:3d:27:9e:de:dc:ed:
1c:7d:15:07:eb:a7:ad:bb:1d:2e:73:34:f9:5e:c2:7e:01:2f:
29:51:f9:8b:dc:71:bf:32:ff:a3:69:0f:a9:8c:d5:05:b5:8f:
bc:b2:dc:fe:53:c5:5d:d2:1b:36:c4:6e:c8:45:d3:48:ff:18:
ab:62:49:61:27:f9:bc:e4:b6:26:73:9f:d8:2b:85:a5:84:ab:
3d:86:a7:73:84:24:91:cd:8e:eb:cc:f8:f6:be:83:8e:d0:9d:
af:4f:78:f1:c4:53:f9:9a:d2:e2:48:5a:f4:99:0a:a0:ea:bd:
4c:65:b8:0e:3c:25:88:c2:4e:6d:65:e0:25:a1:52:90:30:1a:
79:3c:2b:fc:86:ce:20:91:ec:b0:e0:87:f9:0f:c6:92:94:0c:
91:64:8d:7e:dc:c7:98:b5:9c:78:cd:2c:e2:b1:0b:92:37:34:
a5:be:04:28:a8:18:2e:c3:2f:46:e4:a7:03:24:2b:8b:e4:2b:
e6:c6:b2:d5
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEA5keijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZmUzZjFlZDFiNDljNWJhN2NjMWYxOTJhNDAyNDc2NWEyNTM2NjRlMB4XDTIyMDEw
MTAyNTg1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTU4YjY5ZTU4MTMz
ZGNkYTA2ODY1MTY5NGY4YjhiZDYwZGQxZGU2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIz99paXeUg96H4CmKQJHXMvj7egiufCF9vK4vLVbMyeooTN
awrCQD9mEHi2nzBC1UTfen1VbQtJPGruMbT+9hqgMPWLoTaHS/08eHRDyf0scPF8
H7GDBoitn1GKlQ5XNHVBNK45OH6k+KuKtAUOq3Ue4d1E7Y0L6NjT8/26fWE2j1dL
qIAidiYwsclZQKqNV/rv2dGkO98T7xJr2Fk9nZtZwfYU48m0IHdmn1zGxVMGWCK+
0HhOVZUfk7lt+sKeGCiVUuNu2b3XOUMKvI/A/NjaQAMBhJYbXvQ6pvDMmTV3symY
vP1QAbmP/BgmWpM+3KnnEyjNN+thWx6ghe+w990CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTli2nlgTPc2gaGUWlPi4vWDdHeaTAfBgNVHSMEGDAWgBSv4/HtG0nFunzB
8ZKkAkdlolNmTjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ItUHg3UnRKeGJwOHdmR1NwQUpIWmFKVFprNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvYjQ0NDg4LTA1MDAtNDUzOC05M2IxLTI2ODhkMzQ2ZjZhYi8x
LzVZdHA1WUV6M05vR2hsRnBUNHVMMWczUjNtay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
YjQ0NDg4LTA1MDAtNDUzOC05M2IxLTI2ODhkMzQ2ZjZhYi8xL3ItUHg3UnRKeGJw
OHdmR1NwQUpIWmFKVFprNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEArmF6AMEAMGygAMEAMGyiQMEAMGy
iwMEAMGyjjANBgkqhkiG9w0BAQsFAAOCAQEAWHJ/0lBryy2cJXQmDCfehfzvkeX8
Ly464grIiHul0GuhtLlRqOsmTkTQA8CxEcBTLCAAwjtPE4hfK+G5RwlKuDgZPSee
3tztHH0VB+unrbsdLnM0+V7CfgEvKVH5i9xxvzL/o2kPqYzVBbWPvLLc/lPFXdIb
NsRuyEXTSP8Yq2JJYSf5vOS2JnOf2CuFpYSrPYanc4Qkkc2O68z49r6DjtCdr094
8cRT+ZrS4kha9JkKoOq9TGW4DjwliMJObWXgJaFSkDAaeTwr/IbOIJHssOCH+Q/G
kpQMkWSNftzHmLWceM0s4rELkjc0pb4EKKgYLsMvRuSnAyQri+Qr5say1Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:42 2025 by rpki-client