Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/daBBuwnH4jSj0Ln6OthfHy1FweA.roa
File: daBBuwnH4jSj0Ln6OthfHy1FweA.roa (raw, json)
Hash identifier: YdDzVhzTQGKjByJ7rwGWXRJE7Noc0DNFvb4E7kr+TCc=
Subject key identifier: 75:A0:41:BB:09:C7:E2:34:A3:D0:B9:FA:3A:D8:5F:1F:2D:45:C1:E0
Certificate issuer: /CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Certificate serial: 0189B1A129FBB0D768248AA71D3D91D210A7
Authority key identifier: 26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/daBBuwnH4jSj0Ln6OthfHy1FweA.roa
Signing time: Tue 01 Aug 2023 15:04:36 +0000
ROA not before: Tue 01 Aug 2023 15:04:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50673
IP address blocks: 5.188.12.0/24 maxlen: 24
185.79.112.0/22 maxlen: 22
5.188.13.0/24 maxlen: 24
5.188.14.0/24 maxlen: 24
5.188.15.0/24 maxlen: 24
185.8.176.0/22 maxlen: 22
185.12.12.0/22 maxlen: 24
5.188.12.0/22 maxlen: 22
194.107.76.0/22 maxlen: 24
160.20.152.0/22 maxlen: 22
178.21.16.0/21 maxlen: 24
5.255.64.0/19 maxlen: 24
91.221.69.0/24 maxlen: 24
89.47.1.0/24 maxlen: 24
46.249.32.0/19 maxlen: 24
93.158.200.0/21 maxlen: 24
93.158.208.0/20 maxlen: 24
5.178.64.0/21 maxlen: 24
185.53.160.0/22 maxlen: 22
2a03:3f40::/32 maxlen: 32
2a00:1caa::/32 maxlen: 32
2a00:1ca8:77::/48 maxlen: 48
2a00:1ca8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b1:a1:29:fb:b0:d7:68:24:8a:a7:1d:3d:91:d2:10:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Validity
Not Before: Aug 1 15:04:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75a041bb09c7e234a3d0b9fa3ad85f1f2d45c1e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e2:02:ce:68:1f:8e:99:87:51:27:f0:c9:45:
9b:5f:7a:5b:d8:be:fa:5c:63:55:d3:27:97:32:73:
87:0e:aa:c7:92:4b:3a:2d:03:de:90:66:c0:f8:c8:
62:18:7d:fa:b5:60:c5:dd:42:c9:41:12:c0:a6:1b:
02:9a:cc:bb:b3:b2:ea:cb:26:97:a7:c9:f4:26:5e:
5d:bf:c7:7f:de:85:a7:92:96:4e:72:f4:9c:19:77:
ad:68:06:93:73:ef:81:e0:80:7b:52:f0:83:28:3d:
68:96:1b:05:ac:e6:15:49:d2:fb:48:23:42:14:78:
2c:d7:fa:16:34:ab:22:db:f0:5f:c8:f5:a0:64:12:
d5:5b:45:6d:c6:2c:d8:0f:bb:97:3a:2e:05:2d:6a:
66:9a:b7:6d:52:38:1f:62:f8:08:7c:31:55:48:04:
fc:35:0a:0f:97:03:ea:a3:85:98:de:e4:f2:5c:c6:
80:58:6b:71:9f:92:b2:98:37:81:48:25:68:af:6e:
0b:d0:96:ad:aa:dd:3a:2b:cd:64:18:72:ce:7b:2e:
4e:3a:0f:59:e6:14:6a:b3:e4:31:ae:bf:55:4b:53:
84:ae:22:f9:00:20:c7:50:3d:61:44:ae:34:3d:ac:
d8:b5:bf:d2:2e:75:75:c2:70:50:7b:d0:84:40:56:
92:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:A0:41:BB:09:C7:E2:34:A3:D0:B9:FA:3A:D8:5F:1F:2D:45:C1:E0
X509v3 Authority Key Identifier:
keyid:26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/daBBuwnH4jSj0Ln6OthfHy1FweA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.64.0/21
5.188.12.0/22
5.255.64.0/19
46.249.32.0/19
89.47.1.0/24
91.221.69.0/24
93.158.200.0-93.158.223.255
160.20.152.0/22
178.21.16.0/21
185.8.176.0/22
185.12.12.0/22
185.53.160.0/22
185.79.112.0/22
194.107.76.0/22
IPv6:
2a00:1ca8::/32
2a00:1caa::/32
2a03:3f40::/32
Signature Algorithm: sha256WithRSAEncryption
95:11:f8:95:16:cd:04:57:a0:32:4d:c0:38:73:d3:a2:35:32:
cc:b7:df:09:4d:ab:c8:a4:44:68:f5:74:6c:03:d0:74:7b:97:
e6:b7:9c:36:9e:ea:63:34:ac:76:6f:69:6f:34:0d:5c:bc:7e:
6f:d7:c4:14:30:ee:b9:80:a6:d6:e2:72:37:c5:48:1d:26:a2:
42:cc:81:47:d5:ed:ad:ed:7b:b2:4c:e4:a1:45:9b:27:c5:a9:
3c:96:70:8a:77:49:e8:92:fa:2a:3a:e1:51:26:55:5b:e7:12:
b8:06:40:e0:da:45:9c:42:da:25:a2:2c:10:1a:a7:ac:cc:4f:
5d:fe:d2:3a:f6:20:b3:e6:0f:82:1f:80:b8:aa:58:66:71:d1:
25:0d:61:d4:b5:ae:ab:0a:a6:d3:3f:71:ee:4f:ce:6f:1e:84:
c5:93:a7:7f:a6:9d:21:10:32:c9:f2:e5:73:66:96:3d:b6:df:
15:df:61:23:f0:6d:7a:66:6e:e2:b2:8e:a3:ac:be:de:f9:83:
a2:b7:9c:2f:96:2d:e5:b5:a2:b9:5c:40:b2:e4:d1:5b:3b:69:
a4:64:da:3a:d3:d6:46:fa:44:fc:07:da:4c:3f:09:a9:48:0e:
2d:8e:bb:00:12:26:96:49:81:fd:cb:e3:c1:d6:6d:e2:5b:2b:
8b:36:68:21
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYmxoSn7sNdoJIqnHT2R0hCnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MzExNjZkZTc4NWEzNTMxYmRjODM2MWYxMTkwYTgzNjlh
N2VkNmEwHhcNMjMwODAxMTUwNDM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWEwNDFiYjA5YzdlMjM0YTNkMGI5ZmEzYWQ4NWYxZjJkNDVjMWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+ICzmgfjpmHUSfwyUWbX3pb2L76
XGNV0yeXMnOHDqrHkks6LQPekGbA+MhiGH36tWDF3ULJQRLAphsCmsy7s7LqyyaX
p8n0Jl5dv8d/3oWnkpZOcvScGXetaAaTc++B4IB7UvCDKD1olhsFrOYVSdL7SCNC
FHgs1/oWNKsi2/BfyPWgZBLVW0VtxizYD7uXOi4FLWpmmrdtUjgfYvgIfDFVSAT8
NQoPlwPqo4WY3uTyXMaAWGtxn5KymDeBSCVor24L0Jatqt06K81kGHLOey5OOg9Z
5hRqs+Qxrr9VS1OEriL5ACDHUD1hRK40PazYtb/SLnV1wnBQe9CEQFaSkwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFHWgQbsJx+I0o9C5+jrYXx8tRcHgMB8GA1UdIwQY
MBaAFCYxFm3nhaNTG9yDYfEZCoNpp+1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUt
Yjg5YTI2MTk5OTc2LzEvZGFCQnV3bkg0alNqMExuNk90aGZIeTFGd2VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUtYjg5YTI2MTk5OTc2
LzEvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBiBAIAATBcAwQDBbJA
AwQCBbwMAwQFBf9AAwQFLvkgAwQAWS8BAwQAW91FMAwDBANdnsgDBAVdnsADBAKg
FJgDBAOyFRADBAK5CLADBAK5DAwDBAK5NaADBAK5T3ADBALCa0wwGwQCAAIwFQMF
ACoAHKgDBQAqAByqAwUAKgM/QDANBgkqhkiG9w0BAQsFAAOCAQEAlRH4lRbNBFeg
Mk3AOHPTojUyzLffCU2ryKREaPV0bAPQdHuX5recNp7qYzSsdm9pbzQNXLx+b9fE
FDDuuYCm1uJyN8VIHSaiQsyBR9Xtre17skzkoUWbJ8WpPJZwindJ6JL6KjrhUSZV
W+cSuAZA4NpFnELaJaIsEBqnrMxPXf7SOvYgs+YPgh+AuKpYZnHRJQ1h1LWuqwqm
0z9x7k/Obx6ExZOnf6adIRAyyfLlc2aWPbbfFd9hI/BtemZu4rKOo6y+3vmDorec
L5Yt5bWiuVxAsuTRWztppGTaOtPWRvpE/AfaTD8JqUgOLY67ABImlkmB/cvjwdZt
4lsrizZoIQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:17 2025 by rpki-client