Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/2slsJCcGmvUzBZSIIqdB_MSOp0M.roa
File: 2slsJCcGmvUzBZSIIqdB_MSOp0M.roa (raw, json)
Hash identifier: G656Mcpr8tLX8LhGweJYXE+inLb55lrp3EVa8mMHYUA=
Subject key identifier: DA:C9:6C:24:27:06:9A:F5:33:05:94:88:22:A7:41:FC:C4:8E:A7:43
Certificate issuer: /CN=d79785de62dcf9e7930babd7b1d39c5853d1944f
Certificate serial: 33B8F359
Authority key identifier: D7:97:85:DE:62:DC:F9:E7:93:0B:AB:D7:B1:D3:9C:58:53:D1:94:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/2slsJCcGmvUzBZSIIqdB_MSOp0M.roa
Signing time: Sat 01 Jan 2022 04:55:47 +0000
ROA not before: Sat 01 Jan 2022 04:55:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 26415
IP address blocks: 185.28.223.0/24 maxlen: 24
185.28.222.0/24 maxlen: 24
185.28.221.0/24 maxlen: 24
185.28.220.0/24 maxlen: 24
5.57.17.0/24 maxlen: 24
5.57.16.0/24 maxlen: 24
5.57.23.0/24 maxlen: 24
5.57.21.0/24 maxlen: 24
5.57.20.0/24 maxlen: 24
5.57.19.0/24 maxlen: 24
5.57.18.0/24 maxlen: 24
37.10.1.0/24 maxlen: 24
37.10.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 867758937 (0x33b8f359)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79785de62dcf9e7930babd7b1d39c5853d1944f
Validity
Not Before: Jan 1 04:55:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dac96c2427069af53305948822a741fcc48ea743
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a8:0d:39:89:e9:36:fb:18:40:66:af:c3:5a:
f3:45:b9:18:87:c2:64:6c:03:82:be:b0:f4:3e:01:
09:00:20:c4:23:c2:3c:e0:4d:aa:bb:dd:1f:82:48:
5c:5f:21:7e:68:b8:70:24:4b:13:cb:1c:33:98:6c:
78:ab:e5:1a:8e:5d:1a:bc:7b:7c:e8:fc:78:f6:cd:
34:da:b7:b9:48:4f:a3:7f:e3:cf:5b:f9:3a:60:f1:
e3:7f:24:e1:28:8d:c0:da:6b:6c:79:52:88:6b:b8:
0a:84:32:b7:5e:ac:30:4e:c7:4b:88:bc:40:78:a5:
7e:37:56:73:fc:0a:b2:fe:bc:c0:91:b2:23:4e:39:
76:ae:f7:78:8e:8a:dc:42:0f:1f:49:f8:40:44:d0:
fd:cc:bf:28:3e:14:77:26:fb:73:99:c4:7e:14:be:
d2:d3:7b:cc:ec:a0:49:21:3b:ca:57:2f:5a:f6:9d:
59:66:66:06:84:ea:cf:9a:16:37:3a:b7:46:23:e3:
6c:c2:e4:5e:f2:ee:04:a0:66:55:bd:d9:3a:b0:9b:
9b:e6:38:dc:56:32:a7:80:8d:7f:0c:cd:ee:00:25:
f3:4a:80:08:e8:e8:d7:d4:57:de:a4:65:4c:71:b2:
64:55:78:30:78:a4:70:85:5a:a4:9b:3a:eb:4a:ba:
e2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C9:6C:24:27:06:9A:F5:33:05:94:88:22:A7:41:FC:C4:8E:A7:43
X509v3 Authority Key Identifier:
keyid:D7:97:85:DE:62:DC:F9:E7:93:0B:AB:D7:B1:D3:9C:58:53:D1:94:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/2slsJCcGmvUzBZSIIqdB_MSOp0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/15eF3mLc-eeTC6vXsdOcWFPRlE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.16.0-5.57.21.255
5.57.23.0/24
37.10.0.0/23
185.28.220.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:59:77:c1:99:58:69:ed:23:61:a7:51:fe:39:68:51:50:91:
ff:78:05:af:86:ae:18:53:84:1a:32:0b:98:9c:2d:d7:5b:26:
a4:2f:c3:9e:99:e8:e6:f2:2f:25:ae:ef:b5:a1:65:5f:63:e4:
a1:88:51:a2:bd:ee:f8:2d:88:dc:af:bd:1f:73:cf:19:ae:31:
97:6a:82:ad:af:09:ae:ce:8a:49:c7:c2:81:7d:ab:93:bf:89:
f8:9c:08:c1:c4:cf:2d:6e:2d:0e:64:22:43:fa:a7:93:36:c3:
c5:96:90:e4:9c:de:2e:67:f6:41:78:c7:0a:d7:bb:d4:2b:bd:
25:93:02:fe:97:5c:2e:f8:50:0a:74:b2:f1:79:75:0b:ec:88:
fb:30:72:c5:5d:bb:da:d2:cd:07:3c:81:97:9f:e4:e4:22:87:
f0:d1:fa:94:d6:8c:ea:97:18:8c:4b:7d:9c:2a:20:34:1b:d9:
a6:b9:e2:fe:9d:c6:5c:1a:72:72:4d:62:c8:40:28:f9:90:ff:
40:80:9a:02:08:95:c0:7b:6b:97:79:78:4b:65:89:4d:9f:0b:
d4:37:73:20:6e:fa:38:f2:cb:92:ee:fa:19:b7:6b:59:9e:f0:
03:9f:e6:70:0c:be:ca:62:2d:8d:1e:68:cd:19:29:6b:1e:15:
c4:fb:44:ed
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEM7jzWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Nzk3ODVkZTYyZGNmOWU3OTMwYmFiZDdiMWQzOWM1ODUzZDE5NDRmMB4XDTIyMDEw
MTA0NTU0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGFjOTZjMjQyNzA2
OWFmNTMzMDU5NDg4MjJhNzQxZmNjNDhlYTc0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMioDTmJ6Tb7GEBmr8Na80W5GIfCZGwDgr6w9D4BCQAgxCPC
POBNqrvdH4JIXF8hfmi4cCRLE8scM5hseKvlGo5dGrx7fOj8ePbNNNq3uUhPo3/j
z1v5OmDx438k4SiNwNprbHlSiGu4CoQyt16sME7HS4i8QHilfjdWc/wKsv68wJGy
I045dq73eI6K3EIPH0n4QETQ/cy/KD4Udyb7c5nEfhS+0tN7zOygSSE7ylcvWvad
WWZmBoTqz5oWNzq3RiPjbMLkXvLuBKBmVb3ZOrCbm+Y43FYyp4CNfwzN7gAl80qA
COjo19RX3qRlTHGyZFV4MHikcIVapJs660q64sECAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBTayWwkJwaa9TMFlIgip0H8xI6nQzAfBgNVHSMEGDAWgBTXl4XeYtz555ML
q9ex05xYU9GUTzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzE1ZUYzbUxjLWVlVEM2dlhzZE9jV0ZQUmxFOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvN2Y5NzI4LTk1NTktNDI2My1iY2ZhLTc1ODU1ZGI3MTUxZi8x
LzJzbHNKQ2NHbXZVekJaU0lJcWRCX01TT3AwTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
N2Y5NzI4LTk1NTktNDI2My1iY2ZhLTc1ODU1ZGI3MTUxZi8xLzE1ZUYzbUxjLWVl
VEM2dlhzZE9jV0ZQUmxFOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIDAMAwQEBTkQAwQBBTkUAwQABTkXAwQB
JQoAAwQCuRzcMA0GCSqGSIb3DQEBCwUAA4IBAQBfWXfBmVhp7SNhp1H+OWhRUJH/
eAWvhq4YU4QaMguYnC3XWyakL8Oemejm8i8lru+1oWVfY+ShiFGive74LYjcr70f
c88ZrjGXaoKtrwmuzopJx8KBfauTv4n4nAjBxM8tbi0OZCJD+qeTNsPFlpDknN4u
Z/ZBeMcK17vUK70lkwL+l1wu+FAKdLLxeXUL7Ij7MHLFXbva0s0HPIGXn+TkIofw
0fqU1ozqlxiMS32cKiA0G9mmueL+ncZcGnJyTWLIQCj5kP9AgJoCCJXAe2uXeXhL
ZYlNnwvUN3Mgbvo48suS7voZt2tZnvADn+ZwDL7KYi2NHmjNGSlrHhXE+0Tt
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:13 2023 by rpki-client on console-fra.rpki-client.org