Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/9dt_AVejA9p5VrfYZmwjH8qgr4k.roa
File: 9dt_AVejA9p5VrfYZmwjH8qgr4k.roa (raw, json)
Hash identifier: j94Pn7WWd10cThkSXpk0lqLqzpLuIJ6I6CFAMMMRp5A=
Subject key identifier: F5:DB:7F:01:57:A3:03:DA:79:56:B7:D8:66:6C:23:1F:CA:A0:AF:89
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 01886C9A32D135A1C3396EA9EA00EB43E98B
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/9dt_AVejA9p5VrfYZmwjH8qgr4k.roa
Signing time: Tue 30 May 2023 12:20:24 +0000
ROA not before: Tue 30 May 2023 12:20:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8966
IP address blocks: 5.195.166.0/24 maxlen: 24
5.195.167.0/24 maxlen: 24
5.195.166.0/23 maxlen: 24
5.195.175.0/24 maxlen: 24
5.195.173.0/24 maxlen: 24
5.195.174.0/24 maxlen: 24
195.229.12.0/24 maxlen: 24
195.229.27.0/24 maxlen: 24
195.229.31.0/24 maxlen: 24
195.229.34.0/24 maxlen: 24
31.219.177.0/24 maxlen: 24
195.229.3.0/24 maxlen: 24
195.229.0.0/24 maxlen: 24
195.229.1.0/24 maxlen: 24
195.229.4.0/24 maxlen: 24
195.229.0.0/19 maxlen: 19
195.229.2.0/24 maxlen: 24
195.229.6.0/24 maxlen: 24
195.229.5.0/24 maxlen: 24
5.195.208.0/24 maxlen: 24
5.195.223.0/24 maxlen: 24
194.170.186.0/24 maxlen: 24
2001:8f8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6c:9a:32:d1:35:a1:c3:39:6e:a9:ea:00:eb:43:e9:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: May 30 12:20:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5db7f0157a303da7956b7d8666c231fcaa0af89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:dc:20:f9:52:d5:60:a8:e2:f9:e5:d7:c3:df:
1b:4a:f3:7c:e3:2f:f1:2b:71:07:81:2e:de:a8:e0:
f3:d7:29:ae:9a:5c:4c:68:11:d8:10:4a:8c:72:dd:
16:5a:a2:67:3a:26:94:cb:75:6c:3a:94:51:1e:a1:
70:49:18:ae:33:7b:96:15:ba:7b:2b:82:54:d7:4e:
c1:43:8a:39:d3:04:f7:6e:25:e3:2e:77:30:f2:7a:
ae:7b:73:1e:37:a7:d3:77:0e:3c:80:ec:1d:e2:1e:
02:e2:79:7e:90:4f:57:67:79:74:f4:d4:98:5f:5c:
2a:a1:69:ca:4e:50:80:b5:a0:92:1b:e5:f5:b0:36:
5e:5a:6d:9b:7f:61:d3:9e:92:4e:d3:a5:70:73:9f:
a5:4a:cf:2c:02:65:f4:28:59:69:36:54:66:cf:8a:
b7:ef:cc:53:77:9b:6f:53:66:68:75:2c:07:0f:f0:
4f:a1:1f:f1:ab:b6:f3:1f:2a:90:6b:57:e7:25:ae:
94:f3:94:e2:43:0c:fc:3d:34:46:db:4f:d2:66:7b:
8c:58:e3:14:89:7e:c0:74:a2:8f:e2:13:13:1a:7e:
3f:5f:5d:5c:d4:9a:af:6a:68:87:b0:0f:d2:3c:e0:
40:75:46:cd:f7:e9:a7:02:25:83:cb:c7:e5:66:ae:
f1:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:DB:7F:01:57:A3:03:DA:79:56:B7:D8:66:6C:23:1F:CA:A0:AF:89
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/9dt_AVejA9p5VrfYZmwjH8qgr4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.195.166.0/23
5.195.173.0-5.195.175.255
5.195.208.0/24
5.195.223.0/24
31.219.177.0/24
194.170.186.0/24
195.229.0.0/19
195.229.34.0/24
IPv6:
2001:8f8::/32
Signature Algorithm: sha256WithRSAEncryption
a2:f0:bd:e4:7b:50:93:28:85:88:1e:ba:ec:75:12:d0:3e:31:
2d:52:32:9e:46:8d:76:7c:3b:d4:67:b0:fd:05:d7:08:87:b8:
0d:aa:57:68:72:78:47:6a:19:6d:ea:a8:15:44:cf:f4:07:c7:
79:fb:88:34:41:c3:76:94:02:57:eb:61:05:eb:ec:e9:da:75:
f5:c4:f9:0c:d6:a6:0a:f5:c2:30:3c:53:49:ca:cc:d8:e6:4b:
73:ef:6c:c3:c5:fe:02:fe:87:5b:0f:db:cb:e4:4f:e6:b7:4d:
30:6d:8b:28:9f:2a:b6:c0:7d:7d:71:d2:cd:9c:84:e6:7e:77:
97:07:31:f5:14:b5:e3:a4:2e:68:92:31:63:f2:14:d8:18:78:
82:4f:a2:81:4f:6d:12:30:9d:48:54:c9:94:4a:de:1e:2f:19:
0c:31:11:cb:a2:d7:e1:8e:95:9b:5a:ad:33:cc:53:c0:93:76:
5c:e9:e2:82:a5:54:63:0d:c3:cd:3d:d9:cc:17:51:25:2c:9a:
84:e4:61:d9:8c:b6:35:29:b6:c9:b1:c5:86:95:b0:1e:f7:83:
ff:d9:39:ed:ef:76:4c:5d:2d:2f:ff:05:77:f6:02:76:4b:a0:
f1:32:b4:5e:44:83:a9:39:13:5a:cf:3c:9b:d6:f7:59:5e:cb:
f5:6e:28:62
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYhsmjLRNaHDOW6p6gDrQ+mLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjMwNTMwMTIyMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWRiN2YwMTU3YTMwM2RhNzk1NmI3ZDg2NjZjMjMxZmNhYTBhZjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtwg+VLVYKji+eXXw98bSvN84y/x
K3EHgS7eqODz1ymumlxMaBHYEEqMct0WWqJnOiaUy3VsOpRRHqFwSRiuM3uWFbp7
K4JU107BQ4o50wT3biXjLncw8nque3MeN6fTdw48gOwd4h4C4nl+kE9XZ3l09NSY
X1wqoWnKTlCAtaCSG+X1sDZeWm2bf2HTnpJO06Vwc5+lSs8sAmX0KFlpNlRmz4q3
78xTd5tvU2ZodSwHD/BPoR/xq7bzHyqQa1fnJa6U85TiQwz8PTRG20/SZnuMWOMU
iX7AdKKP4hMTGn4/X11c1JqvamiHsA/SPOBAdUbN9+mnAiWDy8flZq7xEwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFPXbfwFXowPaeVa32GZsIx/KoK+JMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvOWR0X0FWZWpBOXA1VnJmWVptd2pIOHFncjRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQBBcOmMAwD
BAAFw60DBAQFw6ADBAAFw9ADBAAFw98DBAAf27EDBADCqroDBAXD5QADBADD5SIw
DQQCAAIwBwMFACABCPgwDQYJKoZIhvcNAQELBQADggEBAKLwveR7UJMohYgeuux1
EtA+MS1SMp5GjXZ8O9RnsP0F1wiHuA2qV2hyeEdqGW3qqBVEz/QHx3n7iDRBw3aU
AlfrYQXr7OnadfXE+QzWpgr1wjA8U0nKzNjmS3PvbMPF/gL+h1sP28vkT+a3TTBt
iyifKrbAfX1x0s2chOZ+d5cHMfUUteOkLmiSMWPyFNgYeIJPooFPbRIwnUhUyZRK
3h4vGQwxEcui1+GOlZtarTPMU8CTdlzp4oKlVGMNw8092cwXUSUsmoTkYdmMtjUp
tsmxxYaVsB73g//ZOe3vdkxdLS//BXf2AnZLoPEytF5Eg6k5E1rPPJvW91ley/Vu
KGI=
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:22:31 2025 by rpki-client