Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/j-8rvxKKuSb4NUcq448CmQcGjOI.roa
File: j-8rvxKKuSb4NUcq448CmQcGjOI.roa (raw, json)
Hash identifier: kGEBjWgcG1LgOKyKnw5R0IMX/oETo7v57EoR+sjIs9k=
Subject key identifier: 8F:EF:2B:BF:12:8A:B9:26:F8:35:47:2A:E3:8F:02:99:07:06:8C:E2
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 01870D2B7ED01813DA0F51E595493911B94D
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/j-8rvxKKuSb4NUcq448CmQcGjOI.roa
Signing time: Thu 23 Mar 2023 06:32:46 +0000
ROA not before: Thu 23 Mar 2023 06:32:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8966
IP address blocks: 5.195.166.0/24 maxlen: 24
5.195.167.0/24 maxlen: 24
5.195.166.0/23 maxlen: 23
5.195.175.0/24 maxlen: 24
5.195.173.0/24 maxlen: 24
5.195.174.0/24 maxlen: 24
195.229.12.0/24 maxlen: 24
195.229.27.0/24 maxlen: 24
195.229.31.0/24 maxlen: 24
195.229.34.0/24 maxlen: 24
31.219.177.0/24 maxlen: 24
195.229.3.0/24 maxlen: 24
195.229.0.0/24 maxlen: 24
195.229.1.0/24 maxlen: 24
195.229.4.0/24 maxlen: 24
195.229.0.0/19 maxlen: 19
195.229.2.0/24 maxlen: 24
195.229.6.0/24 maxlen: 24
195.229.5.0/24 maxlen: 24
5.195.208.0/24 maxlen: 24
5.195.223.0/24 maxlen: 24
194.170.186.0/24 maxlen: 24
2001:8f8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0d:2b:7e:d0:18:13:da:0f:51:e5:95:49:39:11:b9:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Mar 23 06:32:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8fef2bbf128ab926f835472ae38f029907068ce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e4:78:7b:98:12:c7:ef:35:90:c2:8d:42:df:
7a:79:48:6d:fa:e7:ef:53:31:ae:db:b5:21:4c:78:
f2:66:97:25:44:92:27:63:ef:e6:b4:cc:a7:a6:6e:
0b:64:ff:8a:25:f5:5f:7d:88:e3:b9:96:8c:6d:60:
7e:9c:48:03:30:b8:c4:6c:f4:f8:99:8e:c7:3e:49:
d6:60:75:58:57:4c:b8:12:7e:f8:c3:eb:d3:de:98:
7e:b1:86:4b:13:ae:1e:3a:f8:eb:43:43:c3:f2:f5:
3b:7d:31:bf:97:d6:3f:bb:5b:0f:e7:34:f4:ee:62:
71:09:89:c1:03:57:55:e3:21:90:b8:f1:d1:38:04:
7a:02:cd:db:a9:bb:d8:fe:30:1c:b3:8a:30:c6:0a:
e0:57:ec:f7:d2:9f:d7:c2:59:cf:48:55:b3:4b:e5:
11:29:ed:ee:96:d5:cb:92:de:f9:90:f2:b9:7f:52:
57:9c:39:2d:af:1c:45:da:64:2d:d4:9d:99:b6:3b:
41:77:94:9d:80:c9:b4:f4:f4:d3:12:24:36:97:dd:
07:b7:52:1d:39:d4:89:a0:df:89:f8:5e:11:9d:7f:
6a:3d:1a:2b:77:90:d8:c8:84:71:b7:11:54:8b:71:
44:c2:29:77:67:01:4e:7b:eb:5c:01:18:a7:fc:ef:
21:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:EF:2B:BF:12:8A:B9:26:F8:35:47:2A:E3:8F:02:99:07:06:8C:E2
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/j-8rvxKKuSb4NUcq448CmQcGjOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.195.166.0/23
5.195.173.0-5.195.175.255
5.195.208.0/24
5.195.223.0/24
31.219.177.0/24
194.170.186.0/24
195.229.0.0/19
195.229.34.0/24
IPv6:
2001:8f8::/32
Signature Algorithm: sha256WithRSAEncryption
59:1f:d6:26:6d:39:f0:5a:b7:2b:37:b6:7a:54:63:04:de:ab:
93:dd:9f:2e:69:70:ab:da:69:64:de:a0:af:41:b1:57:05:d5:
34:a7:c1:15:28:4a:91:9e:87:91:87:06:81:f0:c0:f4:b5:c5:
c7:db:43:4f:b9:14:41:91:3a:0b:25:23:a8:fd:3f:2c:01:b0:
d8:28:a7:18:9f:12:f9:9c:37:5f:96:06:4f:ab:4d:a4:1c:a5:
59:c4:34:b9:d7:05:b4:4f:7d:31:25:d1:8e:1f:8e:76:39:f0:
63:66:62:3c:f4:32:50:eb:4f:bf:a6:8f:58:30:00:c4:76:21:
1d:fc:5a:ea:3d:e4:1d:63:49:19:13:ac:51:62:45:5c:14:d1:
ee:f2:b0:be:23:e7:b2:2d:3f:a6:d0:6c:0c:8b:be:7c:c4:53:
54:de:e3:7b:c5:bc:47:72:9a:ed:54:ce:07:64:26:8c:01:88:
5d:7f:50:4c:dd:c8:85:2d:50:70:63:d0:2f:a8:f9:f4:ec:5f:
89:a8:48:5f:db:81:24:36:3a:01:2b:71:c1:d1:d8:70:f1:48:
bd:4e:f9:aa:15:83:12:05:33:a5:4b:90:34:79:45:8d:1a:c1:
f9:6f:ec:90:c4:93:23:48:64:ca:9b:8a:64:ff:84:ba:5e:50:
82:a8:fa:4d
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYcNK37QGBPaD1HllUk5EblNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjMwMzIzMDYzMjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmVmMmJiZjEyOGFiOTI2ZjgzNTQ3MmFlMzhmMDI5OTA3MDY4Y2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+R4e5gSx+81kMKNQt96eUht+ufv
UzGu27UhTHjyZpclRJInY+/mtMynpm4LZP+KJfVffYjjuZaMbWB+nEgDMLjEbPT4
mY7HPknWYHVYV0y4En74w+vT3ph+sYZLE64eOvjrQ0PD8vU7fTG/l9Y/u1sP5zT0
7mJxCYnBA1dV4yGQuPHROAR6As3bqbvY/jAcs4owxgrgV+z30p/XwlnPSFWzS+UR
Ke3ultXLkt75kPK5f1JXnDktrxxF2mQt1J2ZtjtBd5SdgMm09PTTEiQ2l90Ht1Id
OdSJoN+J+F4RnX9qPRord5DYyIRxtxFUi3FEwil3ZwFOe+tcARin/O8hmQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFI/vK78Sirkm+DVHKuOPApkHBoziMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvai04cnZ4S0t1U2I0TlVjcTQ0OENtUWNHak9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQBBcOmMAwD
BAAFw60DBAQFw6ADBAAFw9ADBAAFw98DBAAf27EDBADCqroDBAXD5QADBADD5SIw
DQQCAAIwBwMFACABCPgwDQYJKoZIhvcNAQELBQADggEBAFkf1iZtOfBatys3tnpU
YwTeq5Pdny5pcKvaaWTeoK9BsVcF1TSnwRUoSpGeh5GHBoHwwPS1xcfbQ0+5FEGR
OgslI6j9PywBsNgopxifEvmcN1+WBk+rTaQcpVnENLnXBbRPfTEl0Y4fjnY58GNm
Yjz0MlDrT7+mj1gwAMR2IR38Wuo95B1jSRkTrFFiRVwU0e7ysL4j57ItP6bQbAyL
vnzEU1Te43vFvEdymu1UzgdkJowBiF1/UEzdyIUtUHBj0C+o+fTsX4moSF/bgSQ2
OgErccHR2HDxSL1O+aoVgxIFM6VLkDR5RY0awflv7JDEkyNIZMqbimT/hLpeUIKo
+k0=
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:49:57 2025 by rpki-client