Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/xdQT7WRr9qMnOsvbABQpeURJLDw.roa
File: xdQT7WRr9qMnOsvbABQpeURJLDw.roa (raw, json)
Hash identifier: 8EzZsgn2dtZTFK6OepvmO3c0HJ4520vv8RLUnSQ9iZ0=
Subject key identifier: C5:D4:13:ED:64:6B:F6:A3:27:3A:CB:DB:00:14:29:79:44:49:2C:3C
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 0186E4F814343CA57C39B7D942D260AB4923
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/xdQT7WRr9qMnOsvbABQpeURJLDw.roa
Signing time: Wed 15 Mar 2023 11:11:48 +0000
ROA not before: Wed 15 Mar 2023 11:11:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8966
IP address blocks: 5.195.166.0/24 maxlen: 24
5.195.167.0/24 maxlen: 24
5.195.166.0/23 maxlen: 23
195.229.31.0/24 maxlen: 24
195.229.34.0/24 maxlen: 24
31.219.177.0/24 maxlen: 24
195.229.0.0/24 maxlen: 24
195.229.0.0/19 maxlen: 19
195.229.3.0/24 maxlen: 24
195.229.2.0/24 maxlen: 24
5.195.208.0/24 maxlen: 24
5.195.223.0/24 maxlen: 24
2001:8f8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e4:f8:14:34:3c:a5:7c:39:b7:d9:42:d2:60:ab:49:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Mar 15 11:11:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5d413ed646bf6a3273acbdb0014297944492c3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:84:2f:a5:68:a9:f5:c9:30:31:a7:32:66:75:
a1:7a:bb:ef:08:c2:fe:6a:9f:d3:ee:75:cf:57:fd:
7a:6b:0b:61:b0:83:22:ec:81:08:96:c2:98:6b:4b:
5a:58:bd:c5:17:56:a9:28:3a:25:11:49:81:5e:b7:
91:41:57:9d:5a:9c:57:99:91:3b:8e:c4:47:d9:e3:
ce:3c:4e:1b:7a:d5:db:3f:83:8f:fe:ce:2f:0a:1a:
60:d5:5d:7a:cf:48:42:e0:ee:68:9e:a6:ba:e7:de:
47:81:06:b0:3c:23:17:b7:b2:e8:f3:2c:1c:c1:c1:
59:4e:4c:ff:90:7e:eb:75:f5:2c:53:be:31:51:85:
9e:ed:e0:7e:73:23:59:ca:75:b8:fa:41:3c:c5:42:
37:fd:21:94:9c:5b:8d:dd:64:3f:38:94:8f:25:c4:
e0:53:e5:78:37:17:ea:81:0e:4c:fe:3a:25:cd:27:
c5:e5:44:ab:d2:9e:d7:96:26:4c:18:95:94:ec:c5:
4d:09:75:94:c1:b5:61:c3:07:fc:f7:4a:59:9a:bf:
07:b6:93:06:84:e9:30:1b:46:3e:d4:64:99:3e:0b:
5f:1c:ad:e5:e8:74:83:5f:42:31:2a:9c:cc:f2:bf:
10:6e:c6:b5:ef:07:ee:31:2d:84:15:2e:79:f2:be:
cd:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:D4:13:ED:64:6B:F6:A3:27:3A:CB:DB:00:14:29:79:44:49:2C:3C
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/xdQT7WRr9qMnOsvbABQpeURJLDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.195.166.0/23
5.195.208.0/24
5.195.223.0/24
31.219.177.0/24
195.229.0.0/19
195.229.34.0/24
IPv6:
2001:8f8::/32
Signature Algorithm: sha256WithRSAEncryption
a9:a1:2f:d5:aa:1d:2d:5d:98:69:bf:8f:ac:3d:61:3f:8b:97:
53:ec:e1:6c:33:f6:22:a7:d1:a5:0e:3e:88:59:90:fe:23:ef:
9c:1a:0e:07:a2:42:d3:51:9f:1c:b6:45:2a:33:c2:e7:55:39:
56:eb:ac:9a:af:de:b0:f9:30:31:5e:67:8e:6c:3b:e9:2f:df:
49:e7:0c:15:36:c6:df:c3:26:98:3a:1d:dd:7b:5e:5c:51:a3:
fc:5e:80:83:0a:e6:a0:b8:49:27:35:c7:97:b5:c1:10:2f:ab:
23:7e:70:24:b4:1f:8e:44:22:b8:e5:78:5d:f2:e1:d2:08:11:
fb:87:47:3a:30:1b:15:0e:52:c0:1a:d2:75:f2:53:df:54:2d:
09:70:0d:8c:30:55:ab:1a:88:16:19:c4:e8:45:88:60:6c:bf:
a8:38:97:1e:cb:11:cb:13:60:45:bb:ec:b2:d6:73:a7:4b:7b:
7f:f4:43:90:97:a4:e0:91:a1:4a:11:e9:40:ca:52:8c:2e:14:
3b:0a:33:a6:38:63:4f:f7:e3:63:ef:e5:a6:41:eb:e0:a4:ed:
d0:d8:c6:9c:c2:f0:9a:23:90:29:6e:0d:af:ef:e8:c5:35:28:
ba:12:7f:a6:9d:be:f5:41:4b:95:0d:15:56:2c:13:37:36:52:
fe:f9:de:c2
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYbk+BQ0PKV8ObfZQtJgq0kjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjMwMzE1MTExMTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWQ0MTNlZDY0NmJmNmEzMjczYWNiZGIwMDE0Mjk3OTQ0NDkyYzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg4QvpWip9ckwMacyZnWhervvCML+
ap/T7nXPV/16awthsIMi7IEIlsKYa0taWL3FF1apKDolEUmBXreRQVedWpxXmZE7
jsRH2ePOPE4betXbP4OP/s4vChpg1V16z0hC4O5onqa6595HgQawPCMXt7Lo8ywc
wcFZTkz/kH7rdfUsU74xUYWe7eB+cyNZynW4+kE8xUI3/SGUnFuN3WQ/OJSPJcTg
U+V4NxfqgQ5M/jolzSfF5USr0p7XliZMGJWU7MVNCXWUwbVhwwf890pZmr8HtpMG
hOkwG0Y+1GSZPgtfHK3l6HSDX0IxKpzM8r8Qbsa17wfuMS2EFS558r7NJwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFMXUE+1ka/ajJzrL2wAUKXlESSw8MB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEveGRRVDdXUnI5cU1uT3N2YkFCUXBlVVJKTER3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQBBcOmAwQA
BcPQAwQABcPfAwQAH9uxAwQFw+UAAwQAw+UiMA0EAgACMAcDBQAgAQj4MA0GCSqG
SIb3DQEBCwUAA4IBAQCpoS/Vqh0tXZhpv4+sPWE/i5dT7OFsM/Yip9GlDj6IWZD+
I++cGg4HokLTUZ8ctkUqM8LnVTlW66yar96w+TAxXmeObDvpL99J5wwVNsbfwyaY
Oh3de15cUaP8XoCDCuaguEknNceXtcEQL6sjfnAktB+ORCK45Xhd8uHSCBH7h0c6
MBsVDlLAGtJ18lPfVC0JcA2MMFWrGogWGcToRYhgbL+oOJceyxHLE2BFu+yy1nOn
S3t/9EOQl6TgkaFKEelAylKMLhQ7CjOmOGNP9+Nj7+WmQevgpO3Q2MacwvCaI5Ap
bg2v7+jFNSi6En+mnb71QUuVDRVWLBM3NlL++d7C
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:43:00 2025 by rpki-client