Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/l6n8Q32ZoIPD8-eADvBghrRJ8cY.roa
File: l6n8Q32ZoIPD8-eADvBghrRJ8cY.roa (raw, json)
Hash identifier: /l7Ys56fgfjF8ukU/08MIXA22Meb8UJhZTotxgYDvKo=
Subject key identifier: 97:A9:FC:43:7D:99:A0:83:C3:F3:E7:80:0E:F0:60:86:B4:49:F1:C6
Certificate issuer: /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial: 0189F8A103622553E1B7D1C9ADCD428C1818
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/l6n8Q32ZoIPD8-eADvBghrRJ8cY.roa
Signing time: Tue 15 Aug 2023 09:57:28 +0000
ROA not before: Tue 15 Aug 2023 09:57:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60077
IP address blocks: 193.151.157.0/24 maxlen: 32
193.151.159.0/24 maxlen: 32
78.110.112.0/22 maxlen: 32
78.110.112.0/21 maxlen: 32
85.198.8.0/22 maxlen: 32
85.198.8.0/21 maxlen: 32
78.110.116.0/22 maxlen: 32
85.198.12.0/22 maxlen: 32
85.198.16.0/22 maxlen: 32
85.198.16.0/21 maxlen: 32
85.198.20.0/22 maxlen: 32
193.151.128.0/20 maxlen: 32
193.151.128.0/19 maxlen: 32
193.151.144.0/20 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f8:a1:03:62:25:53:e1:b7:d1:c9:ad:cd:42:8c:18:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Validity
Not Before: Aug 15 09:57:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97a9fc437d99a083c3f3e7800ef06086b449f1c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:13:ed:ee:f4:2a:a9:61:8d:c5:c8:23:8c:f5:
7b:fe:0f:98:5f:6e:3c:b0:fd:54:e6:d5:71:6e:77:
41:e8:74:ab:8d:94:22:be:32:7c:9f:87:62:c7:d8:
08:5b:1b:db:0a:05:d0:a7:e5:fb:07:d7:b1:a0:c1:
e6:0a:bc:b8:c3:ad:7e:6b:8f:08:6b:4a:bd:86:05:
7b:0b:93:28:a8:36:24:c7:30:d5:a2:02:89:5b:2a:
48:c3:e2:ed:88:7b:2b:a0:d8:0a:c2:81:af:5c:f3:
9e:4e:a5:d1:48:81:f2:0d:df:22:19:0c:8d:56:ab:
b0:41:ec:05:26:92:b4:0f:28:66:19:7e:df:be:22:
c0:be:86:64:eb:e2:e9:bf:30:b1:0e:9a:cd:33:d5:
c2:d0:b7:16:cd:e8:61:23:b5:e9:50:4f:dc:ac:9a:
69:66:86:f6:3e:c0:7b:4a:5a:da:7d:2c:83:b3:6c:
3c:aa:26:81:ad:60:5e:9c:10:50:5e:b1:f6:73:b1:
d1:be:4a:64:e8:bc:9c:29:20:9d:29:e0:b9:9f:ec:
cb:1e:e9:13:11:1a:ce:6c:5a:49:12:1e:2c:d2:4a:
43:d1:39:7d:ed:82:96:5c:8e:37:8a:e7:71:8f:12:
06:95:8d:a5:f3:19:9b:53:2a:0f:c7:52:15:a7:9b:
c7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:A9:FC:43:7D:99:A0:83:C3:F3:E7:80:0E:F0:60:86:B4:49:F1:C6
X509v3 Authority Key Identifier:
keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/l6n8Q32ZoIPD8-eADvBghrRJ8cY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.110.112.0/21
85.198.8.0-85.198.23.255
193.151.128.0/19
Signature Algorithm: sha256WithRSAEncryption
a4:ba:ab:f1:c1:9c:f4:77:24:95:5a:d5:87:2c:b8:af:94:25:
20:54:2d:63:90:35:87:98:64:4d:45:f0:20:f4:fc:27:60:29:
9b:2d:f0:8f:91:c5:04:74:56:cc:d1:6f:14:6b:e0:34:d8:e5:
9d:48:29:f2:93:5b:f1:a7:38:cb:a5:c2:04:82:24:7e:04:36:
0c:2a:bd:04:62:96:69:1a:d3:10:80:64:a4:e8:d4:2d:63:bc:
5e:df:22:68:f4:22:bd:8a:f0:04:62:0f:b7:26:b0:b5:e0:98:
3e:ff:6f:c6:b4:92:7f:56:86:e6:37:85:4b:9f:11:17:5a:86:
1a:0e:9b:93:ae:70:6d:23:fe:12:2b:47:e9:4c:19:58:eb:39:
36:08:c0:e0:bf:6d:af:7a:17:da:ea:18:66:bf:12:12:c2:13:
02:3c:75:88:4e:b9:2d:b3:fa:28:13:e8:a2:40:31:53:f5:b3:
71:2b:ec:e3:58:91:55:dd:96:8c:6b:cb:99:12:bb:49:39:36:
ff:a9:3c:da:27:db:98:e6:eb:56:b0:b9:87:92:1e:1c:d6:99:
64:d9:3a:79:14:e4:89:e0:42:f0:d9:c3:e6:b0:95:55:90:9b:
e1:a5:cd:fd:3e:1a:d1:d2:aa:a1:54:17:a0:c7:fa:c4:4e:2b:
c6:f1:1a:25
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYn4oQNiJVPht9HJrc1CjBgYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNTI2MzRhMmViMDNmODU2NWI1ZTMzZGMyYjlmNDkwNDFm
N2NmYjAwHhcNMjMwODE1MDk1NzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2E5ZmM0MzdkOTlhMDgzYzNmM2U3ODAwZWYwNjA4NmI0NDlmMWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBPt7vQqqWGNxcgjjPV7/g+YX248
sP1U5tVxbndB6HSrjZQivjJ8n4dix9gIWxvbCgXQp+X7B9exoMHmCry4w61+a48I
a0q9hgV7C5MoqDYkxzDVogKJWypIw+LtiHsroNgKwoGvXPOeTqXRSIHyDd8iGQyN
VquwQewFJpK0DyhmGX7fviLAvoZk6+LpvzCxDprNM9XC0LcWzehhI7XpUE/crJpp
Zob2PsB7SlrafSyDs2w8qiaBrWBenBBQXrH2c7HRvkpk6LycKSCdKeC5n+zLHukT
ERrObFpJEh4s0kpD0Tl97YKWXI43iudxjxIGlY2l8xmbUyoPx1IVp5vH9wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJep/EN9maCDw/PngA7wYIa0SfHGMB8GA1UdIwQY
MBaAFFtSY0ousD+FZbXjPcK59JBB98+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUt
ZGM2NTU0ZmQxMjM1LzEvbDZuOFEzMlpvSVBEOC1lQUR2QmdoclJKOGNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUtZGM2NTU0ZmQxMjM1
LzEvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDTm5wMAwD
BANVxggDBANVxhADBAXBl4AwDQYJKoZIhvcNAQELBQADggEBAKS6q/HBnPR3JJVa
1YcsuK+UJSBULWOQNYeYZE1F8CD0/CdgKZst8I+RxQR0VszRbxRr4DTY5Z1IKfKT
W/GnOMulwgSCJH4ENgwqvQRilmka0xCAZKTo1C1jvF7fImj0Ir2K8ARiD7cmsLXg
mD7/b8a0kn9WhuY3hUufERdahhoOm5OucG0j/hIrR+lMGVjrOTYIwOC/ba96F9rq
GGa/EhLCEwI8dYhOuS2z+igT6KJAMVP1s3Er7ONYkVXdloxry5kSu0k5Nv+pPNon
25jm61awuYeSHhzWmWTZOnkU5IngQvDZw+awlVWQm+Glzf0+GtHSqqFUF6DH+sRO
K8bxGiU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:05 2025 by rpki-client