Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/rmTUdpMnEnOfsrdlkBDluedYPWc.roa
File: rmTUdpMnEnOfsrdlkBDluedYPWc.roa (raw, json)
Hash identifier: DlCJ3DAvlc+ooWQzrIW9H5UVslj48BSuFpqPKUxE9DA=
Subject key identifier: AE:64:D4:76:93:27:12:73:9F:B2:B7:65:90:10:E5:B9:E7:58:3D:67
Certificate issuer: /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial: 0189D0203352B90FEE37B6F5C1B63DF81864
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/rmTUdpMnEnOfsrdlkBDluedYPWc.roa
Signing time: Mon 07 Aug 2023 13:11:58 +0000
ROA not before: Mon 07 Aug 2023 13:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60077
IP address blocks: 193.151.128.0/20 maxlen: 32
193.151.128.0/19 maxlen: 32
193.151.144.0/20 maxlen: 32
193.151.157.0/24 maxlen: 32
193.151.159.0/24 maxlen: 32
78.110.112.0/22 maxlen: 32
78.110.112.0/21 maxlen: 32
78.110.116.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d0:20:33:52:b9:0f:ee:37:b6:f5:c1:b6:3d:f8:18:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Validity
Not Before: Aug 7 13:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae64d476932712739fb2b7659010e5b9e7583d67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:9b:91:8a:13:de:ba:03:54:16:9a:d6:57:da:
b9:55:3a:23:26:12:21:69:db:a5:0e:91:09:50:6b:
7d:f0:20:08:db:03:1b:ba:6f:96:0b:7b:d9:e5:fe:
89:18:48:c6:b7:9e:bd:82:db:cf:1a:5e:69:1b:51:
16:02:02:47:b0:d1:43:84:d0:61:1e:1c:1b:06:2c:
12:bb:a9:7d:81:37:f7:50:7c:5a:1b:84:86:e3:7d:
70:9e:5c:2c:83:3c:0b:0f:53:bf:84:cc:b2:7c:1a:
ba:68:ec:9d:22:e5:71:6d:c2:46:d1:f1:53:89:a1:
fb:ee:8c:6f:3b:6e:dc:07:81:a8:c8:d0:b5:1a:8c:
b6:a9:28:8b:38:a1:06:cc:9d:71:08:15:a0:f9:3f:
8c:f7:a2:53:70:ef:33:c6:97:c3:f7:4c:93:3f:bf:
9d:35:76:06:9f:da:3c:b9:1a:53:f4:92:ef:29:2c:
09:74:6e:97:2c:4c:6f:3b:63:d9:d4:34:e7:18:38:
bc:f7:4e:8e:3e:ed:fe:ca:8b:16:46:07:8e:59:0f:
ed:18:38:e1:5d:be:2d:34:49:ec:26:65:bc:00:6c:
7d:65:69:fa:e6:d0:c7:0e:ce:55:6a:54:5d:a1:da:
76:33:70:62:28:d0:17:e6:be:59:cf:f9:e6:36:01:
97:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:64:D4:76:93:27:12:73:9F:B2:B7:65:90:10:E5:B9:E7:58:3D:67
X509v3 Authority Key Identifier:
keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/rmTUdpMnEnOfsrdlkBDluedYPWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.110.112.0/21
193.151.128.0/19
Signature Algorithm: sha256WithRSAEncryption
a3:8c:46:c0:87:8a:10:d1:a3:ae:bd:e9:97:53:cb:a9:fd:5f:
da:28:ea:a9:38:e2:2b:6b:7a:52:85:fa:3a:14:b7:4c:61:1c:
27:34:4c:a8:f7:c5:de:5f:c0:3f:70:ee:8a:61:13:79:75:8b:
3e:d6:ce:58:8a:62:6d:af:d2:f7:e2:9e:7f:1d:ef:42:75:d7:
b4:6b:6a:f3:d8:78:d1:eb:2e:a2:bf:ad:51:dc:ef:1a:fc:9d:
41:83:d1:25:5d:bb:c3:df:f4:a5:ee:67:32:77:13:8f:4d:a6:
3e:85:61:0c:4c:c6:3b:53:d0:b4:6e:6a:8e:5f:eb:96:29:51:
8e:75:37:cb:67:58:9b:f5:a8:90:02:95:45:bb:49:80:7a:00:
f8:87:ec:0c:0c:59:a2:c7:e3:40:8f:55:a0:f2:74:84:c4:1b:
db:8a:25:51:60:a1:9e:bf:a6:ce:66:7a:6e:94:38:d1:fb:64:
62:fa:d9:c3:d4:87:e9:b2:3f:d9:55:d4:6f:28:fd:1c:ef:62:
42:72:a2:d7:f6:06:8a:d2:b7:f8:1a:45:0e:f5:c3:32:5a:36:
d7:3f:d5:aa:fd:61:b5:19:fa:a1:ce:02:2a:06:ae:51:1c:97:
40:8a:f9:0c:ab:4b:3f:d7:30:b7:c1:52:ce:80:45:0e:8e:df:
44:92:73:80
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnQIDNSuQ/uN7b1wbY9+BhkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNTI2MzRhMmViMDNmODU2NWI1ZTMzZGMyYjlmNDkwNDFm
N2NmYjAwHhcNMjMwODA3MTMxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTY0ZDQ3NjkzMjcxMjczOWZiMmI3NjU5MDEwZTViOWU3NTgzZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJuRihPeugNUFprWV9q5VTojJhIh
adulDpEJUGt98CAI2wMbum+WC3vZ5f6JGEjGt569gtvPGl5pG1EWAgJHsNFDhNBh
HhwbBiwSu6l9gTf3UHxaG4SG431wnlwsgzwLD1O/hMyyfBq6aOydIuVxbcJG0fFT
iaH77oxvO27cB4GoyNC1Goy2qSiLOKEGzJ1xCBWg+T+M96JTcO8zxpfD90yTP7+d
NXYGn9o8uRpT9JLvKSwJdG6XLExvO2PZ1DTnGDi8906OPu3+yosWRgeOWQ/tGDjh
Xb4tNEnsJmW8AGx9ZWn65tDHDs5ValRdodp2M3BiKNAX5r5Zz/nmNgGXMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK5k1HaTJxJzn7K3ZZAQ5bnnWD1nMB8GA1UdIwQY
MBaAFFtSY0ousD+FZbXjPcK59JBB98+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUt
ZGM2NTU0ZmQxMjM1LzEvcm1UVWRwTW5Fbk9mc3JkbGtCRGx1ZWRZUFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUtZGM2NTU0ZmQxMjM1
LzEvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTm5wAwQF
wZeAMA0GCSqGSIb3DQEBCwUAA4IBAQCjjEbAh4oQ0aOuvemXU8up/V/aKOqpOOIr
a3pShfo6FLdMYRwnNEyo98XeX8A/cO6KYRN5dYs+1s5YimJtr9L34p5/He9Cdde0
a2rz2HjR6y6iv61R3O8a/J1Bg9ElXbvD3/Sl7mcydxOPTaY+hWEMTMY7U9C0bmqO
X+uWKVGOdTfLZ1ib9aiQApVFu0mAegD4h+wMDFmix+NAj1Wg8nSExBvbiiVRYKGe
v6bOZnpulDjR+2Ri+tnD1Ifpsj/ZVdRvKP0c72JCcqLX9gaK0rf4GkUO9cMyWjbX
P9Wq/WG1GfqhzgIqBq5RHJdAivkMq0s/1zC3wVLOgEUOjt9EknOA
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:38:56 2025 by rpki-client