Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/5zUGNewarFgLb-HXcKqDPn7NC68.roa
File: 5zUGNewarFgLb-HXcKqDPn7NC68.roa (raw, json)
Hash identifier: O33KJyrLmicnqlGsxkh9oAQkxvj48onYnnHlgo99opg=
Subject key identifier: E7:35:06:35:EC:1A:AC:58:0B:6F:E1:D7:70:AA:83:3E:7E:CD:0B:AF
Certificate issuer: /CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Certificate serial: 0182497165BED25D1F1BD9C82B7025A00417
Authority key identifier: AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/5zUGNewarFgLb-HXcKqDPn7NC68.roa
Signing time: Fri 29 Jul 2022 10:12:24 +0000
ROA not before: Fri 29 Jul 2022 10:12:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203833
IP address blocks: 159.100.24.0/22 maxlen: 24
79.133.32.0/23 maxlen: 23
79.133.43.0/24 maxlen: 24
2a01:7e1::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:49:71:65:be:d2:5d:1f:1b:d9:c8:2b:70:25:a0:04:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Validity
Not Before: Jul 29 10:12:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e7350635ec1aac580b6fe1d770aa833e7ecd0baf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:97:c7:44:28:e1:88:b9:3c:20:06:4f:f6:19:
e6:11:8e:80:a5:67:35:71:1e:87:a7:8d:ef:c1:a1:
dd:a2:9b:db:52:fc:b3:5e:c0:47:91:3e:1e:7d:d5:
9e:49:57:ab:b5:1f:4f:9f:96:46:c0:f7:10:b3:d7:
94:8b:c3:2a:cd:64:cc:6f:59:df:49:d4:76:1a:12:
70:8f:02:ca:70:21:48:9f:5a:bd:c7:13:7a:cb:c6:
77:f7:72:f2:6e:d2:b2:84:b6:93:f0:f1:66:a6:a2:
8b:5a:f8:ef:32:91:c7:1b:b8:a4:3e:50:0d:a8:75:
ed:8a:a3:46:af:49:f2:02:0b:9f:85:f9:95:4c:1b:
1b:88:e4:52:ad:77:3d:e4:83:68:47:0a:e4:de:b4:
48:3e:b0:86:df:0c:ef:54:10:41:9b:93:56:e4:a0:
33:a1:d8:c2:a7:25:48:d4:a6:ce:2c:68:40:95:91:
cd:46:aa:3a:d5:35:00:b5:27:c7:7a:de:98:e9:da:
af:85:93:30:86:87:06:a1:ce:f9:63:13:db:6a:b2:
e9:a0:53:79:3f:45:bf:d2:ef:44:d5:94:72:29:d6:
be:bb:b6:3c:e6:e9:5e:60:59:c1:d3:66:d1:ca:91:
0f:f2:d2:0a:18:b8:43:5a:09:7e:99:57:3c:d8:78:
02:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:35:06:35:EC:1A:AC:58:0B:6F:E1:D7:70:AA:83:3E:7E:CD:0B:AF
X509v3 Authority Key Identifier:
keyid:AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/5zUGNewarFgLb-HXcKqDPn7NC68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.32.0/23
79.133.43.0/24
159.100.24.0/22
IPv6:
2a01:7e1::/32
Signature Algorithm: sha256WithRSAEncryption
35:d7:25:16:04:73:c0:c3:a6:fd:0e:1b:45:d8:3d:0a:a2:22:
75:ad:33:43:0a:2f:15:e5:05:ca:7d:9b:62:03:31:b2:51:0f:
e6:c3:ee:1f:cb:ee:64:c8:04:b1:83:20:2c:b6:a8:96:2d:1a:
87:95:49:48:e6:00:55:57:ef:ac:f7:68:10:1e:9d:cd:1e:88:
91:e9:fa:53:11:4d:46:cb:8d:2f:b2:0b:9b:75:90:76:54:09:
e8:c5:3f:90:9a:c3:8d:be:97:7b:c9:d1:1f:1b:05:0f:f0:01:
d1:b7:7d:f8:8b:d4:f1:60:8b:b1:e2:bb:ff:bb:c2:59:ad:25:
76:b8:73:64:f6:8c:0b:09:93:04:ef:50:89:c3:5a:1a:18:b0:
b0:b7:f7:be:c3:88:08:2f:56:9a:62:73:09:1a:23:49:ce:35:
dd:da:67:d0:90:05:8b:98:62:4d:f6:07:ed:c9:e0:d3:c5:9a:
68:fd:45:a5:c9:fd:72:40:a0:ec:20:1b:0d:f8:c2:2b:26:74:
9b:68:4d:11:ce:88:e8:6b:93:5d:40:a8:1e:f5:c7:61:96:f6:
d8:5c:a9:a9:8c:ce:0a:59:15:61:55:b5:2e:3e:03:74:11:31:
2e:4a:77:8c:c8:96:10:57:80:8a:74:cd:25:e4:dd:93:15:f9:
2d:cf:92:0c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYJJcWW+0l0fG9nIK3AloAQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWRjNTBhNGI1MjZkZjE4ZThiMGE2NTY1ZDdiOWQ1OGE3
NWQzMTUwHhcNMjIwNzI5MTAxMjI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzM1MDYzNWVjMWFhYzU4MGI2ZmUxZDc3MGFhODMzZTdlY2QwYmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5fHRCjhiLk8IAZP9hnmEY6ApWc1
cR6Hp43vwaHdopvbUvyzXsBHkT4efdWeSVertR9Pn5ZGwPcQs9eUi8MqzWTMb1nf
SdR2GhJwjwLKcCFIn1q9xxN6y8Z393LybtKyhLaT8PFmpqKLWvjvMpHHG7ikPlAN
qHXtiqNGr0nyAgufhfmVTBsbiORSrXc95INoRwrk3rRIPrCG3wzvVBBBm5NW5KAz
odjCpyVI1KbOLGhAlZHNRqo61TUAtSfHet6Y6dqvhZMwhocGoc75YxPbarLpoFN5
P0W/0u9E1ZRyKda+u7Y85uleYFnB02bRypEP8tIKGLhDWgl+mVc82HgCLwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOc1BjXsGqxYC2/h13Cqgz5+zQuvMB8GA1UdIwQY
MBaAFKodxQpLUm3xjosKZWXXudWKddMVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMt
MzNkNzI4NDMzYzExLzEvNXpVR05ld2FyRmdMYi1IWGNLcURQbjdOQzY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMtMzNkNzI4NDMzYzEx
LzEvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBT4UgAwQA
T4UrAwQCn2QYMA0EAgACMAcDBQAqAQfhMA0GCSqGSIb3DQEBCwUAA4IBAQA11yUW
BHPAw6b9DhtF2D0KoiJ1rTNDCi8V5QXKfZtiAzGyUQ/mw+4fy+5kyASxgyAstqiW
LRqHlUlI5gBVV++s92gQHp3NHoiR6fpTEU1Gy40vsgubdZB2VAnoxT+QmsONvpd7
ydEfGwUP8AHRt334i9TxYIux4rv/u8JZrSV2uHNk9owLCZME71CJw1oaGLCwt/e+
w4gIL1aaYnMJGiNJzjXd2mfQkAWLmGJN9gftyeDTxZpo/UWlyf1yQKDsIBsN+MIr
JnSbaE0Rzojoa5NdQKge9cdhlvbYXKmpjM4KWRVhVbUuPgN0ETEuSneMyJYQV4CK
dM0l5N2TFfktz5IM
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:39 2025 by rpki-client