Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/STt91kRp0Kcntjpq0bWELTQItP4.roa
File: STt91kRp0Kcntjpq0bWELTQItP4.roa (raw, json)
Hash identifier: qXWOKJYBQtKVIBxyTxxX4A4oFT/fJNeJTOEkA441fxI=
Subject key identifier: 49:3B:7D:D6:44:69:D0:A7:27:B6:3A:6A:D1:B5:84:2D:34:08:B4:FE
Certificate issuer: /CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Certificate serial: 0187750580A06ADAE56BF8B9461CF0A9927B
Authority key identifier: 69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/STt91kRp0Kcntjpq0bWELTQItP4.roa
Signing time: Wed 12 Apr 2023 10:31:47 +0000
ROA not before: Wed 12 Apr 2023 10:31:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59711
IP address blocks: 185.80.54.0/23 maxlen: 23
185.174.133.0/24 maxlen: 24
185.80.52.0/23 maxlen: 23
185.174.135.0/24 maxlen: 24
91.193.18.0/24 maxlen: 24
185.117.90.0/23 maxlen: 23
77.83.196.0/24 maxlen: 24
77.83.198.0/24 maxlen: 24
185.235.138.0/24 maxlen: 24
185.104.194.0/24 maxlen: 24
185.104.193.0/24 maxlen: 24
193.42.36.0/24 maxlen: 24
5.149.248.0/23 maxlen: 23
5.149.254.0/23 maxlen: 23
79.141.164.0/23 maxlen: 23
79.141.172.0/24 maxlen: 24
185.81.114.0/23 maxlen: 23
185.81.114.0/24 maxlen: 24
185.81.115.0/24 maxlen: 24
2a01:8640:12::/48 maxlen: 48
2a01:8640:f::/48 maxlen: 48
2a01:8640:a::/48 maxlen: 48
2a01:8640::/48 maxlen: 48
2a01:8640:2::/48 maxlen: 48
2a01:8640:11::/48 maxlen: 48
2a01:8640:13::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:75:05:80:a0:6a:da:e5:6b:f8:b9:46:1c:f0:a9:92:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Validity
Not Before: Apr 12 10:31:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=493b7dd64469d0a727b63a6ad1b5842d3408b4fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:30:8c:27:b8:0a:a9:b7:ba:c3:63:1f:2b:d1:
b6:e4:e2:f8:fd:91:73:10:99:c3:95:98:4c:86:23:
7b:5e:5c:70:ff:ab:17:04:85:f6:fd:49:de:f9:eb:
9b:02:d8:05:a1:1d:62:7c:73:bc:f9:86:a1:31:d8:
b3:31:d5:00:31:72:67:23:ae:1f:31:ad:99:fc:9c:
b7:30:e0:50:cf:fd:6f:b7:eb:8a:c5:5f:b5:3e:3e:
b5:b8:97:66:d1:56:ab:33:e4:c7:12:7d:81:c1:ce:
22:6e:be:3b:9e:c9:7e:44:fa:c1:e2:f5:06:f4:f5:
d4:90:57:49:9f:73:a3:c3:39:08:99:bb:b6:54:fc:
4c:9c:c6:ef:56:d6:26:64:63:cb:78:a5:33:5f:ef:
ac:a8:b4:a3:b6:01:65:bc:6f:ce:47:e7:85:56:6a:
21:58:78:66:2d:55:9d:73:73:c3:bc:31:47:dd:f2:
00:d7:cb:15:f0:a6:8f:46:35:25:f3:04:ca:7c:01:
24:a4:02:74:49:5b:fc:a6:72:0b:e2:6f:9a:0a:bd:
b1:45:41:7c:dc:fc:8c:5a:5c:eb:c7:74:1a:41:6b:
bb:28:5d:b6:7c:a2:8f:d1:7d:3e:63:5e:b8:4d:45:
67:57:2a:0e:09:9d:9c:21:8d:cd:d9:e2:89:f2:fa:
24:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:3B:7D:D6:44:69:D0:A7:27:B6:3A:6A:D1:B5:84:2D:34:08:B4:FE
X509v3 Authority Key Identifier:
keyid:69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/STt91kRp0Kcntjpq0bWELTQItP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.248.0/23
5.149.254.0/23
77.83.196.0/24
77.83.198.0/24
79.141.164.0/23
79.141.172.0/24
91.193.18.0/24
185.80.52.0/22
185.81.114.0/23
185.104.193.0-185.104.194.255
185.117.90.0/23
185.174.133.0/24
185.174.135.0/24
185.235.138.0/24
193.42.36.0/24
IPv6:
2a01:8640::/48
2a01:8640:2::/48
2a01:8640:a::/48
2a01:8640:f::/48
2a01:8640:11::-2a01:8640:13:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1d:ab:0d:19:2d:08:65:ec:cd:45:a5:ec:f2:00:c3:63:04:36:
be:70:f8:98:d0:29:6b:38:df:97:d4:c6:50:ba:af:fa:55:dd:
aa:91:f5:81:ac:f7:0c:06:53:9a:f2:ad:6a:91:1e:c8:15:a4:
b8:b3:a1:a9:d8:2c:20:c5:0b:d3:e8:fa:7b:86:e4:e2:e5:17:
4b:f6:7f:6a:8d:f9:92:24:b4:3a:1f:8f:13:a4:6e:27:ac:44:
72:2d:3f:ee:91:9a:fc:55:3e:97:0e:07:70:13:5f:72:9c:a6:
74:21:44:29:a3:dd:4a:46:b8:e8:97:52:2e:86:b9:2d:49:79:
bf:b5:f1:e4:cd:56:4a:89:ee:c3:67:0b:07:79:ae:57:4a:83:
87:03:60:00:91:a8:e9:85:9e:d1:f5:e7:a7:4a:7b:52:93:7b:
30:ce:d5:93:e9:ba:50:fb:d1:3b:38:84:62:8c:2e:5a:d5:5a:
a2:96:08:44:f5:b2:96:1a:b9:1a:a1:fa:a8:5d:04:71:8a:d1:
0c:d8:6e:7f:e6:57:c6:13:a2:36:5d:ab:61:55:34:5a:ae:c0:
fc:88:62:f9:d4:34:92:31:a8:99:8b:9c:9f:dd:f4:ac:24:67:
78:37:7f:e2:a8:f9:f8:6d:e5:6c:46:ae:6e:53:29:80:8a:3a:
1e:03:fa:d3
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYd1BYCgatrla/i5RhzwqZJ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MTI0MmMzM2JjMmUyZTllNDU4NTBhMGZjNjRhYjJjNzUw
NmE0YjgwHhcNMjMwNDEyMTAzMTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTNiN2RkNjQ0NjlkMGE3MjdiNjNhNmFkMWI1ODQyZDM0MDhiNGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzCMJ7gKqbe6w2MfK9G25OL4/ZFz
EJnDlZhMhiN7Xlxw/6sXBIX2/Une+eubAtgFoR1ifHO8+YahMdizMdUAMXJnI64f
Ma2Z/Jy3MOBQz/1vt+uKxV+1Pj61uJdm0VarM+THEn2Bwc4ibr47nsl+RPrB4vUG
9PXUkFdJn3OjwzkImbu2VPxMnMbvVtYmZGPLeKUzX++sqLSjtgFlvG/OR+eFVmoh
WHhmLVWdc3PDvDFH3fIA18sV8KaPRjUl8wTKfAEkpAJ0SVv8pnIL4m+aCr2xRUF8
3PyMWlzrx3QaQWu7KF22fKKP0X0+Y164TUVnVyoOCZ2cIY3N2eKJ8vokhwIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFEk7fdZEadCnJ7Y6atG1hC00CLT+MB8GA1UdIwQY
MBaAFGkSQsM7wuLp5FhQoPxkqyx1BqS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjkt
MzYyZmZlOGVlMjcwLzEvU1R0OTFrUnAwS2NudGpwcTBiV0VMVFFJdFA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjktMzYyZmZlOGVlMjcw
LzEvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjBoBAIAATBiAwQBBZX4
AwQBBZX+AwQATVPEAwQATVPGAwQBT42kAwQAT42sAwQAW8ESAwQCuVA0AwQBuVFy
MAwDBAC5aMEDBAC5aMIDBAG5dVoDBAC5roUDBAC5rocDBAC564oDBADBKiQwPgQC
AAIwOAMHACoBhkAAAAMHACoBhkAAAgMHACoBhkAACgMHACoBhkAADzASAwcAKgGG
QAARAwcCKgGGQAAQMA0GCSqGSIb3DQEBCwUAA4IBAQAdqw0ZLQhl7M1FpezyAMNj
BDa+cPiY0ClrON+X1MZQuq/6Vd2qkfWBrPcMBlOa8q1qkR7IFaS4s6Gp2CwgxQvT
6Pp7huTi5RdL9n9qjfmSJLQ6H48TpG4nrERyLT/ukZr8VT6XDgdwE19ynKZ0IUQp
o91KRrjol1IuhrktSXm/tfHkzVZKie7DZwsHea5XSoOHA2AAkajphZ7R9eenSntS
k3swztWT6bpQ+9E7OIRijC5a1VqilghE9bKWGrkaofqoXQRxitEM2G5/5lfGE6I2
XathVTRarsD8iGL51DSSMaiZi5yf3fSsJGd4N3/iqPn4beVsRq5uUymAijoeA/rT
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:12 2025 by rpki-client