Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/X4KWe7z2qggiC4YFRGHe5G_92qU.roa
File: X4KWe7z2qggiC4YFRGHe5G_92qU.roa (raw, json)
Hash identifier: XUpCGSB0c9jueNtrBSCEoDE3UsDiYlDXYy3yN5kGdyU=
Subject key identifier: 5F:82:96:7B:BC:F6:AA:08:22:0B:86:05:44:61:DE:E4:6F:FD:DA:A5
Certificate issuer: /CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Certificate serial: 0189FAC2A90FBDAA2C711DD2B6E99C6F6630
Authority key identifier: 69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/X4KWe7z2qggiC4YFRGHe5G_92qU.roa
Signing time: Tue 15 Aug 2023 19:53:28 +0000
ROA not before: Tue 15 Aug 2023 19:53:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59711
IP address blocks: 185.80.54.0/23 maxlen: 23
185.174.133.0/24 maxlen: 24
185.80.52.0/23 maxlen: 23
185.174.135.0/24 maxlen: 24
91.193.18.0/24 maxlen: 24
185.117.88.0/23 maxlen: 23
185.117.90.0/23 maxlen: 23
77.83.197.0/24 maxlen: 24
77.83.196.0/24 maxlen: 24
77.83.198.0/24 maxlen: 24
195.95.155.0/24 maxlen: 24
185.235.137.0/24 maxlen: 24
185.235.138.0/24 maxlen: 24
79.141.174.0/23 maxlen: 23
185.104.194.0/24 maxlen: 24
185.104.193.0/24 maxlen: 24
193.42.36.0/24 maxlen: 24
193.42.39.0/24 maxlen: 24
5.149.248.0/23 maxlen: 23
5.149.254.0/23 maxlen: 23
79.141.164.0/23 maxlen: 23
79.141.172.0/24 maxlen: 24
185.81.114.0/23 maxlen: 23
185.81.114.0/24 maxlen: 24
185.81.115.0/24 maxlen: 24
2a01:8640:12::/48 maxlen: 48
2a01:8640:6::/48 maxlen: 48
2a01:8640:f::/48 maxlen: 48
2a01:8640:a::/48 maxlen: 48
2a01:8640::/48 maxlen: 48
2a01:8640:2::/48 maxlen: 48
2a01:8640:11::/48 maxlen: 48
2a01:8640:13::/48 maxlen: 48
2a01:8640:9::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fa:c2:a9:0f:bd:aa:2c:71:1d:d2:b6:e9:9c:6f:66:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Validity
Not Before: Aug 15 19:53:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f82967bbcf6aa08220b86054461dee46ffddaa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:cd:d6:8e:d7:d3:3a:f1:c5:8f:f6:3c:0f:82:
3d:da:67:fc:45:b0:77:ef:33:01:a7:67:0e:4e:ac:
13:c1:2e:0b:4c:6f:c2:9f:09:f3:dc:54:45:39:fe:
10:41:f0:5c:7e:d5:db:fa:48:46:e8:ba:a7:35:3b:
33:a0:6d:a0:17:8b:65:a6:c2:29:7e:45:1c:c2:a1:
55:96:d9:c0:6d:17:d2:6e:79:8f:53:70:35:cf:83:
a6:5b:85:c1:27:f6:e9:15:92:3a:b3:bf:95:fc:c6:
3a:15:0c:66:e5:e4:99:3f:7c:a4:df:ee:d8:bb:50:
a7:ce:50:93:e7:05:81:90:f4:4f:67:f6:71:a7:b5:
ea:87:c5:25:bf:93:93:ac:4a:20:8b:e8:48:b2:a5:
97:ea:3b:56:82:21:1c:3f:2d:46:50:6e:a2:43:c4:
1b:a2:17:c6:ed:df:d2:ef:2d:f2:3d:d7:64:22:37:
47:d0:a5:0d:03:68:a6:51:ea:db:46:f5:19:ce:14:
40:a6:70:8b:42:8e:c7:9b:82:e6:c8:ad:a4:82:7e:
df:03:9c:8c:17:87:19:e0:a2:9e:2a:a6:db:a7:71:
31:fa:4b:54:1c:f7:e1:ff:4f:85:6b:e7:70:66:99:
09:93:12:49:39:cd:3c:bb:34:9c:ec:25:73:14:20:
0e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:82:96:7B:BC:F6:AA:08:22:0B:86:05:44:61:DE:E4:6F:FD:DA:A5
X509v3 Authority Key Identifier:
keyid:69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/X4KWe7z2qggiC4YFRGHe5G_92qU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.248.0/23
5.149.254.0/23
77.83.196.0-77.83.198.255
79.141.164.0/23
79.141.172.0/24
79.141.174.0/23
91.193.18.0/24
185.80.52.0/22
185.81.114.0/23
185.104.193.0-185.104.194.255
185.117.88.0/22
185.174.133.0/24
185.174.135.0/24
185.235.137.0-185.235.138.255
193.42.36.0/24
193.42.39.0/24
195.95.155.0/24
IPv6:
2a01:8640::/48
2a01:8640:2::/48
2a01:8640:6::/48
2a01:8640:9::-2a01:8640:a:ffff:ffff:ffff:ffff:ffff
2a01:8640:f::/48
2a01:8640:11::-2a01:8640:13:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
98:b7:8a:ac:05:a5:7c:bf:24:57:44:7c:4d:99:24:59:09:fc:
07:45:24:72:8b:3f:f2:5c:ef:7c:20:64:5c:f7:d2:a9:9b:2a:
cd:3c:e3:fd:c1:54:2e:85:01:e9:0d:d4:db:29:9d:0e:a2:19:
5e:82:26:16:cd:d7:da:e6:70:46:e5:23:37:77:45:f6:d8:34:
2d:f8:7e:84:9c:c2:83:98:a1:e1:6f:7a:f2:81:9e:f8:95:42:
6c:cf:47:c4:ba:bd:dc:c4:15:c2:e7:23:36:c5:39:cf:ea:6a:
5c:55:de:d4:90:2d:74:f5:31:82:09:a0:b4:c2:f9:65:5f:0b:
d0:f6:7f:84:ca:bc:5a:e4:f2:76:bb:8e:d4:2f:06:a1:9a:50:
e3:1b:d9:e7:fd:96:b1:ef:81:61:86:03:9f:ec:c3:c4:77:df:
eb:ef:c1:fb:d9:5b:ab:56:db:55:b0:91:93:bd:77:41:32:11:
69:8e:92:1e:30:3f:7a:89:37:6b:c4:80:04:fb:31:c0:cc:2f:
0c:e5:99:29:81:93:de:38:ac:92:b9:95:61:29:35:60:9f:1a:
39:73:9f:85:83:18:c5:a2:81:76:6b:e1:f0:e3:5a:4e:ec:4d:
ab:5b:2c:6f:5a:4a:dd:eb:9d:fd:c2:a0:c1:4f:4e:6c:41:1f:
b4:83:9c:c2
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgISAYn6wqkPvaoscR3Stumcb2YwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MTI0MmMzM2JjMmUyZTllNDU4NTBhMGZjNjRhYjJjNzUw
NmE0YjgwHhcNMjMwODE1MTk1MzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjgyOTY3YmJjZjZhYTA4MjIwYjg2MDU0NDYxZGVlNDZmZmRkYWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqs3WjtfTOvHFj/Y8D4I92mf8RbB3
7zMBp2cOTqwTwS4LTG/Cnwnz3FRFOf4QQfBcftXb+khG6LqnNTszoG2gF4tlpsIp
fkUcwqFVltnAbRfSbnmPU3A1z4OmW4XBJ/bpFZI6s7+V/MY6FQxm5eSZP3yk3+7Y
u1CnzlCT5wWBkPRPZ/Zxp7Xqh8Ulv5OTrEogi+hIsqWX6jtWgiEcPy1GUG6iQ8Qb
ohfG7d/S7y3yPddkIjdH0KUNA2imUerbRvUZzhRApnCLQo7Hm4LmyK2kgn7fA5yM
F4cZ4KKeKqbbp3Ex+ktUHPfh/0+Fa+dwZpkJkxJJOc08uzSc7CVzFCAOFQIDAQAB
o4IC2TCCAtUwHQYDVR0OBBYEFF+Clnu89qoIIguGBURh3uRv/dqlMB8GA1UdIwQY
MBaAFGkSQsM7wuLp5FhQoPxkqyx1BqS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjkt
MzYyZmZlOGVlMjcwLzEvWDRLV2U3ejJxZ2dpQzRZRlJHSGU1R185MnFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjktMzYyZmZlOGVlMjcw
LzEvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHuBggrBgEFBQcBBwEB/wSB3jCB2zCBhAQCAAEwfgMEAQWV
+AMEAQWV/jAMAwQCTVPEAwQATVPGAwQBT42kAwQAT42sAwQBT42uAwQAW8ESAwQC
uVA0AwQBuVFyMAwDBAC5aMEDBAC5aMIDBAK5dVgDBAC5roUDBAC5rocwDAMEALnr
iQMEALnrigMEAMEqJAMEAMEqJwMEAMNfmzBSBAIAAjBMAwcAKgGGQAAAAwcAKgGG
QAACAwcAKgGGQAAGMBIDBwAqAYZAAAkDBwAqAYZAAAoDBwAqAYZAAA8wEgMHACoB
hkAAEQMHAioBhkAAEDANBgkqhkiG9w0BAQsFAAOCAQEAmLeKrAWlfL8kV0R8TZkk
WQn8B0Ukcos/8lzvfCBkXPfSqZsqzTzj/cFULoUB6Q3U2ymdDqIZXoImFs3X2uZw
RuUjN3dF9tg0Lfh+hJzCg5ih4W968oGe+JVCbM9HxLq93MQVwucjNsU5z+pqXFXe
1JAtdPUxggmgtML5ZV8L0PZ/hMq8WuTydruO1C8GoZpQ4xvZ5/2Wse+BYYYDn+zD
xHff6+/B+9lbq1bbVbCRk713QTIRaY6SHjA/eok3a8SABPsxwMwvDOWZKYGT3jis
krmVYSk1YJ8aOXOfhYMYxaKBdmvh8ONaTuxNq1ssb1pK3eud/cKgwU9ObEEftIOc
wg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:32 2025 by rpki-client