Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/sKO_VrU9J7fiTE9Smb0cq-9UmUc.roa
File: sKO_VrU9J7fiTE9Smb0cq-9UmUc.roa (raw, json)
Hash identifier: j8FEN4sxeMC/1UaIs35H4PQYGhXf92WG+5Gi95spmrs=
Subject key identifier: B0:A3:BF:56:B5:3D:27:B7:E2:4C:4F:52:99:BD:1C:AB:EF:54:99:47
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 3937658A
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/sKO_VrU9J7fiTE9Smb0cq-9UmUc.roa
Signing time: Sat 01 Jan 2022 03:52:53 +0000
ROA not before: Sat 01 Jan 2022 03:52:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5408
IP address blocks: 185.5.76.0/22 maxlen: 22
62.217.64.0/18 maxlen: 24
91.227.108.0/24 maxlen: 24
194.177.192.0/19 maxlen: 24
194.42.50.0/23 maxlen: 23
185.81.196.0/22 maxlen: 22
195.251.0.0/16 maxlen: 24
194.42.52.0/23 maxlen: 23
194.42.54.0/24 maxlen: 24
193.105.109.0/24 maxlen: 24
83.212.0.0/16 maxlen: 24
37.32.128.0/17 maxlen: 17
195.130.64.0/18 maxlen: 24
2001:648::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 959931786 (0x3937658a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 1 03:52:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0a3bf56b53d27b7e24c4f5299bd1cabef549947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:26:e7:a1:9c:57:4b:95:1b:e9:81:1c:49:66:
9d:c6:87:86:1a:2c:be:e0:96:ae:f5:fb:e5:49:a2:
ff:c3:6a:01:2c:65:34:70:a7:f0:4f:09:f3:31:0c:
27:3c:f9:89:ec:b0:57:6e:7a:1c:91:90:ae:c1:99:
ac:43:d7:7a:1c:3b:d4:35:55:44:b3:c6:00:a5:ef:
3e:f8:89:14:c8:a0:1e:8b:69:8a:66:b2:f0:2c:e3:
2f:a3:3e:fd:3e:80:99:ed:c7:57:2c:ad:c2:c2:df:
f9:c0:64:6f:77:07:1a:b7:63:cc:a0:e9:9f:9e:a9:
28:b0:50:66:3f:e3:08:8a:68:52:42:bd:a6:03:fa:
53:03:b3:89:07:eb:1b:8e:f0:c4:9f:2d:ee:f1:5b:
a9:89:bd:80:dc:ce:3d:8b:24:f0:f9:8a:ae:7b:56:
60:9a:5f:83:38:51:6c:3c:6e:a8:42:35:bc:eb:98:
e8:71:d5:a3:a7:56:f5:3e:15:75:c6:a9:fd:c7:69:
2f:6f:9e:f2:d0:58:06:d7:1d:2a:9d:90:14:49:ae:
b4:a1:fd:ba:7f:6a:a3:71:98:e3:ca:84:0a:f0:06:
3d:59:81:63:4f:aa:b1:8c:5b:b0:73:94:33:4d:1f:
8f:58:d6:85:89:23:80:be:de:c7:0a:ac:d4:11:3f:
4b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:A3:BF:56:B5:3D:27:B7:E2:4C:4F:52:99:BD:1C:AB:EF:54:99:47
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/sKO_VrU9J7fiTE9Smb0cq-9UmUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.128.0/17
62.217.64.0/18
83.212.0.0/16
91.227.108.0/24
185.5.76.0/22
185.81.196.0/22
193.105.109.0/24
194.42.50.0-194.42.54.255
194.177.192.0/19
195.130.64.0/18
195.251.0.0/16
IPv6:
2001:648::/29
Signature Algorithm: sha256WithRSAEncryption
20:4f:41:9b:cd:3e:39:99:de:f6:d3:b1:c2:af:21:80:ac:29:
6d:78:40:7b:fe:a6:f5:09:00:0b:c8:b0:a8:eb:d3:30:bb:7f:
54:e5:b4:f3:14:d5:8f:03:32:4d:e4:19:67:e5:19:48:ad:47:
24:1d:be:c7:8b:ee:c1:9d:3a:cb:90:87:77:a2:db:5d:33:27:
4a:31:b6:16:c9:69:41:7e:a4:92:bf:79:2f:ff:09:f5:d9:db:
a7:6c:2f:19:17:c2:8c:c0:0b:85:97:4a:8b:a2:62:f7:34:2d:
bd:63:dc:66:69:d4:aa:13:4d:06:44:86:ad:19:9c:8a:58:19:
51:77:61:30:47:42:91:e1:bc:8f:72:33:50:e4:6d:6f:8a:6a:
10:3b:f0:d5:2f:79:50:4b:b9:ee:a7:a2:f7:11:62:d8:e2:af:
b0:2f:d9:52:b3:6b:8e:55:53:88:b1:97:c1:3b:18:df:04:8a:
2e:00:7f:11:12:5c:9d:ac:d6:c3:3d:e4:e8:6b:cf:29:b5:44:
c5:42:c6:e5:3c:a8:55:44:fd:9c:8d:21:ba:39:20:39:67:b9:
86:15:df:64:04:21:9c:4b:b3:cf:5e:08:72:29:36:6e:18:fb:
b9:5b:ca:49:f1:5b:3c:c6:81:47:08:05:9b:93:2e:ee:87:36:
21:ba:e1:30
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIEOTdlijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YTZmOTI5NTUyMWRmMzBhMTU4ZjUwNmJhN2NiODczYWI5NTI5ZGMzMB4XDTIyMDEw
MTAzNTI1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjBhM2JmNTZiNTNk
MjdiN2UyNGM0ZjUyOTliZDFjYWJlZjU0OTk0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQm56GcV0uVG+mBHElmncaHhhosvuCWrvX75Umi/8NqASxl
NHCn8E8J8zEMJzz5ieywV256HJGQrsGZrEPXehw71DVVRLPGAKXvPviJFMigHotp
imay8CzjL6M+/T6Ame3HVyytwsLf+cBkb3cHGrdjzKDpn56pKLBQZj/jCIpoUkK9
pgP6UwOziQfrG47wxJ8t7vFbqYm9gNzOPYsk8PmKrntWYJpfgzhRbDxuqEI1vOuY
6HHVo6dW9T4Vdcap/cdpL2+e8tBYBtcdKp2QFEmutKH9un9qo3GY48qECvAGPVmB
Y0+qsYxbsHOUM00fj1jWhYkjgL7exwqs1BE/S8MCAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBSwo79WtT0nt+JMT1KZvRyr71SZRzAfBgNVHSMEGDAWgBRab5KVUh3zChWP
UGuny4c6uVKdwzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dtLVNsVklkOHdvVmoxQnJwOHVIT3JsU25jTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvYTlmOTNiLWJlMzEtNDVjZi1hYTdlLWFhYTQ1NTNkMmFiZC8x
L3NLT19WclU5SjdmaVRFOVNtYjBjcS05VW1VYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
YTlmOTNiLWJlMzEtNDVjZi1hYTdlLWFhYTQ1NTNkMmFiZC8xL1dtLVNsVklkOHdv
VmoxQnJwOHVIT3JsU25jTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSAMEByUggAMEBj7ZQAMDAFPUAwQAW+Ns
AwQCuQVMAwQCuVHEAwQAwWltMAwDBAHCKjIDBADCKjYDBAXCscADBAbDgkADAwDD
+zANBAIAAjAHAwUDIAEGSDANBgkqhkiG9w0BAQsFAAOCAQEAIE9Bm80+OZne9tOx
wq8hgKwpbXhAe/6m9QkAC8iwqOvTMLt/VOW08xTVjwMyTeQZZ+UZSK1HJB2+x4vu
wZ06y5CHd6LbXTMnSjG2FslpQX6kkr95L/8J9dnbp2wvGRfCjMALhZdKi6Ji9zQt
vWPcZmnUqhNNBkSGrRmcilgZUXdhMEdCkeG8j3IzUORtb4pqEDvw1S95UEu57qei
9xFi2OKvsC/ZUrNrjlVTiLGXwTsY3wSKLgB/ERJcnazWwz3k6GvPKbVExULG5Tyo
VUT9nI0hujkgOWe5hhXfZAQhnEuzz14Icik2bhj7uVvKSfFbPMaBRwgFm5Mu7oc2
IbrhMA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:09 2025 by rpki-client