Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/29fcb9-305c-406b-a7a4-1f6b2d14f4f9/1/zoLjroI15K80RpiFi0qRaa1dMS4.roa
File: zoLjroI15K80RpiFi0qRaa1dMS4.roa (raw, json)
Hash identifier: zFkxMMzjl13VH9/j40fO/Ry7BIygepCfgVCMh2Xssu0=
Subject key identifier: CE:82:E3:AE:82:35:E4:AF:34:46:98:85:8B:4A:91:69:AD:5D:31:2E
Certificate issuer: /CN=5c57c8f8d9ee5e2ce7043e1ec26bb1693f7f121f
Certificate serial: 1AB421E6
Authority key identifier: 5C:57:C8:F8:D9:EE:5E:2C:E7:04:3E:1E:C2:6B:B1:69:3F:7F:12:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XFfI-NnuXiznBD4ewmuxaT9_Eh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/29fcb9-305c-406b-a7a4-1f6b2d14f4f9/1/zoLjroI15K80RpiFi0qRaa1dMS4.roa
Signing time: Sat 01 Jan 2022 12:06:43 +0000
ROA not before: Sat 01 Jan 2022 12:06:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199468
IP address blocks: 185.173.8.0/22 maxlen: 22
5.133.42.0/24 maxlen: 24
5.133.40.0/24 maxlen: 24
5.133.43.0/24 maxlen: 24
5.133.40.0/21 maxlen: 21
5.133.41.0/24 maxlen: 24
2a04:ed00::/29 maxlen: 34
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 448012774 (0x1ab421e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c57c8f8d9ee5e2ce7043e1ec26bb1693f7f121f
Validity
Not Before: Jan 1 12:06:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce82e3ae8235e4af344698858b4a9169ad5d312e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:54:25:24:93:49:be:29:d4:46:44:b4:90:a6:
2e:cb:fa:47:32:dc:f0:7a:0b:44:f1:fc:8e:33:c3:
c3:85:40:80:1d:26:70:a4:5b:6e:d6:65:ea:bc:52:
3d:0d:93:68:95:19:b7:c1:ff:47:db:97:77:7b:bc:
b1:cd:af:37:58:09:6b:94:d2:81:aa:f2:92:46:bf:
b3:2b:e1:16:eb:0c:c8:e5:9b:41:ff:a5:9c:49:7e:
2f:09:bf:a4:31:e0:f6:6f:f2:da:28:51:56:15:40:
8b:ef:0c:6f:43:22:01:ac:ff:ac:20:44:73:00:3f:
f3:20:72:0f:cb:fc:93:7a:80:93:27:92:77:e3:69:
90:b2:e1:96:97:2d:ec:aa:0d:f5:29:40:9b:03:47:
31:88:5e:77:29:e2:48:1f:91:e0:ff:6d:bb:2d:04:
af:b1:65:9d:e6:89:05:55:49:66:de:d0:c0:2a:ed:
dd:55:d3:7b:99:8e:e9:24:c2:34:52:a1:40:6c:e8:
82:bd:bb:54:e1:c6:3d:56:90:b8:2a:6b:39:af:e4:
c2:51:12:81:75:68:dc:eb:fb:7c:c8:5d:5f:a9:79:
c4:2d:cc:d9:e5:31:da:ee:18:96:4e:d8:bf:26:d8:
b9:72:f5:a7:2a:83:81:9b:c6:f0:d7:77:8c:1b:24:
b5:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:82:E3:AE:82:35:E4:AF:34:46:98:85:8B:4A:91:69:AD:5D:31:2E
X509v3 Authority Key Identifier:
keyid:5C:57:C8:F8:D9:EE:5E:2C:E7:04:3E:1E:C2:6B:B1:69:3F:7F:12:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XFfI-NnuXiznBD4ewmuxaT9_Eh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/29fcb9-305c-406b-a7a4-1f6b2d14f4f9/1/zoLjroI15K80RpiFi0qRaa1dMS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/29fcb9-305c-406b-a7a4-1f6b2d14f4f9/1/XFfI-NnuXiznBD4ewmuxaT9_Eh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.40.0/21
185.173.8.0/22
IPv6:
2a04:ed00::/29
Signature Algorithm: sha256WithRSAEncryption
81:00:47:5c:74:54:8d:54:dd:84:f3:83:68:20:24:cd:a0:dd:
b2:36:1e:52:96:ed:ae:3e:43:33:9c:ee:eb:bf:43:5b:4d:4b:
32:76:72:9e:c3:44:7d:94:9b:61:a7:bb:2d:16:6a:c8:ed:8f:
f5:1f:da:b5:02:84:3b:f5:fa:3e:3d:a2:19:ec:b0:74:cb:58:
4a:5d:77:40:53:6b:8c:b4:d1:96:91:8d:f2:cb:ac:da:5a:79:
c7:ab:aa:f5:d3:a4:ed:6d:c7:45:86:9a:5e:53:7f:f8:99:8f:
2f:54:61:29:be:d0:bd:19:39:39:9a:aa:6f:df:a3:d7:77:7e:
4c:d3:af:43:68:8e:cd:ca:80:27:97:3d:6e:64:d1:34:af:91:
ed:e3:da:4d:05:eb:b0:27:c7:53:45:a5:9b:7c:44:28:a7:1b:
f8:a8:ea:27:24:84:22:2b:57:70:e3:56:f2:7f:74:52:7b:00:
00:f3:e1:56:bc:51:f7:fa:ec:51:64:6e:d3:fe:e3:b7:86:b5:
7b:99:75:a6:4e:e6:82:bb:de:f3:fd:33:77:5c:86:49:6e:09:
9e:2d:e5:dc:99:a4:04:41:a3:29:ec:e0:6a:ac:e7:37:b2:2e:
ca:09:71:23:d4:1f:45:ea:47:fb:45:59:94:8b:f8:e4:97:c0:
4e:91:3e:05
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEGrQh5jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YzU3YzhmOGQ5ZWU1ZTJjZTcwNDNlMWVjMjZiYjE2OTNmN2YxMjFmMB4XDTIyMDEw
MTEyMDY0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2U4MmUzYWU4MjM1
ZTRhZjM0NDY5ODg1OGI0YTkxNjlhZDVkMzEyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpUJSSTSb4p1EZEtJCmLsv6RzLc8HoLRPH8jjPDw4VAgB0m
cKRbbtZl6rxSPQ2TaJUZt8H/R9uXd3u8sc2vN1gJa5TSgarykka/syvhFusMyOWb
Qf+lnEl+Lwm/pDHg9m/y2ihRVhVAi+8Mb0MiAaz/rCBEcwA/8yByD8v8k3qAkyeS
d+NpkLLhlpct7KoN9SlAmwNHMYhedyniSB+R4P9tuy0Er7FlneaJBVVJZt7QwCrt
3VXTe5mO6STCNFKhQGzogr27VOHGPVaQuCprOa/kwlESgXVo3Ov7fMhdX6l5xC3M
2eUx2u4Ylk7YvybYuXL1pyqDgZvG8Nd3jBsktT0CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTOguOugjXkrzRGmIWLSpFprV0xLjAfBgNVHSMEGDAWgBRcV8j42e5eLOcE
Ph7Ca7FpP38SHzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hGZkktTm51WGl6bkJENGV3bXV4YVQ5X0VoOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGEvMjlmY2I5LTMwNWMtNDA2Yi1hN2E0LTFmNmIyZDE0ZjRmOS8x
L3pvTGpyb0kxNUs4MFJwaUZpMHFSYWExZE1TNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGEv
MjlmY2I5LTMwNWMtNDA2Yi1hN2E0LTFmNmIyZDE0ZjRmOS8xL1hGZkktTm51WGl6
bkJENGV3bXV4YVQ5X0VoOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAwWFKAMEArmtCDANBAIAAjAHAwUD
KgTtADANBgkqhkiG9w0BAQsFAAOCAQEAgQBHXHRUjVTdhPODaCAkzaDdsjYeUpbt
rj5DM5zu679DW01LMnZynsNEfZSbYae7LRZqyO2P9R/atQKEO/X6Pj2iGeywdMtY
Sl13QFNrjLTRlpGN8sus2lp5x6uq9dOk7W3HRYaaXlN/+JmPL1RhKb7QvRk5OZqq
b9+j13d+TNOvQ2iOzcqAJ5c9bmTRNK+R7ePaTQXrsCfHU0Wlm3xEKKcb+KjqJySE
IitXcONW8n90UnsAAPPhVrxR9/rsUWRu0/7jt4a1e5l1pk7mgrve8/0zd1yGSW4J
ni3l3JmkBEGjKezgaqznN7IuyglxI9QfRepH+0VZlIv45JfATpE+BQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:03 2024 by rpki-client on console-fra.rpki-client.org