Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/U2nV2s81h0UN53GHPlIcazYZ03A.roa
File: U2nV2s81h0UN53GHPlIcazYZ03A.roa (raw, json)
Hash identifier: Yck/HRAxy1GBjrGJnAV9kPgiRM+e4UQ/a+2mqZf90Vo=
Subject key identifier: 53:69:D5:DA:CF:35:87:45:0D:E7:71:87:3E:52:1C:6B:36:19:D3:70
Certificate issuer: /CN=c1a190504b6d9ed9c18096840425b11d7b22dff4
Certificate serial: 0186FF8F9CABC7F5EB5EDBF9388F480F5CE3
Authority key identifier: C1:A1:90:50:4B:6D:9E:D9:C1:80:96:84:04:25:B1:1D:7B:22:DF:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/waGQUEttntnBgJaEBCWxHXsi3_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/U2nV2s81h0UN53GHPlIcazYZ03A.roa
Signing time: Mon 20 Mar 2023 15:07:27 +0000
ROA not before: Mon 20 Mar 2023 15:07:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42707
IP address blocks: 84.39.204.0/22 maxlen: 23
77.75.48.0/22 maxlen: 23
185.245.88.0/22 maxlen: 23
91.189.224.0/21 maxlen: 22
193.33.134.0/23 maxlen: 24
185.252.124.0/22 maxlen: 23
185.254.48.0/22 maxlen: 23
91.195.64.0/22 maxlen: 23
185.148.28.0/22 maxlen: 23
185.250.136.0/22 maxlen: 23
193.36.164.0/22 maxlen: 23
185.247.44.0/22 maxlen: 23
185.247.48.0/22 maxlen: 23
185.248.228.0/22 maxlen: 23
5.45.32.0/22 maxlen: 23
5.206.208.0/20 maxlen: 21
185.233.212.0/22 maxlen: 23
185.236.4.0/22 maxlen: 23
185.229.80.0/22 maxlen: 23
185.231.24.0/22 maxlen: 23
185.231.24.0/21 maxlen: 22
185.231.28.0/22 maxlen: 23
83.143.76.0/22 maxlen: 23
109.207.72.0/22 maxlen: 23
5.57.248.0/21 maxlen: 22
195.42.224.0/22 maxlen: 23
195.42.228.0/23 maxlen: 24
194.49.88.0/22 maxlen: 23
2a00:5140::/32 maxlen: 32
2a00:5141::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ff:8f:9c:ab:c7:f5:eb:5e:db:f9:38:8f:48:0f:5c:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1a190504b6d9ed9c18096840425b11d7b22dff4
Validity
Not Before: Mar 20 15:07:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5369d5dacf3587450de771873e521c6b3619d370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9b:3d:f1:65:cb:02:65:90:7b:2f:97:09:34:
b0:29:4f:2c:cc:f5:b1:3c:f0:c8:bf:23:cf:3b:20:
f8:67:37:3d:44:7b:0b:82:92:bf:68:87:18:83:3f:
51:bb:3a:e5:05:39:4e:42:3d:6a:36:8c:28:fa:cc:
ec:3f:f0:24:8b:68:b2:25:a3:09:b8:3a:1a:d6:c5:
81:22:2a:2b:7d:13:bf:06:e2:d9:87:fd:02:0a:63:
dc:9a:56:fc:dc:ee:c2:67:d2:df:b8:6b:f6:ca:e3:
2f:3c:ed:06:ec:7a:9b:e0:b2:e1:90:90:22:0c:53:
2e:56:80:5e:b1:eb:2c:15:9a:59:e3:88:00:ba:17:
7f:67:0b:02:82:67:c5:4b:68:89:ef:83:b0:94:a9:
5a:16:c2:59:e4:b6:9c:eb:67:d4:90:9b:8c:a4:27:
ad:d3:d9:82:04:21:6b:af:d0:44:d4:21:a0:dc:d9:
38:95:c3:9f:0c:e9:bb:c9:99:a8:79:97:a3:0d:ec:
ef:e4:5c:b0:50:6c:97:07:6d:b9:e8:35:c8:b7:67:
00:be:7d:d0:84:fc:1e:a4:a2:b5:cc:73:8e:04:5f:
19:8d:bc:98:c6:df:bf:27:1c:d2:0a:64:d5:a8:7d:
57:f3:f2:c2:c8:bb:1c:b4:38:8a:be:99:2b:82:32:
97:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:69:D5:DA:CF:35:87:45:0D:E7:71:87:3E:52:1C:6B:36:19:D3:70
X509v3 Authority Key Identifier:
keyid:C1:A1:90:50:4B:6D:9E:D9:C1:80:96:84:04:25:B1:1D:7B:22:DF:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/waGQUEttntnBgJaEBCWxHXsi3_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/U2nV2s81h0UN53GHPlIcazYZ03A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/waGQUEttntnBgJaEBCWxHXsi3_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.32.0/22
5.57.248.0/21
5.206.208.0/20
77.75.48.0/22
83.143.76.0/22
84.39.204.0/22
91.189.224.0/21
91.195.64.0/22
109.207.72.0/22
185.148.28.0/22
185.229.80.0/22
185.231.24.0/21
185.233.212.0/22
185.236.4.0/22
185.245.88.0/22
185.247.44.0-185.247.51.255
185.248.228.0/22
185.250.136.0/22
185.252.124.0/22
185.254.48.0/22
193.33.134.0/23
193.36.164.0/22
194.49.88.0/22
195.42.224.0-195.42.229.255
IPv6:
2a00:5140::/31
Signature Algorithm: sha256WithRSAEncryption
93:91:8c:1b:b6:ba:a5:ba:43:54:49:98:6f:10:fa:9a:c2:0e:
f8:24:8a:b1:d4:27:18:38:18:9c:f6:a3:8f:c9:5c:4f:d1:99:
8b:78:e7:fb:ed:90:a1:f7:c1:96:af:21:84:02:45:7d:6d:62:
64:b4:2e:b6:73:ed:ec:06:52:b8:fa:1a:cd:f7:97:f5:44:7f:
39:e0:4f:00:40:f7:5b:7f:f4:2e:3a:ea:24:2b:e0:28:58:3b:
60:4c:41:91:87:65:55:86:8a:6e:b5:22:2b:77:56:a7:e1:59:
0a:9f:ce:60:98:a5:e9:1e:63:46:19:4f:52:6d:7f:f6:ba:3f:
d5:d5:81:ef:6a:59:d9:14:a3:7b:59:f5:9d:58:bb:88:95:73:
75:4f:c8:17:79:49:f8:91:f8:5c:51:05:c8:47:5d:c2:dc:e8:
8b:88:42:37:b3:53:7e:d9:30:a1:6a:40:b8:99:74:9c:87:46:
80:62:bf:80:20:36:43:86:2b:c3:37:e2:04:22:dc:55:d8:70:
da:70:73:62:81:e6:a4:4f:00:d2:30:2e:12:58:51:b0:4a:8c:
06:4d:f1:60:5b:dc:69:4d:08:ef:a2:4b:56:f7:64:a3:6e:8b:
cd:b6:8c:0d:e7:bb:95:13:18:fa:f3:41:9d:1e:76:61:c4:f0:
f5:b3:02:53
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAYb/j5yrx/XrXtv5OI9ID1zjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYTE5MDUwNGI2ZDllZDljMTgwOTY4NDA0MjViMTFkN2Iy
MmRmZjQwHhcNMjMwMzIwMTUwNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzY5ZDVkYWNmMzU4NzQ1MGRlNzcxODczZTUyMWM2YjM2MTlkMzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmps98WXLAmWQey+XCTSwKU8szPWx
PPDIvyPPOyD4Zzc9RHsLgpK/aIcYgz9RuzrlBTlOQj1qNowo+szsP/Aki2iyJaMJ
uDoa1sWBIiorfRO/BuLZh/0CCmPcmlb83O7CZ9LfuGv2yuMvPO0G7Hqb4LLhkJAi
DFMuVoBesessFZpZ44gAuhd/ZwsCgmfFS2iJ74OwlKlaFsJZ5Lac62fUkJuMpCet
09mCBCFrr9BE1CGg3Nk4lcOfDOm7yZmoeZejDezv5FywUGyXB2256DXIt2cAvn3Q
hPwepKK1zHOOBF8ZjbyYxt+/JxzSCmTVqH1X8/LCyLsctDiKvpkrgjKXOQIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFFNp1drPNYdFDedxhz5SHGs2GdNwMB8GA1UdIwQY
MBaAFMGhkFBLbZ7ZwYCWhAQlsR17It/0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2FHUVVFdHRudG5CZ0phRUJDV3hIWHNpM19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zODdmMjEtMTAxYi00ODdlLThhMGYt
MGI4MzhhNTk5NjYyLzEvVTJuVjJzODFoMFVONTNHSFBsSWNhellaMDNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zODdmMjEtMTAxYi00ODdlLThhMGYtMGI4MzhhNTk5NjYy
LzEvd2FHUVVFdHRudG5CZ0phRUJDV3hIWHNpM19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHMBggrBgEFBQcBBwEB/wSBvDCBuTCBpwQCAAEwgaADBAIF
LSADBAMFOfgDBAQFztADBAJNSzADBAJTj0wDBAJUJ8wDBANbveADBAJbw0ADBAJt
z0gDBAK5lBwDBAK55VADBAO55xgDBAK56dQDBAK57AQDBAK59VgwDAMEArn3LAME
Arn3MAMEArn45AMEArn6iAMEArn8fAMEArn+MAMEAcEhhgMEAsEkpAMEAsIxWDAM
AwQFwyrgAwQBwyrkMA0EAgACMAcDBQEqAFFAMA0GCSqGSIb3DQEBCwUAA4IBAQCT
kYwbtrqlukNUSZhvEPqawg74JIqx1CcYOBic9qOPyVxP0ZmLeOf77ZCh98GWryGE
AkV9bWJktC62c+3sBlK4+hrN95f1RH854E8AQPdbf/QuOuokK+AoWDtgTEGRh2VV
hoputSIrd1an4VkKn85gmKXpHmNGGU9SbX/2uj/V1YHvalnZFKN7WfWdWLuIlXN1
T8gXeUn4kfhcUQXIR13C3OiLiEI3s1N+2TChakC4mXSch0aAYr+AIDZDhivDN+IE
ItxV2HDacHNigeakTwDSMC4SWFGwSowGTfFgW9xpTQjvoktW92SjbovNtowN57uV
Exj680GdHnZhxPD1swJT
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:24 2025 by rpki-client