Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/o_SlnZ7HtPa1zUVtkPUj2BdJW80.roa
File: o_SlnZ7HtPa1zUVtkPUj2BdJW80.roa (raw, json)
Hash identifier: u86zXtkHBW6zm/KKE/S26337RHLfuU34thGFQCFXdZI=
Subject key identifier: A3:F4:A5:9D:9E:C7:B4:F6:B5:CD:45:6D:90:F5:23:D8:17:49:5B:CD
Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial: 0185719E86D0C4FEAC1219DB23821E457DF7
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/o_SlnZ7HtPa1zUVtkPUj2BdJW80.roa
Signing time: Mon 02 Jan 2023 08:34:52 +0000
ROA not before: Mon 02 Jan 2023 08:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42147
IP address blocks: 193.148.130.0/24 maxlen: 24
193.148.129.0/24 maxlen: 24
193.148.138.0/24 maxlen: 24
193.148.139.0/24 maxlen: 24
193.148.144.0/24 maxlen: 24
193.148.145.0/24 maxlen: 24
193.148.140.0/24 maxlen: 24
193.148.141.0/24 maxlen: 24
193.148.142.0/24 maxlen: 24
193.148.143.0/24 maxlen: 24
193.148.147.0/24 maxlen: 24
193.148.150.0/24 maxlen: 24
193.148.158.0/24 maxlen: 24
193.148.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:86:d0:c4:fe:ac:12:19:db:23:82:1e:45:7d:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
Validity
Not Before: Jan 2 08:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3f4a59d9ec7b4f6b5cd456d90f523d817495bcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:79:08:f9:bb:36:6f:57:ca:db:c4:ce:c2:02:
dd:fc:63:6f:50:24:4a:1e:03:6a:07:62:18:27:80:
26:04:3f:2e:50:3f:4d:3e:6c:c8:cd:e6:44:aa:2f:
a9:fb:00:f6:67:53:aa:73:6c:0e:f0:12:2a:90:86:
c9:5f:5e:2b:8a:8e:62:f2:e7:6a:3f:0e:10:53:4b:
94:15:0d:d9:32:33:dc:1c:c3:60:cc:8e:38:fa:36:
81:ed:a2:83:1a:40:1b:dc:95:0e:29:1a:c2:09:ea:
8c:55:62:db:14:f4:49:6a:3a:a6:52:e0:d0:64:3d:
7a:8f:48:c7:ce:d9:65:d1:e5:39:1a:ce:2e:e2:a4:
70:ae:c2:5d:55:3c:db:8a:50:b4:66:a7:43:e9:2e:
e0:b6:3d:0b:af:9b:84:3b:f1:4e:1f:62:9b:da:8d:
df:45:99:15:b5:a4:65:73:96:a1:8a:db:8b:48:37:
8c:bb:d6:71:40:7f:4d:c4:42:77:5a:16:b4:48:3c:
88:6c:3b:3e:a4:4d:04:aa:2e:75:5c:f4:0e:f4:fc:
ef:28:d0:1e:1a:72:56:16:e8:97:3a:01:50:73:21:
9e:e4:ab:01:6a:23:94:9c:5e:ec:50:67:19:a2:20:
97:d2:95:c0:bf:18:a7:e8:e0:a9:00:be:8a:15:28:
13:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:F4:A5:9D:9E:C7:B4:F6:B5:CD:45:6D:90:F5:23:D8:17:49:5B:CD
X509v3 Authority Key Identifier:
keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/o_SlnZ7HtPa1zUVtkPUj2BdJW80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.148.129.0-193.148.130.255
193.148.138.0-193.148.145.255
193.148.147.0/24
193.148.150.0/24
193.148.158.0/23
Signature Algorithm: sha256WithRSAEncryption
57:88:b2:60:d5:31:9d:a0:41:52:5f:73:f8:ca:fc:da:c2:8a:
6e:4f:3f:3f:d7:a9:8f:06:85:82:f3:56:c5:b6:51:93:ba:d1:
7d:a0:33:98:05:81:e9:41:71:a1:f1:ad:6d:e2:ad:e4:d0:16:
a7:0e:7e:89:a8:14:16:13:e6:8e:fc:f5:8d:ac:24:f7:04:ae:
75:b9:77:3e:27:34:fe:2e:d6:10:31:18:07:3c:bb:ef:84:c3:
c5:21:5b:ce:dc:85:88:4e:6d:5a:e8:e3:c8:88:40:93:0c:62:
8e:7c:75:c9:9a:dd:8c:e8:b0:e5:fd:9b:5a:9e:30:7b:2d:8a:
29:fe:e0:f3:86:c9:e5:c2:fa:cd:95:0f:3f:7d:f5:a9:16:d3:
4d:05:e4:2b:5f:47:aa:9a:65:ef:68:9f:4b:3d:d5:5f:99:d1:
20:67:ae:5f:fe:33:84:8b:f4:e0:e2:48:58:1e:71:81:d2:52:
68:18:de:e7:85:45:bb:f8:af:6c:57:36:e2:ca:a6:f0:3a:cd:
fd:b6:ae:7f:b4:73:2f:ac:ef:09:39:b2:b9:02:d7:31:53:1c:
eb:59:02:f3:fe:87:1f:66:28:d7:b8:c7:ca:e5:c4:aa:84:78:
b8:85:40:7d:64:fa:10:3e:25:21:43:7c:56:e9:54:60:bd:3a:
23:c6:46:43
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVxnobQxP6sEhnbI4IeRX33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTNjMDYyOTBhMzcxOTk0ZDc1NzczMTg2ODVmNWJjNGE1
MzhkNDcwHhcNMjMwMTAyMDgzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Y0YTU5ZDllYzdiNGY2YjVjZDQ1NmQ5MGY1MjNkODE3NDk1YmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnkI+bs2b1fK28TOwgLd/GNvUCRK
HgNqB2IYJ4AmBD8uUD9NPmzIzeZEqi+p+wD2Z1Oqc2wO8BIqkIbJX14rio5i8udq
Pw4QU0uUFQ3ZMjPcHMNgzI44+jaB7aKDGkAb3JUOKRrCCeqMVWLbFPRJajqmUuDQ
ZD16j0jHztll0eU5Gs4u4qRwrsJdVTzbilC0ZqdD6S7gtj0Lr5uEO/FOH2Kb2o3f
RZkVtaRlc5ahituLSDeMu9ZxQH9NxEJ3Wha0SDyIbDs+pE0Eqi51XPQO9PzvKNAe
GnJWFuiXOgFQcyGe5KsBaiOUnF7sUGcZoiCX0pXAvxin6OCpAL6KFSgTPwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFKP0pZ2ex7T2tc1FbZD1I9gXSVvNMB8GA1UdIwQY
MBaAFFdTwGKQo3GZTXV3MYaF9bxKU41HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2It
MWVkMTA5NTRiZDk2LzEvb19TbG5aN0h0UGExelVWdGtQVWoyQmRKVzgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2ItMWVkMTA5NTRiZDk2
LzEvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBADBlIED
BADBlIIwDAMEAcGUigMEAcGUkAMEAMGUkwMEAMGUlgMEAcGUnjANBgkqhkiG9w0B
AQsFAAOCAQEAV4iyYNUxnaBBUl9z+Mr82sKKbk8/P9epjwaFgvNWxbZRk7rRfaAz
mAWB6UFxofGtbeKt5NAWpw5+iagUFhPmjvz1jawk9wSudbl3Pic0/i7WEDEYBzy7
74TDxSFbztyFiE5tWujjyIhAkwxijnx1yZrdjOiw5f2bWp4wey2KKf7g84bJ5cL6
zZUPP331qRbTTQXkK19Hqppl72ifSz3VX5nRIGeuX/4zhIv04OJIWB5xgdJSaBje
54VFu/ivbFc24sqm8DrN/bauf7RzL6zvCTmyuQLXMVMc61kC8/6HH2Yo17jHyuXE
qoR4uIVAfWT6ED4lIUN8VulUYL06I8ZGQw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:02 2025 by rpki-client