Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/4C5XCRvJKxPVoUaDHEeAdVVjETQ.roa
File: 4C5XCRvJKxPVoUaDHEeAdVVjETQ.roa (raw, json)
Hash identifier: X3mpK4XvITpf+mBlXNNEI9hmdDVKP4UWsswlZAjff/A=
Subject key identifier: E0:2E:57:09:1B:C9:2B:13:D5:A1:46:83:1C:47:80:75:55:63:11:34
Certificate issuer: /CN=bb8d64a0dc21996b1c99e68cc951694e293edefe
Certificate serial: 08926D71
Authority key identifier: BB:8D:64:A0:DC:21:99:6B:1C:99:E6:8C:C9:51:69:4E:29:3E:DE:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/4C5XCRvJKxPVoUaDHEeAdVVjETQ.roa
Signing time: Sat 01 Jan 2022 14:05:43 +0000
ROA not before: Sat 01 Jan 2022 14:05:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 185.71.116.0/24 maxlen: 24
185.71.118.0/24 maxlen: 24
185.71.117.0/24 maxlen: 24
185.71.119.0/24 maxlen: 24
212.50.43.0/24 maxlen: 24
212.50.42.0/24 maxlen: 24
212.50.51.0/24 maxlen: 24
212.50.50.0/24 maxlen: 24
212.50.47.0/24 maxlen: 24
212.50.46.0/24 maxlen: 24
212.50.49.0/24 maxlen: 24
212.50.48.0/24 maxlen: 24
212.50.45.0/24 maxlen: 24
212.50.52.0/24 maxlen: 24
212.50.58.0/24 maxlen: 24
212.50.57.0/24 maxlen: 24
212.50.53.0/24 maxlen: 24
212.50.56.0/24 maxlen: 24
212.50.60.0/24 maxlen: 24
212.50.63.0/24 maxlen: 24
212.50.62.0/24 maxlen: 24
212.50.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143814001 (0x8926d71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb8d64a0dc21996b1c99e68cc951694e293edefe
Validity
Not Before: Jan 1 14:05:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e02e57091bc92b13d5a146831c47807555631134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ac:6f:a8:8f:52:36:0d:d2:8e:26:47:8f:00:
88:a9:33:de:7b:24:a8:9c:6a:1a:64:f0:67:59:b4:
cc:b3:65:81:55:5c:b2:71:0b:ab:d8:45:d1:2a:96:
b3:36:95:8e:57:e4:b4:cd:15:4c:b4:55:71:1a:eb:
9e:a0:d2:37:3b:8f:8f:f4:46:f2:cf:63:51:f3:30:
bf:2c:a0:84:c3:cc:65:0c:dc:f4:18:f8:88:da:4a:
8e:07:20:18:41:27:d6:5e:07:9f:10:d1:60:1d:d7:
af:15:93:0d:1e:0f:90:15:c3:aa:27:d0:30:36:eb:
61:bd:f3:c7:d5:c3:f6:fd:db:82:9c:cb:cd:36:ae:
54:37:9e:d0:c3:1a:fa:7e:cd:3a:4a:57:a1:4e:e3:
a7:dc:15:4c:9a:c7:3f:d7:c8:34:2e:4a:1d:09:e5:
b8:ea:0a:94:7e:8d:a2:9a:79:2e:70:a7:cb:58:24:
47:77:d1:a1:70:76:e8:91:fc:d4:fe:04:aa:f6:90:
90:88:c5:a4:2b:86:2d:d6:e7:81:6b:72:89:c3:f5:
09:41:f6:d3:48:a9:96:56:ad:61:db:21:0c:de:df:
7d:99:fb:9a:35:cb:bb:99:96:42:34:be:c2:1a:73:
6e:5c:84:34:d7:cc:65:dd:e3:b8:e8:ab:ab:37:95:
20:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:2E:57:09:1B:C9:2B:13:D5:A1:46:83:1C:47:80:75:55:63:11:34
X509v3 Authority Key Identifier:
keyid:BB:8D:64:A0:DC:21:99:6B:1C:99:E6:8C:C9:51:69:4E:29:3E:DE:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/4C5XCRvJKxPVoUaDHEeAdVVjETQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.116.0/22
212.50.42.0/23
212.50.45.0-212.50.53.255
212.50.56.0-212.50.60.255
212.50.62.0/23
Signature Algorithm: sha256WithRSAEncryption
20:4e:40:68:67:53:c0:dc:51:96:d5:1c:ee:83:09:e0:aa:3b:
10:ed:0a:d3:e6:65:2b:98:24:d9:3f:8f:f0:af:69:c8:09:ee:
2e:49:9b:86:38:22:28:ab:67:d1:7d:bf:e2:a6:9e:01:f3:a7:
31:08:07:1b:24:88:47:fa:c5:de:62:81:1f:05:cf:1e:0a:96:
f3:b7:77:29:0a:50:97:0e:5a:e0:a7:b2:34:be:df:5b:6e:93:
cf:fc:be:f7:f0:ae:8a:8e:0d:72:19:2a:82:de:c5:54:4e:0f:
11:1d:cd:70:a0:a6:b4:9a:0f:ad:c3:d6:0a:6a:ac:33:bc:a2:
1f:e1:c6:22:32:fa:ac:49:b7:1e:a5:b4:78:b9:ac:32:71:0e:
97:ac:c2:c3:d9:18:c3:78:2a:5e:3c:f7:4d:3b:64:70:8f:04:
c4:ad:be:25:b1:96:b1:8f:b5:8a:94:d0:f0:05:3c:ff:13:ee:
af:70:18:c9:46:73:23:15:42:e3:5b:ec:f1:6a:48:38:1f:69:
4d:20:55:e8:80:bd:9f:66:ce:32:1a:c4:52:af:47:ce:35:bf:
ac:83:f1:50:ab:5a:18:1b:23:a0:a9:ee:78:d2:cb:49:de:da:
9b:80:ac:c0:58:5e:04:4b:9f:50:88:c7:86:b5:d6:e3:06:e4:
ac:c4:48:87
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIECJJtcTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YjhkNjRhMGRjMjE5OTZiMWM5OWU2OGNjOTUxNjk0ZTI5M2VkZWZlMB4XDTIyMDEw
MTE0MDU0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTAyZTU3MDkxYmM5
MmIxM2Q1YTE0NjgzMWM0NzgwNzU1NTYzMTEzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOsb6iPUjYN0o4mR48AiKkz3nskqJxqGmTwZ1m0zLNlgVVc
snELq9hF0SqWszaVjlfktM0VTLRVcRrrnqDSNzuPj/RG8s9jUfMwvyyghMPMZQzc
9Bj4iNpKjgcgGEEn1l4HnxDRYB3XrxWTDR4PkBXDqifQMDbrYb3zx9XD9v3bgpzL
zTauVDee0MMa+n7NOkpXoU7jp9wVTJrHP9fINC5KHQnluOoKlH6Nopp5LnCny1gk
R3fRoXB26JH81P4EqvaQkIjFpCuGLdbngWtyicP1CUH200ipllatYdshDN7ffZn7
mjXLu5mWQjS+whpzblyENNfMZd3juOirqzeVIBsCAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBTgLlcJG8krE9WhRoMcR4B1VWMRNDAfBgNVHSMEGDAWgBS7jWSg3CGZaxyZ
5ozJUWlOKT7e/jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3U0MWtvTndobVdzY21lYU15VkZwVGlrLTN2NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTgvMjIwMzE4LTQ2ZjEtNGViZi1hNzk1LWRkNGEyMTdkNjA2Yi8x
LzRDNVhDUnZKS3hQVm9VYURIRWVBZFZWakVUUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTgv
MjIwMzE4LTQ2ZjEtNGViZi1hNzk1LWRkNGEyMTdkNjA2Yi8xL3U0MWtvTndobVdz
Y21lYU15VkZwVGlrLTN2NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwNAQCAAEwLgMEArlHdAMEAdQyKjAMAwQA1DItAwQB
1DI0MAwDBAPUMjgDBADUMjwDBAHUMj4wDQYJKoZIhvcNAQELBQADggEBACBOQGhn
U8DcUZbVHO6DCeCqOxDtCtPmZSuYJNk/j/CvacgJ7i5Jm4Y4IiirZ9F9v+KmngHz
pzEIBxskiEf6xd5igR8Fzx4KlvO3dykKUJcOWuCnsjS+31tuk8/8vvfwroqODXIZ
KoLexVRODxEdzXCgprSaD63D1gpqrDO8oh/hxiIy+qxJtx6ltHi5rDJxDpeswsPZ
GMN4Kl489007ZHCPBMStviWxlrGPtYqU0PAFPP8T7q9wGMlGcyMVQuNb7PFqSDgf
aU0gVeiAvZ9mzjIaxFKvR841v6yD8VCrWhgbI6Cp7njSy0ne2puArMBYXgRLn1CI
x4a11uMG5KzESIc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:13 2025 by rpki-client