Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/524gcDK5KWB9GPXJ-UVCfJwpHtA.roa
File: 524gcDK5KWB9GPXJ-UVCfJwpHtA.roa (raw, json)
Hash identifier: dtee8x9FR806Kyl2j3yH8c+LFmhelbo2FxuvSl/R7PA=
Subject key identifier: E7:6E:20:70:32:B9:29:60:7D:18:F5:C9:F9:45:42:7C:9C:29:1E:D0
Certificate issuer: /CN=e5a6794b91b81406412a137870bfde3b170de094
Certificate serial: 01FB327D
Authority key identifier: E5:A6:79:4B:91:B8:14:06:41:2A:13:78:70:BF:DE:3B:17:0D:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/524gcDK5KWB9GPXJ-UVCfJwpHtA.roa
Signing time: Sat 01 Jan 2022 13:55:49 +0000
ROA not before: Sat 01 Jan 2022 13:55:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199335
IP address blocks: 188.241.40.0/21 maxlen: 21
185.113.60.0/22 maxlen: 22
85.92.164.0/22 maxlen: 22
85.92.160.0/22 maxlen: 22
85.92.168.0/22 maxlen: 22
85.92.172.0/22 maxlen: 22
85.92.176.0/22 maxlen: 22
85.92.184.0/22 maxlen: 22
85.92.180.0/22 maxlen: 22
85.92.188.0/22 maxlen: 22
185.5.64.0/22 maxlen: 22
80.94.192.0/20 maxlen: 20
176.126.224.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33239677 (0x1fb327d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5a6794b91b81406412a137870bfde3b170de094
Validity
Not Before: Jan 1 13:55:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e76e207032b929607d18f5c9f945427c9c291ed0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fe:1f:f3:d0:2a:35:fa:2f:f4:46:97:c5:ad:
90:b9:c7:7b:60:11:cf:eb:be:37:e9:16:40:2f:05:
bd:cd:f7:b3:0e:3f:c2:b8:59:ba:03:74:ae:82:fb:
9b:11:e5:0f:d8:88:f7:8b:d7:6f:8f:37:64:e4:a4:
b9:a9:64:66:a7:c6:05:99:85:d3:16:d2:9a:09:76:
26:62:4e:e6:3e:f2:02:0b:72:3c:4a:cd:71:9c:85:
1b:b0:b8:70:90:dd:d8:09:9b:4b:d9:11:b7:e9:90:
dd:dd:c2:bf:18:d4:93:aa:18:17:ad:3f:b5:6b:08:
45:d5:7a:05:5c:6f:8a:76:33:e3:26:07:f8:cf:65:
41:57:96:9b:52:36:63:9a:e8:75:11:5d:45:53:43:
33:82:58:8e:7a:f8:8d:79:15:76:03:f5:21:98:ee:
4e:a7:6c:e2:69:85:38:5e:72:f4:80:4c:32:63:cd:
d6:bb:1a:da:a4:1d:5a:43:6e:17:b2:6b:79:da:a7:
4b:ea:4a:d8:5a:1c:b5:d6:ea:79:4f:9b:55:5f:96:
44:71:ca:e4:a9:d2:9a:b2:80:03:ec:77:a8:a6:b9:
b6:f0:7a:f2:94:1c:b2:13:a6:66:5c:d1:0b:7f:0b:
3d:e0:19:7c:7c:04:d3:ae:24:9d:15:dd:3b:06:4e:
3b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:6E:20:70:32:B9:29:60:7D:18:F5:C9:F9:45:42:7C:9C:29:1E:D0
X509v3 Authority Key Identifier:
keyid:E5:A6:79:4B:91:B8:14:06:41:2A:13:78:70:BF:DE:3B:17:0D:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/524gcDK5KWB9GPXJ-UVCfJwpHtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.94.192.0/20
85.92.160.0/19
176.126.224.0/21
185.5.64.0/22
185.113.60.0/22
188.241.40.0/21
Signature Algorithm: sha256WithRSAEncryption
82:4a:dd:f5:4f:fb:23:bd:38:0c:d4:0d:8e:9f:b0:1e:1e:7a:
35:b7:7d:38:b1:c0:69:7d:7b:d8:5f:25:8d:89:9f:95:9e:38:
bd:5a:13:f2:9c:94:2a:18:d5:92:97:e3:35:7b:9a:30:85:b7:
2d:df:b1:e5:79:99:cf:f7:7e:b0:2f:fc:64:96:62:97:bb:f6:
4f:c8:81:b8:bb:95:1b:45:5a:4f:93:a1:25:67:c2:55:9a:62:
f4:95:d2:2c:f1:5b:8a:61:f9:08:ba:51:02:0d:fd:02:55:6e:
3d:e6:c1:57:2f:c9:19:cc:70:03:f3:ab:95:76:af:68:2c:64:
4f:a2:79:73:61:1f:52:8b:bc:d7:99:52:e2:9f:ae:6b:e9:b1:
de:02:78:76:ab:f9:64:dc:dd:47:b8:a0:84:70:f6:97:f9:9d:
6f:b5:08:2a:71:b6:15:64:14:da:e5:36:51:4c:c7:30:56:d4:
5f:3a:a9:e7:09:49:7d:5c:31:6b:5c:10:42:9d:7c:cd:c4:55:
d6:fe:f4:7f:21:c9:28:43:4f:fc:d5:0b:13:07:05:b8:fc:12:
ba:ec:67:56:0d:e3:8b:b9:fe:2e:7b:92:67:5b:63:da:45:98:
a9:77:44:87:b6:ab:96:88:d8:be:99:cd:c9:64:03:aa:8a:95:
dc:9e:93:a6
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEAfsyfTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NWE2Nzk0YjkxYjgxNDA2NDEyYTEzNzg3MGJmZGUzYjE3MGRlMDk0MB4XDTIyMDEw
MTEzNTU0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTc2ZTIwNzAzMmI5
Mjk2MDdkMThmNWM5Zjk0NTQyN2M5YzI5MWVkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKv+H/PQKjX6L/RGl8WtkLnHe2ARz+u+N+kWQC8Fvc33sw4/
wrhZugN0roL7mxHlD9iI94vXb483ZOSkualkZqfGBZmF0xbSmgl2JmJO5j7yAgty
PErNcZyFG7C4cJDd2AmbS9kRt+mQ3d3CvxjUk6oYF60/tWsIRdV6BVxvinYz4yYH
+M9lQVeWm1I2Y5rodRFdRVNDM4JYjnr4jXkVdgP1IZjuTqds4mmFOF5y9IBMMmPN
1rsa2qQdWkNuF7JredqnS+pK2FoctdbqeU+bVV+WRHHK5KnSmrKAA+x3qKa5tvB6
8pQcshOmZlzRC38LPeAZfHwE064knRXdOwZOOyECAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBTnbiBwMrkpYH0Y9cn5RUJ8nCke0DAfBgNVHSMEGDAWgBTlpnlLkbgUBkEq
E3hwv947Fw3glDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVhWjVTNUc0RkFaQktoTjRjTF9lT3hjTjRKUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvY2EzNGViLThlMjAtNGJmMS1iMWIyLTU4NzIxMDliNjdhOC8x
LzUyNGdjREs1S1dCOUdQWEotVVZDZkp3cEh0QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
Y2EzNGViLThlMjAtNGJmMS1iMWIyLTU4NzIxMDliNjdhOC8xLzVhWjVTNUc0RkFa
QktoTjRjTF9lT3hjTjRKUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEBFBewAMEBVVcoAMEA7B+4AMEArkF
QAMEArlxPAMEA7zxKDANBgkqhkiG9w0BAQsFAAOCAQEAgkrd9U/7I704DNQNjp+w
Hh56Nbd9OLHAaX172F8ljYmflZ44vVoT8pyUKhjVkpfjNXuaMIW3Ld+x5XmZz/d+
sC/8ZJZil7v2T8iBuLuVG0VaT5OhJWfCVZpi9JXSLPFbimH5CLpRAg39AlVuPebB
Vy/JGcxwA/OrlXavaCxkT6J5c2EfUou815lS4p+ua+mx3gJ4dqv5ZNzdR7ighHD2
l/mdb7UIKnG2FWQU2uU2UUzHMFbUXzqp5wlJfVwxa1wQQp18zcRV1v70fyHJKENP
/NULEwcFuPwSuuxnVg3ji7n+LnuSZ1tj2kWYqXdEh7arlojYvpnNyWQDqoqV3J6T
pg==
-----END CERTIFICATE-----
Generated at Fri Apr 18 03:06:26 2025 by rpki-client