Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/ca4c34-2704-4f82-bff8-a7ccd0098477/1/83LANOUl0AZf8f8K-aHdeIbqKOs.roa
File: 83LANOUl0AZf8f8K-aHdeIbqKOs.roa (raw, json)
Hash identifier: n5SgROMJPexOnNyvllHWea+NBlM/SHb1bWW5c7seFe4=
Subject key identifier: F3:72:C0:34:E5:25:D0:06:5F:F1:FF:0A:F9:A1:DD:78:86:EA:28:EB
Certificate issuer: /CN=4e622bc550687b6d0ef60788ceadb0fc820a381f
Certificate serial: 018774D6841D324EBF47F3D753A91A890F5B
Authority key identifier: 4E:62:2B:C5:50:68:7B:6D:0E:F6:07:88:CE:AD:B0:FC:82:0A:38:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TmIrxVBoe20O9geIzq2w_IIKOB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/ca4c34-2704-4f82-bff8-a7ccd0098477/1/83LANOUl0AZf8f8K-aHdeIbqKOs.roa
Signing time: Wed 12 Apr 2023 09:40:28 +0000
ROA not before: Wed 12 Apr 2023 09:40:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13113
IP address blocks: 213.144.64.0/19 maxlen: 24
87.253.96.0/19 maxlen: 24
37.60.32.0/21 maxlen: 24
93.88.112.0/20 maxlen: 24
185.145.84.0/22 maxlen: 24
109.75.112.0/20 maxlen: 24
5.198.224.0/20 maxlen: 24
185.3.252.0/22 maxlen: 24
5.172.208.0/21 maxlen: 24
2a03:3d80::/29 maxlen: 48
2a0c:8a80::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:74:d6:84:1d:32:4e:bf:47:f3:d7:53:a9:1a:89:0f:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e622bc550687b6d0ef60788ceadb0fc820a381f
Validity
Not Before: Apr 12 09:40:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f372c034e525d0065ff1ff0af9a1dd7886ea28eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a9:e0:b2:a1:53:31:43:fe:18:e9:a4:ef:bd:
b6:89:08:b2:99:cb:e7:05:bf:98:b0:23:3d:bc:98:
af:5c:f3:c9:f8:15:db:19:e7:49:c5:38:79:5b:b0:
a4:76:87:e7:34:54:7d:f4:fa:ff:c1:20:d1:ae:af:
66:21:02:07:a6:94:59:9c:57:be:0c:ed:7f:87:14:
d6:73:41:51:10:9b:c8:94:77:2e:81:83:b5:30:16:
08:da:39:ef:01:5c:d5:37:5d:22:d7:85:ea:4c:7d:
24:f1:3d:15:a3:02:68:48:7e:50:e2:d2:ac:0b:27:
4f:d5:e9:8b:e7:50:a5:97:78:7d:59:dc:31:bc:0e:
9f:03:39:53:ff:5f:1d:8a:aa:84:a0:41:e6:ab:83:
16:fc:e6:a3:79:6c:e0:e4:89:a9:cc:89:1e:80:ae:
22:4f:f6:3d:7b:7e:68:7c:0a:7c:86:c4:ac:63:ea:
4f:cb:f3:97:27:3f:13:70:34:bc:35:77:bb:62:55:
d4:ac:b3:e6:54:d0:21:96:03:ed:66:a8:20:34:0d:
de:d6:07:b1:d3:42:6b:b2:16:cd:03:35:c2:2b:c6:
8a:29:94:66:81:11:42:c0:42:81:ce:fb:12:72:78:
de:42:35:f4:a7:29:82:ad:1f:97:70:0b:df:1d:cd:
f0:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:72:C0:34:E5:25:D0:06:5F:F1:FF:0A:F9:A1:DD:78:86:EA:28:EB
X509v3 Authority Key Identifier:
keyid:4E:62:2B:C5:50:68:7B:6D:0E:F6:07:88:CE:AD:B0:FC:82:0A:38:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TmIrxVBoe20O9geIzq2w_IIKOB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ca4c34-2704-4f82-bff8-a7ccd0098477/1/83LANOUl0AZf8f8K-aHdeIbqKOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ca4c34-2704-4f82-bff8-a7ccd0098477/1/TmIrxVBoe20O9geIzq2w_IIKOB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.208.0/21
5.198.224.0/20
37.60.32.0/21
87.253.96.0/19
93.88.112.0/20
109.75.112.0/20
185.3.252.0/22
185.145.84.0/22
213.144.64.0/19
IPv6:
2a03:3d80::/29
2a0c:8a80::/29
Signature Algorithm: sha256WithRSAEncryption
4c:77:a3:0c:bf:14:44:5f:5a:bc:2d:0b:a7:aa:53:eb:50:ff:
c8:e5:a7:8f:8c:c4:fd:36:76:f9:54:f9:23:1b:16:52:62:e0:
47:19:46:a9:0d:c1:9f:5e:5f:9d:07:17:8c:82:c4:2c:3e:f2:
24:24:0e:08:24:91:40:df:58:17:43:e6:6a:bc:33:ce:58:a4:
ff:0e:23:40:71:a9:0b:3c:b5:b9:cb:80:34:9b:98:1b:11:cb:
5a:a9:73:6e:30:da:9f:26:46:b9:df:21:dc:7a:6d:1a:4f:16:
c1:ff:42:4b:aa:1c:6f:97:a7:54:51:b4:90:6c:81:42:b8:d7:
6b:35:1c:b5:f1:4f:3b:2c:20:ed:bc:0d:88:f8:f3:96:7b:9d:
3c:05:de:7e:0a:41:7a:e7:b2:31:89:23:d2:5d:91:fe:2a:58:
6a:99:18:d6:e6:a2:2d:a6:ec:6e:ea:d4:3a:7b:bb:01:fd:1e:
d5:a2:4e:ee:cd:99:a4:cf:4b:54:f9:56:65:07:8d:99:44:bf:
47:2f:64:55:44:37:dc:51:87:fe:ed:90:0f:7f:01:2f:14:63:
1b:c9:87:ae:e6:40:33:8a:b2:38:6b:3b:e4:39:8b:e5:b1:36:
cb:4c:75:ba:70:83:74:8e:b1:ed:d5:cb:71:f4:fb:be:44:a2:
10:98:f3:9c
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYd01oQdMk6/R/PXU6kaiQ9bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNjIyYmM1NTA2ODdiNmQwZWY2MDc4OGNlYWRiMGZjODIw
YTM4MWYwHhcNMjMwNDEyMDk0MDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzcyYzAzNGU1MjVkMDA2NWZmMWZmMGFmOWExZGQ3ODg2ZWEyOGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKngsqFTMUP+GOmk7722iQiymcvn
Bb+YsCM9vJivXPPJ+BXbGedJxTh5W7CkdofnNFR99Pr/wSDRrq9mIQIHppRZnFe+
DO1/hxTWc0FREJvIlHcugYO1MBYI2jnvAVzVN10i14XqTH0k8T0VowJoSH5Q4tKs
CydP1emL51Cll3h9WdwxvA6fAzlT/18diqqEoEHmq4MW/OajeWzg5ImpzIkegK4i
T/Y9e35ofAp8hsSsY+pPy/OXJz8TcDS8NXe7YlXUrLPmVNAhlgPtZqggNA3e1gex
00JrshbNAzXCK8aKKZRmgRFCwEKBzvsScnjeQjX0pymCrR+XcAvfHc3w1QIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFPNywDTlJdAGX/H/Cvmh3XiG6ijrMB8GA1UdIwQY
MBaAFE5iK8VQaHttDvYHiM6tsPyCCjgfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG1JcnhWQm9lMjBPOWdlSXpxMndfSUlLT0I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jYTRjMzQtMjcwNC00ZjgyLWJmZjgt
YTdjY2QwMDk4NDc3LzEvODNMQU5PVWwwQVpmOGY4Sy1hSGRlSWJxS09zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jYTRjMzQtMjcwNC00ZjgyLWJmZjgtYTdjY2QwMDk4NDc3
LzEvVG1JcnhWQm9lMjBPOWdlSXpxMndfSUlLT0I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQDBazQAwQE
BcbgAwQDJTwgAwQFV/1gAwQEXVhwAwQEbUtwAwQCuQP8AwQCuZFUAwQF1ZBAMBQE
AgACMA4DBQMqAz2AAwUDKgyKgDANBgkqhkiG9w0BAQsFAAOCAQEATHejDL8URF9a
vC0Lp6pT61D/yOWnj4zE/TZ2+VT5IxsWUmLgRxlGqQ3Bn15fnQcXjILELD7yJCQO
CCSRQN9YF0Pmarwzzlik/w4jQHGpCzy1ucuANJuYGxHLWqlzbjDanyZGud8h3Hpt
Gk8Wwf9CS6ocb5enVFG0kGyBQrjXazUctfFPOywg7bwNiPjzlnudPAXefgpBeuey
MYkj0l2R/ipYapkY1uaiLabsburUOnu7Af0e1aJO7s2ZpM9LVPlWZQeNmUS/Ry9k
VUQ33FGH/u2QD38BLxRjG8mHruZAM4qyOGs75DmL5bE2y0x1unCDdI6x7dXLcfT7
vkSiEJjznA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:37 2025 by rpki-client