Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/5kFtSOuge1Lv8p39hIUbyNxnTsQ.roa
File: 5kFtSOuge1Lv8p39hIUbyNxnTsQ.roa (raw, json)
Hash identifier: a3+mzyFTJKVyOMXaw2XRF8y/n44+9jqsgQSek0mMIYQ=
Subject key identifier: E6:41:6D:48:EB:A0:7B:52:EF:F2:9D:FD:84:85:1B:C8:DC:67:4E:C4
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 03D2F575
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/5kFtSOuge1Lv8p39hIUbyNxnTsQ.roa
Signing time: Wed 01 Jun 2022 07:34:24 +0000
ROA not before: Wed 01 Jun 2022 07:34:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 164.215.100.0/24 maxlen: 24
85.158.148.0/22 maxlen: 22
85.158.146.0/24 maxlen: 24
5.178.0.0/22 maxlen: 22
185.81.216.0/22 maxlen: 22
88.151.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64157045 (0x3d2f575)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jun 1 07:34:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e6416d48eba07b52eff29dfd84851bc8dc674ec4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:72:91:2e:5c:8a:fe:ee:e0:31:9c:b2:2a:93:
b9:70:6c:ff:b5:79:ff:cb:45:8d:36:31:e6:7a:d1:
cf:4e:21:0d:8b:4a:e6:42:fc:5c:94:7d:1c:41:bf:
71:1f:14:3c:4b:63:02:24:17:52:06:0f:24:e6:53:
ee:0d:d7:6d:22:98:49:4c:4f:5b:b9:26:d7:bd:9e:
e9:95:c2:a0:07:47:1b:7b:6e:8d:c7:ab:fd:d7:f4:
93:8e:e3:10:29:b0:57:30:59:28:88:7b:8a:34:33:
85:15:b4:12:af:32:4e:d6:fe:cb:af:72:a5:df:dc:
7e:3c:2d:50:13:87:f0:86:fa:ec:8b:87:03:51:55:
79:ba:53:ba:7e:62:8f:ea:80:25:a4:29:90:a3:61:
38:cb:61:83:08:ac:69:59:9c:54:b8:fe:f3:b5:55:
21:96:45:13:51:17:48:c5:42:5e:18:d3:ed:b0:7e:
29:25:44:0f:e3:f3:ee:40:a8:e8:ec:f0:1f:90:59:
52:10:40:1d:f1:d0:6d:0a:9d:10:60:b6:b8:6c:9b:
4b:be:59:75:5d:ac:27:65:b9:c1:3f:e1:ed:d3:9b:
01:86:36:2a:a5:f3:5c:16:59:d1:4f:58:65:18:55:
ed:60:de:50:03:4f:27:d0:8d:3a:16:30:1d:5c:2e:
cd:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:41:6D:48:EB:A0:7B:52:EF:F2:9D:FD:84:85:1B:C8:DC:67:4E:C4
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/5kFtSOuge1Lv8p39hIUbyNxnTsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.0.0/22
85.158.146.0/24
85.158.148.0/22
88.151.195.0/24
164.215.100.0/24
185.81.216.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:ae:c8:f3:28:aa:dd:26:a8:99:74:c5:d5:de:93:d6:c2:6a:
0f:05:ff:04:e0:df:ee:25:dd:04:38:6c:11:03:f0:c7:e0:8a:
cd:96:7e:13:ad:67:38:18:2b:80:7d:78:25:43:b2:ac:2d:dd:
13:ae:76:da:0d:c4:c7:b6:eb:d1:17:21:81:28:37:c6:ca:57:
ad:ee:6a:f6:5c:32:45:ac:66:7f:18:79:3d:77:78:f8:62:f5:
5b:1c:1c:eb:0f:b0:82:1c:9e:f3:86:d6:6e:75:95:67:db:6c:
3e:ef:98:6e:c6:55:87:d2:aa:2d:7a:ce:cf:53:57:62:7a:9c:
fb:3a:17:05:57:20:2d:47:23:67:45:83:c6:bc:8c:19:77:45:
5c:1e:d0:03:b8:4b:31:6d:de:91:e9:c3:98:9c:a2:ed:f1:28:
dc:7f:ea:d5:6b:d9:3e:bf:6e:ee:47:e7:43:e9:28:24:6c:d9:
d0:6d:32:92:74:1e:17:4a:f0:a4:cf:3c:eb:76:84:07:2c:65:
0b:57:c2:03:c3:28:48:79:54:3d:97:1f:9b:ae:b9:8e:5b:4d:
02:cf:d5:e9:f0:ce:b0:0d:c3:63:34:4b:f2:be:a6:06:3a:53:
07:56:ad:10:44:bf:55:71:86:81:de:9e:0f:c3:5e:1a:46:81:
a2:c1:3a:5f
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEA9L1dTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDA2YTQyYmIyNDQ2ZTUxZjE5MmVhMzc1YmRmN2VlYzVhNTFjNzdmMB4XDTIyMDYw
MTA3MzQyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTY0MTZkNDhlYmEw
N2I1MmVmZjI5ZGZkODQ4NTFiYzhkYzY3NGVjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKNykS5civ7u4DGcsiqTuXBs/7V5/8tFjTYx5nrRz04hDYtK
5kL8XJR9HEG/cR8UPEtjAiQXUgYPJOZT7g3XbSKYSUxPW7km172e6ZXCoAdHG3tu
jcer/df0k47jECmwVzBZKIh7ijQzhRW0Eq8yTtb+y69ypd/cfjwtUBOH8Ib67IuH
A1FVebpTun5ij+qAJaQpkKNhOMthgwisaVmcVLj+87VVIZZFE1EXSMVCXhjT7bB+
KSVED+Pz7kCo6OzwH5BZUhBAHfHQbQqdEGC2uGybS75ZdV2sJ2W5wT/h7dObAYY2
KqXzXBZZ0U9YZRhV7WDeUANPJ9CNOhYwHVwuzbUCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBTmQW1I66B7Uu/ynf2EhRvI3GdOxDAfBgNVHSMEGDAWgBR9BqQrskRuUfGS
6jdb337sWlHHfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZRYWtLN0pFYmxIeGt1bzNXOTktN0ZwUngzOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvNzgwMDJhLTRmYzAtNGRiZi04NTg1LTJjZjgwNmIyZDBmMi8x
LzVrRnRTT3VnZTFMdjhwMzloSVVieU54blRzUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
NzgwMDJhLTRmYzAtNGRiZi04NTg1LTJjZjgwNmIyZDBmMi8xL2ZRYWtLN0pFYmxI
eGt1bzNXOTktN0ZwUngzOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAgWyAAMEAFWekgMEAlWelAMEAFiX
wwMEAKTXZAMEArlR2DANBgkqhkiG9w0BAQsFAAOCAQEAn67I8yiq3SaomXTF1d6T
1sJqDwX/BODf7iXdBDhsEQPwx+CKzZZ+E61nOBgrgH14JUOyrC3dE6522g3Ex7br
0RchgSg3xspXre5q9lwyRaxmfxh5PXd4+GL1Wxwc6w+wghye84bWbnWVZ9tsPu+Y
bsZVh9KqLXrOz1NXYnqc+zoXBVcgLUcjZ0WDxryMGXdFXB7QA7hLMW3ekenDmJyi
7fEo3H/q1WvZPr9u7kfnQ+koJGzZ0G0yknQeF0rwpM8863aEByxlC1fCA8MoSHlU
PZcfm665jltNAs/V6fDOsA3DYzRL8r6mBjpTB1atEES/VXGGgd6eD8NeGkaBosE6
Xw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:14 2025 by rpki-client