Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/T8w0urO5oLCMbMHltEana08LxmE.roa
File: T8w0urO5oLCMbMHltEana08LxmE.roa (raw, json)
Hash identifier: ACGCQlCzw8gzBAcagKvFZ7ZQueI2S75eVrJ3vt3j/X0=
Subject key identifier: 4F:CC:34:BA:B3:B9:A0:B0:8C:6C:C1:E5:B4:46:A7:6B:4F:0B:C6:61
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01866DFDD684571500E7E8F24B72E839368F
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/T8w0urO5oLCMbMHltEana08LxmE.roa
Signing time: Mon 20 Feb 2023 08:43:17 +0000
ROA not before: Mon 20 Feb 2023 08:43:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 164.215.100.0/24 maxlen: 24
164.215.103.0/24 maxlen: 24
164.215.102.0/24 maxlen: 24
85.158.146.0/24 maxlen: 24
109.205.210.0/24 maxlen: 24
5.10.240.0/22 maxlen: 22
5.10.252.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6d:fd:d6:84:57:15:00:e7:e8:f2:4b:72:e8:39:36:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Feb 20 08:43:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fcc34bab3b9a0b08c6cc1e5b446a76b4f0bc661
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7d:1b:13:4b:b5:f0:e7:60:21:b7:6e:63:41:
21:89:1b:9a:96:64:3c:6b:af:54:98:93:d7:41:e0:
a1:3b:d4:99:56:ea:2c:58:56:6c:37:5b:e0:f9:6d:
ee:6f:20:ec:a7:d3:b4:23:54:e7:31:cf:ed:da:1c:
06:74:3c:dc:08:b9:1b:9b:a3:53:5a:7a:1f:2e:e3:
e5:55:73:47:ee:6d:39:64:56:b5:7a:28:09:97:45:
88:6b:2e:08:71:3b:0f:fe:a9:0a:1f:13:70:cc:96:
53:5e:bc:7d:1f:a3:5f:3a:95:38:09:97:fe:a0:ed:
c9:3c:14:b4:08:db:bc:c9:53:49:e5:d6:81:7e:cd:
4c:89:8c:c5:ec:d1:80:c1:87:55:b1:88:e1:5c:1c:
6b:52:79:a4:12:10:01:65:21:49:53:e2:f0:1b:52:
06:bb:8f:d5:4e:e2:d5:a8:f0:6f:2b:f2:a7:0e:b8:
4f:c8:87:a7:57:e3:da:3d:73:e6:10:34:d8:a8:e4:
ab:e4:76:bd:4f:cc:50:b4:e7:7f:de:52:a8:55:8d:
49:a0:25:36:cf:47:10:ae:84:2e:b7:11:fa:8f:b9:
8d:84:30:93:b5:b7:88:a3:d1:ab:b5:3d:69:87:a1:
a9:07:6b:c6:04:75:93:f9:19:61:ed:73:e3:ee:81:
e1:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:CC:34:BA:B3:B9:A0:B0:8C:6C:C1:E5:B4:46:A7:6B:4F:0B:C6:61
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/T8w0urO5oLCMbMHltEana08LxmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.240.0/22
5.10.252.0/22
85.158.146.0/24
109.205.210.0/24
164.215.100.0/24
164.215.102.0/23
Signature Algorithm: sha256WithRSAEncryption
64:2d:8f:b8:ec:ac:7b:25:6f:8b:0a:f4:a7:e5:3f:95:0d:9b:
7e:36:7d:9b:a7:88:c0:f3:a3:5b:1b:81:51:fb:33:80:9a:e3:
92:ed:68:d5:fe:1b:bc:06:17:95:02:d0:8f:a3:2e:f3:41:e1:
cb:cb:ca:0d:dc:c2:87:d3:87:40:48:26:6e:70:d6:9b:4d:b7:
e8:59:88:a4:67:09:4a:05:13:1f:bd:66:0b:23:4b:8c:d2:1c:
cf:ce:ba:19:dd:79:79:90:1a:3e:65:ad:f8:da:89:cc:19:f5:
16:90:ec:42:44:b3:c4:ea:7a:63:8a:61:a1:bd:64:a6:29:5e:
e8:31:d1:7c:fa:d1:c7:8e:c9:e3:2b:71:ef:2f:04:47:d2:c0:
d6:e3:87:51:63:03:72:8f:93:40:82:82:d3:89:4f:ef:3b:6c:
a3:16:86:be:69:2a:59:09:23:8f:a4:47:11:46:a3:6c:13:e8:
a1:93:58:94:13:9e:90:64:1e:89:bb:7b:05:cc:1b:aa:ac:81:
f6:32:40:0d:8b:9d:52:0f:41:c7:f7:5f:87:86:4e:d2:2f:2e:
60:2d:19:1a:bd:a7:ff:16:3f:c1:86:85:e2:f5:19:dc:46:aa:
42:20:33:e5:ec:cf:a5:65:bc:e7:d3:c4:be:75:9c:90:81:f4:
bd:7a:fe:9e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYZt/daEVxUA5+jyS3LoOTaPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwMjIwMDg0MzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmNjMzRiYWIzYjlhMGIwOGM2Y2MxZTViNDQ2YTc2YjRmMGJjNjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApH0bE0u18OdgIbduY0EhiRualmQ8
a69UmJPXQeChO9SZVuosWFZsN1vg+W3ubyDsp9O0I1TnMc/t2hwGdDzcCLkbm6NT
WnofLuPlVXNH7m05ZFa1eigJl0WIay4IcTsP/qkKHxNwzJZTXrx9H6NfOpU4CZf+
oO3JPBS0CNu8yVNJ5daBfs1MiYzF7NGAwYdVsYjhXBxrUnmkEhABZSFJU+LwG1IG
u4/VTuLVqPBvK/KnDrhPyIenV+PaPXPmEDTYqOSr5Ha9T8xQtOd/3lKoVY1JoCU2
z0cQroQutxH6j7mNhDCTtbeIo9GrtT1ph6GpB2vGBHWT+Rlh7XPj7oHh8wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFE/MNLqzuaCwjGzB5bRGp2tPC8ZhMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvVDh3MHVyTzVvTENNYk1IbHRFYW5hMDhMeG1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBQrwAwQC
BQr8AwQAVZ6SAwQAbc3SAwQApNdkAwQBpNdmMA0GCSqGSIb3DQEBCwUAA4IBAQBk
LY+47Kx7JW+LCvSn5T+VDZt+Nn2bp4jA86NbG4FR+zOAmuOS7WjV/hu8BheVAtCP
oy7zQeHLy8oN3MKH04dASCZucNabTbfoWYikZwlKBRMfvWYLI0uM0hzPzroZ3Xl5
kBo+Za342onMGfUWkOxCRLPE6npjimGhvWSmKV7oMdF8+tHHjsnjK3HvLwRH0sDW
44dRYwNyj5NAgoLTiU/vO2yjFoa+aSpZCSOPpEcRRqNsE+ihk1iUE56QZB6Ju3sF
zBuqrIH2MkANi51SD0HH91+Hhk7SLy5gLRkavaf/Fj/BhoXi9RncRqpCIDPl7M+l
Zbzn08S+dZyQgfS9ev6e
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:41 2025 by rpki-client