Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/ZeHsbKp0StfvC45pQftGM68M2C8.roa
File: ZeHsbKp0StfvC45pQftGM68M2C8.roa (raw, json)
Hash identifier: IKMcKbnaKu2Jiu11IWtNfXOrgDHx6PIre4eY2KeCFjU=
Subject key identifier: 65:E1:EC:6C:AA:74:4A:D7:EF:0B:8E:69:41:FB:46:33:AF:0C:D8:2F
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0382741D
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/ZeHsbKp0StfvC45pQftGM68M2C8.roa
Signing time: Fri 06 May 2022 13:39:12 +0000
ROA not before: Fri 06 May 2022 13:39:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 85.158.145.0/24 maxlen: 24
5.178.4.0/24 maxlen: 24
109.205.211.0/24 maxlen: 24
5.178.6.0/24 maxlen: 24
5.178.7.0/24 maxlen: 24
5.178.5.0/24 maxlen: 24
5.10.243.0/24 maxlen: 24
5.10.246.0/24 maxlen: 24
5.10.249.0/24 maxlen: 24
5.10.252.0/24 maxlen: 24
5.10.255.0/24 maxlen: 24
88.151.197.0/24 maxlen: 24
88.151.198.0/24 maxlen: 24
88.151.195.0/24 maxlen: 24
88.151.199.0/24 maxlen: 24
164.215.96.0/24 maxlen: 24
164.215.97.0/24 maxlen: 24
164.215.98.0/24 maxlen: 24
164.215.99.0/24 maxlen: 24
5.10.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58881053 (0x382741d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: May 6 13:39:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=65e1ec6caa744ad7ef0b8e6941fb4633af0cd82f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ce:15:d7:b6:2d:03:65:f2:50:2f:0c:61:63:
b6:a2:2e:51:2f:42:dd:1c:a2:b1:46:32:b2:de:50:
4c:3a:ce:e2:55:b5:b7:9c:90:bc:b4:a1:99:5d:26:
0d:b0:76:bc:40:39:c4:a4:11:be:85:25:b6:01:f2:
b8:db:4c:34:34:0b:33:4f:ea:1d:d7:89:10:fa:4e:
0c:7d:52:67:d0:ce:3f:de:d1:8f:86:14:96:a5:40:
29:c8:96:4e:94:f4:38:3f:14:02:66:cf:b1:c8:df:
27:02:6c:5d:8d:f2:5d:f1:0a:2a:64:89:35:b4:e1:
5a:aa:61:68:fe:be:97:c1:86:d5:74:fe:b8:31:cd:
7f:be:83:6a:9b:a3:9a:2d:a8:98:97:3f:9d:f2:ed:
cd:59:ae:57:49:4e:47:4e:5b:00:a7:e4:cb:41:9c:
b9:87:52:a1:ae:ea:2d:91:97:41:45:26:2f:a9:39:
e3:89:28:a0:84:5c:1e:19:05:e5:4c:b5:27:87:f4:
7c:77:76:21:93:b2:f5:cb:96:66:69:53:52:fd:42:
47:09:17:28:aa:7f:7a:b6:b7:33:63:52:dd:bf:50:
87:f5:80:35:ff:26:13:fe:91:3e:c6:28:49:49:30:
3f:0a:81:5e:5d:3f:58:8d:26:28:db:71:30:ea:11:
73:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:E1:EC:6C:AA:74:4A:D7:EF:0B:8E:69:41:FB:46:33:AF:0C:D8:2F
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/ZeHsbKp0StfvC45pQftGM68M2C8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.240.0/24
5.10.243.0/24
5.10.246.0/24
5.10.249.0/24
5.10.252.0/24
5.10.255.0/24
5.178.4.0/22
85.158.145.0/24
88.151.195.0/24
88.151.197.0-88.151.199.255
109.205.211.0/24
164.215.96.0/22
Signature Algorithm: sha256WithRSAEncryption
92:9d:42:5c:ae:e6:16:3f:57:37:d5:ea:ba:a6:aa:0c:f4:3e:
a0:ad:2a:0a:ee:7b:2e:e1:2b:66:54:a1:eb:1c:84:60:1f:7b:
9c:05:c4:79:b7:51:8c:64:b8:ef:35:dc:3a:78:eb:0a:c0:d6:
4b:be:c5:97:06:09:ee:ea:37:d8:e6:5d:f1:b4:6e:b4:04:29:
de:19:3b:ac:b8:da:22:83:f7:e4:1a:62:3b:c1:15:a7:ab:d2:
5d:72:2f:a4:f6:fb:ad:30:3d:b6:89:fe:b7:6d:88:0d:57:85:
eb:a9:f8:92:f9:d1:5e:d2:bc:b6:42:ce:0b:db:10:02:19:d0:
ee:1c:5e:32:b8:ad:75:ea:b4:41:7f:42:6e:d5:62:44:39:be:
95:f8:94:56:65:e3:5f:9a:0e:a4:93:6f:6d:70:53:44:78:85:
e3:1b:9d:f8:88:2f:ed:62:e3:a0:15:15:c8:fb:14:70:c8:3d:
53:6c:3f:b6:bb:c1:c6:42:77:25:c7:32:c5:34:bc:c7:0c:56:
5b:70:a9:87:4d:8f:fd:44:3f:7c:f6:48:48:1b:f7:0d:00:f0:
f1:50:86:30:f2:73:8c:14:b0:c4:7b:73:53:34:83:65:66:21:
bb:57:bd:e8:16:bf:2b:bd:22:6c:a4:ba:f1:4e:69:1d:b7:e9:
43:03:4e:f3
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIEA4J0HTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDA2YTQyYmIyNDQ2ZTUxZjE5MmVhMzc1YmRmN2VlYzVhNTFjNzdmMB4XDTIyMDUw
NjEzMzkxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjVlMWVjNmNhYTc0
NGFkN2VmMGI4ZTY5NDFmYjQ2MzNhZjBjZDgyZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnOFde2LQNl8lAvDGFjtqIuUS9C3RyisUYyst5QTDrO4lW1
t5yQvLShmV0mDbB2vEA5xKQRvoUltgHyuNtMNDQLM0/qHdeJEPpODH1SZ9DOP97R
j4YUlqVAKciWTpT0OD8UAmbPscjfJwJsXY3yXfEKKmSJNbThWqphaP6+l8GG1XT+
uDHNf76Dapujmi2omJc/nfLtzVmuV0lOR05bAKfky0GcuYdSoa7qLZGXQUUmL6k5
44kooIRcHhkF5Uy1J4f0fHd2IZOy9cuWZmlTUv1CRwkXKKp/era3M2NS3b9Qh/WA
Nf8mE/6RPsYoSUkwPwqBXl0/WI0mKNtxMOoRc7sCAwEAAaOCAlMwggJPMB0GA1Ud
DgQWBBRl4exsqnRK1+8LjmlB+0YzrwzYLzAfBgNVHSMEGDAWgBR9BqQrskRuUfGS
6jdb337sWlHHfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZRYWtLN0pFYmxIeGt1bzNXOTktN0ZwUngzOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvNzgwMDJhLTRmYzAtNGRiZi04NTg1LTJjZjgwNmIyZDBmMi8x
L1plSHNiS3AwU3RmdkM0NXBRZnRHTTY4TTJDOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
NzgwMDJhLTRmYzAtNGRiZi04NTg1LTJjZjgwNmIyZDBmMi8xL2ZRYWtLN0pFYmxI
eGt1bzNXOTktN0ZwUngzOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBp
BggrBgEFBQcBBwEB/wRaMFgwVgQCAAEwUAMEAAUK8AMEAAUK8wMEAAUK9gMEAAUK
+QMEAAUK/AMEAAUK/wMEAgWyBAMEAFWekQMEAFiXwzAMAwQAWJfFAwQDWJfAAwQA
bc3TAwQCpNdgMA0GCSqGSIb3DQEBCwUAA4IBAQCSnUJcruYWP1c31eq6pqoM9D6g
rSoK7nsu4StmVKHrHIRgH3ucBcR5t1GMZLjvNdw6eOsKwNZLvsWXBgnu6jfY5l3x
tG60BCneGTusuNoig/fkGmI7wRWnq9Jdci+k9vutMD22if63bYgNV4XrqfiS+dFe
0ry2Qs4L2xACGdDuHF4yuK116rRBf0Ju1WJEOb6V+JRWZeNfmg6kk29tcFNEeIXj
G534iC/tYuOgFRXI+xRwyD1TbD+2u8HGQnclxzLFNLzHDFZbcKmHTY/9RD989khI
G/cNAPDxUIYw8nOMFLDEe3NTNINlZiG7V73oFr8rvSJspLrxTmkdt+lDA07z
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:27 2025 by rpki-client