Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/d3b263-b0f1-4a6b-912e-373dda43f792/1/pHTF6IuAxQiLHXZLmIp6VySmiqc.roa
File: pHTF6IuAxQiLHXZLmIp6VySmiqc.roa (raw, json)
Hash identifier: e7D87r6We42h6ANChxd6MNes9+EOMiEU+KnE/j8Jqew=
Subject key identifier: A4:74:C5:E8:8B:80:C5:08:8B:1D:76:4B:98:8A:7A:57:24:A6:8A:A7
Certificate issuer: /CN=ce2b10d89b5537913503127eb87226afb89d1b2d
Certificate serial: 018571F9EB0B291028848B72BFBD70693696
Authority key identifier: CE:2B:10:D8:9B:55:37:91:35:03:12:7E:B8:72:26:AF:B8:9D:1B:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zisQ2JtVN5E1AxJ-uHImr7idGy0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/d3b263-b0f1-4a6b-912e-373dda43f792/1/pHTF6IuAxQiLHXZLmIp6VySmiqc.roa
Signing time: Mon 02 Jan 2023 10:14:42 +0000
ROA not before: Mon 02 Jan 2023 10:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20978
IP address blocks: 176.220.0.0/16 maxlen: 24
151.135.0.0/16 maxlen: 24
95.173.0.0/19 maxlen: 24
185.4.68.0/22 maxlen: 24
5.176.0.0/15 maxlen: 24
94.235.0.0/16 maxlen: 24
217.174.32.0/20 maxlen: 24
37.154.0.0/15 maxlen: 24
46.104.0.0/16 maxlen: 24
213.211.0.0/19 maxlen: 24
5.44.80.0/20 maxlen: 24
176.30.0.0/16 maxlen: 24
5.46.0.0/15 maxlen: 24
188.41.0.0/16 maxlen: 24
2a02:2010::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f9:eb:0b:29:10:28:84:8b:72:bf:bd:70:69:36:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce2b10d89b5537913503127eb87226afb89d1b2d
Validity
Not Before: Jan 2 10:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a474c5e88b80c5088b1d764b988a7a5724a68aa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ce:d9:e8:86:d7:51:78:6f:64:3c:34:34:12:
86:28:f9:2b:89:71:91:a8:b4:87:90:41:3b:2b:01:
38:6b:5f:e2:15:ac:9e:1b:b6:26:37:f0:af:fc:0b:
7a:14:51:7e:16:51:da:c7:76:69:0b:8c:2d:0a:c9:
e7:c3:33:2e:dd:a3:72:d5:96:47:96:70:bc:1b:a1:
78:33:81:29:61:4e:f3:83:f4:e7:34:ae:33:61:1b:
35:1a:88:ec:2e:22:ed:93:c7:18:09:21:cf:0e:cf:
10:f7:ef:e5:d1:df:4d:a5:d0:ed:6a:11:6d:ba:f5:
4d:a2:d0:40:8d:27:97:63:38:88:aa:e8:fa:c6:bf:
6f:82:47:70:cf:df:63:be:6d:62:ea:75:a1:2d:0b:
d8:c4:b1:a4:2c:df:6d:6f:81:fa:b8:4e:2d:98:70:
c4:22:37:5b:3c:9b:8c:80:f5:a9:2a:a4:f9:c3:ec:
d2:c1:68:c2:a0:56:08:55:57:a1:c8:bd:40:6b:06:
e0:ea:87:a8:79:04:34:a1:07:12:d7:5f:1c:f1:e0:
c5:f3:ae:2e:fd:f3:70:69:65:f3:fd:b6:22:2c:3d:
dd:2c:77:45:6d:6c:30:b7:d2:87:be:7b:1e:51:4f:
af:30:bb:93:2b:df:31:65:48:5d:02:e8:f7:c0:e0:
ae:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:74:C5:E8:8B:80:C5:08:8B:1D:76:4B:98:8A:7A:57:24:A6:8A:A7
X509v3 Authority Key Identifier:
keyid:CE:2B:10:D8:9B:55:37:91:35:03:12:7E:B8:72:26:AF:B8:9D:1B:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zisQ2JtVN5E1AxJ-uHImr7idGy0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/d3b263-b0f1-4a6b-912e-373dda43f792/1/pHTF6IuAxQiLHXZLmIp6VySmiqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/d3b263-b0f1-4a6b-912e-373dda43f792/1/zisQ2JtVN5E1AxJ-uHImr7idGy0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.80.0/20
5.46.0.0/15
5.176.0.0/15
37.154.0.0/15
46.104.0.0/16
94.235.0.0/16
95.173.0.0/19
151.135.0.0/16
176.30.0.0/16
176.220.0.0/16
185.4.68.0/22
188.41.0.0/16
213.211.0.0/19
217.174.32.0/20
IPv6:
2a02:2010::/29
Signature Algorithm: sha256WithRSAEncryption
a9:89:94:43:4b:11:1b:06:df:b0:21:3e:54:0e:f9:13:d4:33:
21:3f:7d:23:37:4b:5c:61:e1:69:04:d8:25:2f:d2:8a:2c:1b:
1d:92:6a:c5:3e:58:ad:69:e1:d7:c0:8c:05:c4:ab:39:5b:8f:
f9:e1:46:f5:fc:d8:16:e1:9e:73:c3:91:90:d8:6b:6d:80:8b:
c7:d0:97:fd:c8:df:b2:5c:30:dd:5c:cd:ed:3f:36:64:84:3f:
da:a4:1d:cd:cd:58:a5:28:c7:27:b1:42:6e:8c:c8:4d:0e:1a:
f0:fd:7c:e8:15:e8:7e:fe:a0:37:7c:60:fb:e5:de:f0:91:fa:
d9:3d:7f:82:22:7e:ac:a5:af:14:bc:07:80:68:0b:1a:9f:aa:
07:17:e5:64:cc:d5:3b:41:b5:65:d8:e3:dc:23:2e:fa:da:b6:
8f:7e:bc:17:c4:67:5c:54:97:5e:20:18:bd:20:83:17:14:35:
ca:fc:0b:83:b3:63:cb:0e:11:55:f3:35:59:49:5f:89:de:fb:
d7:66:f4:7a:ed:7f:de:43:d2:0e:b9:e5:f8:bc:fa:fb:38:67:
56:cc:5d:c4:b8:4c:b1:b8:45:34:f6:dc:5e:1f:91:d0:8e:47:
2e:95:85:3f:ba:0d:2b:e1:ce:b9:f1:5e:a4:9e:28:34:12:b7:
8d:1b:a5:5c
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYVx+esLKRAohItyv71waTaWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMmIxMGQ4OWI1NTM3OTEzNTAzMTI3ZWI4NzIyNmFmYjg5
ZDFiMmQwHhcNMjMwMTAyMTAxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDc0YzVlODhiODBjNTA4OGIxZDc2NGI5ODhhN2E1NzI0YTY4YWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxc7Z6IbXUXhvZDw0NBKGKPkriXGR
qLSHkEE7KwE4a1/iFayeG7YmN/Cv/At6FFF+FlHax3ZpC4wtCsnnwzMu3aNy1ZZH
lnC8G6F4M4EpYU7zg/TnNK4zYRs1GojsLiLtk8cYCSHPDs8Q9+/l0d9NpdDtahFt
uvVNotBAjSeXYziIquj6xr9vgkdwz99jvm1i6nWhLQvYxLGkLN9tb4H6uE4tmHDE
IjdbPJuMgPWpKqT5w+zSwWjCoFYIVVehyL1Aawbg6oeoeQQ0oQcS118c8eDF864u
/fNwaWXz/bYiLD3dLHdFbWwwt9KHvnseUU+vMLuTK98xZUhdAuj3wOCujwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFKR0xeiLgMUIix12S5iKelckpoqnMB8GA1UdIwQY
MBaAFM4rENibVTeRNQMSfrhyJq+4nRstMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemlzUTJKdFZONUUxQXhKLXVISW1yN2lkR3kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9kM2IyNjMtYjBmMS00YTZiLTkxMmUt
MzczZGRhNDNmNzkyLzEvcEhURjZJdUF4UWlMSFhaTG1JcDZWeVNtaXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9kM2IyNjMtYjBmMS00YTZiLTkxMmUtMzczZGRhNDNmNzky
LzEvemlzUTJKdFZONUUxQXhKLXVISW1yN2lkR3kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBRBAIAATBLAwQEBSxQAwMB
BS4DAwEFsAMDASWaAwMALmgDAwBe6wMEBV+tAAMDAJeHAwMAsB4DAwCw3AMEArkE
RAMDALwpAwQF1dMAAwQE2a4gMA0EAgACMAcDBQMqAiAQMA0GCSqGSIb3DQEBCwUA
A4IBAQCpiZRDSxEbBt+wIT5UDvkT1DMhP30jN0tcYeFpBNglL9KKLBsdkmrFPlit
aeHXwIwFxKs5W4/54Ub1/NgW4Z5zw5GQ2GttgIvH0Jf9yN+yXDDdXM3tPzZkhD/a
pB3NzVilKMcnsUJujMhNDhrw/XzoFeh+/qA3fGD75d7wkfrZPX+CIn6spa8UvAeA
aAsan6oHF+VkzNU7QbVl2OPcIy762raPfrwXxGdcVJdeIBi9IIMXFDXK/AuDs2PL
DhFV8zVZSV+J3vvXZvR67X/eQ9IOueX4vPr7OGdWzF3EuEyxuEU09txeH5HQjkcu
lYU/ug0r4c658V6knig0EreNG6Vc
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:06 2025 by rpki-client