Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/9ef60a-73ee-40e1-9006-c0b3b0f54beb/1/5Fpwlpq3H6Xn8CY5dZHwRy52gL4.roa
File: 5Fpwlpq3H6Xn8CY5dZHwRy52gL4.roa (raw, json)
Hash identifier: kK7pWSLsqR7DryB+HQYGtzDUyqCpNbOmf/YcsF7ZTYQ=
Subject key identifier: E4:5A:70:96:9A:B7:1F:A5:E7:F0:26:39:75:91:F0:47:2E:76:80:BE
Certificate issuer: /CN=e465acc90809efb45ccda250a1057618494b86eb
Certificate serial: 0183371DE6C500D44B25FA590D8DFAADD385
Authority key identifier: E4:65:AC:C9:08:09:EF:B4:5C:CD:A2:50:A1:05:76:18:49:4B:86:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5GWsyQgJ77RczaJQoQV2GElLhus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/9ef60a-73ee-40e1-9006-c0b3b0f54beb/1/5Fpwlpq3H6Xn8CY5dZHwRy52gL4.roa
Signing time: Tue 13 Sep 2022 13:50:49 +0000
ROA not before: Tue 13 Sep 2022 13:50:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1104
IP address blocks: 192.16.185.0/24 maxlen: 24
192.16.186.0/24 maxlen: 24
192.16.192.0/24 maxlen: 24
192.16.199.0/24 maxlen: 24
192.16.195.0/24 maxlen: 24
192.16.194.0/24 maxlen: 24
185.153.60.0/22 maxlen: 24
2a07:8500::/29 maxlen: 48
2a07:8504::/32 maxlen: 48
2a07:8504:1a0::/48 maxlen: 48
2a07:8500::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:37:1d:e6:c5:00:d4:4b:25:fa:59:0d:8d:fa:ad:d3:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e465acc90809efb45ccda250a1057618494b86eb
Validity
Not Before: Sep 13 13:50:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e45a70969ab71fa5e7f026397591f0472e7680be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ed:49:3e:87:7c:20:87:c1:fd:82:30:3a:86:
3f:51:a4:f0:40:8d:b0:66:c5:7a:f3:d2:8a:cf:19:
a2:86:ff:7e:0e:5d:6b:3a:f6:62:b7:f5:5f:72:15:
dd:77:99:1a:ca:dc:c9:89:bd:29:46:27:c7:03:5a:
66:6c:e4:5b:61:84:df:d5:fb:89:4a:00:f4:d0:47:
85:b8:90:73:03:a0:18:13:61:1c:32:31:1f:0c:29:
b9:af:de:0e:f7:06:5e:2a:83:37:99:34:db:1e:0e:
b8:fd:59:da:6f:3a:f7:8d:88:12:01:e2:9d:b5:ff:
c9:43:ac:99:86:a6:16:79:de:a2:08:e4:4c:ea:00:
f9:10:10:ba:b9:c1:12:21:ac:c9:3c:c6:12:a7:ff:
6a:d0:09:b1:19:5c:1d:d3:0d:3f:c2:86:b3:3b:8e:
2a:7f:d8:80:92:58:f2:93:84:59:86:49:6d:9a:7f:
2c:13:2f:1b:ae:70:82:c2:00:b5:4c:d1:26:66:f3:
ab:fe:d5:12:53:ea:d5:ef:4f:ab:bb:a6:11:31:aa:
21:7d:07:cd:61:47:f7:fc:3a:22:b5:0e:0f:0b:6e:
17:c7:12:a4:2f:60:b9:2e:8e:8f:a7:21:f5:24:cc:
44:24:b9:67:1e:13:0b:d8:38:5f:be:d9:55:7c:3c:
a8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:5A:70:96:9A:B7:1F:A5:E7:F0:26:39:75:91:F0:47:2E:76:80:BE
X509v3 Authority Key Identifier:
keyid:E4:65:AC:C9:08:09:EF:B4:5C:CD:A2:50:A1:05:76:18:49:4B:86:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5GWsyQgJ77RczaJQoQV2GElLhus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9ef60a-73ee-40e1-9006-c0b3b0f54beb/1/5Fpwlpq3H6Xn8CY5dZHwRy52gL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9ef60a-73ee-40e1-9006-c0b3b0f54beb/1/5GWsyQgJ77RczaJQoQV2GElLhus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.60.0/22
192.16.185.0-192.16.186.255
192.16.192.0/24
192.16.194.0/23
192.16.199.0/24
IPv6:
2a07:8500::/29
Signature Algorithm: sha256WithRSAEncryption
6d:54:9a:58:63:34:62:31:6b:7d:34:12:67:d5:0f:08:d6:0b:
b8:2f:d3:a1:fb:01:b3:78:ce:ee:c3:10:f8:1a:f0:bd:1d:e6:
0d:81:e6:fb:6f:50:7e:5a:1c:d4:fd:62:9e:24:62:b0:1a:ef:
3a:83:da:4c:c7:fd:d3:a1:68:f3:e6:85:9a:bf:58:9e:9c:57:
35:2f:c2:42:b0:ca:77:f9:ac:34:0e:d6:26:3c:80:7e:ca:e0:
d3:e6:a3:84:dc:a3:53:91:b5:76:00:31:47:e3:c4:9b:41:96:
84:9d:e3:63:3d:5c:c2:30:44:80:46:63:df:8a:ec:cc:60:86:
68:16:69:ef:42:84:81:72:04:ce:09:c4:00:a2:35:18:ff:01:
53:f5:95:69:01:23:3b:9d:69:2d:57:48:c1:0a:15:76:1f:e1:
d5:19:42:22:47:3c:db:93:57:b7:48:d5:5b:4b:8e:30:79:2a:
1e:26:3b:66:c4:82:63:88:3c:c4:79:e8:c0:be:2f:a6:b1:45:
8f:03:c0:51:d7:8e:38:e0:4e:96:db:4b:0b:52:88:17:4d:f0:
c7:92:f1:ac:cb:ae:ad:19:a6:80:5d:33:45:e9:81:f8:df:a2:
e0:e6:e0:ab:4f:89:c2:e6:d5:0f:8b:3f:98:26:c2:d1:9f:b9:
7b:d6:c1:4b
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYM3HebFANRLJfpZDY36rdOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NjVhY2M5MDgwOWVmYjQ1Y2NkYTI1MGExMDU3NjE4NDk0
Yjg2ZWIwHhcNMjIwOTEzMTM1MDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDVhNzA5NjlhYjcxZmE1ZTdmMDI2Mzk3NTkxZjA0NzJlNzY4MGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlO1JPod8IIfB/YIwOoY/UaTwQI2w
ZsV689KKzxmihv9+Dl1rOvZit/VfchXdd5kaytzJib0pRifHA1pmbORbYYTf1fuJ
SgD00EeFuJBzA6AYE2EcMjEfDCm5r94O9wZeKoM3mTTbHg64/Vnabzr3jYgSAeKd
tf/JQ6yZhqYWed6iCORM6gD5EBC6ucESIazJPMYSp/9q0AmxGVwd0w0/woazO44q
f9iAkljyk4RZhkltmn8sEy8brnCCwgC1TNEmZvOr/tUSU+rV70+ru6YRMaohfQfN
YUf3/DoitQ4PC24XxxKkL2C5Lo6PpyH1JMxEJLlnHhML2DhfvtlVfDyo5wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFORacJaatx+l5/AmOXWR8EcudoC+MB8GA1UdIwQY
MBaAFORlrMkICe+0XM2iUKEFdhhJS4brMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUdXc3lRZ0o3N1JjemFKUW9RVjJHRWxMaHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi85ZWY2MGEtNzNlZS00MGUxLTkwMDYt
YzBiM2IwZjU0YmViLzEvNUZwd2xwcTNINlhuOENZNWRaSHdSeTUyZ0w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi85ZWY2MGEtNzNlZS00MGUxLTkwMDYtYzBiM2IwZjU0YmVi
LzEvNUdXc3lRZ0o3N1JjemFKUW9RVjJHRWxMaHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQCuZk8MAwD
BADAELkDBADAELoDBADAEMADBAHAEMIDBADAEMcwDQQCAAIwBwMFAyoHhQAwDQYJ
KoZIhvcNAQELBQADggEBAG1UmlhjNGIxa300EmfVDwjWC7gv06H7AbN4zu7DEPga
8L0d5g2B5vtvUH5aHNT9Yp4kYrAa7zqD2kzH/dOhaPPmhZq/WJ6cVzUvwkKwynf5
rDQO1iY8gH7K4NPmo4Tco1ORtXYAMUfjxJtBloSd42M9XMIwRIBGY9+K7MxghmgW
ae9ChIFyBM4JxACiNRj/AVP1lWkBIzudaS1XSMEKFXYf4dUZQiJHPNuTV7dI1VtL
jjB5Kh4mO2bEgmOIPMR56MC+L6axRY8DwFHXjjjgTpbbSwtSiBdN8MeS8azLrq0Z
poBdM0XpgfjfouDm4KtPicLm1Q+LP5gmwtGfuXvWwUs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:12 2025 by rpki-client