Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/pb70xkFlvDMaFN_or5V0BplmHCg.roa
File: pb70xkFlvDMaFN_or5V0BplmHCg.roa (raw, json)
Hash identifier: 4hUGFsVz1/pxJUiwB1EtJkgqrppe/CZEQT8l2pEAdO8=
Subject key identifier: A5:BE:F4:C6:41:65:BC:33:1A:14:DF:E8:AF:95:74:06:99:66:1C:28
Certificate issuer: /CN=ae501827144a3188bea1ccee58656fd6429d8f95
Certificate serial: 018570F0BEEBE31DAC5A774554D18A9D769B
Authority key identifier: AE:50:18:27:14:4A:31:88:BE:A1:CC:EE:58:65:6F:D6:42:9D:8F:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rlAYJxRKMYi-oczuWGVv1kKdj5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/pb70xkFlvDMaFN_or5V0BplmHCg.roa
Signing time: Mon 02 Jan 2023 05:25:03 +0000
ROA not before: Mon 02 Jan 2023 05:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48152
IP address blocks: 185.173.76.0/22 maxlen: 24
137.221.32.0/19 maxlen: 24
2a0b:3d00::/30 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:be:eb:e3:1d:ac:5a:77:45:54:d1:8a:9d:76:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae501827144a3188bea1ccee58656fd6429d8f95
Validity
Not Before: Jan 2 05:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5bef4c64165bc331a14dfe8af95740699661c28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:73:5b:e9:92:f8:37:97:5b:17:20:19:5e:96:
db:e1:ea:e2:90:02:67:9f:d4:de:29:9e:74:88:b6:
8a:f8:ef:e2:b8:bb:66:16:54:d5:2d:71:f4:ec:87:
b8:bb:02:77:79:d4:53:58:1b:b6:60:58:97:a7:3d:
80:52:3d:06:22:d9:64:72:2f:20:e1:7f:6f:50:03:
c3:b6:20:e3:ff:a6:20:28:32:33:70:09:05:b9:7c:
d8:44:44:c2:5d:db:0f:40:b2:f3:5d:da:6d:7c:71:
3a:3c:2c:00:fb:8b:f0:08:19:a1:40:90:af:d3:14:
cc:69:eb:5d:90:f0:77:e8:b7:36:e4:f7:a2:a6:6f:
a0:a6:52:b8:c7:be:4e:c8:f0:df:1a:3e:86:05:5c:
51:93:69:7a:52:c1:7b:2b:c9:f6:88:8c:f3:fc:45:
46:91:79:fd:89:19:a7:88:12:b1:83:e0:f3:67:54:
1a:ef:28:83:2f:32:59:e9:c7:66:e7:16:70:64:eb:
5b:a6:cc:8c:7e:e5:f4:d4:87:18:fc:ba:82:95:bc:
b4:ca:d4:f0:aa:0a:1a:df:4a:61:7a:99:f4:58:fa:
0a:67:49:85:97:fd:82:ca:35:d2:3a:4c:fb:73:6d:
e5:42:89:34:86:7d:d5:ee:89:3c:4e:4d:69:d1:4d:
37:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:BE:F4:C6:41:65:BC:33:1A:14:DF:E8:AF:95:74:06:99:66:1C:28
X509v3 Authority Key Identifier:
keyid:AE:50:18:27:14:4A:31:88:BE:A1:CC:EE:58:65:6F:D6:42:9D:8F:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rlAYJxRKMYi-oczuWGVv1kKdj5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/pb70xkFlvDMaFN_or5V0BplmHCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/rlAYJxRKMYi-oczuWGVv1kKdj5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.221.32.0/19
185.173.76.0/22
IPv6:
2a0b:3d00::/30
Signature Algorithm: sha256WithRSAEncryption
76:a9:f3:64:48:d7:16:ef:1d:f4:a9:2e:5b:3c:dc:28:22:d3:
00:4f:1d:b8:5e:31:97:fa:09:20:a2:9c:76:1e:01:86:7f:f5:
51:90:74:cd:e5:63:e8:03:61:42:5b:5c:4e:d1:6e:9e:a0:da:
73:12:1d:cf:cc:48:64:ac:2d:8b:13:70:54:b0:1a:1b:d9:ff:
89:91:15:e1:83:2a:84:33:9e:ba:de:37:3f:66:4a:80:97:fb:
2a:66:6f:f2:25:7e:64:13:92:c3:ef:5f:26:9a:d7:b7:01:95:
05:1a:60:41:e4:8a:ab:5d:d7:7d:a5:cf:b7:e4:3c:c9:83:de:
14:38:68:6b:de:f6:7e:06:d0:44:d2:fb:7a:16:96:aa:9f:79:
a4:85:30:82:33:80:f4:07:48:81:43:5c:38:04:6b:9d:70:2c:
81:72:17:04:42:ab:c4:58:6b:df:b0:2a:b9:51:fb:b0:b9:3f:
c0:a9:93:82:18:88:ec:d5:d7:42:56:e9:87:46:1e:38:55:68:
8a:44:91:21:8c:33:b1:25:ee:b2:74:7a:cd:da:74:1f:33:70:
43:a3:c1:54:30:a3:0d:b3:a2:cf:74:f3:8c:6c:5c:a8:fb:7e:
4b:3f:77:8a:b6:38:1b:71:49:c2:2f:7f:6d:fa:00:33:da:c5:
49:c2:26:4b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVw8L7r4x2sWndFVNGKnXabMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNTAxODI3MTQ0YTMxODhiZWExY2NlZTU4NjU2ZmQ2NDI5
ZDhmOTUwHhcNMjMwMTAyMDUyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWJlZjRjNjQxNjViYzMzMWExNGRmZThhZjk1NzQwNjk5NjYxYzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXNb6ZL4N5dbFyAZXpbb4erikAJn
n9TeKZ50iLaK+O/iuLtmFlTVLXH07Ie4uwJ3edRTWBu2YFiXpz2AUj0GItlkci8g
4X9vUAPDtiDj/6YgKDIzcAkFuXzYRETCXdsPQLLzXdptfHE6PCwA+4vwCBmhQJCv
0xTMaetdkPB36Lc25Peipm+gplK4x75OyPDfGj6GBVxRk2l6UsF7K8n2iIzz/EVG
kXn9iRmniBKxg+DzZ1Qa7yiDLzJZ6cdm5xZwZOtbpsyMfuX01IcY/LqClby0ytTw
qgoa30phepn0WPoKZ0mFl/2CyjXSOkz7c23lQok0hn3V7ok8Tk1p0U03qQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKW+9MZBZbwzGhTf6K+VdAaZZhwoMB8GA1UdIwQY
MBaAFK5QGCcUSjGIvqHM7lhlb9ZCnY+VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmxBWUp4UktNWWktb2N6dVdHVnYxa0tkajVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81ZjU2YWYtZWJmYi00Yzg4LWEwODIt
MDk4NmQ4YjBjNmQ5LzEvcGI3MHhrRmx2RE1hRk5fb3I1VjBCcGxtSENnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81ZjU2YWYtZWJmYi00Yzg4LWEwODItMDk4NmQ4YjBjNmQ5
LzEvcmxBWUp4UktNWWktb2N6dVdHVnYxa0tkajVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFid0gAwQC
ua1MMA0EAgACMAcDBQIqCz0AMA0GCSqGSIb3DQEBCwUAA4IBAQB2qfNkSNcW7x30
qS5bPNwoItMATx24XjGX+gkgopx2HgGGf/VRkHTN5WPoA2FCW1xO0W6eoNpzEh3P
zEhkrC2LE3BUsBob2f+JkRXhgyqEM5663jc/ZkqAl/sqZm/yJX5kE5LD718mmte3
AZUFGmBB5IqrXdd9pc+35DzJg94UOGhr3vZ+BtBE0vt6Fpaqn3mkhTCCM4D0B0iB
Q1w4BGudcCyBchcEQqvEWGvfsCq5UfuwuT/AqZOCGIjs1ddCVumHRh44VWiKRJEh
jDOxJe6ydHrN2nQfM3BDo8FUMKMNs6LPdPOMbFyo+35LP3eKtjgbcUnCL39t+gAz
2sVJwiZL
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:09:57 2025 by rpki-client