Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/5LVRemOUgEcBeIRGRC0DA-bUp3A.roa
File: 5LVRemOUgEcBeIRGRC0DA-bUp3A.roa (raw, json)
Hash identifier: z0PmvJGrjandZ3p5gR4+OvABlhpSIGqiU8ekAmDZaVY=
Subject key identifier: E4:B5:51:7A:63:94:80:47:01:78:84:46:44:2D:03:03:E6:D4:A7:70
Certificate issuer: /CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Certificate serial: 0188FBD00EC4F1F6B1A6F00C13F82486C7E7
Authority key identifier: 09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/5LVRemOUgEcBeIRGRC0DA-bUp3A.roa
Signing time: Tue 27 Jun 2023 07:44:56 +0000
ROA not before: Tue 27 Jun 2023 07:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202053
IP address blocks: 185.20.136.0/22 maxlen: 22
94.237.2.0/23 maxlen: 23
94.237.124.0/23 maxlen: 23
185.70.196.0/22 maxlen: 22
94.237.126.0/24 maxlen: 24
194.62.96.0/22 maxlen: 22
5.22.208.0/21 maxlen: 21
185.26.48.0/22 maxlen: 22
5.22.216.0/22 maxlen: 22
5.22.220.0/22 maxlen: 22
95.111.208.0/22 maxlen: 22
95.111.216.0/21 maxlen: 21
83.136.248.0/21 maxlen: 21
95.111.192.0/20 maxlen: 20
80.69.172.0/22 maxlen: 22
2a04:3546::/32 maxlen: 32
2a04:3542::/32 maxlen: 32
2a04:3542:8000::/34 maxlen: 34
2a04:3543::/32 maxlen: 32
2a04:3541::/32 maxlen: 32
2a04:3544:8000::/34 maxlen: 34
2a04:3544::/32 maxlen: 32
2a04:3540::/32 maxlen: 32
2a04:3545::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fb:d0:0e:c4:f1:f6:b1:a6:f0:0c:13:f8:24:86:c7:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Validity
Not Before: Jun 27 07:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4b5517a6394804701788446442d0303e6d4a770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:d2:b8:8f:13:46:3f:95:30:dd:ae:a1:18:7e:
fb:2e:6c:85:7d:2e:d1:91:17:bf:8f:2e:9e:00:1e:
51:0b:ab:39:17:99:46:0f:20:e7:d2:f8:51:ac:40:
3d:a2:41:f0:8c:48:53:f6:5c:60:eb:d5:43:44:bb:
77:a0:92:97:ac:c4:4e:f4:3f:59:64:97:8b:9f:a3:
94:62:d0:9f:48:a5:b9:b1:c2:8c:b7:96:e0:3c:a7:
8c:16:c8:68:8e:df:d8:7a:ff:c2:1c:bd:28:82:49:
2d:73:78:91:21:b1:cc:93:82:29:21:17:04:91:2a:
56:38:e2:aa:12:84:62:6e:b5:3a:97:77:1b:3a:a1:
58:ec:2d:f5:c6:34:56:ac:dc:8f:ef:5c:39:8d:d0:
ee:78:60:3f:41:7e:25:8a:3b:bb:e0:3b:d3:c3:d6:
fc:3b:00:09:d0:b6:13:b7:8b:60:c6:3a:8b:f7:86:
f8:38:4e:1e:e8:78:e2:b5:c8:5c:c5:2f:ff:3e:34:
3f:f4:00:57:82:fe:62:9a:e9:67:75:47:09:32:d4:
d8:f6:41:5b:c0:87:18:56:50:37:b5:8c:08:05:df:
c0:49:f3:1d:79:3a:46:51:0b:c2:05:86:1c:6c:b8:
a9:a0:80:19:8e:f6:8d:f8:f6:03:b1:7c:05:bb:49:
18:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:B5:51:7A:63:94:80:47:01:78:84:46:44:2D:03:03:E6:D4:A7:70
X509v3 Authority Key Identifier:
keyid:09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/5LVRemOUgEcBeIRGRC0DA-bUp3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.208.0/20
80.69.172.0/22
83.136.248.0/21
94.237.2.0/23
94.237.124.0-94.237.126.255
95.111.192.0-95.111.211.255
95.111.216.0/21
185.20.136.0/22
185.26.48.0/22
185.70.196.0/22
194.62.96.0/22
IPv6:
2a04:3540::-2a04:3546:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
17:10:b2:a4:e9:b6:ec:d4:f6:99:98:db:94:c1:3f:f6:d0:6a:
88:a2:d9:af:cb:c4:dc:7e:f4:aa:bd:0f:68:fd:15:69:cd:d2:
f3:be:8c:10:12:ac:01:3d:2f:ed:e2:fe:bb:84:a7:df:b0:e8:
00:3c:91:f3:89:ba:17:b4:31:44:dd:fe:57:9d:c4:7a:1a:22:
10:ef:85:0a:10:55:a5:f4:24:0c:c8:65:01:60:4f:1e:6f:ae:
53:8e:c0:c8:89:59:ff:ad:7e:4a:01:55:2c:5e:53:a8:1e:f3:
86:a2:69:fe:f9:8b:10:e0:57:49:9e:df:f4:d8:bd:1e:bd:be:
ba:b5:9e:f0:47:d9:59:b2:04:bd:ed:1d:01:c7:6c:de:d4:c3:
5d:b9:a2:55:74:00:ea:da:b2:74:c0:3e:85:91:3d:79:57:4f:
e9:e0:21:64:11:be:92:6d:2c:50:1d:ce:52:01:9b:04:8a:52:
ae:f9:a6:ed:68:f6:b1:18:a0:e5:6a:86:bd:50:1c:74:9e:5a:
a9:94:5e:5f:4b:6f:46:5a:93:8c:4a:25:f5:e8:1e:e9:6c:08:
fc:0b:46:37:bd:03:d0:16:c7:9e:ef:08:38:da:7b:d0:5f:fa:
bf:61:60:72:19:2c:e7:56:78:5e:37:80:eb:c6:eb:46:af:74:
e1:a1:04:1c
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYj70A7E8faxpvAME/gkhsfnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWExZjJkYmY3YjdhODRhZTU3YjhkNjc0MjZiN2U0ZTQy
MGZhYjUwHhcNMjMwNjI3MDc0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGI1NTE3YTYzOTQ4MDQ3MDE3ODg0NDY0NDJkMDMwM2U2ZDRhNzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09K4jxNGP5Uw3a6hGH77LmyFfS7R
kRe/jy6eAB5RC6s5F5lGDyDn0vhRrEA9okHwjEhT9lxg69VDRLt3oJKXrMRO9D9Z
ZJeLn6OUYtCfSKW5scKMt5bgPKeMFshojt/Yev/CHL0ogkktc3iRIbHMk4IpIRcE
kSpWOOKqEoRibrU6l3cbOqFY7C31xjRWrNyP71w5jdDueGA/QX4liju74DvTw9b8
OwAJ0LYTt4tgxjqL94b4OE4e6HjitchcxS//PjQ/9ABXgv5imulndUcJMtTY9kFb
wIcYVlA3tYwIBd/ASfMdeTpGUQvCBYYcbLipoIAZjvaN+PYDsXwFu0kYawIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFOS1UXpjlIBHAXiERkQtAwPm1KdwMB8GA1UdIwQY
MBaAFAmaHy2/e3qErle41nQmt+TkIPq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAt
OWNkNjhmMjIxZTIxLzEvNUxWUmVtT1VnRWNCZUlSR1JDMERBLWJVcDNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAtOWNkNjhmMjIxZTIx
LzEvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwWAQCAAEwUgMEBAUW0AME
AlBFrAMEA1OI+AMEAV7tAjAMAwQCXu18AwQAXu1+MAwDBAZfb8ADBAJfb9ADBANf
b9gDBAK5FIgDBAK5GjADBAK5RsQDBALCPmAwFgQCAAIwEDAOAwUGKgQ1QAMFACoE
NUYwDQYJKoZIhvcNAQELBQADggEBABcQsqTptuzU9pmY25TBP/bQaoii2a/LxNx+
9Kq9D2j9FWnN0vO+jBASrAE9L+3i/ruEp9+w6AA8kfOJuhe0MUTd/ledxHoaIhDv
hQoQVaX0JAzIZQFgTx5vrlOOwMiJWf+tfkoBVSxeU6ge84aiaf75ixDgV0me3/TY
vR69vrq1nvBH2VmyBL3tHQHHbN7Uw125olV0AOrasnTAPoWRPXlXT+ngIWQRvpJt
LFAdzlIBmwSKUq75pu1o9rEYoOVqhr1QHHSeWqmUXl9Lb0Zak4xKJfXoHulsCPwL
Rje9A9AWx57vCDjae9Bf+r9hYHIZLOdWeF43gOvG60avdOGhBBw=
-----END CERTIFICATE-----
Generated at Wed Apr 16 00:26:54 2025 by rpki-client