Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CgXUeiSyhAbBCuVFReCEqpd-eVE.roa
File: CgXUeiSyhAbBCuVFReCEqpd-eVE.roa (raw, json)
Hash identifier: rv3YIf/zyQfm0J+XVSypwYjF2V2nDgOfeEVs125xW2A=
Subject key identifier: 0A:05:D4:7A:24:B2:84:06:C1:0A:E5:45:45:E0:84:AA:97:7E:79:51
Certificate issuer: /CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Certificate serial: 0188FB72AE7CE4B627B7E5BA00ACF5891D32
Authority key identifier: 09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CgXUeiSyhAbBCuVFReCEqpd-eVE.roa
Signing time: Tue 27 Jun 2023 06:02:56 +0000
ROA not before: Tue 27 Jun 2023 06:02:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202053
IP address blocks: 185.20.136.0/22 maxlen: 22
185.70.196.0/22 maxlen: 22
194.62.96.0/22 maxlen: 22
5.22.208.0/21 maxlen: 21
185.26.48.0/22 maxlen: 22
5.22.216.0/22 maxlen: 22
5.22.220.0/22 maxlen: 22
95.111.208.0/22 maxlen: 22
95.111.216.0/21 maxlen: 21
83.136.248.0/21 maxlen: 21
95.111.192.0/20 maxlen: 20
80.69.172.0/22 maxlen: 22
2a04:3546::/32 maxlen: 32
2a04:3542::/32 maxlen: 32
2a04:3542:8000::/34 maxlen: 34
2a04:3543::/32 maxlen: 32
2a04:3541::/32 maxlen: 32
2a04:3544:8000::/34 maxlen: 34
2a04:3544::/32 maxlen: 32
2a04:3540::/32 maxlen: 32
2a04:3545::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fb:72:ae:7c:e4:b6:27:b7:e5:ba:00:ac:f5:89:1d:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Validity
Not Before: Jun 27 06:02:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a05d47a24b28406c10ae54545e084aa977e7951
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:31:0c:eb:1a:b7:68:90:a7:f0:62:aa:89:42:
96:f2:08:5b:33:41:e4:fd:f3:27:d1:f0:d1:21:b8:
32:00:08:31:e8:cf:44:66:b5:d3:aa:e3:1d:01:77:
9a:44:0b:d6:93:8d:b7:5d:3a:0a:b8:50:20:16:a4:
82:a7:58:84:69:cb:93:50:05:4f:f0:c0:8a:58:c3:
4c:b3:64:e0:c9:e0:46:7a:9f:58:a7:61:92:93:1e:
90:e0:4a:46:40:5c:bc:c4:85:96:8d:57:be:70:7b:
ee:a1:c4:86:6a:f7:8b:b1:13:39:84:fd:43:04:79:
c0:40:c5:2d:b9:44:28:e0:04:9c:70:f2:c4:dc:cb:
75:c4:4f:3f:24:81:d4:ae:d0:0e:7c:61:b4:7f:a9:
4d:4d:9d:c1:04:72:03:cf:a5:7c:d5:25:d5:f8:a6:
8b:ee:33:90:c9:3c:a6:d1:5b:70:eb:c4:6f:a8:bf:
73:29:ed:9b:5d:f0:42:96:47:ac:41:6f:28:83:a4:
36:c9:3b:fc:34:dc:9b:7d:9f:e2:ec:20:15:f0:1b:
5c:c9:f9:a3:f7:2d:c4:16:20:a9:22:a0:84:5e:b4:
d9:77:a3:21:83:83:17:9a:14:5e:e3:0e:6e:01:d6:
3e:00:46:3f:24:f0:9d:d5:23:55:29:66:e7:ae:1d:
ce:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:05:D4:7A:24:B2:84:06:C1:0A:E5:45:45:E0:84:AA:97:7E:79:51
X509v3 Authority Key Identifier:
keyid:09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CgXUeiSyhAbBCuVFReCEqpd-eVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.208.0/20
80.69.172.0/22
83.136.248.0/21
95.111.192.0-95.111.211.255
95.111.216.0/21
185.20.136.0/22
185.26.48.0/22
185.70.196.0/22
194.62.96.0/22
IPv6:
2a04:3540::-2a04:3546:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
24:36:dc:91:5b:67:f4:b4:6d:8e:7a:66:b9:99:cd:5c:88:93:
1b:c8:c7:a2:51:12:ca:b9:1d:ff:2b:13:a6:10:27:33:57:21:
63:b1:3e:72:7e:82:36:8a:a6:fb:80:57:ff:7f:8e:e2:50:6d:
be:38:49:d8:29:31:32:ee:ca:bd:15:c9:fb:07:78:1a:35:17:
a5:aa:8c:96:20:fe:62:9f:eb:92:2e:fc:a0:a6:e3:55:d6:3b:
fc:7e:0d:72:36:1c:0e:c9:be:ab:06:8d:d4:59:e7:cd:b0:6c:
92:ee:2e:09:ac:4c:a2:55:64:f5:d8:0a:6b:5f:49:d2:b6:0d:
8d:f8:9c:38:95:15:3e:b9:f7:96:f1:15:c7:3b:a0:86:ce:52:
8b:b8:97:10:3c:5d:31:60:15:81:12:3e:f7:62:d7:9e:a8:05:
48:f8:d8:60:9d:1e:c9:25:d1:38:f2:24:29:51:35:93:70:ba:
2a:4a:53:dc:0a:25:a6:c8:e7:2c:9d:a7:df:5b:61:bb:aa:3b:
55:f2:94:1b:55:c0:6d:5b:6d:95:a3:58:21:f4:d9:a8:3d:72:
9f:07:7a:9f:2c:6d:f2:84:51:f1:d2:e5:64:53:7b:c3:4a:30:
85:ba:3a:fe:72:34:31:79:bf:66:b3:5d:cc:96:98:8e:7b:f5:
6c:f6:b5:49
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYj7cq585LYnt+W6AKz1iR0yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWExZjJkYmY3YjdhODRhZTU3YjhkNjc0MjZiN2U0ZTQy
MGZhYjUwHhcNMjMwNjI3MDYwMjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTA1ZDQ3YTI0YjI4NDA2YzEwYWU1NDU0NWUwODRhYTk3N2U3OTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDEM6xq3aJCn8GKqiUKW8ghbM0Hk
/fMn0fDRIbgyAAgx6M9EZrXTquMdAXeaRAvWk423XToKuFAgFqSCp1iEacuTUAVP
8MCKWMNMs2TgyeBGep9Yp2GSkx6Q4EpGQFy8xIWWjVe+cHvuocSGaveLsRM5hP1D
BHnAQMUtuUQo4ASccPLE3Mt1xE8/JIHUrtAOfGG0f6lNTZ3BBHIDz6V81SXV+KaL
7jOQyTym0Vtw68RvqL9zKe2bXfBClkesQW8og6Q2yTv8NNybfZ/i7CAV8Btcyfmj
9y3EFiCpIqCEXrTZd6Mhg4MXmhRe4w5uAdY+AEY/JPCd1SNVKWbnrh3OowIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFAoF1HoksoQGwQrlRUXghKqXfnlRMB8GA1UdIwQY
MBaAFAmaHy2/e3qErle41nQmt+TkIPq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAt
OWNkNjhmMjIxZTIxLzEvQ2dYVWVpU3loQWJCQ3VWRlJlQ0VxcGQtZVZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAtOWNkNjhmMjIxZTIx
LzEvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBEBAIAATA+AwQEBRbQAwQC
UEWsAwQDU4j4MAwDBAZfb8ADBAJfb9ADBANfb9gDBAK5FIgDBAK5GjADBAK5RsQD
BALCPmAwFgQCAAIwEDAOAwUGKgQ1QAMFACoENUYwDQYJKoZIhvcNAQELBQADggEB
ACQ23JFbZ/S0bY56ZrmZzVyIkxvIx6JREsq5Hf8rE6YQJzNXIWOxPnJ+gjaKpvuA
V/9/juJQbb44SdgpMTLuyr0VyfsHeBo1F6WqjJYg/mKf65Iu/KCm41XWO/x+DXI2
HA7JvqsGjdRZ582wbJLuLgmsTKJVZPXYCmtfSdK2DY34nDiVFT6595bxFcc7oIbO
Uou4lxA8XTFgFYESPvdi156oBUj42GCdHskl0TjyJClRNZNwuipKU9wKJabI5yyd
p99bYbuqO1XylBtVwG1bbZWjWCH02ag9cp8Hep8sbfKEUfHS5WRTe8NKMIW6Ov5y
NDF5v2azXcyWmI579Wz2tUk=
-----END CERTIFICATE-----
Generated at Wed Apr 16 00:26:08 2025 by rpki-client