Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/_8dTmn_eqpIRdcXKUaDhRvzuNRo.roa
File: _8dTmn_eqpIRdcXKUaDhRvzuNRo.roa (raw, json)
Hash identifier: d6kuKR4/9UNzUuaus4GyjyubJeGGamdrKtwX3gjGjfM=
Subject key identifier: FF:C7:53:9A:7F:DE:AA:92:11:75:C5:CA:51:A0:E1:46:FC:EE:35:1A
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 36B2963E
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/_8dTmn_eqpIRdcXKUaDhRvzuNRo.roa
Signing time: Mon 23 May 2022 07:51:43 +0000
ROA not before: Mon 23 May 2022 07:51:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205888
IP address blocks: 5.40.168.0/24 maxlen: 24
62.175.210.0/24 maxlen: 24
89.140.57.0/24 maxlen: 24
5.40.0.0/24 maxlen: 24
5.40.225.0/24 maxlen: 24
5.40.122.0/24 maxlen: 24
95.39.64.0/24 maxlen: 24
5.40.133.0/24 maxlen: 24
5.40.155.0/24 maxlen: 24
5.40.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 917673534 (0x36b2963e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: May 23 07:51:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ffc7539a7fdeaa921175c5ca51a0e146fcee351a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:2e:6d:59:85:f3:40:43:0b:78:cd:3b:67:84:
7d:1e:94:ef:8e:23:7d:bf:e7:a9:97:91:63:c7:0e:
f2:3f:14:27:bc:58:c6:ac:8c:e9:c6:3d:2c:a9:09:
bc:81:a2:f9:11:cf:ad:28:75:25:4b:e7:b6:3b:0d:
e3:9f:c5:36:8a:bf:d4:2c:51:1f:3a:35:d2:31:1e:
23:6d:86:71:41:ad:94:72:f2:e8:6e:56:70:46:eb:
69:cb:bd:4a:67:73:8f:ad:8b:aa:3f:43:dd:63:fd:
aa:c0:91:e4:77:06:00:46:2c:1a:b8:05:10:40:ea:
cb:07:53:fb:a4:bb:37:b8:87:ab:1f:42:e5:31:0d:
a4:f0:9f:d4:43:b3:be:e2:94:d7:9a:f4:dd:c0:f4:
08:63:95:f9:b6:f0:5f:9d:27:9b:d3:09:8e:34:16:
70:d9:0a:ae:d0:1c:70:9d:87:c4:66:21:b2:0d:7f:
15:bf:60:b0:80:db:2a:93:b1:b7:32:eb:b2:2b:4e:
0a:6e:2e:f9:08:7e:82:60:10:bb:4f:d8:46:66:1f:
53:cb:8f:34:12:46:d4:78:c3:5d:87:08:a9:3f:96:
e5:0b:8c:fc:28:64:b1:59:df:2e:51:4b:bc:8f:99:
3b:01:62:e8:ca:38:f2:72:84:12:5b:dc:6e:5f:c3:
49:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:C7:53:9A:7F:DE:AA:92:11:75:C5:CA:51:A0:E1:46:FC:EE:35:1A
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/_8dTmn_eqpIRdcXKUaDhRvzuNRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.40.0.0/24
5.40.122.0/24
5.40.133.0/24
5.40.155.0/24
5.40.157.0/24
5.40.168.0/24
5.40.225.0/24
62.175.210.0/24
89.140.57.0/24
95.39.64.0/24
Signature Algorithm: sha256WithRSAEncryption
66:d6:bb:06:34:c6:8c:1e:3e:b1:4b:2c:78:99:09:56:ac:00:
89:5b:b1:a3:38:f2:f1:fe:51:21:d7:b7:e8:50:6d:88:9e:ec:
a2:bd:1e:31:49:48:c3:54:fe:b1:2a:6e:14:62:7a:2b:9e:c9:
b2:33:2c:77:07:8a:12:b4:5b:f2:cd:35:74:37:b5:04:5f:fa:
e0:44:08:c4:10:7c:6f:d3:64:22:8b:f4:86:03:4c:97:21:4f:
6a:ce:3d:3c:27:f2:d3:3c:69:60:55:13:8b:aa:c7:51:61:9b:
3c:60:bb:cb:eb:2b:c3:2b:78:07:c4:de:97:27:ec:ed:34:81:
54:4d:d1:3d:39:6c:3a:c2:43:fc:d4:68:4a:7a:81:58:f2:59:
16:7b:00:5f:33:69:01:f2:8e:38:69:75:a0:dd:ca:8c:1e:90:
12:d2:12:74:f6:a0:7d:fc:38:5e:27:25:fa:f9:c0:5d:86:e8:
81:18:2d:81:eb:dc:fb:0e:31:c0:fa:e2:63:b9:d7:44:49:53:
a0:da:29:1e:5b:69:cf:61:6a:d8:98:63:12:1d:01:d4:60:f5:
6e:ee:7e:ca:21:a4:1d:fa:a6:1f:a5:0b:cd:f4:ef:f4:ba:cd:
6d:50:fe:a3:c4:30:1d:c5:93:2d:c3:6d:59:d6:5f:25:29:b3:
e1:7d:e7:05
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIENrKWPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDM0ZjE2ODYxMDI4NzZjNjIxNmJjZWEyOGE1ZTUwMmVjMGQ3YjZiMB4XDTIyMDUy
MzA3NTE0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmZjNzUzOWE3ZmRl
YWE5MjExNzVjNWNhNTFhMGUxNDZmY2VlMzUxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANgubVmF80BDC3jNO2eEfR6U744jfb/nqZeRY8cO8j8UJ7xY
xqyM6cY9LKkJvIGi+RHPrSh1JUvntjsN45/FNoq/1CxRHzo10jEeI22GcUGtlHLy
6G5WcEbracu9Smdzj62Lqj9D3WP9qsCR5HcGAEYsGrgFEEDqywdT+6S7N7iHqx9C
5TENpPCf1EOzvuKU15r03cD0CGOV+bbwX50nm9MJjjQWcNkKrtAccJ2HxGYhsg1/
Fb9gsIDbKpOxtzLrsitOCm4u+Qh+gmAQu0/YRmYfU8uPNBJG1HjDXYcIqT+W5QuM
/ChksVnfLlFLvI+ZOwFi6Mo48nKEElvcbl/DSQkCAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBT/x1Oaf96qkhF1xcpRoOFG/O41GjAfBgNVHSMEGDAWgBTUNPFoYQKHbGIW
vOoopeUC7A17azAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFEVHhhR0VDaDJ4aUZyenFLS1hsQXV3TmUycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvNzI2YmI0LTVkODctNDAyZC05MWNlLTU3MTJkOTVhZTYzOC8x
L184ZFRtbl9lcXBJUmRjWEtVYURoUnZ6dU5Sby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
NzI2YmI0LTVkODctNDAyZC05MWNlLTU3MTJkOTVhZTYzOC8xLzFEVHhhR0VDaDJ4
aUZyenFLS1hsQXV3TmUycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAAUoAAMEAAUoegMEAAUohQMEAAUo
mwMEAAUonQMEAAUoqAMEAAUo4QMEAD6v0gMEAFmMOQMEAF8nQDANBgkqhkiG9w0B
AQsFAAOCAQEAZta7BjTGjB4+sUsseJkJVqwAiVuxozjy8f5RIde36FBtiJ7sor0e
MUlIw1T+sSpuFGJ6K57JsjMsdweKErRb8s01dDe1BF/64EQIxBB8b9NkIov0hgNM
lyFPas49PCfy0zxpYFUTi6rHUWGbPGC7y+srwyt4B8Telyfs7TSBVE3RPTlsOsJD
/NRoSnqBWPJZFnsAXzNpAfKOOGl1oN3KjB6QEtISdPagffw4Xicl+vnAXYbogRgt
gevc+w4xwPriY7nXRElToNopHltpz2Fq2JhjEh0B1GD1bu5+yiGkHfqmH6ULzfTv
9LrNbVD+o8QwHcWTLcNtWdZfJSmz4X3nBQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:09:32 2025 by rpki-client