Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/CoUJNRq_oG14z3p_4_4DVqbYdxc.roa
File: CoUJNRq_oG14z3p_4_4DVqbYdxc.roa (raw, json)
Hash identifier: KwVpFnBF+hP9JkB4onXWrMAibrSGW6VN0nZH/J0QUCU=
Subject key identifier: 0A:85:09:35:1A:BF:A0:6D:78:CF:7A:7F:E3:FE:03:56:A6:D8:77:17
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0185708CE0B348203810C3E8F7CB39B9FF24
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/CoUJNRq_oG14z3p_4_4DVqbYdxc.roa
Signing time: Mon 02 Jan 2023 03:35:58 +0000
ROA not before: Mon 02 Jan 2023 03:35:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42362
IP address blocks: 83.239.208.0/20 maxlen: 20
85.172.224.0/20 maxlen: 20
85.172.128.0/19 maxlen: 19
85.172.240.0/20 maxlen: 20
85.173.224.0/19 maxlen: 19
85.173.32.0/19 maxlen: 19
85.172.192.0/21 maxlen: 21
83.239.192.0/21 maxlen: 21
85.172.200.0/22 maxlen: 22
85.172.208.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:e0:b3:48:20:38:10:c3:e8:f7:cb:39:b9:ff:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 03:35:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a8509351abfa06d78cf7a7fe3fe0356a6d87717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:88:66:05:30:18:2e:2b:80:c4:f7:d0:e3:4b:
9b:17:3f:cd:74:88:c9:75:5c:65:b1:ea:92:38:4c:
08:89:4b:80:2e:09:8e:eb:63:8e:82:08:ab:b8:ca:
74:d3:22:a0:f2:57:c6:59:d8:82:fa:c8:67:f0:e7:
46:18:c2:18:7a:72:fc:4b:cf:fa:7c:fb:64:c5:5f:
08:93:2e:38:85:a9:00:39:ee:01:ab:75:bb:32:2a:
28:a1:27:03:ff:3c:bb:5b:3b:d1:29:fe:cd:d0:aa:
61:a8:23:8c:13:cb:db:b0:b1:50:54:23:e5:2b:bb:
68:98:44:bf:2b:ca:e5:a0:76:50:0a:65:51:e6:93:
ec:a0:df:ab:02:3a:97:5a:87:f5:d4:89:be:4e:a3:
22:fb:29:9f:d4:b8:0d:f0:45:88:a6:ec:a2:d3:3e:
cf:76:15:e8:19:13:d5:35:ed:6e:66:f2:8f:c4:70:
68:99:cb:89:2b:6b:13:7b:ee:89:a8:bd:aa:3b:d1:
88:6d:9d:26:35:bc:da:6c:a8:02:a7:1d:68:c0:a6:
cb:19:9c:98:a4:31:0f:41:22:31:a6:4d:4a:54:c6:
d1:e1:3a:d3:c8:8c:16:0a:b6:0b:89:c6:d1:c6:92:
e8:97:0c:ee:8e:c2:fe:3d:f3:65:d4:4c:1e:3d:40:
ed:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:85:09:35:1A:BF:A0:6D:78:CF:7A:7F:E3:FE:03:56:A6:D8:77:17
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/CoUJNRq_oG14z3p_4_4DVqbYdxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.239.192.0/21
83.239.208.0/20
85.172.128.0/19
85.172.192.0-85.172.203.255
85.172.208.0-85.172.255.255
85.173.32.0/19
85.173.224.0/19
Signature Algorithm: sha256WithRSAEncryption
19:1f:26:eb:97:cf:dc:15:70:b5:a2:30:af:c2:4d:28:e1:79:
3c:c5:b7:7c:5b:24:46:a4:4e:80:33:c7:ec:fc:c7:1e:bb:24:
f6:e5:7d:1e:43:1d:28:da:9c:e8:1b:e7:05:52:e0:1c:63:49:
cc:2a:ad:bc:8f:7a:73:dd:25:12:ef:9b:b8:5d:43:2d:47:80:
e2:d8:4b:be:88:67:f9:20:96:c0:41:6a:4b:6d:82:51:a0:fe:
41:af:e4:48:f7:f7:4f:cf:4f:8b:cd:4c:5a:10:40:f5:f9:35:
73:1b:9a:d8:97:49:bd:b3:5b:3a:bd:b7:20:89:be:0d:26:5a:
ee:1b:d4:dc:fa:f4:38:50:7c:9a:2a:14:e2:ee:6b:c8:7b:d3:
bd:a8:16:27:9e:1d:38:21:0c:72:f6:12:2c:12:ab:b5:f1:5b:
f0:88:ff:de:8d:92:70:0e:eb:91:d5:f0:19:8c:89:61:ab:77:
af:6e:c0:b5:cf:9d:25:f2:e5:ad:3e:14:03:be:ac:b7:98:ab:
51:97:02:92:f3:84:cf:26:de:b1:d5:cf:15:fb:c5:9e:40:24:
e5:df:73:11:fb:85:e3:9e:68:e0:13:72:83:c2:1a:ff:5a:29:
9c:cb:89:93:af:5b:99:19:11:83:4d:71:5b:04:c5:e3:5a:84:
30:74:68:05
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVwjOCzSCA4EMPo98s5uf8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjMwMTAyMDMzNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTg1MDkzNTFhYmZhMDZkNzhjZjdhN2ZlM2ZlMDM1NmE2ZDg3NzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4hmBTAYLiuAxPfQ40ubFz/NdIjJ
dVxlseqSOEwIiUuALgmO62OOggiruMp00yKg8lfGWdiC+shn8OdGGMIYenL8S8/6
fPtkxV8Iky44hakAOe4Bq3W7MioooScD/zy7WzvRKf7N0KphqCOME8vbsLFQVCPl
K7tomES/K8rloHZQCmVR5pPsoN+rAjqXWof11Im+TqMi+ymf1LgN8EWIpuyi0z7P
dhXoGRPVNe1uZvKPxHBomcuJK2sTe+6JqL2qO9GIbZ0mNbzabKgCpx1owKbLGZyY
pDEPQSIxpk1KVMbR4TrTyIwWCrYLicbRxpLolwzujsL+PfNl1EwePUDtTwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFAqFCTUav6BteM96f+P+A1am2HcXMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvQ29VSk5ScV9vRzE0ejNwXzRfNERWcWJZZHhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAATA5AwQDU+/AAwQE
U+/QAwQFVayAMAwDBAZVrMADBAJVrMgwCwMEBFWs0AMDAFWsAwQFVa0gAwQFVa3g
MA0GCSqGSIb3DQEBCwUAA4IBAQAZHybrl8/cFXC1ojCvwk0o4Xk8xbd8WyRGpE6A
M8fs/MceuyT25X0eQx0o2pzoG+cFUuAcY0nMKq28j3pz3SUS75u4XUMtR4Di2Eu+
iGf5IJbAQWpLbYJRoP5Br+RI9/dPz0+LzUxaEED1+TVzG5rYl0m9s1s6vbcgib4N
JlruG9Tc+vQ4UHyaKhTi7mvIe9O9qBYnnh04IQxy9hIsEqu18VvwiP/ejZJwDuuR
1fAZjIlhq3evbsC1z50l8uWtPhQDvqy3mKtRlwKS84TPJt6x1c8V+8WeQCTl33MR
+4XjnmjgE3KDwhr/Wimcy4mTr1uZGRGDTXFbBMXjWoQwdGgF
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:10:28 2025 by rpki-client