Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/z5FlKQId9ZCFQlBINzzhD2Cu5ZE.roa
File: z5FlKQId9ZCFQlBINzzhD2Cu5ZE.roa (raw, json)
Hash identifier: iqnhVIBpnmlTYok+ijOCGxTrIzvW/OcomwLq+8dp/40=
Subject key identifier: CF:91:65:29:02:1D:F5:90:85:42:50:48:37:3C:E1:0F:60:AE:E5:91
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018C3456EF9D14A75F76C044AB7E1B34A5EB
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/z5FlKQId9ZCFQlBINzzhD2Cu5ZE.roa
Signing time: Mon 04 Dec 2023 10:19:21 +0000
ROA not before: Mon 04 Dec 2023 10:19:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12668
IP address blocks: 90.157.68.0/23 maxlen: 23
188.18.112.0/24 maxlen: 24
188.18.116.0/24 maxlen: 24
188.18.113.0/24 maxlen: 24
94.31.250.0/24 maxlen: 24
92.54.90.0/24 maxlen: 24
188.17.116.0/23 maxlen: 23
94.31.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:56:ef:9d:14:a7:5f:76:c0:44:ab:7e:1b:34:a5:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Dec 4 10:19:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf916529021df59085425048373ce10f60aee591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:30:8e:2f:a5:88:25:2d:6c:23:4f:55:ae:4f:
dc:07:aa:3c:61:6c:89:0f:83:da:9f:69:b3:a9:8e:
77:49:74:b2:e4:3a:94:63:57:c5:2e:e3:3e:54:c9:
0e:ec:82:37:9a:f9:27:9b:35:04:74:35:ca:03:61:
53:57:40:28:9d:6a:07:39:f0:32:7e:4b:e5:e8:62:
3f:2a:52:0c:92:32:0a:33:09:b6:bb:20:4e:45:73:
84:91:f3:7b:e8:20:a1:eb:0e:14:dd:ee:2b:52:74:
63:36:aa:93:1f:f3:d0:9c:81:4d:55:e0:42:f9:67:
3b:93:c8:4a:0c:77:13:c9:03:95:3c:53:5b:d1:a6:
f6:a3:99:b7:c7:e3:fc:04:57:17:62:f1:04:52:fa:
3a:1f:32:29:c9:2c:8c:bd:5f:c7:3e:65:09:b7:cb:
26:b4:42:9e:f9:ba:36:f9:36:03:01:0e:f6:fa:ce:
bc:cc:b8:ba:4b:20:f9:8c:1a:18:2c:67:ed:c0:4b:
60:99:34:77:e0:b1:14:c0:0f:43:9d:11:03:64:dd:
aa:93:10:97:62:dc:2a:de:d2:72:d5:cc:4a:20:ee:
7e:20:6d:75:08:da:31:84:60:b0:fb:72:ea:d0:8f:
ca:71:ee:a0:c7:bf:5d:33:65:19:34:70:e2:7a:55:
da:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:91:65:29:02:1D:F5:90:85:42:50:48:37:3C:E1:0F:60:AE:E5:91
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/z5FlKQId9ZCFQlBINzzhD2Cu5ZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.157.68.0/23
92.54.90.0/24
94.31.195.0/24
94.31.250.0/24
188.17.116.0/23
188.18.112.0/23
188.18.116.0/24
Signature Algorithm: sha256WithRSAEncryption
35:89:e3:1c:c3:e7:05:ce:3b:d4:2b:4c:8d:5c:86:3e:2e:6f:
c7:04:b3:b7:04:19:aa:3c:c9:b6:2d:b7:34:38:3d:34:cc:f4:
a1:fc:0d:5d:9f:c0:00:12:ea:e5:ab:29:4a:1d:5a:26:94:65:
50:8e:7c:5c:33:d3:4c:c0:74:63:7d:b0:14:02:02:58:03:ba:
2c:89:db:04:bd:76:52:e7:08:36:1b:f8:05:8d:16:42:2d:c9:
ff:71:3b:af:d1:86:52:a5:4d:f8:b7:d8:cd:03:4b:0f:8b:1c:
e5:a1:12:78:cf:c9:aa:ab:46:cc:c5:ed:3a:e5:55:96:57:10:
a5:1f:94:51:30:0e:76:1d:81:ae:65:b6:a7:32:06:80:5b:2f:
09:f8:0e:4b:c5:01:98:71:7e:ff:f6:f4:09:c7:59:55:15:79:
a6:93:d0:4a:0b:38:1a:df:5c:19:93:9d:3d:2e:15:9e:37:3a:
6f:bc:75:e8:cb:49:5b:da:88:3b:9e:95:84:f6:43:06:a8:c2:
6c:74:5c:15:45:53:c1:e8:3d:1c:2a:ef:ec:d1:ab:2a:1a:c9:
c2:5a:42:eb:a0:27:5f:32:1b:21:65:72:0a:ac:b7:7c:f4:39:
2c:df:ae:48:83:58:7c:37:23:d3:55:69:36:5b:fa:ac:63:5c:
53:69:d3:88
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYw0Vu+dFKdfdsBEq34bNKXrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjMxMjA0MTAxOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjkxNjUyOTAyMWRmNTkwODU0MjUwNDgzNzNjZTEwZjYwYWVlNTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzCOL6WIJS1sI09Vrk/cB6o8YWyJ
D4Pan2mzqY53SXSy5DqUY1fFLuM+VMkO7II3mvknmzUEdDXKA2FTV0AonWoHOfAy
fkvl6GI/KlIMkjIKMwm2uyBORXOEkfN76CCh6w4U3e4rUnRjNqqTH/PQnIFNVeBC
+Wc7k8hKDHcTyQOVPFNb0ab2o5m3x+P8BFcXYvEEUvo6HzIpySyMvV/HPmUJt8sm
tEKe+bo2+TYDAQ72+s68zLi6SyD5jBoYLGftwEtgmTR34LEUwA9DnREDZN2qkxCX
Ytwq3tJy1cxKIO5+IG11CNoxhGCw+3Lq0I/Kce6gx79dM2UZNHDielXa5wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFM+RZSkCHfWQhUJQSDc84Q9gruWRMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvejVGbEtRSWQ5WkNGUWxCSU56emhEMkN1NVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBWp1EAwQA
XDZaAwQAXh/DAwQAXh/6AwQBvBF0AwQBvBJwAwQAvBJ0MA0GCSqGSIb3DQEBCwUA
A4IBAQA1ieMcw+cFzjvUK0yNXIY+Lm/HBLO3BBmqPMm2Lbc0OD00zPSh/A1dn8AA
EurlqylKHVomlGVQjnxcM9NMwHRjfbAUAgJYA7osidsEvXZS5wg2G/gFjRZCLcn/
cTuv0YZSpU34t9jNA0sPixzloRJ4z8mqq0bMxe065VWWVxClH5RRMA52HYGuZban
MgaAWy8J+A5LxQGYcX7/9vQJx1lVFXmmk9BKCzga31wZk509LhWeNzpvvHXoy0lb
2og7npWE9kMGqMJsdFwVRVPB6D0cKu/s0asqGsnCWkLroCdfMhshZXIKrLd89Dks
365Ig1h8NyPTVWk2W/qsY1xTadOI
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:50:31 2025 by rpki-client