Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/5UEUJcq1SsI6GRUd_IT_ADl07w4.roa
File: 5UEUJcq1SsI6GRUd_IT_ADl07w4.roa (raw, json)
Hash identifier: A9hzRofqlvx/jrddnCQ4XgMZx/008mgUzeEg2Gxr4kU=
Subject key identifier: E5:41:14:25:CA:B5:4A:C2:3A:19:15:1D:FC:84:FF:00:39:74:EF:0E
Certificate issuer: /CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Certificate serial: 018852D8915F32E9C276ED491FD7E6CF4C11
Authority key identifier: 26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/5UEUJcq1SsI6GRUd_IT_ADl07w4.roa
Signing time: Thu 25 May 2023 12:18:24 +0000
ROA not before: Thu 25 May 2023 12:18:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56971
IP address blocks: 45.156.20.0/24 maxlen: 32
45.156.21.0/24 maxlen: 32
45.156.24.0/22 maxlen: 22
45.156.22.0/24 maxlen: 32
45.156.23.0/24 maxlen: 32
45.156.24.0/24 maxlen: 32
45.156.20.0/22 maxlen: 22
45.156.27.0/24 maxlen: 32
45.156.25.0/24 maxlen: 32
45.156.26.0/24 maxlen: 32
194.120.116.0/24 maxlen: 32
194.116.216.0/23 maxlen: 23
194.116.214.0/24 maxlen: 32
194.116.215.0/24 maxlen: 32
194.116.216.0/24 maxlen: 32
194.116.217.0/24 maxlen: 32
193.176.179.0/24 maxlen: 32
194.36.170.0/24 maxlen: 32
194.36.171.0/24 maxlen: 32
193.176.158.0/24 maxlen: 32
193.176.153.0/24 maxlen: 32
194.36.208.0/24 maxlen: 32
194.36.209.0/24 maxlen: 32
2a13:7c00::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:52:d8:91:5f:32:e9:c2:76:ed:49:1f:d7:e6:cf:4c:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Validity
Not Before: May 25 12:18:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5411425cab54ac23a19151dfc84ff003974ef0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:98:e4:23:85:4a:b9:dc:f6:5d:65:e6:a2:6d:
56:36:5b:d9:39:72:6e:a6:e7:99:24:12:82:63:a6:
44:f2:27:b2:88:5e:ba:0f:34:83:0c:b9:d1:b0:e2:
c3:84:da:57:c7:4f:1c:4b:cb:f3:e7:14:dd:22:fb:
ec:10:bd:d3:17:ef:96:a7:19:cb:a0:48:8b:f4:ef:
57:93:8e:85:7a:8e:2e:09:a6:c1:a2:95:34:f8:aa:
eb:43:91:61:e8:aa:72:49:16:0b:29:b5:8b:66:f5:
fd:db:55:93:57:84:52:67:42:83:f1:f6:e7:19:d1:
16:bc:fd:58:79:bf:4d:8e:78:7c:b3:ce:03:15:c2:
ca:42:ee:cf:e0:d0:55:2b:df:4d:33:29:68:48:23:
aa:01:bd:3b:81:88:52:b4:4d:c0:e7:47:1c:c1:79:
56:3c:7b:79:7a:7c:5c:7f:db:3d:00:ce:ce:50:9c:
96:a5:7f:0f:95:51:07:ba:03:5e:f8:2f:08:9c:2a:
d1:82:09:99:41:a8:5c:d2:80:ed:f8:2b:06:fb:73:
21:ea:a7:1e:2e:bb:78:a2:cf:fd:c0:f7:b2:75:54:
f9:b2:e6:f2:16:63:4a:1a:ff:e6:e6:76:c5:2c:c8:
cf:06:53:a9:54:c9:4d:5e:76:92:05:65:cf:a0:4c:
32:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:41:14:25:CA:B5:4A:C2:3A:19:15:1D:FC:84:FF:00:39:74:EF:0E
X509v3 Authority Key Identifier:
keyid:26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/5UEUJcq1SsI6GRUd_IT_ADl07w4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.20.0-45.156.27.255
193.176.153.0/24
193.176.158.0/24
193.176.179.0/24
194.36.170.0/23
194.36.208.0/23
194.116.214.0-194.116.217.255
194.120.116.0/24
IPv6:
2a13:7c00::/32
Signature Algorithm: sha256WithRSAEncryption
2f:94:e5:d9:a1:00:05:63:be:a6:c6:80:c3:7a:95:a7:60:d6:
14:53:b5:6b:49:4e:6f:cc:d1:bd:9f:f6:29:76:10:14:6d:ec:
27:e1:b7:79:68:fa:ac:ea:bf:b3:e6:27:0e:95:99:5e:92:65:
74:f9:73:90:27:7f:3c:0c:21:0b:ba:63:a9:93:18:02:4c:96:
e0:98:34:f5:02:9f:c3:c6:d7:1c:ce:9d:90:3f:f1:f5:39:9c:
9d:d2:2b:a6:52:b2:dc:ee:27:aa:6d:cf:02:59:ac:cc:3c:ff:
86:28:9a:be:60:c3:02:30:94:47:b7:6a:2f:b9:cc:e9:0d:f8:
b4:b0:8d:03:ad:24:8b:40:5d:b7:0f:8f:b0:a1:ff:f5:d3:5b:
49:da:9d:c0:e1:10:b6:e1:83:e1:59:38:87:25:8e:64:26:46:
26:a4:a8:f8:8f:57:3d:d8:e7:07:b6:e2:15:75:32:18:8e:88:
d1:56:61:44:46:ec:ab:b8:bf:a2:d0:93:2e:f0:9d:dc:6d:bd:
3c:32:e7:46:00:f2:64:fa:b1:f6:30:4c:b2:b9:19:16:08:0c:
58:af:52:7c:45:b3:bc:f7:a0:ab:48:18:a6:39:8c:a6:77:ff:
a1:38:66:ee:cb:11:44:b0:b5:cd:b4:7f:89:e9:84:39:43:2b:
31:9f:65:7e
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYhS2JFfMunCdu1JH9fmz0wRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NzJiOWZiNTQ2YjM2NWUzMjMyMzBkY2VhOWJhOGM5ZmJl
ZGZlYjgwHhcNMjMwNTI1MTIxODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTQxMTQyNWNhYjU0YWMyM2ExOTE1MWRmYzg0ZmYwMDM5NzRlZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZjkI4VKudz2XWXmom1WNlvZOXJu
pueZJBKCY6ZE8ieyiF66DzSDDLnRsOLDhNpXx08cS8vz5xTdIvvsEL3TF++WpxnL
oEiL9O9Xk46Feo4uCabBopU0+KrrQ5Fh6KpySRYLKbWLZvX921WTV4RSZ0KD8fbn
GdEWvP1Yeb9Njnh8s84DFcLKQu7P4NBVK99NMyloSCOqAb07gYhStE3A50ccwXlW
PHt5enxcf9s9AM7OUJyWpX8PlVEHugNe+C8InCrRggmZQahc0oDt+CsG+3Mh6qce
Lrt4os/9wPeydVT5subyFmNKGv/m5nbFLMjPBlOpVMlNXnaSBWXPoEwyCwIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFOVBFCXKtUrCOhkVHfyE/wA5dO8OMB8GA1UdIwQY
MBaAFCZyuftUazZeMjIw3OqbqMn77f64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYt
YTcwZGI1ODI4MGZjLzEvNVVFVUpjcTFTc0k2R1JVZF9JVF9BRGwwN3c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYtYTcwZGI1ODI4MGZj
LzEvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBGBAIAATBAMAwDBAItnBQD
BAItnBgDBADBsJkDBADBsJ4DBADBsLMDBAHCJKoDBAHCJNAwDAMEAcJ01gMEAcJ0
2AMEAMJ4dDANBAIAAjAHAwUAKhN8ADANBgkqhkiG9w0BAQsFAAOCAQEAL5Tl2aEA
BWO+psaAw3qVp2DWFFO1a0lOb8zRvZ/2KXYQFG3sJ+G3eWj6rOq/s+YnDpWZXpJl
dPlzkCd/PAwhC7pjqZMYAkyW4Jg09QKfw8bXHM6dkD/x9TmcndIrplKy3O4nqm3P
AlmszDz/hiiavmDDAjCUR7dqL7nM6Q34tLCNA60ki0Bdtw+PsKH/9dNbSdqdwOEQ
tuGD4Vk4hyWOZCZGJqSo+I9XPdjnB7biFXUyGI6I0VZhREbsq7i/otCTLvCd3G29
PDLnRgDyZPqx9jBMsrkZFggMWK9SfEWzvPegq0gYpjmMpnf/oThm7ssRRLC1zbR/
iemEOUMrMZ9lfg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:14:45 2025 by rpki-client