Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/U41EMHf9rT1rOD0kCXkyFEsbSiw.roa
File: U41EMHf9rT1rOD0kCXkyFEsbSiw.roa (raw, json)
Hash identifier: HjCOUS+wHJvq5CtyVr47KexsuFWKWG67+GreYMLjfAY=
Subject key identifier: 53:8D:44:30:77:FD:AD:3D:6B:38:3D:24:09:79:32:14:4B:1B:4A:2C
Certificate issuer: /CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Certificate serial: 018CB4D01D0A156C49028AF915EB8D060A11
Authority key identifier: 26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/U41EMHf9rT1rOD0kCXkyFEsbSiw.roa
Signing time: Fri 29 Dec 2023 09:03:06 +0000
ROA not before: Fri 29 Dec 2023 09:03:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197730
IP address blocks: 91.190.152.0/24 maxlen: 32
45.156.20.0/24 maxlen: 32
194.36.170.0/24 maxlen: 32
193.28.186.0/24 maxlen: 32
194.113.209.0/24 maxlen: 32
194.36.208.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b4:d0:1d:0a:15:6c:49:02:8a:f9:15:eb:8d:06:0a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Validity
Not Before: Dec 29 09:03:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=538d443077fdad3d6b383d24097932144b1b4a2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:83:bc:16:ff:99:cb:da:1c:9d:12:fe:29:8e:
49:79:62:b2:50:e4:83:30:cc:af:98:a8:71:df:f8:
ad:62:36:f9:1e:5c:cb:3d:2c:d0:83:67:b0:5b:a8:
03:a3:c3:c4:f4:60:bb:93:bd:94:13:26:59:01:28:
7c:d9:9b:8b:c2:24:bd:aa:38:90:98:8e:82:ce:cf:
30:61:b2:a3:4f:fc:75:51:bc:3c:a5:90:68:98:b0:
bd:b9:af:45:91:c9:c4:1b:98:2c:bb:ba:f8:f6:fd:
3f:f7:54:5a:c9:63:91:9d:c3:f8:be:0f:2f:b5:4e:
b3:41:56:ec:46:54:d8:8b:42:b8:51:db:d0:c8:89:
09:3f:5d:b3:fd:fc:87:2b:5b:1a:14:63:8f:b6:c4:
bb:34:a9:bc:03:84:8f:a3:61:29:2d:c3:d2:7e:e5:
57:e2:dc:0f:7c:9f:4e:50:01:7f:df:c7:61:98:86:
26:24:a0:ba:f7:53:1a:17:41:cd:87:02:dd:96:39:
4d:88:11:51:0d:63:64:e0:19:96:22:a0:5b:6a:cc:
75:7d:1e:00:d9:20:e9:85:81:90:26:3e:19:56:3e:
35:ec:fc:ae:16:e3:ab:44:c1:6d:7d:70:50:1e:11:
a8:6c:4f:22:8b:34:ef:af:4d:ae:5c:77:37:8a:05:
17:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:8D:44:30:77:FD:AD:3D:6B:38:3D:24:09:79:32:14:4B:1B:4A:2C
X509v3 Authority Key Identifier:
keyid:26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/U41EMHf9rT1rOD0kCXkyFEsbSiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.20.0/24
91.190.152.0/24
193.28.186.0/24
194.36.170.0/24
194.36.208.0/24
194.113.209.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:76:7e:fc:c3:49:d3:a4:15:83:d0:bf:fd:cb:b0:82:fc:a2:
3d:1b:dd:d3:8c:b2:fa:70:ab:d8:ec:02:cd:67:d9:48:87:3b:
4f:26:ba:e3:9b:e4:9a:6d:e0:ec:6a:b1:0b:2e:8f:b9:8b:c1:
5d:c0:80:8f:45:93:8a:e2:5a:31:a9:63:54:88:67:ca:65:68:
5a:24:4d:e5:cb:ec:99:24:08:9a:3a:a3:4e:6d:4c:a0:ed:da:
dc:32:f8:76:65:c5:98:c4:49:b8:b0:68:70:bb:d3:4b:6d:1d:
96:77:02:cb:b2:6c:b6:25:18:20:88:d8:08:3a:d4:0a:89:f9:
e6:c6:94:7f:7a:b4:12:d5:21:62:38:4f:18:b3:7d:5f:9a:d1:
9a:71:8e:54:c8:7b:01:3c:6b:4b:12:94:6b:a2:91:15:ff:f8:
c8:de:6a:b2:b8:e0:de:f1:d5:93:b8:ab:f0:a6:da:f4:dd:96:
bf:76:e1:c1:fb:32:a4:83:01:d9:aa:9f:61:21:21:a4:16:44:
8c:7f:62:d3:77:24:23:84:0e:17:51:a5:df:9d:71:e0:01:36:
79:86:a3:76:19:ee:3d:eb:c8:2c:27:78:27:90:ea:90:ab:e0:
71:8c:74:ec:91:d7:c4:87:67:fd:2f:9c:f4:6d:48:b3:06:26:
20:37:4c:df
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYy00B0KFWxJAor5FeuNBgoRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NzJiOWZiNTQ2YjM2NWUzMjMyMzBkY2VhOWJhOGM5ZmJl
ZGZlYjgwHhcNMjMxMjI5MDkwMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzhkNDQzMDc3ZmRhZDNkNmIzODNkMjQwOTc5MzIxNDRiMWI0YTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroO8Fv+Zy9ocnRL+KY5JeWKyUOSD
MMyvmKhx3/itYjb5HlzLPSzQg2ewW6gDo8PE9GC7k72UEyZZASh82ZuLwiS9qjiQ
mI6Czs8wYbKjT/x1Ubw8pZBomLC9ua9FkcnEG5gsu7r49v0/91RayWORncP4vg8v
tU6zQVbsRlTYi0K4UdvQyIkJP12z/fyHK1saFGOPtsS7NKm8A4SPo2EpLcPSfuVX
4twPfJ9OUAF/38dhmIYmJKC691MaF0HNhwLdljlNiBFRDWNk4BmWIqBbasx1fR4A
2SDphYGQJj4ZVj417PyuFuOrRMFtfXBQHhGobE8iizTvr02uXHc3igUXGwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFONRDB3/a09azg9JAl5MhRLG0osMB8GA1UdIwQY
MBaAFCZyuftUazZeMjIw3OqbqMn77f64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYt
YTcwZGI1ODI4MGZjLzEvVTQxRU1IZjlyVDFyT0Qwa0NYa3lGRXNiU2l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYtYTcwZGI1ODI4MGZj
LzEvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZwUAwQA
W76YAwQAwRy6AwQAwiSqAwQAwiTQAwQAwnHRMA0GCSqGSIb3DQEBCwUAA4IBAQAN
dn78w0nTpBWD0L/9y7CC/KI9G93TjLL6cKvY7ALNZ9lIhztPJrrjm+SabeDsarEL
Lo+5i8FdwICPRZOK4loxqWNUiGfKZWhaJE3ly+yZJAiaOqNObUyg7drcMvh2ZcWY
xEm4sGhwu9NLbR2WdwLLsmy2JRggiNgIOtQKifnmxpR/erQS1SFiOE8Ys31fmtGa
cY5UyHsBPGtLEpRropEV//jI3mqyuODe8dWTuKvwptr03Za/duHB+zKkgwHZqp9h
ISGkFkSMf2LTdyQjhA4XUaXfnXHgATZ5hqN2Ge4968gsJ3gnkOqQq+BxjHTskdfE
h2f9L5z0bUizBiYgN0zf
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:14:10 2025 by rpki-client