Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/5731da-6665-4161-80c1-5e79b4435e2c/1/5K1zI1p_T96AF8k-gTs94Lz1S0c.roa
File: 5K1zI1p_T96AF8k-gTs94Lz1S0c.roa (raw, json)
Hash identifier: tgMeuzUOdDkjbhGgSk4Mx0f2thkoScVis/oBL5KAFYY=
Subject key identifier: E4:AD:73:23:5A:7F:4F:DE:80:17:C9:3E:81:3B:3D:E0:BC:F5:4B:47
Certificate issuer: /CN=4a409555105040578cb296070074f45107252eeb
Certificate serial: 01856DA66E44958122E6EE123D9C73010DEB
Authority key identifier: 4A:40:95:55:10:50:40:57:8C:B2:96:07:00:74:F4:51:07:25:2E:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SkCVVRBQQFeMspYHAHT0UQclLus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/5731da-6665-4161-80c1-5e79b4435e2c/1/5K1zI1p_T96AF8k-gTs94Lz1S0c.roa
Signing time: Sun 01 Jan 2023 14:05:01 +0000
ROA not before: Sun 01 Jan 2023 14:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12539
IP address blocks: 212.122.84.0/22 maxlen: 22
212.122.82.0/23 maxlen: 23
212.122.94.0/24 maxlen: 24
212.122.64.0/24 maxlen: 24
212.122.66.0/23 maxlen: 23
212.122.78.0/24 maxlen: 24
212.122.76.0/23 maxlen: 23
212.122.74.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:a6:6e:44:95:81:22:e6:ee:12:3d:9c:73:01:0d:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a409555105040578cb296070074f45107252eeb
Validity
Not Before: Jan 1 14:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4ad73235a7f4fde8017c93e813b3de0bcf54b47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4d:31:c4:66:bb:40:99:49:6e:29:9f:8b:c5:
87:fa:4f:61:9d:3f:34:f9:9a:26:37:c5:2b:87:14:
54:8e:a7:d1:5a:25:65:59:85:9c:a1:9f:c3:af:b8:
85:26:38:5a:92:73:9f:6e:f5:9e:48:17:bc:1b:2e:
4a:07:66:e5:8f:47:70:e6:9f:78:98:c3:34:21:43:
b7:42:31:db:48:58:2c:87:89:d7:46:c5:1f:7d:ef:
a4:a1:34:a4:55:b8:52:6b:d4:43:20:44:fc:0a:7f:
aa:a4:ba:08:d9:b8:bc:87:5b:dc:7f:94:0c:d2:4f:
b6:80:bd:64:0c:2f:dd:f1:7e:83:0c:5d:5a:75:c4:
2b:1d:a0:47:04:21:d4:f6:14:b9:cb:b1:3a:65:99:
b0:40:fc:84:f6:4c:8c:af:4c:55:e3:2d:95:34:d6:
c1:26:a6:07:1c:87:41:bb:f7:65:b4:36:81:b3:58:
e9:20:15:5f:af:51:51:d6:65:f2:b8:54:fa:72:a2:
ba:1d:e5:94:90:0c:1d:e3:bc:c0:fc:52:7a:27:16:
f0:53:74:ef:50:bd:75:f0:93:15:21:0b:55:7f:32:
65:37:e7:6e:a7:cd:02:a9:56:bb:f7:f8:eb:3b:f3:
4a:c7:af:45:53:d4:39:ed:45:7e:42:7d:24:eb:fb:
28:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:AD:73:23:5A:7F:4F:DE:80:17:C9:3E:81:3B:3D:E0:BC:F5:4B:47
X509v3 Authority Key Identifier:
keyid:4A:40:95:55:10:50:40:57:8C:B2:96:07:00:74:F4:51:07:25:2E:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SkCVVRBQQFeMspYHAHT0UQclLus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5731da-6665-4161-80c1-5e79b4435e2c/1/5K1zI1p_T96AF8k-gTs94Lz1S0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5731da-6665-4161-80c1-5e79b4435e2c/1/SkCVVRBQQFeMspYHAHT0UQclLus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.122.64.0/24
212.122.66.0/23
212.122.74.0-212.122.78.255
212.122.82.0-212.122.87.255
212.122.94.0/24
Signature Algorithm: sha256WithRSAEncryption
10:b4:90:eb:9c:ae:a1:f6:7a:a2:fe:5d:8b:53:8a:fc:e3:5b:
68:88:6b:7a:43:d9:92:76:2f:25:c7:c9:5a:25:18:18:91:09:
fc:f7:4b:49:e8:96:0d:fe:5e:01:ec:60:55:2b:51:38:2f:b2:
c4:9d:99:1b:dc:bb:5a:1a:5f:ca:84:ad:a8:7e:c9:37:f6:73:
b1:ef:17:41:bf:c1:f7:2f:3c:48:ee:61:a0:fd:bc:98:b9:4e:
90:1b:b9:ae:f0:58:fe:fc:de:4e:f5:7b:c2:78:52:8d:42:34:
9b:f4:03:79:f9:b1:f6:ef:04:1d:c5:26:20:1e:a1:ea:b5:4b:
8b:69:9d:02:fa:b3:8f:82:9a:e4:aa:05:31:45:7f:aa:bc:00:
fb:a4:0c:a9:70:4b:8c:0c:0c:8d:b0:1c:83:3e:d3:e4:86:d4:
a5:2e:ee:81:17:76:f1:a5:73:18:39:9d:97:3b:44:22:78:50:
7f:73:e7:b7:62:e8:e7:21:c3:c4:79:a5:a6:29:29:83:5a:24:
e8:e4:7b:4c:0f:a2:66:ff:4f:28:35:6c:da:fd:eb:2c:de:d3:
84:94:ad:a7:bd:43:11:34:f3:e7:65:88:aa:ed:01:c4:2d:aa:
48:59:4f:a9:5d:4d:67:78:73:f7:30:0e:07:e0:9e:f0:5c:01:
9d:06:35:c9
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVtpm5ElYEi5u4SPZxzAQ3rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDA5NTU1MTA1MDQwNTc4Y2IyOTYwNzAwNzRmNDUxMDcy
NTJlZWIwHhcNMjMwMTAxMTQwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGFkNzMyMzVhN2Y0ZmRlODAxN2M5M2U4MTNiM2RlMGJjZjU0YjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnU0xxGa7QJlJbimfi8WH+k9hnT80
+ZomN8UrhxRUjqfRWiVlWYWcoZ/Dr7iFJjhaknOfbvWeSBe8Gy5KB2blj0dw5p94
mMM0IUO3QjHbSFgsh4nXRsUffe+koTSkVbhSa9RDIET8Cn+qpLoI2bi8h1vcf5QM
0k+2gL1kDC/d8X6DDF1adcQrHaBHBCHU9hS5y7E6ZZmwQPyE9kyMr0xV4y2VNNbB
JqYHHIdBu/dltDaBs1jpIBVfr1FR1mXyuFT6cqK6HeWUkAwd47zA/FJ6JxbwU3Tv
UL118JMVIQtVfzJlN+dup80CqVa79/jrO/NKx69FU9Q57UV+Qn0k6/so+wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFOStcyNaf0/egBfJPoE7PeC89UtHMB8GA1UdIwQY
MBaAFEpAlVUQUEBXjLKWBwB09FEHJS7rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tDVlZSQlFRRmVNc3BZSEFIVDBVUWNsTHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC81NzMxZGEtNjY2NS00MTYxLTgwYzEt
NWU3OWI0NDM1ZTJjLzEvNUsxekkxcF9UOTZBRjhrLWdUczk0THoxUzBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC81NzMxZGEtNjY2NS00MTYxLTgwYzEtNWU3OWI0NDM1ZTJj
LzEvU2tDVlZSQlFRRmVNc3BZSEFIVDBVUWNsTHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQA1HpAAwQB
1HpCMAwDBAHUekoDBADUek4wDAMEAdR6UgMEA9R6UAMEANR6XjANBgkqhkiG9w0B
AQsFAAOCAQEAELSQ65yuofZ6ov5di1OK/ONbaIhrekPZknYvJcfJWiUYGJEJ/PdL
SeiWDf5eAexgVStROC+yxJ2ZG9y7WhpfyoStqH7JN/Zzse8XQb/B9y88SO5hoP28
mLlOkBu5rvBY/vzeTvV7wnhSjUI0m/QDefmx9u8EHcUmIB6h6rVLi2mdAvqzj4Ka
5KoFMUV/qrwA+6QMqXBLjAwMjbAcgz7T5IbUpS7ugRd28aVzGDmdlztEInhQf3Pn
t2Lo5yHDxHmlpikpg1ok6OR7TA+iZv9PKDVs2v3rLN7ThJStp71DETTz52WIqu0B
xC2qSFlPqV1NZ3hz9zAOB+Ce8FwBnQY1yQ==
-----END CERTIFICATE-----
Generated at Wed Apr 30 15:57:34 2025 by rpki-client