Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/RaNmmQBXjvYDRFLA_EnF-6C2mK4.roa
File: RaNmmQBXjvYDRFLA_EnF-6C2mK4.roa (raw, json)
Hash identifier: S+clANmY+vsBQ8Y20WuJrLLzRwayaUHbLDsMpn1mU3o=
Subject key identifier: 45:A3:66:99:00:57:8E:F6:03:44:52:C0:FC:49:C5:FB:A0:B6:98:AE
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 018A744B640185F598187451E222B0AFDE77
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/RaNmmQBXjvYDRFLA_EnF-6C2mK4.roa
Signing time: Fri 08 Sep 2023 10:16:52 +0000
ROA not before: Fri 08 Sep 2023 10:16:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8966
IP address blocks: 195.229.3.0/24 maxlen: 24
195.229.0.0/24 maxlen: 24
195.229.1.0/24 maxlen: 24
195.229.4.0/24 maxlen: 24
195.229.0.0/19 maxlen: 19
195.229.2.0/24 maxlen: 24
195.229.6.0/24 maxlen: 24
195.229.5.0/24 maxlen: 24
5.195.166.0/24 maxlen: 24
5.195.172.0/24 maxlen: 24
5.195.167.0/24 maxlen: 24
5.195.166.0/23 maxlen: 24
5.195.175.0/24 maxlen: 24
5.195.173.0/24 maxlen: 24
5.195.174.0/24 maxlen: 24
195.229.12.0/24 maxlen: 24
195.229.27.0/24 maxlen: 24
195.229.31.0/24 maxlen: 24
195.229.34.0/24 maxlen: 24
31.219.177.0/24 maxlen: 24
31.219.177.0/25 maxlen: 25
31.219.179.0/24 maxlen: 24
31.219.177.128/25 maxlen: 25
31.219.180.0/24 maxlen: 24
5.195.208.0/24 maxlen: 24
5.195.223.0/24 maxlen: 24
194.170.186.0/24 maxlen: 24
2001:8f8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:74:4b:64:01:85:f5:98:18:74:51:e2:22:b0:af:de:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Sep 8 10:16:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45a3669900578ef6034452c0fc49c5fba0b698ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:a5:7f:d3:8f:0a:08:47:18:f7:bc:4f:6d:fe:
11:4b:03:65:7e:af:d8:91:27:12:eb:97:3e:54:74:
a5:74:6f:13:29:eb:e2:4d:c6:24:f4:cc:b1:bf:f2:
8b:bc:4c:65:b6:36:f0:62:28:23:f7:81:90:48:e9:
f4:a8:57:a4:75:ec:15:5d:ca:d5:1c:fd:e2:f5:a5:
4f:76:50:2e:47:85:42:80:f7:c1:26:e0:fa:5f:f8:
c3:25:e8:73:6f:dd:84:64:06:d8:9d:44:3c:38:e7:
43:1c:ae:a3:24:9f:67:19:78:5d:d0:ac:e3:1d:97:
d0:8e:27:ce:51:16:f1:4e:e8:28:29:c1:dd:6b:c7:
7e:70:1a:86:a1:70:30:a5:b6:54:da:61:73:9f:51:
95:03:77:ca:c5:18:03:a1:de:f7:ea:d0:f2:e1:0c:
47:d6:a9:d0:7a:ac:12:4f:51:e5:ee:5b:36:95:79:
2e:a7:fd:50:42:69:d3:49:c4:2c:a2:00:00:9a:af:
7d:a6:f3:30:ca:05:bf:d3:45:04:80:5c:ce:23:72:
f5:5e:55:a9:0a:aa:cd:b6:10:11:9a:d9:38:b9:80:
bd:00:a2:96:58:14:62:f1:37:99:bf:48:93:e1:3e:
69:1f:a9:54:bd:c7:e7:0b:23:12:2e:87:5f:3d:a7:
a5:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:A3:66:99:00:57:8E:F6:03:44:52:C0:FC:49:C5:FB:A0:B6:98:AE
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/RaNmmQBXjvYDRFLA_EnF-6C2mK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.195.166.0/23
5.195.172.0/22
5.195.208.0/24
5.195.223.0/24
31.219.177.0/24
31.219.179.0-31.219.180.255
194.170.186.0/24
195.229.0.0/19
195.229.34.0/24
IPv6:
2001:8f8::/32
Signature Algorithm: sha256WithRSAEncryption
53:bc:b9:4d:29:37:9a:09:d9:55:3e:4a:e3:67:d3:92:0b:97:
7f:a7:bb:3e:eb:4a:5a:89:8e:73:77:87:b3:a9:f3:65:f1:28:
48:cb:42:52:b5:de:d7:dc:ce:c4:f8:1d:15:2a:94:6a:81:da:
01:6a:a9:d8:51:3c:3d:51:15:64:f5:5a:0f:47:00:77:f1:d3:
95:8c:06:49:96:b3:c9:c5:24:66:78:d1:cd:60:8c:3a:87:7c:
26:f8:ee:69:9f:8c:5e:67:46:ca:20:c8:53:5c:5c:c6:d7:88:
08:b9:b3:fc:b2:87:f2:32:33:be:0c:60:40:3f:3f:e9:96:90:
9f:f9:39:0b:ab:32:e9:6d:6d:18:46:e8:b1:70:e7:6b:01:fe:
8e:a9:de:33:84:55:71:c8:ec:69:7e:06:6e:96:fb:f7:a2:60:
09:1b:2c:2e:55:c0:75:c7:e5:db:f7:b8:2b:c3:4a:52:41:b5:
37:a6:b5:2a:c9:45:88:25:cc:14:6f:ab:a8:c2:1a:16:ff:92:
f4:94:14:e0:66:ad:6b:1d:ef:b3:50:be:bc:d3:13:31:24:00:
4d:5a:96:44:e8:3f:93:e2:65:2f:35:2f:25:d9:b7:52:b5:de:
63:ef:b6:b3:5a:f5:07:42:41:e4:84:09:3a:b5:2e:49:75:43:
bb:d2:59:1b
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYp0S2QBhfWYGHRR4iKwr953MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjMwOTA4MTAxNjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWEzNjY5OTAwNTc4ZWY2MDM0NDUyYzBmYzQ5YzVmYmEwYjY5OGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qV/048KCEcY97xPbf4RSwNlfq/Y
kScS65c+VHSldG8TKeviTcYk9Myxv/KLvExltjbwYigj94GQSOn0qFekdewVXcrV
HP3i9aVPdlAuR4VCgPfBJuD6X/jDJehzb92EZAbYnUQ8OOdDHK6jJJ9nGXhd0Kzj
HZfQjifOURbxTugoKcHda8d+cBqGoXAwpbZU2mFzn1GVA3fKxRgDod736tDy4QxH
1qnQeqwST1Hl7ls2lXkup/1QQmnTScQsogAAmq99pvMwygW/00UEgFzOI3L1XlWp
CqrNthARmtk4uYC9AKKWWBRi8TeZv0iT4T5pH6lUvcfnCyMSLodfPaelDQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFEWjZpkAV472A0RSwPxJxfugtpiuMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvUmFObW1RQlhqdllEUkZMQV9FbkYtNkMybUs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQBBcOmAwQC
BcOsAwQABcPQAwQABcPfAwQAH9uxMAwDBAAf27MDBAAf27QDBADCqroDBAXD5QAD
BADD5SIwDQQCAAIwBwMFACABCPgwDQYJKoZIhvcNAQELBQADggEBAFO8uU0pN5oJ
2VU+SuNn05ILl3+nuz7rSlqJjnN3h7Op82XxKEjLQlK13tfczsT4HRUqlGqB2gFq
qdhRPD1RFWT1Wg9HAHfx05WMBkmWs8nFJGZ40c1gjDqHfCb47mmfjF5nRsogyFNc
XMbXiAi5s/yyh/IyM74MYEA/P+mWkJ/5OQurMultbRhG6LFw52sB/o6p3jOEVXHI
7Gl+Bm6W+/eiYAkbLC5VwHXH5dv3uCvDSlJBtTemtSrJRYglzBRvq6jCGhb/kvSU
FOBmrWsd77NQvrzTEzEkAE1alkToP5PiZS81LyXZt1K13mPvtrNa9QdCQeSECTq1
Lkl1Q7vSWRs=
-----END CERTIFICATE-----
Generated at Sun Apr 27 18:06:08 2025 by rpki-client