Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/lTGXOsRjLq6LOUJ8xN7tV-NhjpE.roa
File: lTGXOsRjLq6LOUJ8xN7tV-NhjpE.roa (raw, json)
Hash identifier: rOWqxkbb2BZMqNVTzEbFUTmbo7YdWov9vRBYckMi2FY=
Subject key identifier: 95:31:97:3A:C4:63:2E:AE:8B:39:42:7C:C4:DE:ED:57:E3:61:8E:91
Certificate issuer: /CN=384872e817b3a45f98d4b15b65dd452b5da2d611
Certificate serial: 0182683FBA7C9062E3ADBEFF420A6B0A0537
Authority key identifier: 38:48:72:E8:17:B3:A4:5F:98:D4:B1:5B:65:DD:45:2B:5D:A2:D6:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OEhy6BezpF-Y1LFbZd1FK12i1hE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/lTGXOsRjLq6LOUJ8xN7tV-NhjpE.roa
Signing time: Thu 04 Aug 2022 09:46:23 +0000
ROA not before: Thu 04 Aug 2022 09:46:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56329
IP address blocks: 194.233.152.0/21 maxlen: 21
88.202.240.0/20 maxlen: 20
188.95.40.0/21 maxlen: 21
195.180.16.0/20 maxlen: 20
195.180.32.0/21 maxlen: 21
195.180.48.0/20 maxlen: 20
213.18.128.0/18 maxlen: 18
216.213.128.0/18 maxlen: 18
216.213.172.0/24 maxlen: 24
194.233.224.0/20 maxlen: 20
83.151.200.0/21 maxlen: 21
82.163.184.0/21 maxlen: 21
88.202.128.0/19 maxlen: 19
212.237.220.0/22 maxlen: 22
185.82.156.0/22 maxlen: 22
82.163.144.0/20 maxlen: 20
46.227.144.0/21 maxlen: 21
88.202.192.0/20 maxlen: 20
185.111.224.0/22 maxlen: 22
88.202.232.0/22 maxlen: 22
185.147.88.0/22 maxlen: 22
88.212.164.0/22 maxlen: 22
88.212.168.0/21 maxlen: 21
88.212.176.0/21 maxlen: 21
88.212.184.0/22 maxlen: 22
78.143.192.0/19 maxlen: 19
82.163.252.0/22 maxlen: 22
2a06:61c0::/29 maxlen: 29
2a02:fb8::/32 maxlen: 32
2a00:d200::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:68:3f:ba:7c:90:62:e3:ad:be:ff:42:0a:6b:0a:05:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=384872e817b3a45f98d4b15b65dd452b5da2d611
Validity
Not Before: Aug 4 09:46:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9531973ac4632eae8b39427cc4deed57e3618e91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d8:06:40:1c:47:6c:d6:9f:f6:8f:58:62:b5:
33:f3:31:5b:9c:6d:a7:c0:b4:94:bf:56:44:ba:ea:
fa:67:61:ba:e4:d8:30:9b:1b:fd:ae:de:28:f8:35:
f6:19:c4:8a:28:75:de:f5:88:e3:6a:ae:2f:4f:e7:
fb:0a:83:6a:a9:a7:ac:7b:47:2a:04:03:c2:ea:bb:
69:88:04:cd:87:8d:5f:2a:17:81:ef:d4:a4:c2:32:
e9:93:78:be:b1:f3:7a:c5:b9:0f:10:c2:18:f2:05:
31:d7:04:09:9c:ad:f9:52:f0:73:dc:1e:f6:a5:c2:
85:9c:f5:e1:8b:c5:6a:88:a4:b5:c1:76:90:f8:e4:
f4:42:dc:2b:0e:a4:81:49:cd:30:cb:49:d7:15:f4:
6b:d7:63:75:85:74:c5:cd:4b:31:46:92:f4:d6:04:
c7:da:7a:8c:78:72:6a:1a:b2:29:90:8c:16:f1:18:
44:5b:b2:4a:71:99:51:9c:27:1f:dd:3b:d5:57:bc:
3a:9d:0c:36:4b:12:da:77:f1:2f:f2:b2:4a:7f:bf:
be:db:d0:c7:e2:6a:62:bd:91:4e:71:7d:5b:9d:f6:
63:85:64:04:22:6c:84:e9:f4:01:aa:02:19:0a:8a:
e4:c1:32:bf:e4:22:f0:97:ae:7d:4a:f8:ab:ce:70:
13:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:31:97:3A:C4:63:2E:AE:8B:39:42:7C:C4:DE:ED:57:E3:61:8E:91
X509v3 Authority Key Identifier:
keyid:38:48:72:E8:17:B3:A4:5F:98:D4:B1:5B:65:DD:45:2B:5D:A2:D6:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEhy6BezpF-Y1LFbZd1FK12i1hE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/lTGXOsRjLq6LOUJ8xN7tV-NhjpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/OEhy6BezpF-Y1LFbZd1FK12i1hE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.144.0/21
78.143.192.0/19
82.163.144.0/20
82.163.184.0/21
82.163.252.0/22
83.151.200.0/21
88.202.128.0/19
88.202.192.0/20
88.202.232.0/22
88.202.240.0/20
88.212.164.0-88.212.187.255
185.82.156.0/22
185.111.224.0/22
185.147.88.0/22
188.95.40.0/21
194.233.152.0/21
194.233.224.0/20
195.180.16.0-195.180.39.255
195.180.48.0/20
212.237.220.0/22
213.18.128.0/18
216.213.128.0/18
IPv6:
2a00:d200::/29
2a02:fb8::/32
2a06:61c0::/29
Signature Algorithm: sha256WithRSAEncryption
3e:58:f8:46:71:f3:87:21:8a:60:9a:44:87:7e:93:ee:bf:f5:
64:ad:3a:d7:10:5b:22:29:66:2a:37:2d:3b:55:af:65:21:67:
3a:96:8b:f8:b1:f1:03:d5:29:ed:c3:88:8a:d0:4d:c1:a7:7a:
1d:c1:72:aa:a3:1c:65:8b:34:4f:ef:eb:03:3a:3a:61:de:4c:
6d:cd:cc:62:b4:5b:e6:a8:3c:bf:f0:da:4a:e9:5e:1d:8b:b8:
1f:af:91:7c:28:3f:3f:d4:61:78:41:b1:23:45:a2:24:a6:d2:
1a:08:75:77:f5:50:6b:8d:72:92:c9:69:a6:2b:c1:60:be:02:
cf:eb:97:2f:51:fb:43:79:83:28:04:62:f1:92:52:a2:3b:0d:
93:dd:20:01:26:b6:b7:b9:cb:bd:7a:ac:66:c2:d5:c1:8f:7f:
b6:02:eb:3a:60:00:14:79:83:df:d1:d6:56:f8:38:d5:b1:f7:
eb:50:71:fc:40:1f:b9:98:2b:f4:ab:48:d8:c7:d8:80:e5:ff:
be:98:ce:a4:78:0f:54:04:01:4a:66:ea:8b:32:78:37:cc:88:
3e:84:3b:ad:1f:24:8c:93:ee:44:8d:84:9b:c6:2f:65:c0:df:
ea:56:41:0e:25:03:88:64:01:77:4b:43:91:af:a2:bf:b2:28:
cd:de:51:20
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYJoP7p8kGLjrb7/QgprCgU3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NDg3MmU4MTdiM2E0NWY5OGQ0YjE1YjY1ZGQ0NTJiNWRh
MmQ2MTEwHhcNMjIwODA0MDk0NjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTMxOTczYWM0NjMyZWFlOGIzOTQyN2NjNGRlZWQ1N2UzNjE4ZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNgGQBxHbNaf9o9YYrUz8zFbnG2n
wLSUv1ZEuur6Z2G65Ngwmxv9rt4o+DX2GcSKKHXe9Yjjaq4vT+f7CoNqqaese0cq
BAPC6rtpiATNh41fKheB79SkwjLpk3i+sfN6xbkPEMIY8gUx1wQJnK35UvBz3B72
pcKFnPXhi8VqiKS1wXaQ+OT0QtwrDqSBSc0wy0nXFfRr12N1hXTFzUsxRpL01gTH
2nqMeHJqGrIpkIwW8RhEW7JKcZlRnCcf3TvVV7w6nQw2SxLad/Ev8rJKf7++29DH
4mpivZFOcX1bnfZjhWQEImyE6fQBqgIZCorkwTK/5CLwl659SvirznAT1wIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFJUxlzrEYy6uizlCfMTe7VfjYY6RMB8GA1UdIwQY
MBaAFDhIcugXs6RfmNSxW2XdRStdotYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0VoeTZCZXpwRi1ZMUxGYlpkMUZLMTJpMWhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8xN2U2NjMtZWIxMC00NWVkLTgxZjIt
YmZiZTFiYzE1ZmMyLzEvbFRHWE9zUmpMcTZMT1VKOHhON3RWLU5oanBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8xN2U2NjMtZWIxMC00NWVkLTgxZjItYmZiZTFiYzE1ZmMy
LzEvT0VoeTZCZXpwRi1ZMUxGYlpkMUZLMTJpMWhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBmwQCAAEwgZQDBAMu
45ADBAVOj8ADBARSo5ADBANSo7gDBAJSo/wDBANTl8gDBAVYyoADBARYysADBAJY
yugDBARYyvAwDAMEAljUpAMEAljUuAMEArlSnAMEArlv4AMEArmTWAMEA7xfKAME
A8LpmAMEBMLp4DAMAwQEw7QQAwQDw7QgAwQEw7QwAwQC1O3cAwQG1RKAAwQG2NWA
MBsEAgACMBUDBQMqANIAAwUAKgIPuAMFAyoGYcAwDQYJKoZIhvcNAQELBQADggEB
AD5Y+EZx84chimCaRId+k+6/9WStOtcQWyIpZio3LTtVr2UhZzqWi/ix8QPVKe3D
iIrQTcGneh3BcqqjHGWLNE/v6wM6OmHeTG3NzGK0W+aoPL/w2krpXh2LuB+vkXwo
Pz/UYXhBsSNFoiSm0hoIdXf1UGuNcpLJaaYrwWC+As/rly9R+0N5gygEYvGSUqI7
DZPdIAEmtre5y716rGbC1cGPf7YC6zpgABR5g9/R1lb4ONWx9+tQcfxAH7mYK/Sr
SNjH2IDl/76YzqR4D1QEAUpm6osyeDfMiD6EO60fJIyT7kSNhJvGL2XA3+pWQQ4l
A4hkAXdLQ5Gvor+yKM3eUSA=
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:43:31 2025 by rpki-client