Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/or_Qdql3i8feYPZIpmME1u5Z2gA.roa
File: or_Qdql3i8feYPZIpmME1u5Z2gA.roa (raw, json)
Hash identifier: VidXQxT5qrSSAW/4LEPvHCjICg9h9F7i1qOkVVMGHas=
Subject key identifier: A2:BF:D0:76:A9:77:8B:C7:DE:60:F6:48:A6:63:04:D6:EE:59:DA:00
Certificate issuer: /CN=384872e817b3a45f98d4b15b65dd452b5da2d611
Certificate serial: 0189BA4F79C2405A1A6F27A7767CFD28115B
Authority key identifier: 38:48:72:E8:17:B3:A4:5F:98:D4:B1:5B:65:DD:45:2B:5D:A2:D6:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OEhy6BezpF-Y1LFbZd1FK12i1hE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/or_Qdql3i8feYPZIpmME1u5Z2gA.roa
Signing time: Thu 03 Aug 2023 07:31:57 +0000
ROA not before: Thu 03 Aug 2023 07:31:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56329
IP address blocks: 194.233.152.0/21 maxlen: 21
88.202.240.0/20 maxlen: 20
188.95.40.0/21 maxlen: 21
195.180.16.0/20 maxlen: 20
195.180.32.0/21 maxlen: 21
195.180.48.0/20 maxlen: 20
213.18.128.0/18 maxlen: 18
216.213.128.0/18 maxlen: 18
216.213.172.0/24 maxlen: 24
194.233.224.0/20 maxlen: 20
83.151.200.0/21 maxlen: 21
82.163.184.0/21 maxlen: 21
88.202.128.0/19 maxlen: 19
212.237.220.0/22 maxlen: 22
185.82.156.0/22 maxlen: 22
82.163.144.0/20 maxlen: 20
46.227.144.0/21 maxlen: 21
88.202.192.0/20 maxlen: 20
185.111.224.0/22 maxlen: 22
212.132.32.0/19 maxlen: 19
88.202.232.0/22 maxlen: 22
185.147.88.0/22 maxlen: 22
88.212.164.0/22 maxlen: 22
88.212.168.0/21 maxlen: 21
88.212.176.0/21 maxlen: 21
88.212.184.0/22 maxlen: 22
78.143.192.0/19 maxlen: 19
82.163.252.0/22 maxlen: 22
2a06:61c0::/29 maxlen: 29
2a02:fb8::/32 maxlen: 32
2a00:d200::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:4f:79:c2:40:5a:1a:6f:27:a7:76:7c:fd:28:11:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=384872e817b3a45f98d4b15b65dd452b5da2d611
Validity
Not Before: Aug 3 07:31:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2bfd076a9778bc7de60f648a66304d6ee59da00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ef:d9:40:ef:46:02:23:1b:09:3a:58:7d:7a:
87:9d:12:3b:42:f5:5e:95:1d:0c:25:67:a0:09:41:
77:99:5c:bb:03:69:e6:fe:42:4a:bc:9a:e5:6d:38:
93:06:85:c8:55:4c:cb:84:f6:8c:a3:0c:19:69:0f:
fc:8e:86:fe:60:54:5e:c6:d6:fa:6d:2d:e5:83:ac:
08:4b:dd:4a:8d:bb:40:7e:b8:ea:cd:06:b6:6b:46:
0a:1c:4c:92:49:5e:01:f0:6b:93:31:02:b3:66:c8:
8d:c5:5f:f6:53:c9:b8:0e:16:4a:ab:f1:4e:5e:f5:
8c:d7:75:b4:1a:1e:26:93:d3:50:54:ed:75:a7:92:
cc:76:ef:8f:98:4a:77:d3:f2:0d:fe:84:43:f5:bb:
60:fd:31:07:91:98:1b:4c:03:d8:5f:b2:fc:0d:88:
b9:a1:b4:3e:4a:9c:ba:d7:c7:0c:f5:5b:00:8e:28:
11:84:cf:4a:a7:e1:43:e9:93:6a:0c:1f:96:2d:a8:
38:33:38:3a:61:17:b0:ed:30:a8:62:b3:9c:b1:08:
cb:9f:35:db:9a:e3:7b:fd:42:0f:f8:73:a9:2a:3a:
16:c9:0f:1c:21:9d:30:18:cb:47:11:2e:c7:a8:6b:
1e:ed:d1:8e:c5:50:94:e6:80:20:81:9f:af:89:7f:
e7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:BF:D0:76:A9:77:8B:C7:DE:60:F6:48:A6:63:04:D6:EE:59:DA:00
X509v3 Authority Key Identifier:
keyid:38:48:72:E8:17:B3:A4:5F:98:D4:B1:5B:65:DD:45:2B:5D:A2:D6:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEhy6BezpF-Y1LFbZd1FK12i1hE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/or_Qdql3i8feYPZIpmME1u5Z2gA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/OEhy6BezpF-Y1LFbZd1FK12i1hE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.144.0/21
78.143.192.0/19
82.163.144.0/20
82.163.184.0/21
82.163.252.0/22
83.151.200.0/21
88.202.128.0/19
88.202.192.0/20
88.202.232.0/22
88.202.240.0/20
88.212.164.0-88.212.187.255
185.82.156.0/22
185.111.224.0/22
185.147.88.0/22
188.95.40.0/21
194.233.152.0/21
194.233.224.0/20
195.180.16.0-195.180.39.255
195.180.48.0/20
212.132.32.0/19
212.237.220.0/22
213.18.128.0/18
216.213.128.0/18
IPv6:
2a00:d200::/29
2a02:fb8::/32
2a06:61c0::/29
Signature Algorithm: sha256WithRSAEncryption
74:87:56:14:f0:7d:3d:97:0e:2b:a9:ec:26:4d:1d:9a:2c:b1:
62:d7:cd:8b:3f:a5:2f:60:f1:82:cb:07:44:2a:48:1f:31:74:
dd:b0:22:20:ac:3a:b5:68:48:72:46:8b:d6:a0:6f:ef:33:93:
73:9b:59:de:dc:f1:d6:0b:5d:3a:96:ee:13:58:b2:f6:47:71:
4e:91:80:bd:0e:b1:3e:98:9a:29:e8:35:66:c8:8a:ae:0d:5c:
89:19:15:18:4d:75:4b:b6:b7:1a:5c:e0:22:15:9c:1f:ae:aa:
40:cf:60:35:06:f6:8e:30:e2:81:2a:81:23:d3:39:e6:45:ed:
1c:ad:15:18:cd:0d:0b:16:71:ed:81:80:cd:dc:d6:1f:d8:14:
8b:27:41:9a:01:be:e5:e4:20:f5:2f:43:49:74:6b:f2:46:d2:
ca:df:6a:b0:23:31:6f:37:07:d7:a0:da:33:83:11:21:3a:e3:
2d:9a:11:3d:59:74:12:d1:b4:a3:3c:e3:1a:e6:9c:f4:ee:17:
fb:2d:11:36:b6:a9:b8:1a:e0:c4:a9:5c:0b:76:9d:6e:09:f9:
56:e5:5c:ae:15:c6:d0:09:bb:bc:38:aa:cd:7c:bc:ad:5e:aa:
49:0d:34:e1:c5:f0:07:51:ea:8d:8a:a5:da:57:26:a9:b8:de:
20:bd:fa:df
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYm6T3nCQFoabyendnz9KBFbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NDg3MmU4MTdiM2E0NWY5OGQ0YjE1YjY1ZGQ0NTJiNWRh
MmQ2MTEwHhcNMjMwODAzMDczMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmJmZDA3NmE5Nzc4YmM3ZGU2MGY2NDhhNjYzMDRkNmVlNTlkYTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnu/ZQO9GAiMbCTpYfXqHnRI7QvVe
lR0MJWegCUF3mVy7A2nm/kJKvJrlbTiTBoXIVUzLhPaMowwZaQ/8job+YFRextb6
bS3lg6wIS91KjbtAfrjqzQa2a0YKHEySSV4B8GuTMQKzZsiNxV/2U8m4DhZKq/FO
XvWM13W0Gh4mk9NQVO11p5LMdu+PmEp30/IN/oRD9btg/TEHkZgbTAPYX7L8DYi5
obQ+Spy618cM9VsAjigRhM9Kp+FD6ZNqDB+WLag4Mzg6YRew7TCoYrOcsQjLnzXb
muN7/UIP+HOpKjoWyQ8cIZ0wGMtHES7HqGse7dGOxVCU5oAggZ+viX/nwQIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFKK/0Hapd4vH3mD2SKZjBNbuWdoAMB8GA1UdIwQY
MBaAFDhIcugXs6RfmNSxW2XdRStdotYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0VoeTZCZXpwRi1ZMUxGYlpkMUZLMTJpMWhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8xN2U2NjMtZWIxMC00NWVkLTgxZjIt
YmZiZTFiYzE1ZmMyLzEvb3JfUWRxbDNpOGZlWVBaSXBtTUUxdTVaMmdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8xN2U2NjMtZWIxMC00NWVkLTgxZjItYmZiZTFiYzE1ZmMy
LzEvT0VoeTZCZXpwRi1ZMUxGYlpkMUZLMTJpMWhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBoQQCAAEwgZoDBAMu
45ADBAVOj8ADBARSo5ADBANSo7gDBAJSo/wDBANTl8gDBAVYyoADBARYysADBAJY
yugDBARYyvAwDAMEAljUpAMEAljUuAMEArlSnAMEArlv4AMEArmTWAMEA7xfKAME
A8LpmAMEBMLp4DAMAwQEw7QQAwQDw7QgAwQEw7QwAwQF1IQgAwQC1O3cAwQG1RKA
AwQG2NWAMBsEAgACMBUDBQMqANIAAwUAKgIPuAMFAyoGYcAwDQYJKoZIhvcNAQEL
BQADggEBAHSHVhTwfT2XDiup7CZNHZossWLXzYs/pS9g8YLLB0QqSB8xdN2wIiCs
OrVoSHJGi9agb+8zk3ObWd7c8dYLXTqW7hNYsvZHcU6RgL0OsT6YminoNWbIiq4N
XIkZFRhNdUu2txpc4CIVnB+uqkDPYDUG9o4w4oEqgSPTOeZF7RytFRjNDQsWce2B
gM3c1h/YFIsnQZoBvuXkIPUvQ0l0a/JG0srfarAjMW83B9eg2jODESE64y2aET1Z
dBLRtKM84xrmnPTuF/stETa2qbga4MSpXAt2nW4J+VblXK4VxtAJu7w4qs18vK1e
qkkNNOHF8AdR6o2KpdpXJqm43iC9+t8=
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:19:48 2025 by rpki-client