Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/UNj5r5YYe3eEN-Yh3jYiUSj2Vis.roa
File: UNj5r5YYe3eEN-Yh3jYiUSj2Vis.roa (raw, json)
Hash identifier: 54yZ06DTWsQIJ8FlcfttfeMUWImHcE/Gcxi6NynW+7I=
Subject key identifier: 50:D8:F9:AF:96:18:7B:77:84:37:E6:21:DE:36:22:51:28:F6:56:2B
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 01856D663DB76576D17ADC42ACA3BA5A7699
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/UNj5r5YYe3eEN-Yh3jYiUSj2Vis.roa
Signing time: Sun 01 Jan 2023 12:54:55 +0000
ROA not before: Sun 01 Jan 2023 12:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13237
IP address blocks: 185.250.87.0/24 maxlen: 24
82.98.200.0/21 maxlen: 24
62.93.192.0/18 maxlen: 24
82.98.208.0/20 maxlen: 24
83.124.0.0/14 maxlen: 24
82.98.224.0/21 maxlen: 24
62.80.96.0/19 maxlen: 24
62.4.64.0/22 maxlen: 24
62.4.64.0/19 maxlen: 24
83.137.80.0/21 maxlen: 21
84.207.0.0/16 maxlen: 24
83.133.0.0/16 maxlen: 24
217.112.144.0/21 maxlen: 24
217.112.144.0/20 maxlen: 24
84.207.205.0/24 maxlen: 24
217.71.96.0/20 maxlen: 24
83.125.71.0/24 maxlen: 24
84.207.210.0/24 maxlen: 24
81.209.128.0/17 maxlen: 24
84.207.225.0/24 maxlen: 24
84.207.226.0/24 maxlen: 24
84.207.228.0/24 maxlen: 24
80.86.160.0/19 maxlen: 24
84.207.229.0/24 maxlen: 24
84.207.231.0/24 maxlen: 24
84.207.240.0/24 maxlen: 24
82.197.128.0/19 maxlen: 24
83.125.45.0/24 maxlen: 24
2001:4d40::/32 maxlen: 48
2001:1618::/29 maxlen: 48
2001:7f0::/32 maxlen: 48
2001:7f0:4020::/48 maxlen: 48
2a00:cc0::/29 maxlen: 48
2001:4d40::/29 maxlen: 48
2a00:fa0::/32 maxlen: 48
2a00:cc0::/32 maxlen: 48
2001:7f0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:3d:b7:65:76:d1:7a:dc:42:ac:a3:ba:5a:76:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 12:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50d8f9af96187b778437e621de36225128f6562b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d3:06:22:1c:c0:02:b7:87:08:bf:1c:14:1f:
1d:24:85:55:2d:7c:9d:4e:25:d1:d3:9e:7c:f0:fa:
ca:3f:0b:ef:07:a9:2c:9f:87:2f:38:77:90:e4:04:
c6:de:4a:80:93:94:9e:ba:cc:9b:72:53:06:e3:68:
72:25:ab:56:a6:70:b9:ab:eb:ea:a4:ee:d3:6c:f6:
d5:c5:11:08:7c:2d:f8:de:7c:12:2f:b6:ef:de:5c:
49:88:10:21:55:ff:e9:f5:43:59:a5:13:d9:00:07:
d7:3c:52:fa:59:42:cc:c5:91:05:f0:47:61:48:df:
a1:b9:5a:2f:bb:01:6e:fe:52:14:bf:d9:26:58:1c:
91:f0:5c:81:3b:9f:28:3a:b0:63:14:10:bd:2b:09:
2b:dc:55:80:27:94:37:ff:d8:e2:a3:d3:86:00:15:
06:53:61:17:e9:3e:c9:a5:0f:fe:d3:8d:6d:7b:00:
f6:24:cd:05:d1:f8:ea:14:ab:09:6f:7b:fb:eb:ab:
96:9b:2c:1f:64:aa:aa:9c:91:25:ac:e7:d6:8c:30:
f9:4f:f7:8c:0b:7a:7c:77:c2:02:c1:89:91:e0:8b:
bd:f5:6d:4c:f0:41:1a:6d:b0:15:19:bb:c0:4f:9e:
ca:24:d4:01:26:03:77:95:56:cf:08:44:c3:2d:a1:
5a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:D8:F9:AF:96:18:7B:77:84:37:E6:21:DE:36:22:51:28:F6:56:2B
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/UNj5r5YYe3eEN-Yh3jYiUSj2Vis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.4.64.0/19
62.80.96.0/19
62.93.192.0/18
80.86.160.0/19
81.209.128.0/17
82.98.200.0-82.98.231.255
82.197.128.0/19
83.124.0.0/14
83.133.0.0/16
83.137.80.0/21
84.207.0.0/16
185.250.87.0/24
217.71.96.0/20
217.112.144.0/20
IPv6:
2001:7f0::/29
2001:1618::/29
2001:4d40::/29
2a00:cc0::/29
2a00:fa0::/32
Signature Algorithm: sha256WithRSAEncryption
22:70:ae:36:4d:78:74:a8:f1:4a:d8:6f:00:b5:d7:a7:c6:fc:
39:ba:6e:4a:99:c1:7a:c3:8a:16:e2:65:3f:82:0a:23:99:95:
da:6b:16:bb:6b:de:dc:aa:ed:69:8a:c5:f6:22:82:2b:98:fb:
89:04:b4:e6:d8:c0:a8:c9:30:37:4f:83:e0:a2:16:76:83:de:
e5:94:50:b1:43:27:03:0a:fd:66:2e:5d:4e:34:0f:1a:6d:d3:
c9:a5:68:31:4f:73:c0:1c:14:86:4d:b8:7a:ec:41:29:59:41:
eb:be:94:cd:8e:45:5b:9f:ef:0e:a4:c5:9a:42:dd:a3:98:ec:
8b:08:68:3f:c9:a7:b7:1d:ef:7a:8c:a7:16:65:9d:d2:76:08:
24:b9:9b:d6:8a:4b:5f:1c:b2:ab:db:0a:62:ea:09:cc:52:95:
99:3c:5b:32:59:4a:79:57:d7:06:41:ec:9f:e8:67:b6:17:73:
89:fe:f3:2b:65:08:db:ac:4f:87:49:fc:78:5f:0f:b9:33:a8:
81:6f:29:56:9c:e1:ef:4d:a4:35:65:41:45:c3:06:c2:8a:f5:
73:89:eb:59:d8:0a:e7:bd:bb:f1:fc:8f:e7:cf:78:81:1a:8b:
32:a4:d1:4b:82:44:23:98:05:9a:b9:80:a1:39:a8:c1:38:53:
ae:3f:90:ab
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYVtZj23ZXbRetxCrKO6WnaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjMwMTAxMTI1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGQ4ZjlhZjk2MTg3Yjc3ODQzN2U2MjFkZTM2MjI1MTI4ZjY1NjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdMGIhzAAreHCL8cFB8dJIVVLXyd
TiXR05588PrKPwvvB6ksn4cvOHeQ5ATG3kqAk5SeusybclMG42hyJatWpnC5q+vq
pO7TbPbVxREIfC343nwSL7bv3lxJiBAhVf/p9UNZpRPZAAfXPFL6WULMxZEF8Edh
SN+huVovuwFu/lIUv9kmWByR8FyBO58oOrBjFBC9Kwkr3FWAJ5Q3/9jio9OGABUG
U2EX6T7JpQ/+041tewD2JM0F0fjqFKsJb3v766uWmywfZKqqnJElrOfWjDD5T/eM
C3p8d8ICwYmR4Iu99W1M8EEabbAVGbvAT57KJNQBJgN3lVbPCETDLaFaRwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFFDY+a+WGHt3hDfmId42IlEo9lYrMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvVU5qNXI1WVllM2VFTi1ZaDNqWWlVU2oyVmlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDBfBAIAATBZAwQFPgRA
AwQFPlBgAwQGPl3AAwQFUFagAwQHUdGAMAwDBANSYsgDBANSYuADBAVSxYADAwJT
fAMDAFOFAwQDU4lQAwMAVM8DBAC5+lcDBATZR2ADBATZcJAwKQQCAAIwIwMFAyAB
B/ADBQMgARYYAwUDIAFNQAMFAyoADMADBQAqAA+gMA0GCSqGSIb3DQEBCwUAA4IB
AQAicK42TXh0qPFK2G8Atdenxvw5um5KmcF6w4oW4mU/ggojmZXaaxa7a97cqu1p
isX2IoIrmPuJBLTm2MCoyTA3T4PgohZ2g97llFCxQycDCv1mLl1ONA8abdPJpWgx
T3PAHBSGTbh67EEpWUHrvpTNjkVbn+8OpMWaQt2jmOyLCGg/yae3He96jKcWZZ3S
dggkuZvWiktfHLKr2wpi6gnMUpWZPFsyWUp5V9cGQeyf6Ge2F3OJ/vMrZQjbrE+H
Sfx4Xw+5M6iBbylWnOHvTaQ1ZUFFwwbCivVzietZ2Arnvbvx/I/nz3iBGosypNFL
gkQjmAWauYChOajBOFOuP5Cr
-----END CERTIFICATE-----
Generated at Wed Apr 16 13:48:33 2025 by rpki-client