Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/1D4Sl52auIVrbaWsEgVL2Ksbo4o.roa
File: 1D4Sl52auIVrbaWsEgVL2Ksbo4o.roa (raw, json)
Hash identifier: T011q/dwsNyfcQturakc/T/blY284ddZK9NY4Vmsjuc=
Subject key identifier: D4:3E:12:97:9D:9A:B8:85:6B:6D:A5:AC:12:05:4B:D8:AB:1B:A3:8A
Certificate issuer: /CN=27029a36fc0cca2e0a8d045f022dfc831a517308
Certificate serial: 018828F39CADA0E8856BA28AC68616516666
Authority key identifier: 27:02:9A:36:FC:0C:CA:2E:0A:8D:04:5F:02:2D:FC:83:1A:51:73:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JwKaNvwMyi4KjQRfAi38gxpRcwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/1D4Sl52auIVrbaWsEgVL2Ksbo4o.roa
Signing time: Wed 17 May 2023 09:03:53 +0000
ROA not before: Wed 17 May 2023 09:03:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35432
IP address blocks: 164.215.0.0/19 maxlen: 24
91.184.192.0/19 maxlen: 24
195.179.96.0/20 maxlen: 24
64.59.208.0/20 maxlen: 24
185.7.156.0/22 maxlen: 24
213.140.192.0/19 maxlen: 24
69.6.0.0/19 maxlen: 24
85.132.224.0/19 maxlen: 24
212.50.96.0/19 maxlen: 24
80.244.16.0/20 maxlen: 24
66.205.95.0/24 maxlen: 24
109.110.224.0/19 maxlen: 24
77.83.248.0/22 maxlen: 24
66.205.64.0/19 maxlen: 24
213.133.80.0/20 maxlen: 24
65.18.208.0/20 maxlen: 24
185.162.16.0/22 maxlen: 24
185.42.32.0/22 maxlen: 24
185.42.32.0/24 maxlen: 24
69.94.112.0/20 maxlen: 24
194.233.16.0/22 maxlen: 24
139.138.192.0/19 maxlen: 24
216.241.128.0/19 maxlen: 24
194.233.24.0/22 maxlen: 24
194.233.60.0/22 maxlen: 24
46.251.96.0/19 maxlen: 24
194.64.144.0/22 maxlen: 24
2a02:540:8::/48 maxlen: 48
2a02:540:7::/48 maxlen: 48
2a02:540:5::/48 maxlen: 48
2a02:540::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:28:f3:9c:ad:a0:e8:85:6b:a2:8a:c6:86:16:51:66:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27029a36fc0cca2e0a8d045f022dfc831a517308
Validity
Not Before: May 17 09:03:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d43e12979d9ab8856b6da5ac12054bd8ab1ba38a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:25:07:0b:97:84:e3:a6:af:1d:86:93:b9:e6:
ba:32:36:08:3a:3c:b5:58:9a:c3:fa:40:bc:e3:d9:
27:76:ec:aa:bb:54:ae:03:59:4d:4d:93:29:55:71:
83:64:78:c6:fc:f0:2f:20:c7:34:ed:1b:f3:4e:3f:
0a:37:e0:37:b3:de:16:09:a1:bc:dd:aa:bb:ac:81:
cb:e6:23:32:40:00:49:96:c4:84:54:d1:58:79:a7:
ba:bc:6c:ca:d3:e8:75:05:e5:83:fb:3a:7d:93:d6:
cc:af:25:c3:58:b6:41:b6:8b:94:e5:13:6f:d1:24:
99:10:cb:ad:9a:23:80:82:73:dd:58:4a:ec:17:0d:
d0:29:75:a7:30:f7:9d:0e:2d:a7:64:f7:fd:5d:83:
c9:78:1b:ed:0f:d8:1c:0c:1f:64:5f:39:95:ce:9f:
69:02:30:b4:ce:1b:0b:bc:d1:3c:a5:d2:76:a3:07:
89:01:cc:76:98:2b:b2:f5:7f:a2:7e:28:87:49:7f:
8f:67:de:de:6a:a4:35:66:96:9f:70:36:11:e7:52:
fc:c8:f4:ec:1d:ad:7c:38:42:35:6d:9d:f2:96:fe:
50:11:17:f5:54:c1:a5:47:41:41:31:14:72:bf:0f:
00:b5:b3:36:c3:81:79:d2:07:bf:12:09:13:4c:ba:
4d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:3E:12:97:9D:9A:B8:85:6B:6D:A5:AC:12:05:4B:D8:AB:1B:A3:8A
X509v3 Authority Key Identifier:
keyid:27:02:9A:36:FC:0C:CA:2E:0A:8D:04:5F:02:2D:FC:83:1A:51:73:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JwKaNvwMyi4KjQRfAi38gxpRcwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/1D4Sl52auIVrbaWsEgVL2Ksbo4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/JwKaNvwMyi4KjQRfAi38gxpRcwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.251.96.0/19
64.59.208.0/20
65.18.208.0/20
66.205.64.0/19
69.6.0.0/19
69.94.112.0/20
77.83.248.0/22
80.244.16.0/20
85.132.224.0/19
91.184.192.0/19
109.110.224.0/19
139.138.192.0/19
164.215.0.0/19
185.7.156.0/22
185.42.32.0/22
185.162.16.0/22
194.64.144.0/22
194.233.16.0/22
194.233.24.0/22
194.233.60.0/22
195.179.96.0/20
212.50.96.0/19
213.133.80.0/20
213.140.192.0/19
216.241.128.0/19
IPv6:
2a02:540::/32
Signature Algorithm: sha256WithRSAEncryption
3b:2b:d1:69:26:0a:89:c4:1f:16:9e:99:87:40:e5:ad:b6:bf:
25:94:90:c5:d2:d3:54:fd:ce:77:7c:e6:ff:7c:59:39:e7:c8:
92:72:36:9e:10:4f:3a:f2:39:19:b3:09:5f:59:b0:fa:f8:6d:
2f:11:1b:a9:05:f6:51:d7:d5:7a:e8:15:17:ed:97:cf:2c:e9:
10:3e:e9:43:96:44:98:98:be:98:4e:45:ff:7f:16:e4:f2:d8:
f0:07:f0:44:a7:5a:e8:e9:f1:f7:0a:f7:56:11:59:13:13:26:
fa:bb:f3:20:a0:2b:77:c8:b4:b5:54:cc:74:1a:84:9e:6e:ac:
48:f1:77:80:00:08:81:c8:d9:04:02:dd:35:a9:8d:7a:a6:28:
62:80:cf:f5:d4:25:09:f6:9c:00:c8:c7:a5:64:33:ca:2c:3f:
40:e2:e4:0e:bd:88:31:3a:01:c5:11:6c:31:7b:3e:0a:0e:21:
67:62:2e:37:a7:38:58:01:34:c2:3b:8f:31:8c:0c:a5:e1:dc:
61:76:3f:e6:05:9f:0c:6b:0c:15:94:f3:17:ed:54:73:2b:9f:
47:5f:b3:52:5a:6e:70:ce:de:c5:62:a0:0c:c9:1d:8b:0e:c4:
24:f9:b8:94:86:28:5a:47:4d:7e:82:ec:50:68:29:24:18:dd:
dd:92:c8:3c
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAYgo85ytoOiFa6KKxoYWUWZmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MDI5YTM2ZmMwY2NhMmUwYThkMDQ1ZjAyMmRmYzgzMWE1
MTczMDgwHhcNMjMwNTE3MDkwMzUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDNlMTI5NzlkOWFiODg1NmI2ZGE1YWMxMjA1NGJkOGFiMWJhMzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiUHC5eE46avHYaTuea6MjYIOjy1
WJrD+kC849knduyqu1SuA1lNTZMpVXGDZHjG/PAvIMc07RvzTj8KN+A3s94WCaG8
3aq7rIHL5iMyQABJlsSEVNFYeae6vGzK0+h1BeWD+zp9k9bMryXDWLZBtouU5RNv
0SSZEMutmiOAgnPdWErsFw3QKXWnMPedDi2nZPf9XYPJeBvtD9gcDB9kXzmVzp9p
AjC0zhsLvNE8pdJ2oweJAcx2mCuy9X+ifiiHSX+PZ97eaqQ1ZpafcDYR51L8yPTs
Ha18OEI1bZ3ylv5QERf1VMGlR0FBMRRyvw8AtbM2w4F50ge/EgkTTLpNfwIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFNQ+EpedmriFa22lrBIFS9irG6OKMB8GA1UdIwQY
MBaAFCcCmjb8DMouCo0EXwIt/IMaUXMIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSndLYU52d015aTRLalFSZkFpMzhneHBSY3dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS81M2JiMjMtZGZhOC00NzkyLWIzMTct
NTBkMGE1MzIzNjQxLzEvMUQ0U2w1MmF1SVZyYmFXc0VnVkwyS3NibzRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS81M2JiMjMtZGZhOC00NzkyLWIzMTctNTBkMGE1MzIzNjQx
LzEvSndLYU52d015aTRLalFSZkFpMzhneHBSY3dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBnQQCAAEwgZYDBAUu
+2ADBARAO9ADBARBEtADBAVCzUADBAVFBgADBARFXnADBAJNU/gDBARQ9BADBAVV
hOADBAVbuMADBAVtbuADBAWLisADBAWk1wADBAK5B5wDBAK5KiADBAK5ohADBALC
QJADBALC6RADBALC6RgDBALC6TwDBATDs2ADBAXUMmADBATVhVADBAXVjMADBAXY
8YAwDQQCAAIwBwMFACoCBUAwDQYJKoZIhvcNAQELBQADggEBADsr0WkmConEHxae
mYdA5a22vyWUkMXS01T9znd85v98WTnnyJJyNp4QTzryORmzCV9ZsPr4bS8RG6kF
9lHX1XroFRftl88s6RA+6UOWRJiYvphORf9/FuTy2PAH8ESnWujp8fcK91YRWRMT
Jvq78yCgK3fItLVUzHQahJ5urEjxd4AACIHI2QQC3TWpjXqmKGKAz/XUJQn2nADI
x6VkM8osP0Di5A69iDE6AcURbDF7PgoOIWdiLjenOFgBNMI7jzGMDKXh3GF2P+YF
nwxrDBWU8xftVHMrn0dfs1JabnDO3sVioAzJHYsOxCT5uJSGKFpHTX6C7FBoKSQY
3d2SyDw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:13 2025 by rpki-client