Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/XSFz9ia49yI9ZmYy1_Bo828SkLc.roa
File: XSFz9ia49yI9ZmYy1_Bo828SkLc.roa (raw, json)
Hash identifier: /Spl24Koln3bQLrYxD3D8QxtkxtaWCm+gFWW5MKxLcU=
Subject key identifier: 5D:21:73:F6:26:B8:F7:22:3D:66:66:32:D7:F0:68:F3:6F:12:90:B7
Certificate issuer: /CN=fdd2b36206439bbce15b363f09eeff1d738cecc7
Certificate serial: 01856E6FAB01572308AEC67682C4F785362B
Authority key identifier: FD:D2:B3:62:06:43:9B:BC:E1:5B:36:3F:09:EE:FF:1D:73:8C:EC:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/XSFz9ia49yI9ZmYy1_Bo828SkLc.roa
Signing time: Sun 01 Jan 2023 17:44:50 +0000
ROA not before: Sun 01 Jan 2023 17:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16010
IP address blocks: 80.241.240.0/22 maxlen: 22
212.58.96.0/19 maxlen: 20
213.157.192.0/19 maxlen: 19
80.241.253.0/24 maxlen: 24
80.241.248.0/22 maxlen: 22
80.241.254.0/23 maxlen: 23
94.137.160.0/19 maxlen: 19
82.211.128.0/18 maxlen: 19
188.129.128.0/17 maxlen: 18
94.240.192.0/18 maxlen: 19
5.178.128.0/17 maxlen: 18
95.104.0.0/17 maxlen: 18
213.200.0.0/19 maxlen: 19
134.19.224.0/19 maxlen: 19
89.232.32.0/19 maxlen: 19
62.168.160.0/19 maxlen: 19
85.114.224.0/19 maxlen: 19
77.74.40.0/21 maxlen: 21
212.72.128.0/23 maxlen: 23
212.72.132.0/22 maxlen: 22
212.72.131.0/24 maxlen: 24
212.72.136.0/21 maxlen: 21
212.72.144.0/21 maxlen: 21
212.72.152.0/23 maxlen: 23
46.49.0.0/17 maxlen: 18
212.72.156.0/22 maxlen: 22
212.72.154.0/24 maxlen: 24
93.177.128.0/18 maxlen: 19
109.172.128.0/17 maxlen: 18
185.115.4.0/22 maxlen: 22
188.121.192.0/19 maxlen: 19
185.115.4.0/24 maxlen: 24
2a0b:6200::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:ab:01:57:23:08:ae:c6:76:82:c4:f7:85:36:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdd2b36206439bbce15b363f09eeff1d738cecc7
Validity
Not Before: Jan 1 17:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d2173f626b8f7223d666632d7f068f36f1290b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:02:72:39:6c:18:dd:ba:f1:a3:23:a9:c3:77:
a4:15:27:0d:71:c8:9f:e0:7f:de:4d:2b:61:51:b9:
8a:75:cf:72:a7:6c:cf:ef:d5:01:5b:ab:3d:75:19:
c3:aa:f6:e5:55:43:1a:b1:57:d8:2a:23:68:11:43:
9f:22:8a:56:64:e0:46:fd:80:6b:8b:78:64:74:34:
30:80:fd:aa:42:1d:46:34:6c:4e:a6:36:be:4f:de:
fc:e3:bd:68:f5:cc:56:5a:21:79:10:dd:5d:7d:57:
c4:6d:68:9d:ef:da:0f:36:f0:4e:4a:07:21:81:fc:
b9:52:5a:29:07:57:39:1a:3c:62:85:78:14:5d:64:
0b:79:c5:4d:fa:aa:16:c4:86:7a:57:0a:60:16:c2:
8f:9f:69:e2:a4:51:6f:17:db:af:f4:e1:cb:23:90:
f4:5e:ce:6f:b8:3f:39:e1:b2:b8:57:e4:c8:cb:aa:
24:62:9a:63:55:7c:e0:8e:8d:af:60:79:4a:dc:6b:
64:6c:29:aa:bf:31:96:a6:ba:a3:63:01:3c:d7:15:
22:f0:dd:7a:5a:94:cf:b9:2e:98:5f:ff:a1:64:cf:
cd:58:6e:9e:a6:5f:82:6f:46:ea:46:45:d5:dc:b2:
1b:53:28:b9:aa:a8:af:59:fd:12:7a:7a:43:66:a1:
8c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:21:73:F6:26:B8:F7:22:3D:66:66:32:D7:F0:68:F3:6F:12:90:B7
X509v3 Authority Key Identifier:
keyid:FD:D2:B3:62:06:43:9B:BC:E1:5B:36:3F:09:EE:FF:1D:73:8C:EC:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/XSFz9ia49yI9ZmYy1_Bo828SkLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.128.0/17
46.49.0.0/17
62.168.160.0/19
77.74.40.0/21
80.241.240.0/22
80.241.248.0/22
80.241.253.0-80.241.255.255
82.211.128.0/18
85.114.224.0/19
89.232.32.0/19
93.177.128.0/18
94.137.160.0/19
94.240.192.0/18
95.104.0.0/17
109.172.128.0/17
134.19.224.0/19
185.115.4.0/22
188.121.192.0/19
188.129.128.0/17
212.58.96.0/19
212.72.128.0/23
212.72.131.0-212.72.154.255
212.72.156.0/22
213.157.192.0/19
213.200.0.0/19
IPv6:
2a0b:6200::/29
Signature Algorithm: sha256WithRSAEncryption
ae:36:de:91:59:a7:f8:0d:d1:3e:d5:21:b5:50:8c:73:1d:03:
e0:f2:4e:69:28:fa:14:ca:cc:54:c0:47:ed:01:6d:78:a1:67:
cd:54:8c:38:40:1c:c9:07:8d:ea:04:49:40:2c:e8:c2:c9:0e:
84:ce:19:1b:18:53:83:46:2b:b0:dd:ca:8e:f9:78:a7:74:9b:
90:9e:70:e4:93:09:56:0c:51:a2:01:e7:ed:94:27:4b:23:52:
c6:fc:b9:a2:69:93:df:09:28:1e:0e:d6:61:c2:50:b4:71:0d:
ab:75:d7:e1:46:df:cc:08:b6:2c:a0:ec:38:1c:00:83:2a:44:
74:75:af:df:c7:85:7d:3a:f6:eb:06:12:46:98:82:b9:05:37:
cf:58:77:d0:c5:d8:a4:47:15:14:6e:03:0b:83:24:0a:af:64:
bc:fa:90:cf:61:46:0c:a2:1c:03:18:cf:2a:82:2d:23:87:60:
2c:4c:c0:9b:e1:77:99:8b:22:98:a3:4e:47:6b:51:02:4e:63:
2b:0a:13:3b:ce:04:c9:79:64:5d:d4:75:3a:ef:6a:f8:f7:68:
6d:64:bb:82:7c:56:8b:d3:60:7b:7a:cc:fd:fb:0c:0d:30:6f:
04:8c:d1:ed:70:1e:5b:69:2b:4b:3e:bc:fa:35:c1:6f:45:1b:
85:eb:ce:02
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYVub6sBVyMIrsZ2gsT3hTYrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZDJiMzYyMDY0MzliYmNlMTViMzYzZjA5ZWVmZjFkNzM4
Y2VjYzcwHhcNMjMwMTAxMTc0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDIxNzNmNjI2YjhmNzIyM2Q2NjY2MzJkN2YwNjhmMzZmMTI5MGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgJyOWwY3brxoyOpw3ekFScNccif
4H/eTSthUbmKdc9yp2zP79UBW6s9dRnDqvblVUMasVfYKiNoEUOfIopWZOBG/YBr
i3hkdDQwgP2qQh1GNGxOpja+T978471o9cxWWiF5EN1dfVfEbWid79oPNvBOSgch
gfy5UlopB1c5GjxihXgUXWQLecVN+qoWxIZ6VwpgFsKPn2nipFFvF9uv9OHLI5D0
Xs5vuD854bK4V+TIy6okYppjVXzgjo2vYHlK3GtkbCmqvzGWprqjYwE81xUi8N16
WpTPuS6YX/+hZM/NWG6epl+Cb0bqRkXV3LIbUyi5qqivWf0SenpDZqGM7wIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFF0hc/YmuPciPWZmMtfwaPNvEpC3MB8GA1UdIwQY
MBaAFP3Ss2IGQ5u84Vs2Pwnu/x1zjOzHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2RLellnWkRtN3poV3pZX0NlN19IWE9NN01jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82MmI5MDktMWUzZS00YTFiLTllMjQt
YjAxZTAyOTdiMDcwLzEvWFNGejlpYTQ5eUk5Wm1ZeTFfQm84MjhTa0xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82MmI5MDktMWUzZS00YTFiLTllMjQtYjAxZTAyOTdiMDcw
LzEvX2RLellnWkRtN3poV3pZX0NlN19IWE9NN01jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBrAQCAAEwgaUDBAcF
soADBAcuMQADBAU+qKADBANNSigDBAJQ8fADBAJQ8fgwCwMEAFDx/QMDAVDwAwQG
UtOAAwQFVXLgAwQFWeggAwQGXbGAAwQFXomgAwQGXvDAAwQHX2gAAwQHbayAAwQF
hhPgAwQCuXMEAwQFvHnAAwQHvIGAAwQF1DpgAwQB1EiAMAwDBADUSIMDBADUSJoD
BALUSJwDBAXVncADBAXVyAAwDQQCAAIwBwMFAyoLYgAwDQYJKoZIhvcNAQELBQAD
ggEBAK423pFZp/gN0T7VIbVQjHMdA+DyTmko+hTKzFTAR+0BbXihZ81UjDhAHMkH
jeoESUAs6MLJDoTOGRsYU4NGK7Ddyo75eKd0m5CecOSTCVYMUaIB5+2UJ0sjUsb8
uaJpk98JKB4O1mHCULRxDat11+FG38wItiyg7DgcAIMqRHR1r9/HhX069usGEkaY
grkFN89Yd9DF2KRHFRRuAwuDJAqvZLz6kM9hRgyiHAMYzyqCLSOHYCxMwJvhd5mL
IpijTkdrUQJOYysKEzvOBMl5ZF3UdTrvavj3aG1ku4J8VovTYHt6zP37DA0wbwSM
0e1wHltpK0s+vPo1wW9FG4XrzgI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:07 2025 by rpki-client