Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/8q2057eG05AMjuAWV4_1NIZwwY8.roa
File: 8q2057eG05AMjuAWV4_1NIZwwY8.roa (raw, json)
Hash identifier: +TKhveYCCkCH/ihvlRjvlxXpmIDGMPdiP05T0aaWwwU=
Subject key identifier: F2:AD:B4:E7:B7:86:D3:90:0C:8E:E0:16:57:8F:F5:34:86:70:C1:8F
Certificate issuer: /CN=29c2103fd2417c8869145617de94fcc913b085ef
Certificate serial: 018895B8BBC813793DD9398571B925763887
Authority key identifier: 29:C2:10:3F:D2:41:7C:88:69:14:56:17:DE:94:FC:C9:13:B0:85:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KcIQP9JBfIhpFFYX3pT8yROwhe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/8q2057eG05AMjuAWV4_1NIZwwY8.roa
Signing time: Wed 07 Jun 2023 11:58:11 +0000
ROA not before: Wed 07 Jun 2023 11:58:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48504
IP address blocks: 193.243.151.0/24 maxlen: 24
193.243.150.0/23 maxlen: 23
80.253.192.0/20 maxlen: 24
45.134.192.0/22 maxlen: 24
46.247.160.0/19 maxlen: 24
94.247.160.0/21 maxlen: 24
185.117.36.0/22 maxlen: 24
94.143.80.0/21 maxlen: 24
185.48.48.0/22 maxlen: 24
194.105.58.0/23 maxlen: 24
194.105.62.0/23 maxlen: 24
176.53.128.0/22 maxlen: 24
185.8.240.0/22 maxlen: 24
185.12.96.0/22 maxlen: 24
193.239.190.0/23 maxlen: 24
37.26.176.0/21 maxlen: 24
185.50.76.0/22 maxlen: 24
2a04:b440::/29 maxlen: 29
2a03:bd00::/32 maxlen: 48
2a01:aa60::/32 maxlen: 48
2a01:9720::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:95:b8:bb:c8:13:79:3d:d9:39:85:71:b9:25:76:38:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29c2103fd2417c8869145617de94fcc913b085ef
Validity
Not Before: Jun 7 11:58:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2adb4e7b786d3900c8ee016578ff5348670c18f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f8:87:74:dc:35:3d:28:e1:f4:8e:23:12:2e:
20:7d:d2:ed:a2:3a:68:87:22:e8:27:b9:67:75:24:
5f:f6:dd:d1:f6:ac:18:81:c8:b3:6b:52:7a:ec:59:
74:f7:45:9c:9c:bb:df:0f:36:28:1b:5d:37:5b:8b:
f3:93:72:b7:b1:27:20:c6:d9:e0:32:36:40:63:72:
a2:11:1a:20:ed:96:a5:78:16:70:f9:38:c0:eb:f6:
cf:a2:a2:a4:e3:79:a1:2d:d0:73:99:24:db:c8:7a:
78:4a:93:db:17:83:b2:87:69:da:a0:b0:16:f2:2b:
78:e6:b1:54:64:d6:65:f2:41:5d:77:59:86:88:4e:
de:d5:81:26:77:fb:36:43:93:4c:8d:61:fd:11:3d:
b1:6e:85:ea:67:e5:d7:fb:e6:4c:40:2e:08:59:2d:
71:a2:73:d0:9b:a2:0f:45:52:06:3a:c1:21:94:d3:
c6:19:62:e6:7c:69:dd:17:b9:df:d7:0b:f6:a3:6f:
01:d0:4a:39:a6:f2:a3:f6:5f:e6:69:e8:54:bc:95:
20:36:ff:69:7e:0a:37:6b:5e:30:5d:8c:44:b4:b1:
13:cc:b5:e7:e4:fb:bb:27:d2:20:ab:12:ab:34:52:
98:4f:31:56:68:e9:a1:09:6c:c9:70:58:d2:2b:e6:
01:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:AD:B4:E7:B7:86:D3:90:0C:8E:E0:16:57:8F:F5:34:86:70:C1:8F
X509v3 Authority Key Identifier:
keyid:29:C2:10:3F:D2:41:7C:88:69:14:56:17:DE:94:FC:C9:13:B0:85:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KcIQP9JBfIhpFFYX3pT8yROwhe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/8q2057eG05AMjuAWV4_1NIZwwY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/KcIQP9JBfIhpFFYX3pT8yROwhe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.176.0/21
45.134.192.0/22
46.247.160.0/19
80.253.192.0/20
94.143.80.0/21
94.247.160.0/21
176.53.128.0/22
185.8.240.0/22
185.12.96.0/22
185.48.48.0/22
185.50.76.0/22
185.117.36.0/22
193.239.190.0/23
193.243.150.0/23
194.105.58.0/23
194.105.62.0/23
IPv6:
2a01:9720::/32
2a01:aa60::/32
2a03:bd00::/32
2a04:b440::/29
Signature Algorithm: sha256WithRSAEncryption
9b:9e:fe:71:b9:fd:68:e7:c8:44:dd:6b:6f:58:b6:16:71:d0:
b8:99:08:06:35:72:54:6c:58:7a:db:c2:94:c4:e7:14:80:56:
0c:7b:a8:9d:60:3d:bf:17:3f:4a:c4:22:e0:1c:66:0f:b4:e9:
71:9c:24:1d:c2:29:82:f6:95:15:6c:f9:1c:6d:c8:4d:47:1a:
1e:4d:82:57:b0:39:75:0f:bb:ba:2a:d2:2f:98:7e:40:b2:d1:
0e:a1:c9:a2:d0:e8:8c:56:28:a8:16:75:e2:5f:f6:31:cc:16:
01:56:9d:58:43:f0:eb:1b:c3:c1:3a:87:c5:4e:cb:30:24:fb:
4f:c6:8c:b3:b8:00:ad:22:26:fc:09:b9:c3:1c:0b:69:86:fe:
ca:c8:e5:28:1d:17:76:7a:c3:88:7b:8c:3f:f2:a9:d7:06:63:
74:55:22:47:62:b9:66:b5:2d:80:2f:ae:4b:26:3a:26:7e:4f:
10:5f:95:8a:4c:50:9c:25:df:ac:11:b3:1f:af:96:4f:1f:bc:
88:f8:db:71:3b:fb:2c:74:d3:6a:e5:f3:04:af:33:6b:b1:33:
87:92:cb:e3:4d:aa:a4:02:ca:8c:86:ba:e4:fa:e1:1f:73:0a:
27:13:a3:ee:25:91:7e:89:e9:54:0b:e8:49:45:33:44:20:2e:
2a:60:ab:17
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYiVuLvIE3k92TmFcbkldjiHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YzIxMDNmZDI0MTdjODg2OTE0NTYxN2RlOTRmY2M5MTNi
MDg1ZWYwHhcNMjMwNjA3MTE1ODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmFkYjRlN2I3ODZkMzkwMGM4ZWUwMTY1NzhmZjUzNDg2NzBjMThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPiHdNw1PSjh9I4jEi4gfdLtojpo
hyLoJ7lndSRf9t3R9qwYgciza1J67Fl090WcnLvfDzYoG103W4vzk3K3sScgxtng
MjZAY3KiERog7ZaleBZw+TjA6/bPoqKk43mhLdBzmSTbyHp4SpPbF4Oyh2naoLAW
8it45rFUZNZl8kFdd1mGiE7e1YEmd/s2Q5NMjWH9ET2xboXqZ+XX++ZMQC4IWS1x
onPQm6IPRVIGOsEhlNPGGWLmfGndF7nf1wv2o28B0Eo5pvKj9l/maehUvJUgNv9p
fgo3a14wXYxEtLETzLXn5Pu7J9IgqxKrNFKYTzFWaOmhCWzJcFjSK+YBQwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFPKttOe3htOQDI7gFleP9TSGcMGPMB8GA1UdIwQY
MBaAFCnCED/SQXyIaRRWF96U/MkTsIXvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2NJUVA5SkJmSWhwRkZZWDNwVDh5Uk93aGU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yYjhkODItMzlmYi00YTU2LTg5YzUt
OWQ1NjU3NTEzZTIwLzEvOHEyMDU3ZUcwNUFNanVBV1Y0XzFOSVp3d1k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yYjhkODItMzlmYi00YTU2LTg5YzUtOWQ1NjU3NTEzZTIw
LzEvS2NJUVA5SkJmSWhwRkZZWDNwVDh5Uk93aGU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDBmBAIAATBgAwQDJRqw
AwQCLYbAAwQFLvegAwQEUP3AAwQDXo9QAwQDXvegAwQCsDWAAwQCuQjwAwQCuQxg
AwQCuTAwAwQCuTJMAwQCuXUkAwQBwe++AwQBwfOWAwQBwmk6AwQBwmk+MCIEAgAC
MBwDBQAqAZcgAwUAKgGqYAMFACoDvQADBQMqBLRAMA0GCSqGSIb3DQEBCwUAA4IB
AQCbnv5xuf1o58hE3WtvWLYWcdC4mQgGNXJUbFh628KUxOcUgFYMe6idYD2/Fz9K
xCLgHGYPtOlxnCQdwimC9pUVbPkcbchNRxoeTYJXsDl1D7u6KtIvmH5AstEOocmi
0OiMViioFnXiX/YxzBYBVp1YQ/DrG8PBOofFTsswJPtPxoyzuACtIib8CbnDHAtp
hv7KyOUoHRd2esOIe4w/8qnXBmN0VSJHYrlmtS2AL65LJjomfk8QX5WKTFCcJd+s
EbMfr5ZPH7yI+NtxO/ssdNNq5fMErzNrsTOHksvjTaqkAsqMhrrk+uEfcwonE6Pu
JZF+ielUC+hJRTNEIC4qYKsX
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:27 2025 by rpki-client