Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/hs8hXns8O5-lpgsdW9tmAlKp8rg.roa
File: hs8hXns8O5-lpgsdW9tmAlKp8rg.roa (raw, json)
Hash identifier: PyRE8dxUB/8Ur2wpD0KcGBnrUZX2Wr+DS40JMGlBqXE=
Subject key identifier: 86:CF:21:5E:7B:3C:3B:9F:A5:A6:0B:1D:5B:DB:66:02:52:A9:F2:B8
Certificate issuer: /CN=b155daddb871b9d6a53cd6b47f776250837f7774
Certificate serial: 0186FE4171CD2B9309FB2078079729EA60A8
Authority key identifier: B1:55:DA:DD:B8:71:B9:D6:A5:3C:D6:B4:7F:77:62:50:83:7F:77:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVXa3bhxudalPNa0f3diUIN_d3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/hs8hXns8O5-lpgsdW9tmAlKp8rg.roa
Signing time: Mon 20 Mar 2023 09:02:27 +0000
ROA not before: Mon 20 Mar 2023 09:02:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9145
IP address blocks: 92.252.0.0/17 maxlen: 24
212.95.96.0/19 maxlen: 24
212.6.64.0/18 maxlen: 24
85.16.0.0/16 maxlen: 24
95.33.0.0/16 maxlen: 24
85.8.64.0/18 maxlen: 24
213.252.128.0/18 maxlen: 24
37.138.0.0/16 maxlen: 24
82.149.160.0/19 maxlen: 24
90.153.0.0/17 maxlen: 24
89.166.128.0/17 maxlen: 24
213.168.192.0/19 maxlen: 24
80.66.0.0/19 maxlen: 24
62.89.160.0/19 maxlen: 24
213.183.160.0/19 maxlen: 24
91.96.0.0/15 maxlen: 24
31.150.0.0/16 maxlen: 24
80.228.0.0/16 maxlen: 24
87.245.0.0/18 maxlen: 24
89.233.64.0/19 maxlen: 24
31.184.0.0/18 maxlen: 24
213.182.96.0/19 maxlen: 24
91.248.0.0/15 maxlen: 24
31.187.112.0/20 maxlen: 24
213.170.160.0/19 maxlen: 24
178.142.0.0/16 maxlen: 24
188.118.128.0/18 maxlen: 24
2a02:8200::/27 maxlen: 48
2a00:1470::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fe:41:71:cd:2b:93:09:fb:20:78:07:97:29:ea:60:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155daddb871b9d6a53cd6b47f776250837f7774
Validity
Not Before: Mar 20 09:02:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86cf215e7b3c3b9fa5a60b1d5bdb660252a9f2b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1b:7b:8b:33:a8:44:51:02:20:8a:65:a1:e1:
40:4d:8d:9b:27:60:89:c1:a7:6e:bd:00:a1:fe:ed:
45:6c:c3:fb:f8:e8:4f:33:2c:cd:28:0b:03:aa:cb:
af:4a:d3:a5:a5:03:8d:a1:1e:64:6c:b5:91:07:35:
51:78:a2:4b:34:1d:f5:bc:cf:39:dc:a4:a0:06:63:
c2:86:c5:6f:a8:8b:58:9a:d8:64:7d:37:ca:c7:93:
c7:f2:87:a0:22:8f:c6:a3:1d:03:7c:b7:a5:6e:c6:
db:b3:97:f0:c8:dd:52:c7:89:80:92:cc:50:f5:e3:
2d:d9:5f:8c:aa:4d:3a:f1:3b:48:e2:ec:7a:de:5b:
a1:87:c5:58:cc:c3:ba:bb:e5:80:9c:68:16:7b:da:
26:68:5b:8f:78:8b:72:12:48:de:2c:30:3f:7c:c7:
e5:bb:0a:f3:0f:63:1f:45:90:ee:00:07:a3:bb:fe:
09:4d:65:63:56:b6:a2:7a:63:46:6d:58:77:83:db:
c3:3e:e8:aa:91:52:03:45:4d:0e:b0:98:06:b1:7f:
0f:08:24:bf:5a:68:46:ac:48:5b:de:9c:39:82:fa:
34:04:21:96:db:db:7d:23:26:cf:a7:69:73:b2:63:
d1:38:14:9a:50:bd:09:42:ea:e4:4c:65:d9:4e:c7:
42:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:CF:21:5E:7B:3C:3B:9F:A5:A6:0B:1D:5B:DB:66:02:52:A9:F2:B8
X509v3 Authority Key Identifier:
keyid:B1:55:DA:DD:B8:71:B9:D6:A5:3C:D6:B4:7F:77:62:50:83:7F:77:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVXa3bhxudalPNa0f3diUIN_d3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/hs8hXns8O5-lpgsdW9tmAlKp8rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/sVXa3bhxudalPNa0f3diUIN_d3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.150.0.0/16
31.184.0.0/18
31.187.112.0/20
37.138.0.0/16
62.89.160.0/19
80.66.0.0/19
80.228.0.0/16
82.149.160.0/19
85.8.64.0/18
85.16.0.0/16
87.245.0.0/18
89.166.128.0/17
89.233.64.0/19
90.153.0.0/17
91.96.0.0/15
91.248.0.0/15
92.252.0.0/17
95.33.0.0/16
178.142.0.0/16
188.118.128.0/18
212.6.64.0/18
212.95.96.0/19
213.168.192.0/19
213.170.160.0/19
213.182.96.0/19
213.183.160.0/19
213.252.128.0/18
IPv6:
2a00:1470::/32
2a02:8200::/27
Signature Algorithm: sha256WithRSAEncryption
4e:c7:dc:d7:cc:d4:c4:49:36:42:47:05:8e:50:e1:76:7c:ce:
5b:9f:fe:1a:41:ae:5c:a8:02:0d:65:16:fc:e9:84:ac:3b:2b:
a3:05:9f:b0:c9:8f:b6:f6:db:ec:96:4a:9d:9c:00:e3:0d:12:
dd:12:58:24:5f:94:6a:43:e9:fb:a8:d5:c1:68:96:49:25:90:
fe:bc:b4:1d:98:e7:a5:64:de:3d:1d:b4:e1:a8:6f:c7:e1:97:
83:01:3e:c3:0a:5e:36:5f:bf:ef:b1:12:9e:43:58:a0:46:b9:
da:31:32:3b:cd:93:14:8a:ce:b7:d7:36:e4:11:98:8f:06:be:
9a:89:e5:ef:dd:25:42:15:12:aa:24:c5:db:fd:91:fa:e7:e8:
ef:56:4e:e0:11:09:57:65:92:13:4f:93:0d:3a:9a:0c:90:66:
83:0b:76:2f:30:6b:f7:9c:8d:bd:ab:4b:e5:b8:77:b3:ee:f3:
3b:4e:de:5a:3b:bf:1f:6b:31:bb:4c:1a:a6:75:37:26:3b:af:
e5:03:07:a4:a7:22:ac:b6:42:c3:9c:84:a6:31:ef:d1:69:b9:
46:3a:27:0f:88:2a:f7:85:b6:87:f2:ee:2c:6e:ed:6c:fe:5c:
de:47:de:eb:67:1e:6f:63:3c:3e:e7:c7:57:5e:23:a4:bf:9f:
e4:bb:28:d2
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYb+QXHNK5MJ+yB4B5cp6mCoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTVkYWRkYjg3MWI5ZDZhNTNjZDZiNDdmNzc2MjUwODM3
Zjc3NzQwHhcNMjMwMzIwMDkwMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmNmMjE1ZTdiM2MzYjlmYTVhNjBiMWQ1YmRiNjYwMjUyYTlmMmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhht7izOoRFECIIploeFATY2bJ2CJ
waduvQCh/u1FbMP7+OhPMyzNKAsDqsuvStOlpQONoR5kbLWRBzVReKJLNB31vM85
3KSgBmPChsVvqItYmthkfTfKx5PH8oegIo/Gox0DfLelbsbbs5fwyN1Sx4mAksxQ
9eMt2V+Mqk068TtI4ux63luhh8VYzMO6u+WAnGgWe9omaFuPeItyEkjeLDA/fMfl
uwrzD2MfRZDuAAeju/4JTWVjVraiemNGbVh3g9vDPuiqkVIDRU0OsJgGsX8PCCS/
WmhGrEhb3pw5gvo0BCGW29t9IybPp2lzsmPROBSaUL0JQurkTGXZTsdCGwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFIbPIV57PDufpaYLHVvbZgJSqfK4MB8GA1UdIwQY
MBaAFLFV2t24cbnWpTzWtH93YlCDf3d0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZYYTNiaHh1ZGFsUE5hMGYzZGlVSU5fZDNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS84ZmQ2ZTctNDk2Zi00N2NmLTgwZmIt
NTQ2OGIyY2YwYTc3LzEvaHM4aFhuczhPNS1scGdzZFc5dG1BbEtwOHJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS84ZmQ2ZTctNDk2Zi00N2NmLTgwZmItNTQ2OGIyY2YwYTc3
LzEvc1ZYYTNiaHh1ZGFsUE5hMGYzZGlVSU5fZDNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBoQQCAAEwgZoDAwAf
lgMEBh+4AAMEBB+7cAMDACWKAwQFPlmgAwQFUEIAAwMAUOQDBAVSlaADBAZVCEAD
AwBVEAMEBlf1AAMEB1mmgAMEBVnpQAMEB1qZAAMDAVtgAwMBW/gDBAdc/AADAwBf
IQMDALKOAwQGvHaAAwQG1AZAAwQF1F9gAwQF1ajAAwQF1aqgAwQF1bZgAwQF1beg
AwQG1fyAMBQEAgACMA4DBQAqABRwAwUFKgKCADANBgkqhkiG9w0BAQsFAAOCAQEA
Tsfc18zUxEk2QkcFjlDhdnzOW5/+GkGuXKgCDWUW/OmErDsrowWfsMmPtvbb7JZK
nZwA4w0S3RJYJF+UakPp+6jVwWiWSSWQ/ry0HZjnpWTePR204ahvx+GXgwE+wwpe
Nl+/77ESnkNYoEa52jEyO82TFIrOt9c25BGYjwa+monl790lQhUSqiTF2/2R+ufo
71ZO4BEJV2WSE0+TDTqaDJBmgwt2LzBr95yNvatL5bh3s+7zO07eWju/H2sxu0wa
pnU3Jjuv5QMHpKcirLZCw5yEpjHv0Wm5RjonD4gq94W2h/LuLG7tbP5c3kfe62ce
b2M8PufHV14jpL+f5Lso0g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:38 2025 by rpki-client