Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/uG2HeU2d0wwMjwd2VVSEKzQo2A0.roa
File: uG2HeU2d0wwMjwd2VVSEKzQo2A0.roa (raw, json)
Hash identifier: P8DQZGK9B1WfBnx/Wn6K7KsTjoMPFykPl5PPdcz4m/k=
Subject key identifier: B8:6D:87:79:4D:9D:D3:0C:0C:8F:07:76:55:54:84:2B:34:28:D8:0D
Certificate issuer: /CN=b155daddb871b9d6a53cd6b47f776250837f7774
Certificate serial: 01856DDD283987AA589FEBF6963FD8581C1A
Authority key identifier: B1:55:DA:DD:B8:71:B9:D6:A5:3C:D6:B4:7F:77:62:50:83:7F:77:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVXa3bhxudalPNa0f3diUIN_d3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/uG2HeU2d0wwMjwd2VVSEKzQo2A0.roa
Signing time: Sun 01 Jan 2023 15:04:48 +0000
ROA not before: Sun 01 Jan 2023 15:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9145
IP address blocks: 92.252.0.0/17 maxlen: 17
212.95.96.0/19 maxlen: 19
212.6.64.0/18 maxlen: 18
85.16.0.0/16 maxlen: 16
95.33.0.0/16 maxlen: 16
85.8.64.0/18 maxlen: 18
213.252.128.0/18 maxlen: 24
37.138.0.0/16 maxlen: 16
82.149.160.0/19 maxlen: 19
90.153.0.0/17 maxlen: 17
89.166.128.0/17 maxlen: 17
213.168.192.0/19 maxlen: 19
80.66.0.0/19 maxlen: 24
62.89.160.0/19 maxlen: 24
213.183.160.0/19 maxlen: 19
91.96.0.0/15 maxlen: 15
31.150.0.0/16 maxlen: 16
80.228.0.0/16 maxlen: 24
87.245.0.0/18 maxlen: 18
89.233.64.0/19 maxlen: 19
31.184.0.0/18 maxlen: 18
91.248.0.0/15 maxlen: 15
213.182.96.0/19 maxlen: 19
31.187.112.0/20 maxlen: 20
213.170.160.0/19 maxlen: 19
178.142.0.0/16 maxlen: 16
188.118.128.0/18 maxlen: 18
2a02:8200::/27 maxlen: 27
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:28:39:87:aa:58:9f:eb:f6:96:3f:d8:58:1c:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155daddb871b9d6a53cd6b47f776250837f7774
Validity
Not Before: Jan 1 15:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b86d87794d9dd30c0c8f07765554842b3428d80d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:3a:13:f9:68:f5:4c:84:26:76:4a:51:b0:88:
30:bd:82:5f:74:10:14:af:e0:74:a3:73:57:90:88:
21:8e:21:a1:0e:e4:61:10:ca:96:ea:ca:17:49:2b:
f2:6a:fa:3f:8f:ee:a1:34:e3:3f:0f:d9:45:fc:30:
0a:97:b1:2a:52:b8:3b:68:5d:ca:5e:49:d6:e9:14:
b6:8b:3a:ab:34:a8:2c:4b:76:26:cd:c7:f1:b4:86:
99:2b:15:6a:cc:73:3b:ed:ed:8e:99:9d:8f:62:ea:
d5:14:21:78:18:78:cb:8c:f9:95:e6:bd:f8:44:48:
68:c0:de:45:de:6a:74:0c:cf:86:1e:e8:3e:4b:f4:
27:32:9c:07:e3:81:0f:f6:f6:81:d2:23:96:80:93:
67:13:b1:80:4d:91:a3:12:4f:8a:76:65:4a:51:97:
e5:f7:36:1a:d5:3a:c6:28:29:1f:e2:6e:68:e7:0f:
4a:2f:8d:c0:c4:94:82:65:f4:97:6a:24:e1:58:89:
0f:f7:45:be:ae:8a:99:f8:30:15:b7:38:7f:28:c8:
3e:38:40:3b:5f:38:11:1e:25:95:79:2b:80:52:0c:
21:fd:0f:82:9a:96:c7:e5:7d:74:1d:4d:23:ba:97:
fe:2f:08:24:cc:ff:15:10:8f:c3:ed:01:4f:da:52:
6f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:6D:87:79:4D:9D:D3:0C:0C:8F:07:76:55:54:84:2B:34:28:D8:0D
X509v3 Authority Key Identifier:
keyid:B1:55:DA:DD:B8:71:B9:D6:A5:3C:D6:B4:7F:77:62:50:83:7F:77:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVXa3bhxudalPNa0f3diUIN_d3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/uG2HeU2d0wwMjwd2VVSEKzQo2A0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/sVXa3bhxudalPNa0f3diUIN_d3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.150.0.0/16
31.184.0.0/18
31.187.112.0/20
37.138.0.0/16
62.89.160.0/19
80.66.0.0/19
80.228.0.0/16
82.149.160.0/19
85.8.64.0/18
85.16.0.0/16
87.245.0.0/18
89.166.128.0/17
89.233.64.0/19
90.153.0.0/17
91.96.0.0/15
91.248.0.0/15
92.252.0.0/17
95.33.0.0/16
178.142.0.0/16
188.118.128.0/18
212.6.64.0/18
212.95.96.0/19
213.168.192.0/19
213.170.160.0/19
213.182.96.0/19
213.183.160.0/19
213.252.128.0/18
IPv6:
2a02:8200::/27
Signature Algorithm: sha256WithRSAEncryption
19:b1:57:26:7b:7a:fe:43:fe:91:2a:44:9f:40:a0:f1:dd:f2:
ad:08:c2:e5:17:b7:ee:a0:42:16:71:96:15:e1:95:89:76:e1:
67:6d:78:61:5b:3c:11:fa:f5:60:55:67:c0:00:f0:7c:bd:96:
8b:2b:4c:9a:89:b9:5b:ff:21:ef:76:03:48:e6:76:aa:af:7e:
44:77:1d:2e:dc:ae:8f:36:6d:ae:39:1a:bd:a3:77:b7:b9:f7:
40:ab:05:33:0d:f8:37:ad:95:e5:39:ee:05:22:ad:29:1b:e2:
cc:80:da:cf:5f:14:7c:24:3c:e4:fc:8c:38:fe:7f:40:0f:3e:
dd:69:ca:02:f1:db:b6:7b:38:0a:5a:ec:74:52:db:8b:6b:8d:
ce:10:24:33:c7:52:11:c8:a1:d5:e6:23:fe:15:27:d5:d1:ec:
e1:9d:da:ce:f7:90:da:0b:e5:3c:7e:bf:7f:24:3c:ea:0e:7c:
80:f0:7d:9c:1d:1e:12:c3:9b:83:a3:15:82:e5:39:a6:27:10:
b0:ff:7f:4e:47:8d:ec:0e:45:27:66:51:5d:3d:bd:b2:d8:75:
14:58:ee:24:7c:a6:cc:8d:00:9a:e9:03:bc:4c:cb:c2:fb:8b:
f4:a8:5c:90:f6:7e:cc:d4:87:bb:30:24:ac:af:9c:b4:1f:61:
a7:59:00:ef
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAYVt3Sg5h6pYn+v2lj/YWBwaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTVkYWRkYjg3MWI5ZDZhNTNjZDZiNDdmNzc2MjUwODM3
Zjc3NzQwHhcNMjMwMTAxMTUwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODZkODc3OTRkOWRkMzBjMGM4ZjA3NzY1NTU0ODQyYjM0MjhkODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszoT+Wj1TIQmdkpRsIgwvYJfdBAU
r+B0o3NXkIghjiGhDuRhEMqW6soXSSvyavo/j+6hNOM/D9lF/DAKl7EqUrg7aF3K
XknW6RS2izqrNKgsS3YmzcfxtIaZKxVqzHM77e2OmZ2PYurVFCF4GHjLjPmV5r34
REhowN5F3mp0DM+GHug+S/QnMpwH44EP9vaB0iOWgJNnE7GATZGjEk+KdmVKUZfl
9zYa1TrGKCkf4m5o5w9KL43AxJSCZfSXaiThWIkP90W+roqZ+DAVtzh/KMg+OEA7
XzgRHiWVeSuAUgwh/Q+CmpbH5X10HU0jupf+LwgkzP8VEI/D7QFP2lJvfQIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFLhth3lNndMMDI8HdlVUhCs0KNgNMB8GA1UdIwQY
MBaAFLFV2t24cbnWpTzWtH93YlCDf3d0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZYYTNiaHh1ZGFsUE5hMGYzZGlVSU5fZDNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS84ZmQ2ZTctNDk2Zi00N2NmLTgwZmIt
NTQ2OGIyY2YwYTc3LzEvdUcySGVVMmQwd3dNandkMlZWU0VLelFvMkEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS84ZmQ2ZTctNDk2Zi00N2NmLTgwZmItNTQ2OGIyY2YwYTc3
LzEvc1ZYYTNiaHh1ZGFsUE5hMGYzZGlVSU5fZDNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHGBggrBgEFBQcBBwEB/wSBtjCBszCBoQQCAAEwgZoDAwAf
lgMEBh+4AAMEBB+7cAMDACWKAwQFPlmgAwQFUEIAAwMAUOQDBAVSlaADBAZVCEAD
AwBVEAMEBlf1AAMEB1mmgAMEBVnpQAMEB1qZAAMDAVtgAwMBW/gDBAdc/AADAwBf
IQMDALKOAwQGvHaAAwQG1AZAAwQF1F9gAwQF1ajAAwQF1aqgAwQF1bZgAwQF1beg
AwQG1fyAMA0EAgACMAcDBQUqAoIAMA0GCSqGSIb3DQEBCwUAA4IBAQAZsVcme3r+
Q/6RKkSfQKDx3fKtCMLlF7fuoEIWcZYV4ZWJduFnbXhhWzwR+vVgVWfAAPB8vZaL
K0yaiblb/yHvdgNI5naqr35Edx0u3K6PNm2uORq9o3e3ufdAqwUzDfg3rZXlOe4F
Iq0pG+LMgNrPXxR8JDzk/Iw4/n9ADz7dacoC8du2ezgKWux0UtuLa43OECQzx1IR
yKHV5iP+FSfV0ezhndrO95DaC+U8fr9/JDzqDnyA8H2cHR4Sw5uDoxWC5TmmJxCw
/39OR43sDkUnZlFdPb2y2HUUWO4kfKbMjQCa6QO8TMvC+4v0qFyQ9n7M1Ie7MCSs
r5y0H2GnWQDv
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:02 2025 by rpki-client