Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/8i0Bgh5_PmV7QzCiOa3Oxpqg2KQ.roa
File: 8i0Bgh5_PmV7QzCiOa3Oxpqg2KQ.roa (raw, json)
Hash identifier: 2F9RLmRE/xbBskV4FiWYHNfDvDfmWQPTmDx/Mg2wMvU=
Subject key identifier: F2:2D:01:82:1E:7F:3E:65:7B:43:30:A2:39:AD:CE:C6:9A:A0:D8:A4
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 018AFC4C1074DD5EC3A57957340C6936B650
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/8i0Bgh5_PmV7QzCiOa3Oxpqg2KQ.roa
Signing time: Wed 04 Oct 2023 20:05:57 +0000
ROA not before: Wed 04 Oct 2023 20:05:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31500
IP address blocks: 95.161.128.0/24 maxlen: 24
109.239.131.0/24 maxlen: 24
109.239.132.0/24 maxlen: 24
109.239.129.0/24 maxlen: 24
109.239.130.0/24 maxlen: 24
109.239.128.0/24 maxlen: 24
109.239.130.128/25 maxlen: 25
178.18.229.0/24 maxlen: 24
178.18.232.0/24 maxlen: 24
178.18.231.0/24 maxlen: 24
178.18.228.0/24 maxlen: 24
109.239.138.0/24 maxlen: 24
109.239.139.0/24 maxlen: 24
109.239.134.0/24 maxlen: 24
109.239.135.0/24 maxlen: 24
109.239.133.0/24 maxlen: 24
109.239.143.0/24 maxlen: 24
109.239.141.0/24 maxlen: 24
109.239.142.0/24 maxlen: 24
109.239.140.0/24 maxlen: 24
94.124.183.0/24 maxlen: 24
94.124.182.0/24 maxlen: 24
95.140.83.0/24 maxlen: 24
95.140.80.0/24 maxlen: 32
95.140.91.0/24 maxlen: 24
95.140.89.0/24 maxlen: 24
95.140.90.0/24 maxlen: 24
95.140.88.0/24 maxlen: 24
95.140.93.0/24 maxlen: 24
95.140.95.0/24 maxlen: 24
2001:b28:7b0c::/48 maxlen: 48
2001:b28::/32 maxlen: 32
2001:b28:9999::/48 maxlen: 48
2a03:5f80:2:10::/64 maxlen: 64
2a03:5f80:8::/46 maxlen: 46
2001:b28:9a9c::/48 maxlen: 48
2001:b28:4::/48 maxlen: 48
2a03:5f80::/46 maxlen: 46
2a03:5f80:a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fc:4c:10:74:dd:5e:c3:a5:79:57:34:0c:69:36:b6:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Oct 4 20:05:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f22d01821e7f3e657b4330a239adcec69aa0d8a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b9:4c:65:79:17:26:ba:68:4f:06:68:9b:6a:
c2:a1:31:19:cb:39:51:25:23:0a:26:aa:79:52:c4:
dc:45:d6:0a:ca:45:5d:bd:ce:97:15:6a:58:08:c0:
28:d0:3e:42:b1:45:f1:3f:b1:dc:d3:0d:15:01:93:
a3:49:67:5c:ce:95:bb:a5:e1:cc:83:b2:f3:51:80:
a7:09:9d:9e:24:de:0b:74:b7:4a:81:c0:3c:2d:39:
1d:f2:c6:9a:1b:50:25:b8:b0:7d:46:81:db:ec:ff:
ba:6d:a2:7b:73:cf:d8:6a:6e:5b:d2:8f:6f:20:1f:
d2:af:62:ef:9a:53:d1:d1:f9:7a:d7:00:52:b5:5f:
05:f5:e7:ec:84:a7:ee:dd:86:12:ed:ff:e4:78:cd:
2b:3c:61:20:49:1d:a8:f4:4d:43:29:4c:07:3b:66:
f7:8f:dd:0b:30:1c:9d:62:63:17:e1:f2:03:0c:49:
f5:c1:f6:9a:f2:3c:0e:08:d4:fe:16:29:56:fb:48:
35:79:d1:51:bf:5d:4d:74:dd:c2:77:95:c3:f3:78:
6f:7a:dd:54:3f:e9:cb:33:39:b8:1f:f7:ad:1a:09:
9f:9c:dd:7d:42:c4:54:51:d6:fc:64:81:61:74:76:
8d:97:a7:64:df:8e:b6:28:42:78:54:97:ce:d3:c1:
a9:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:2D:01:82:1E:7F:3E:65:7B:43:30:A2:39:AD:CE:C6:9A:A0:D8:A4
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/8i0Bgh5_PmV7QzCiOa3Oxpqg2KQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.124.182.0/23
95.140.80.0/24
95.140.83.0/24
95.140.88.0/22
95.140.93.0/24
95.140.95.0/24
95.161.128.0/24
109.239.128.0/21
109.239.138.0-109.239.143.255
178.18.228.0/23
178.18.231.0-178.18.232.255
IPv6:
2001:b28::/32
2a03:5f80::/46
2a03:5f80:8::/46
Signature Algorithm: sha256WithRSAEncryption
b1:9f:b8:d1:1a:66:45:0e:7a:47:9b:c3:c5:69:3b:e0:f2:11:
a0:f7:bb:21:ca:68:2e:1d:30:34:88:bc:41:0d:49:6e:83:1f:
24:2b:2f:64:d9:d3:e0:1a:c6:44:74:67:42:98:76:27:e8:ee:
11:fa:b5:a6:c5:76:64:c1:67:21:85:df:6f:d1:0b:17:0f:6c:
f1:88:13:56:30:fa:fe:61:42:ef:72:2c:77:7d:36:63:40:b7:
4a:a0:bf:21:ac:00:30:20:cc:d1:ca:78:74:44:5b:0a:c0:cb:
05:1d:12:c9:4e:78:48:ba:69:45:b7:05:d6:2e:21:89:90:29:
9f:88:7c:ac:e4:b9:68:f2:9c:45:19:e1:e5:1b:45:b1:2c:6d:
ba:ec:59:50:c4:13:5e:59:4c:3b:fa:24:c2:de:0d:de:3e:df:
8d:b6:e1:00:65:e6:f0:fc:a8:36:25:dc:34:98:03:03:a8:7e:
3e:ce:7f:05:72:b8:1a:b8:31:8c:0b:eb:08:96:78:79:0b:59:
41:10:39:34:74:d7:d4:eb:ed:47:a2:f0:e3:70:19:5c:7e:65:
4b:91:88:77:b9:a3:ef:7a:38:b7:7a:8b:24:12:0e:e6:ab:58:
bc:04:27:b8:9f:30:e3:53:94:53:0e:11:65:a6:c4:ae:87:ae:
2e:ee:52:54
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAYr8TBB03V7DpXlXNAxpNrZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjMxMDA0MjAwNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjJkMDE4MjFlN2YzZTY1N2I0MzMwYTIzOWFkY2VjNjlhYTBkOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7lMZXkXJrpoTwZom2rCoTEZyzlR
JSMKJqp5UsTcRdYKykVdvc6XFWpYCMAo0D5CsUXxP7Hc0w0VAZOjSWdczpW7peHM
g7LzUYCnCZ2eJN4LdLdKgcA8LTkd8saaG1AluLB9RoHb7P+6baJ7c8/Yam5b0o9v
IB/Sr2LvmlPR0fl61wBStV8F9efshKfu3YYS7f/keM0rPGEgSR2o9E1DKUwHO2b3
j90LMBydYmMX4fIDDEn1wfaa8jwOCNT+FilW+0g1edFRv11NdN3Cd5XD83hvet1U
P+nLMzm4H/etGgmfnN19QsRUUdb8ZIFhdHaNl6dk3462KEJ4VJfO08GpVQIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFPItAYIefz5le0MwojmtzsaaoNikMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvOGkwQmdoNV9QbVY3UXpDaU9hM094cHFnMktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHswWAQCAAEwUgMEAV58tgME
AF+MUAMEAF+MUwMEAl+MWAMEAF+MXQMEAF+MXwMEAF+hgAMEA23vgDAMAwQBbe+K
AwQEbe+AAwQBshLkMAwDBACyEucDBACyEugwHwQCAAIwGQMFACABCygDBwIqA1+A
AAADBwIqA1+AAAgwDQYJKoZIhvcNAQELBQADggEBALGfuNEaZkUOekebw8VpO+Dy
EaD3uyHKaC4dMDSIvEENSW6DHyQrL2TZ0+AaxkR0Z0KYdifo7hH6tabFdmTBZyGF
32/RCxcPbPGIE1Yw+v5hQu9yLHd9NmNAt0qgvyGsADAgzNHKeHREWwrAywUdEslO
eEi6aUW3BdYuIYmQKZ+IfKzkuWjynEUZ4eUbRbEsbbrsWVDEE15ZTDv6JMLeDd4+
34224QBl5vD8qDYl3DSYAwOofj7OfwVyuBq4MYwL6wiWeHkLWUEQOTR019Tr7Uei
8ONwGVx+ZUuRiHe5o+96OLd6iyQSDuarWLwEJ7ifMONTlFMOEWWmxK6Hri7uUlQ=
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:29:34 2025 by rpki-client