Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/TaPCaEZgKUN8RiPs9bwJwHk30gQ.roa
File: TaPCaEZgKUN8RiPs9bwJwHk30gQ.roa (raw, json)
Hash identifier: kplTEAnoJw3MPc2dUbVH7ciydNNPcJWHf8HCWinrrgg=
Subject key identifier: 4D:A3:C2:68:46:60:29:43:7C:46:23:EC:F5:BC:09:C0:79:37:D2:04
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 0189CC5EE648CC8347D9382B1F7AD586FBC6
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/TaPCaEZgKUN8RiPs9bwJwHk30gQ.roa
Signing time: Sun 06 Aug 2023 19:41:58 +0000
ROA not before: Sun 06 Aug 2023 19:41:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31500
IP address blocks: 95.161.128.0/24 maxlen: 24
109.239.131.0/24 maxlen: 24
109.239.132.0/24 maxlen: 24
109.239.129.0/24 maxlen: 24
109.239.130.0/24 maxlen: 24
109.239.128.0/24 maxlen: 24
109.239.130.128/25 maxlen: 25
178.18.229.0/24 maxlen: 24
178.18.232.0/24 maxlen: 24
178.18.231.0/24 maxlen: 24
178.18.228.0/24 maxlen: 24
109.239.138.0/24 maxlen: 24
109.239.139.0/24 maxlen: 24
109.239.134.0/24 maxlen: 24
109.239.135.0/24 maxlen: 24
109.239.133.0/24 maxlen: 24
109.239.143.0/24 maxlen: 24
109.239.141.0/24 maxlen: 24
109.239.142.0/24 maxlen: 24
109.239.140.0/24 maxlen: 24
94.124.183.0/24 maxlen: 24
94.124.182.0/24 maxlen: 24
95.140.83.0/24 maxlen: 24
95.140.80.0/24 maxlen: 32
95.140.91.0/24 maxlen: 24
95.140.89.0/24 maxlen: 24
95.140.90.0/24 maxlen: 24
95.140.88.0/24 maxlen: 24
95.140.93.0/24 maxlen: 24
95.140.95.0/24 maxlen: 24
2001:b28:7b0c::/48 maxlen: 48
2001:b28:9999::/48 maxlen: 48
2a03:5f80:2:10::/64 maxlen: 64
2a03:5f80:8::/46 maxlen: 46
2001:b28:9a9c::/48 maxlen: 48
2001:b28:4::/48 maxlen: 48
2a03:5f80::/46 maxlen: 46
2a03:5f80:a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cc:5e:e6:48:cc:83:47:d9:38:2b:1f:7a:d5:86:fb:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Aug 6 19:41:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4da3c268466029437c4623ecf5bc09c07937d204
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:24:7b:dc:9b:02:a6:ae:b9:5a:8d:34:7b:93:
7c:5c:62:8a:0b:ed:66:89:0f:05:f2:8b:a5:a1:a0:
dc:21:c5:b7:01:8a:c8:f6:06:d3:53:03:d5:f2:88:
bf:ed:34:b9:1e:f3:b9:b6:99:61:65:81:ec:68:a1:
90:b6:8a:33:88:7d:ec:49:28:89:3a:c9:96:2f:f9:
aa:b6:e2:77:7c:a6:ef:e2:46:82:e8:89:a7:a9:3c:
ba:1e:71:73:56:1d:b4:80:73:e0:6e:48:8e:96:a8:
a2:ae:90:8f:b9:8a:31:73:8b:42:0f:4b:b4:e7:21:
4a:b6:f9:5d:78:2d:fb:83:3e:40:2f:d1:43:50:6a:
4a:06:b3:37:1b:cd:4f:47:fc:50:39:3c:39:4b:3f:
1c:3a:48:19:7f:1c:8e:21:72:a0:86:cb:1b:26:18:
f1:2a:e8:26:53:ee:6b:47:dd:3e:c5:59:92:50:92:
92:8a:3d:e1:9a:0c:df:18:c8:5c:f4:58:40:e5:0d:
a5:56:f2:f6:a8:02:72:27:62:5d:c1:b6:3a:c5:3c:
af:2f:ed:8c:72:2c:78:7a:bd:5e:d7:c9:7b:5c:1c:
1f:82:3b:37:7d:79:c8:b7:5c:e2:81:0d:c4:91:e6:
e2:e0:93:a9:b1:fb:6d:1b:1c:3a:18:82:b1:a6:68:
ae:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:A3:C2:68:46:60:29:43:7C:46:23:EC:F5:BC:09:C0:79:37:D2:04
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/TaPCaEZgKUN8RiPs9bwJwHk30gQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.124.182.0/23
95.140.80.0/24
95.140.83.0/24
95.140.88.0/22
95.140.93.0/24
95.140.95.0/24
95.161.128.0/24
109.239.128.0/21
109.239.138.0-109.239.143.255
178.18.228.0/23
178.18.231.0-178.18.232.255
IPv6:
2001:b28:4::/48
2001:b28:7b0c::/48
2001:b28:9999::/48
2001:b28:9a9c::/48
2a03:5f80::/46
2a03:5f80:8::/46
Signature Algorithm: sha256WithRSAEncryption
a9:7b:17:90:cc:7e:58:09:86:bd:09:f1:eb:1c:0b:92:86:0c:
06:2f:91:c3:d3:56:2f:c4:c4:89:84:fc:12:85:e9:1b:b4:5b:
49:84:15:63:2b:a4:44:89:5d:a0:58:a8:0e:0d:4d:73:f7:b7:
40:f9:5d:f1:76:6e:71:7a:20:91:86:c1:54:c5:d3:b3:3a:42:
21:07:d8:34:3b:53:12:59:57:4f:97:de:5e:97:16:d6:60:52:
de:7b:92:d1:6a:d5:3d:76:80:dd:b9:ab:8b:59:a7:6b:49:29:
90:7d:b6:20:54:38:d6:11:ee:ad:f3:22:48:cd:cc:9f:42:12:
10:28:ed:83:14:1f:b9:d0:f9:6e:35:ea:19:4a:fe:e1:52:8b:
c8:80:35:61:ed:96:23:12:13:15:a4:22:90:ed:aa:24:62:68:
32:81:ab:32:36:41:1f:b2:5a:17:f7:12:6a:24:6a:c2:05:44:
f9:ed:29:0c:1f:95:91:bb:6f:36:75:8c:d9:24:1d:c6:a0:eb:
64:1d:ed:f1:a6:97:16:da:37:85:95:b4:8e:34:da:28:8d:51:
1f:3c:c7:f5:14:a9:1a:b5:db:10:b3:ec:4e:32:98:41:71:0a:
b6:a9:47:a0:30:a2:22:cc:6f:2e:e3:28:e0:31:fd:22:5c:3b:
03:a5:6a:72
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYnMXuZIzINH2TgrH3rVhvvGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjMwODA2MTk0MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGEzYzI2ODQ2NjAyOTQzN2M0NjIzZWNmNWJjMDljMDc5MzdkMjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyR73JsCpq65Wo00e5N8XGKKC+1m
iQ8F8ouloaDcIcW3AYrI9gbTUwPV8oi/7TS5HvO5tplhZYHsaKGQtooziH3sSSiJ
OsmWL/mqtuJ3fKbv4kaC6ImnqTy6HnFzVh20gHPgbkiOlqiirpCPuYoxc4tCD0u0
5yFKtvldeC37gz5AL9FDUGpKBrM3G81PR/xQOTw5Sz8cOkgZfxyOIXKghssbJhjx
KugmU+5rR90+xVmSUJKSij3hmgzfGMhc9FhA5Q2lVvL2qAJyJ2JdwbY6xTyvL+2M
cix4er1e18l7XBwfgjs3fXnIt1zigQ3Ekebi4JOpsfttGxw6GIKxpmiuoQIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFE2jwmhGYClDfEYj7PW8CcB5N9IEMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvVGFQQ2FFWmdLVU44UmlQczlid0p3SGszMGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDBYBAIAATBSAwQBXny2
AwQAX4xQAwQAX4xTAwQCX4xYAwQAX4xdAwQAX4xfAwQAX6GAAwQDbe+AMAwDBAFt
74oDBARt74ADBAGyEuQwDAMEALIS5wMEALIS6DA8BAIAAjA2AwcAIAELKAAEAwcA
IAELKHsMAwcAIAELKJmZAwcAIAELKJqcAwcCKgNfgAAAAwcCKgNfgAAIMA0GCSqG
SIb3DQEBCwUAA4IBAQCpexeQzH5YCYa9CfHrHAuShgwGL5HD01YvxMSJhPwShekb
tFtJhBVjK6REiV2gWKgODU1z97dA+V3xdm5xeiCRhsFUxdOzOkIhB9g0O1MSWVdP
l95elxbWYFLee5LRatU9doDduauLWadrSSmQfbYgVDjWEe6t8yJIzcyfQhIQKO2D
FB+50PluNeoZSv7hUovIgDVh7ZYjEhMVpCKQ7aokYmgygasyNkEfsloX9xJqJGrC
BUT57SkMH5WRu282dYzZJB3GoOtkHe3xppcW2jeFlbSONNoojVEfPMf1FKkatdsQ
s+xOMphBcQq2qUegMKIizG8u4yjgMf0iXDsDpWpy
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:28:42 2025 by rpki-client