Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/1Xtv8fyZZccOrQnVOW6Vol9xZAA.roa
File: 1Xtv8fyZZccOrQnVOW6Vol9xZAA.roa (raw, json)
Hash identifier: CwKVL2Zfk69sAj6AD1YTGBM+e1jCgbmsB/D45I6V1VQ=
Subject key identifier: D5:7B:6F:F1:FC:99:65:C7:0E:AD:09:D5:39:6E:95:A2:5F:71:64:00
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 01BB8D59
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/1Xtv8fyZZccOrQnVOW6Vol9xZAA.roa
Signing time: Sat 01 Jan 2022 09:55:05 +0000
ROA not before: Sat 01 Jan 2022 09:55:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 88.218.101.0/24 maxlen: 24
88.218.102.0/23 maxlen: 23
88.218.100.0/24 maxlen: 24
195.206.108.0/24 maxlen: 24
195.206.109.0/24 maxlen: 24
193.31.74.0/24 maxlen: 24
193.31.75.0/24 maxlen: 24
85.209.216.0/24 maxlen: 24
85.209.218.0/23 maxlen: 23
139.28.138.0/23 maxlen: 23
139.28.137.0/24 maxlen: 24
45.84.44.0/24 maxlen: 24
45.84.45.0/24 maxlen: 24
45.84.47.0/24 maxlen: 24
141.98.242.0/23 maxlen: 23
194.124.52.0/22 maxlen: 22
85.8.190.0/23 maxlen: 23
85.8.188.0/24 maxlen: 24
85.8.189.0/24 maxlen: 24
45.11.236.0/22 maxlen: 22
92.119.180.0/24 maxlen: 24
92.119.181.0/24 maxlen: 24
45.157.74.0/23 maxlen: 23
45.14.72.0/24 maxlen: 24
5.182.100.0/24 maxlen: 24
5.182.101.0/24 maxlen: 24
5.182.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29068633 (0x1bb8d59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Jan 1 09:55:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d57b6ff1fc9965c70ead09d5396e95a25f716400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:69:92:fc:ba:55:b4:8a:17:3f:39:1b:80:39:
9c:e4:67:32:f2:90:4a:44:11:6f:db:9b:33:06:f0:
df:a4:9e:ee:f2:b1:3a:2f:c5:b4:18:62:19:b2:37:
6f:7b:8e:e7:61:b8:fc:48:9b:e2:00:27:e2:c5:e3:
0e:5c:d3:25:b8:47:eb:49:dd:d6:32:68:63:d2:42:
7f:69:fc:4d:83:f3:f0:3d:33:c7:55:ab:27:36:ab:
ca:64:5a:c6:16:c8:a6:f5:6b:13:0d:7c:9e:76:0a:
07:04:ba:84:b3:0f:fe:cb:2e:ea:78:ca:1b:9b:61:
41:9c:79:5e:10:fc:ac:d1:5b:b6:b7:ad:2b:fb:cb:
e5:f6:9e:ec:18:cc:fc:78:2d:6e:c0:e4:e6:ac:c9:
59:f1:61:fa:9d:bf:77:ce:c7:d6:c0:40:ab:1c:b0:
83:70:12:d9:ab:f0:c0:04:0a:7b:1a:d9:fd:08:31:
ab:60:e8:01:28:ad:6b:2b:d2:29:e7:49:57:53:27:
38:ae:e6:92:b7:be:71:a7:03:fd:b6:41:3d:a1:41:
9c:4f:88:a4:b0:fb:6c:7f:74:06:bb:d5:9e:cb:f1:
92:a1:d8:23:f1:02:a5:04:1d:ba:aa:8d:da:e7:b5:
3f:c0:6a:ba:8c:81:a5:b5:db:95:86:9b:3f:ce:64:
c3:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:7B:6F:F1:FC:99:65:C7:0E:AD:09:D5:39:6E:95:A2:5F:71:64:00
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/1Xtv8fyZZccOrQnVOW6Vol9xZAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.100.0/23
5.182.103.0/24
45.11.236.0/22
45.14.72.0/24
45.84.44.0/23
45.84.47.0/24
45.157.74.0/23
85.8.188.0/22
85.209.216.0/24
85.209.218.0/23
88.218.100.0/22
92.119.180.0/23
139.28.137.0-139.28.139.255
141.98.242.0/23
193.31.74.0/23
194.124.52.0/22
195.206.108.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:39:34:fc:b5:b2:92:bb:6a:8c:02:eb:56:79:55:6c:db:30:
2f:c8:ff:e8:ab:cc:32:bd:8c:44:42:1c:cf:69:f8:71:1e:6b:
1f:06:c7:06:4e:3f:f7:d8:29:8e:3d:1d:13:4e:c7:4e:e0:ca:
e9:ff:f3:f6:49:b9:ac:3e:05:b4:d6:b7:ef:c4:d5:1e:da:0e:
49:4a:b6:77:73:23:38:07:46:18:db:86:0f:99:9a:9e:a1:25:
e6:b9:44:9e:2c:36:f1:99:fa:a5:30:12:22:6d:23:32:08:3c:
13:6e:3d:6f:02:5b:8f:e9:23:be:ed:aa:c7:25:d6:22:e3:ae:
9d:d8:87:3c:19:5d:4b:0b:3f:b6:cd:17:c5:af:e6:4a:b2:49:
c3:b4:77:be:fc:57:b0:0f:94:73:c3:8a:c8:ac:b3:65:c7:bb:
b4:00:eb:aa:fe:0d:71:ee:0b:3b:8b:fd:49:59:60:bd:e3:e8:
bb:98:29:50:37:c6:82:ca:95:4a:d8:d3:05:b5:a1:77:29:aa:
a4:a4:62:e7:e6:9a:23:4d:7d:ec:a9:71:9f:66:ba:94:30:f8:
3b:2c:5f:30:9a:67:ab:81:42:53:dc:82:a9:e6:c1:f4:de:04:
1f:68:5c:25:5f:f5:d6:56:ab:40:37:75:ef:fc:d3:dd:ea:e7:
1d:1f:a9:8d
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgIEAbuNWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MjFhM2YyMWZiMGMyOTRkNmQ0YTUyOWIyZjFkYmQ0YmQxMTE5YmQ3MB4XDTIyMDEw
MTA5NTUwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDU3YjZmZjFmYzk5
NjVjNzBlYWQwOWQ1Mzk2ZTk1YTI1ZjcxNjQwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMZpkvy6VbSKFz85G4A5nORnMvKQSkQRb9ubMwbw36Se7vKx
Oi/FtBhiGbI3b3uO52G4/Eib4gAn4sXjDlzTJbhH60nd1jJoY9JCf2n8TYPz8D0z
x1WrJzarymRaxhbIpvVrEw18nnYKBwS6hLMP/ssu6njKG5thQZx5XhD8rNFbtret
K/vL5fae7BjM/HgtbsDk5qzJWfFh+p2/d87H1sBAqxywg3AS2avwwAQKexrZ/Qgx
q2DoASitayvSKedJV1MnOK7mkre+cacD/bZBPaFBnE+IpLD7bH90BrvVnsvxkqHY
I/ECpQQduqqN2ue1P8BquoyBpbXblYabP85kw+kCAwEAAaOCAnIwggJuMB0GA1Ud
DgQWBBTVe2/x/Jllxw6tCdU5bpWiX3FkADAfBgNVHSMEGDAWgBSCGj8h+wwpTW1K
UpsvHb1L0RGb1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dob19JZnNNS1UxdFNsS2JMeDI5UzlFUm05Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvZWRjODU1LWYyYmMtNGU5Yy04YzBjLWI2ZjJhYzg2ZWYyNy8x
LzFYdHY4ZnlaWmNjT3JRblZPVzZWb2w5eFpBQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
ZWRjODU1LWYyYmMtNGU5Yy04YzBjLWI2ZjJhYzg2ZWYyNy8xL2dob19JZnNNS1Ux
dFNsS2JMeDI5UzlFUm05Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hwYIKwYBBQUHAQcBAf8EeDB2MHQEAgABMG4DBAEFtmQDBAAFtmcDBAItC+wDBAAt
DkgDBAEtVCwDBAAtVC8DBAEtnUoDBAJVCLwDBABV0dgDBAFV0doDBAJY2mQDBAFc
d7QwDAMEAIsciQMEAosciAMEAY1i8gMEAcEfSgMEAsJ8NAMEAcPObDANBgkqhkiG
9w0BAQsFAAOCAQEAsTk0/LWykrtqjALrVnlVbNswL8j/6KvMMr2MREIcz2n4cR5r
HwbHBk4/99gpjj0dE07HTuDK6f/z9km5rD4FtNa378TVHtoOSUq2d3MjOAdGGNuG
D5manqEl5rlEniw28Zn6pTASIm0jMgg8E249bwJbj+kjvu2qxyXWIuOundiHPBld
Sws/ts0Xxa/mSrJJw7R3vvxXsA+Uc8OKyKyzZce7tADrqv4Nce4LO4v9SVlgvePo
u5gpUDfGgsqVStjTBbWhdymqpKRi5+aaI0197Klxn2a6lDD4OyxfMJpnq4FCU9yC
qebB9N4EH2hcJV/11larQDd17/zT3ernHR+pjQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:25 2025 by rpki-client