Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/1-U2LiUkmdvr7mflpTDEQiLN0H_k.roa
File: 1-U2LiUkmdvr7mflpTDEQiLN0H_k.roa (raw, json)
Hash identifier: tzfo1d01u4qMZf51j0BE9whNTOgxniu6bRjMKdLNekI=
Subject key identifier: F9:4D:8B:89:49:26:76:FA:FB:99:F9:69:4C:31:10:88:B3:74:1F:F9
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 0185F197101F97C553FF1E2D84585D3698C8
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/1-U2LiUkmdvr7mflpTDEQiLN0H_k.roa
Signing time: Fri 27 Jan 2023 04:58:07 +0000
ROA not before: Fri 27 Jan 2023 04:58:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31363
IP address blocks: 86.62.92.0/24 maxlen: 24
86.62.125.0/24 maxlen: 24
195.91.255.0/24 maxlen: 24
195.91.208.0/24 maxlen: 24
195.91.209.0/24 maxlen: 24
195.91.210.0/24 maxlen: 24
195.91.211.0/24 maxlen: 24
195.91.213.0/24 maxlen: 24
195.91.215.0/24 maxlen: 24
195.91.217.0/24 maxlen: 24
195.91.218.0/24 maxlen: 24
195.91.219.0/24 maxlen: 24
195.91.222.0/24 maxlen: 24
195.91.223.0/24 maxlen: 24
195.91.224.0/24 maxlen: 24
195.91.220.0/24 maxlen: 24
195.91.221.0/24 maxlen: 24
195.91.225.0/24 maxlen: 24
195.91.226.0/24 maxlen: 24
195.91.232.0/24 maxlen: 24
195.91.233.0/24 maxlen: 24
195.91.229.0/24 maxlen: 24
195.91.230.0/24 maxlen: 24
195.91.231.0/24 maxlen: 24
195.91.228.0/24 maxlen: 24
195.91.236.0/24 maxlen: 24
195.91.237.0/24 maxlen: 24
195.91.238.0/24 maxlen: 24
195.91.234.0/24 maxlen: 24
195.91.235.0/24 maxlen: 24
195.91.239.0/24 maxlen: 24
195.91.240.0/24 maxlen: 24
195.91.246.0/24 maxlen: 24
195.91.243.0/24 maxlen: 24
195.91.244.0/24 maxlen: 24
195.91.245.0/24 maxlen: 24
195.91.241.0/24 maxlen: 24
195.91.242.0/24 maxlen: 24
195.91.247.0/24 maxlen: 24
195.91.149.0/24 maxlen: 24
195.91.168.0/24 maxlen: 24
195.91.169.0/24 maxlen: 24
195.91.170.0/24 maxlen: 24
195.91.171.0/24 maxlen: 24
195.91.172.0/24 maxlen: 24
195.91.173.0/24 maxlen: 24
195.91.174.0/24 maxlen: 24
195.91.175.0/24 maxlen: 24
2a02:2698:9800::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f1:97:10:1f:97:c5:53:ff:1e:2d:84:58:5d:36:98:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 27 04:58:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f94d8b89492676fafb99f9694c311088b3741ff9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3f:48:1a:32:a5:77:2e:2e:c1:68:ee:5e:19:
91:ff:10:6e:36:28:82:bd:69:83:c5:a1:4f:ae:8d:
b5:cf:b0:6c:67:5d:47:8d:f7:5c:5a:e2:ab:7e:c2:
c7:7f:c4:a1:3c:1d:87:e4:c1:d1:af:04:8f:46:4d:
da:1b:ce:53:40:3c:8b:aa:34:52:12:8a:15:18:4e:
b3:ed:07:8e:c9:af:eb:d1:ae:9d:01:1b:19:00:90:
12:3c:35:77:23:cf:73:d9:10:6e:28:a1:52:f7:0f:
94:00:13:1c:f0:32:6d:ef:2b:d9:07:a0:71:1e:07:
fa:68:1c:84:c8:bf:db:88:7c:3f:af:89:19:ac:6a:
d1:b9:fc:4a:fd:1b:d0:ad:10:4d:e4:23:46:f9:16:
a0:3a:5a:ec:ec:20:d5:ac:80:e3:1e:3d:2f:fb:3b:
36:66:cb:82:0d:2d:bf:32:16:4e:5b:6c:fc:8f:5e:
76:f8:c0:54:6f:1a:41:b4:ae:78:93:7f:cc:de:96:
5c:24:45:af:48:75:c7:94:97:e3:db:8d:ef:1f:ac:
ab:4f:77:c7:ac:40:0c:96:98:93:84:97:e6:32:48:
36:36:19:04:40:52:24:49:75:85:a4:b5:b9:7e:60:
3c:48:3f:36:ca:aa:da:c2:cf:f2:fe:69:9b:d8:2d:
da:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:4D:8B:89:49:26:76:FA:FB:99:F9:69:4C:31:10:88:B3:74:1F:F9
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/1-U2LiUkmdvr7mflpTDEQiLN0H_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.62.92.0/24
86.62.125.0/24
195.91.149.0/24
195.91.168.0/21
195.91.208.0/22
195.91.213.0/24
195.91.215.0/24
195.91.217.0-195.91.226.255
195.91.228.0-195.91.247.255
195.91.255.0/24
IPv6:
2a02:2698:9800::/38
Signature Algorithm: sha256WithRSAEncryption
dc:3c:b8:cc:7f:8e:15:cd:16:64:b4:2f:3c:02:21:53:c9:d5:
0e:9f:25:0d:27:d8:44:94:b8:32:84:54:55:79:b0:96:60:81:
13:c6:75:60:c8:30:6d:ef:41:68:be:b7:17:4b:5d:8d:75:a4:
b1:ae:34:37:03:b8:69:e4:7b:a6:7d:4f:36:fa:7d:df:26:de:
0b:f5:b4:0b:fc:56:18:2a:52:44:51:48:74:3b:4a:1b:41:f3:
aa:3d:a2:ca:0d:fe:fd:06:61:34:52:d7:12:eb:61:85:15:72:
45:ae:03:d2:e7:e5:86:20:32:a0:eb:d3:0e:7e:05:e3:ee:23:
78:db:63:86:e9:c5:72:a1:2a:1c:c4:91:12:9c:01:43:71:5d:
1a:2b:93:f4:8b:93:46:76:c0:01:ab:2c:d8:31:d1:65:76:c4:
83:d7:55:19:14:6e:9f:f0:db:f9:aa:66:06:cc:37:30:88:e6:
55:85:00:4d:83:6e:cf:b4:af:62:56:52:03:9d:0d:c3:c5:32:
e2:17:eb:a6:16:05:ec:08:4e:b3:5e:6a:31:6a:2e:d1:5d:06:
ef:0b:f8:99:5a:4d:59:ba:8b:59:8d:9a:90:06:a5:e0:7c:62:
49:e4:74:43:d2:bb:c8:1f:8e:68:3a:92:f6:0b:5a:8b:4a:78:
0c:24:1e:c9
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYXxlxAfl8VT/x4thFhdNpjIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTI3MDQ1ODA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTRkOGI4OTQ5MjY3NmZhZmI5OWY5Njk0YzMxMTA4OGIzNzQxZmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmj9IGjKldy4uwWjuXhmR/xBuNiiC
vWmDxaFPro21z7BsZ11HjfdcWuKrfsLHf8ShPB2H5MHRrwSPRk3aG85TQDyLqjRS
EooVGE6z7QeOya/r0a6dARsZAJASPDV3I89z2RBuKKFS9w+UABMc8DJt7yvZB6Bx
Hgf6aByEyL/biHw/r4kZrGrRufxK/RvQrRBN5CNG+RagOlrs7CDVrIDjHj0v+zs2
ZsuCDS2/MhZOW2z8j152+MBUbxpBtK54k3/M3pZcJEWvSHXHlJfj243vH6yrT3fH
rEAMlpiThJfmMkg2NhkEQFIkSXWFpLW5fmA8SD82yqraws/y/mmb2C3agQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFPlNi4lJJnb6+5n5aUwxEIizdB/5MB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvMS1VMkxpVWttZHZyN21mbHBUREVRaUxOMEhfay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTQvMTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQy
OC8xL0NBSzVYT1lqblZKc05hNTZqaXpyU0s2NEsxOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB1BggrBgEFBQcBBwEB/wRmMGQwUgQCAAEwTAMEAFY+XAME
AFY+fQMEAMNblQMEA8NbqAMEAsNb0AMEAMNb1QMEAMNb1zAMAwQAw1vZAwQAw1vi
MAwDBALDW+QDBAPDW/ADBADDW/8wDgQCAAIwCAMGAioCJpiYMA0GCSqGSIb3DQEB
CwUAA4IBAQDcPLjMf44VzRZktC88AiFTydUOnyUNJ9hElLgyhFRVebCWYIETxnVg
yDBt70FovrcXS12NdaSxrjQ3A7hp5HumfU82+n3fJt4L9bQL/FYYKlJEUUh0O0ob
QfOqPaLKDf79BmE0UtcS62GFFXJFrgPS5+WGIDKg69MOfgXj7iN422OG6cVyoSoc
xJESnAFDcV0aK5P0i5NGdsABqyzYMdFldsSD11UZFG6f8Nv5qmYGzDcwiOZVhQBN
g27PtK9iVlIDnQ3DxTLiF+umFgXsCE6zXmoxai7RXQbvC/iZWk1ZuotZjZqQBqXg
fGJJ5HRD0rvIH45oOpL2C1qLSngMJB7J
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:13 2025 by rpki-client