Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/dQUziFgfj8qZXympQh71pZuUtyA.roa
File: dQUziFgfj8qZXympQh71pZuUtyA.roa (raw, json)
Hash identifier: d8JgMom3MWt4U8ZVaJEVYWP42x5gVNcd+FgPrJ9o0cA=
Subject key identifier: 75:05:33:88:58:1F:8F:CA:99:5F:29:A9:42:1E:F5:A5:9B:94:B7:20
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018B198D0C4661061CEFF6E05A2E6F4DD057
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/dQUziFgfj8qZXympQh71pZuUtyA.roa
Signing time: Tue 10 Oct 2023 12:25:55 +0000
ROA not before: Tue 10 Oct 2023 12:25:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
45.138.180.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:8d:0c:46:61:06:1c:ef:f6:e0:5a:2e:6f:4d:d0:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 10 12:25:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75053388581f8fca995f29a9421ef5a59b94b720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e1:e3:9f:14:b1:9f:ea:dc:02:b1:66:31:e9:
67:4d:a8:f5:cb:f5:9e:04:9d:c6:f6:81:b2:8c:77:
6e:4e:f5:29:73:72:6c:53:42:89:f7:ce:27:03:37:
9b:39:00:ef:cc:ce:a2:1b:17:e4:d0:86:1f:a0:d6:
3a:2c:cd:be:69:75:37:39:b2:19:cb:52:51:ab:08:
36:a6:34:07:69:ce:77:fd:14:c5:52:c2:d9:54:4f:
e4:9d:02:b2:f4:a0:77:5c:42:51:fe:69:c6:71:fd:
19:07:76:05:e3:31:71:e9:cc:a5:c3:61:50:24:a7:
ee:7a:c0:f4:ab:48:74:e2:a1:71:2b:06:89:7b:4f:
0d:23:96:4e:f1:f1:c5:da:cd:7f:a9:a0:25:77:4f:
cd:0c:ed:af:51:5a:ed:f1:11:ad:7b:e7:93:32:4a:
40:74:66:e6:ec:4e:ae:ef:5f:2e:81:13:61:9b:68:
1b:c0:32:d3:a8:32:c9:f2:a5:41:db:d3:4a:03:07:
fa:a1:0e:30:2a:cb:6a:d1:4b:36:4f:a0:60:53:c7:
16:b5:b9:29:e7:2d:3b:77:0d:08:a8:68:d0:9c:88:
5e:a0:89:36:33:d0:62:16:55:87:6e:e3:29:ec:23:
bc:34:52:3b:54:e7:3f:f1:be:81:b8:a4:a1:2a:aa:
67:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:05:33:88:58:1F:8F:CA:99:5F:29:A9:42:1E:F5:A5:9B:94:B7:20
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/dQUziFgfj8qZXympQh71pZuUtyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.138.180.0/24
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
26:0d:03:95:03:7b:7d:3f:4e:cb:be:ec:39:52:b9:df:f9:65:
f3:65:9c:7e:c3:65:61:38:41:6e:55:ac:34:0b:f8:dc:39:e8:
00:28:c5:65:cf:67:22:53:e5:52:19:e9:69:fa:3b:5c:83:e4:
7f:30:15:9f:09:9e:a9:8a:9b:90:51:26:f2:43:b1:f4:9e:20:
28:ac:0d:b3:b5:f7:ff:73:e0:a0:4f:0b:5f:76:3e:84:d2:bb:
e7:41:41:c3:f5:ec:1e:89:91:eb:4e:19:b3:bc:b0:f5:56:f9:
e2:09:21:44:2f:af:68:e2:33:b3:0b:7c:ef:fa:7e:eb:51:99:
36:df:e0:c9:d6:02:0b:d2:8b:b6:66:41:ec:84:42:91:11:ff:
ea:63:2d:b2:04:80:f8:3e:c9:e1:37:05:a5:44:ea:cf:8c:14:
16:30:e8:f5:4f:f7:63:40:fa:c0:d6:c2:fa:f0:da:1d:88:aa:
c2:24:a7:8d:c6:c2:1d:3d:09:65:77:4e:0f:9d:ab:6f:b6:40:
cc:02:b2:94:75:c3:f7:55:52:32:72:d6:85:2b:bc:3c:dd:a9:
cd:c6:5d:5f:ba:59:2a:4b:50:2f:11:6d:a3:b8:69:4c:ac:19:
67:a5:e5:43:2e:65:ab:d9:7b:1e:3d:d1:4e:6e:2d:ed:5f:c8:
16:0e:05:9e
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYsZjQxGYQYc7/bgWi5vTdBXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMDEwMTIyNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTA1MzM4ODU4MWY4ZmNhOTk1ZjI5YTk0MjFlZjVhNTliOTRiNzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0eHjnxSxn+rcArFmMelnTaj1y/We
BJ3G9oGyjHduTvUpc3JsU0KJ984nAzebOQDvzM6iGxfk0IYfoNY6LM2+aXU3ObIZ
y1JRqwg2pjQHac53/RTFUsLZVE/knQKy9KB3XEJR/mnGcf0ZB3YF4zFx6cylw2FQ
JKfuesD0q0h04qFxKwaJe08NI5ZO8fHF2s1/qaAld0/NDO2vUVrt8RGte+eTMkpA
dGbm7E6u718ugRNhm2gbwDLTqDLJ8qVB29NKAwf6oQ4wKstq0Us2T6BgU8cWtbkp
5y07dw0IqGjQnIheoIk2M9BiFlWHbuMp7CO8NFI7VOc/8b6BuKShKqpntQIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFHUFM4hYH4/KmV8pqUIe9aWblLcgMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvZFFVemlGZ2ZqOHFaWHltcFFoNzFwWnVVdHlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBmwQCAAEwgZQDBAAF
tVcDBAAtCR0DBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAMEAC2KtAME
AC2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AMEe8AMEAcEe8gMEAME5KQMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8
MCkEAgACMCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkq
hkiG9w0BAQsFAAOCAQEAJg0DlQN7fT9Oy77sOVK53/ll82WcfsNlYThBblWsNAv4
3DnoACjFZc9nIlPlUhnpafo7XIPkfzAVnwmeqYqbkFEm8kOx9J4gKKwNs7X3/3Pg
oE8LX3Y+hNK750FBw/XsHomR604Zs7yw9Vb54gkhRC+vaOIzswt87/p+61GZNt/g
ydYCC9KLtmZB7IRCkRH/6mMtsgSA+D7J4TcFpUTqz4wUFjDo9U/3Y0D6wNbC+vDa
HYiqwiSnjcbCHT0JZXdOD52rb7ZAzAKylHXD91VSMnLWhSu8PN2pzcZdX7pZKktQ
LxFto7hpTKwZZ6XlQy5lq9l7Hj3RTm4t7V/IFg4Fng==
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:42:14 2025 by rpki-client