Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/Iq8Q7VRP9WmewGd-SaRNWYYN0-g.roa
File: Iq8Q7VRP9WmewGd-SaRNWYYN0-g.roa (raw, json)
Hash identifier: TXKCe4Bz52XklYmE+08pP8/67+tPXDpMZh9n77H7pJI=
Subject key identifier: 22:AF:10:ED:54:4F:F5:69:9E:C0:67:7E:49:A4:4D:59:86:0D:D3:E8
Certificate issuer: /CN=52b9b9e256580c4344bb241445b4d52e54fdd50b
Certificate serial: 03A5404E
Authority key identifier: 52:B9:B9:E2:56:58:0C:43:44:BB:24:14:45:B4:D5:2E:54:FD:D5:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Urm54lZYDENEuyQURbTVLlT91Qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/Iq8Q7VRP9WmewGd-SaRNWYYN0-g.roa
Signing time: Sat 01 Jan 2022 10:56:03 +0000
ROA not before: Sat 01 Jan 2022 10:56:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12530
IP address blocks: 212.82.192.0/19 maxlen: 19
83.170.192.0/18 maxlen: 18
62.64.64.0/18 maxlen: 18
85.223.128.0/17 maxlen: 17
89.162.128.0/17 maxlen: 17
94.27.0.0/17 maxlen: 17
188.163.0.0/16 maxlen: 16
212.109.32.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61161550 (0x3a5404e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52b9b9e256580c4344bb241445b4d52e54fdd50b
Validity
Not Before: Jan 1 10:56:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22af10ed544ff5699ec0677e49a44d59860dd3e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:30:05:a3:cb:9a:ec:45:c0:c5:98:08:16:ff:
5c:af:7b:75:ae:2c:4f:0b:84:81:d4:17:8c:0f:45:
64:ec:80:22:fe:51:5e:db:a5:fb:6c:3e:34:1a:96:
6d:67:6d:e4:aa:06:a1:46:cd:13:6f:d8:cf:ae:41:
06:18:d7:50:2b:0a:b0:95:5f:67:91:5c:4b:77:ab:
ef:ba:ab:eb:b8:7c:49:74:2e:67:5e:fe:95:00:d4:
21:c9:18:47:a2:c2:0a:70:66:bb:a0:d3:9a:c0:06:
7a:14:ef:27:89:ad:0c:06:08:39:fb:21:46:2a:1c:
c5:27:2a:af:3e:1b:dd:8c:65:64:29:7a:6c:b6:a7:
46:46:df:41:a9:0b:dc:2a:de:d5:73:27:89:96:a3:
57:36:ae:64:6c:4b:e5:fa:90:f0:c6:78:d2:74:2c:
fe:af:32:ae:22:6f:37:cd:c9:20:8e:1b:84:47:1f:
6c:40:ab:96:c3:65:2d:79:80:39:b4:a3:a8:f3:f3:
33:25:a8:a2:d0:69:48:c1:5e:44:a6:a2:5e:ca:81:
8b:ee:0a:58:4d:d5:1a:f3:4e:b1:ab:28:a3:99:47:
ff:a9:5a:17:4d:c2:56:8c:e6:21:05:7d:b7:e5:1e:
76:32:47:65:66:ac:76:41:75:a0:7b:02:9d:bf:2f:
36:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:AF:10:ED:54:4F:F5:69:9E:C0:67:7E:49:A4:4D:59:86:0D:D3:E8
X509v3 Authority Key Identifier:
keyid:52:B9:B9:E2:56:58:0C:43:44:BB:24:14:45:B4:D5:2E:54:FD:D5:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Urm54lZYDENEuyQURbTVLlT91Qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/Iq8Q7VRP9WmewGd-SaRNWYYN0-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/Urm54lZYDENEuyQURbTVLlT91Qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.64.64.0/18
83.170.192.0/18
85.223.128.0/17
89.162.128.0/17
94.27.0.0/17
188.163.0.0/16
212.82.192.0/19
212.109.32.0/19
Signature Algorithm: sha256WithRSAEncryption
90:2c:73:ca:50:67:f1:14:93:51:18:59:ce:2a:b3:af:cf:ee:
ec:ca:99:d3:0b:7d:45:1d:31:72:6d:c7:11:0c:9f:23:21:e7:
e6:0e:ed:0f:ba:38:6c:d6:d7:61:fd:2a:84:35:f5:26:9c:f0:
c9:66:08:a5:0d:ef:3b:57:ac:91:a2:d8:bb:9b:57:af:93:07:
56:97:d2:3c:ec:a0:e7:70:e2:a6:67:9a:3f:17:c3:e6:18:2f:
60:bb:1c:27:43:ac:bd:36:e9:55:7c:e4:53:58:0f:f3:6c:34:
27:f4:22:10:cc:6d:fa:5a:f6:90:4b:d0:e6:a4:35:f6:ef:f4:
b6:38:9e:5f:10:8e:69:ce:fd:cb:52:44:6f:80:1e:b1:bd:17:
4c:81:8b:b3:7a:f9:d6:3e:7a:44:8f:7d:f6:c7:de:fe:ad:c9:
c9:24:80:28:da:c0:94:74:df:3d:d1:2b:f5:bb:ef:7c:95:aa:
ac:a4:dd:41:86:88:db:1a:ba:6a:84:40:b9:39:11:a4:c4:d6:
1a:d9:c9:bc:15:c1:cd:ee:47:a5:8d:c1:df:73:94:d1:75:88:
79:37:32:ab:66:fb:58:b8:47:63:7a:c1:4b:5d:c7:bb:94:cb:
8a:03:d2:b6:b9:d9:c2:50:44:b0:ea:d4:ee:d5:55:e9:52:07:
3a:7a:8b:8f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEA6VATjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MmI5YjllMjU2NTgwYzQzNDRiYjI0MTQ0NWI0ZDUyZTU0ZmRkNTBiMB4XDTIyMDEw
MTEwNTYwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjJhZjEwZWQ1NDRm
ZjU2OTllYzA2NzdlNDlhNDRkNTk4NjBkZDNlODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANYwBaPLmuxFwMWYCBb/XK97da4sTwuEgdQXjA9FZOyAIv5R
Xtul+2w+NBqWbWdt5KoGoUbNE2/Yz65BBhjXUCsKsJVfZ5FcS3er77qr67h8SXQu
Z17+lQDUIckYR6LCCnBmu6DTmsAGehTvJ4mtDAYIOfshRiocxScqrz4b3YxlZCl6
bLanRkbfQakL3Cre1XMniZajVzauZGxL5fqQ8MZ40nQs/q8yriJvN83JII4bhEcf
bECrlsNlLXmAObSjqPPzMyWootBpSMFeRKaiXsqBi+4KWE3VGvNOsasoo5lH/6la
F03CVozmIQV9t+UedjJHZWasdkF1oHsCnb8vNv8CAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBQirxDtVE/1aZ7AZ35JpE1Zhg3T6DAfBgNVHSMEGDAWgBRSubniVlgMQ0S7
JBRFtNUuVP3VCzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VybTU0bFpZREVORXV5UVVSYlRWTGxUOTFRcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvZWFmODFkLWE5ZGYtNGE2YS1iNjEwLWRlMDVjNTQwNDViYi8x
L0lxOFE3VlJQOVdtZXdHZC1TYVJOV1lZTjAtZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
ZWFmODFkLWE5ZGYtNGE2YS1iNjEwLWRlMDVjNTQwNDViYi8xL1VybTU0bFpZREVO
RXV5UVVSYlRWTGxUOTFRcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwNQQCAAEwLwMEBj5AQAMEBlOqwAMEB1XfgAMEB1mi
gAMEB14bAAMDALyjAwQF1FLAAwQF1G0gMA0GCSqGSIb3DQEBCwUAA4IBAQCQLHPK
UGfxFJNRGFnOKrOvz+7sypnTC31FHTFybccRDJ8jIefmDu0Pujhs1tdh/SqENfUm
nPDJZgilDe87V6yRoti7m1evkwdWl9I87KDncOKmZ5o/F8PmGC9guxwnQ6y9NulV
fORTWA/zbDQn9CIQzG36WvaQS9DmpDX27/S2OJ5fEI5pzv3LUkRvgB6xvRdMgYuz
evnWPnpEj332x97+rcnJJIAo2sCUdN890Sv1u+98laqspN1BhojbGrpqhEC5ORGk
xNYa2cm8FcHN7keljcHfc5TRdYh5NzKrZvtYuEdjesFLXce7lMuKA9K2udnCUESw
6tTu1VXpUgc6eouP
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:39 2025 by rpki-client