Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/lDNAziLbMb1XUqf65YRXurmdRK0.roa
File: lDNAziLbMb1XUqf65YRXurmdRK0.roa (raw, json)
Hash identifier: fHbANwD0h1/qVfJ+ME9iaRNMTqQR0gQBFFmyB4WW2eU=
Subject key identifier: 94:33:40:CE:22:DB:31:BD:57:52:A7:FA:E5:84:57:BA:B9:9D:44:AD
Certificate issuer: /CN=52b9b9e256580c4344bb241445b4d52e54fdd50b
Certificate serial: 0183C0F936FBB1BB457B48DAEE2C73A8B4D4
Authority key identifier: 52:B9:B9:E2:56:58:0C:43:44:BB:24:14:45:B4:D5:2E:54:FD:D5:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Urm54lZYDENEuyQURbTVLlT91Qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/lDNAziLbMb1XUqf65YRXurmdRK0.roa
Signing time: Mon 10 Oct 2022 08:18:21 +0000
ROA not before: Mon 10 Oct 2022 08:18:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15895
IP address blocks: 81.23.16.0/24 maxlen: 24
81.23.16.0/20 maxlen: 20
85.223.128.0/17 maxlen: 17
37.229.0.0/16 maxlen: 16
176.8.0.0/16 maxlen: 16
188.163.0.0/17 maxlen: 17
212.109.32.0/19 maxlen: 19
188.163.0.0/16 maxlen: 16
46.185.0.0/17 maxlen: 17
94.153.0.0/16 maxlen: 16
134.249.0.0/16 maxlen: 16
212.82.192.0/19 maxlen: 19
62.64.64.0/18 maxlen: 18
77.247.216.0/21 maxlen: 21
109.162.0.0/17 maxlen: 17
94.153.164.0/22 maxlen: 22
94.27.0.0/17 maxlen: 17
46.118.0.0/15 maxlen: 15
83.170.192.0/18 maxlen: 18
193.41.60.0/22 maxlen: 22
193.41.60.0/23 maxlen: 23
193.41.62.0/23 maxlen: 23
89.162.128.0/17 maxlen: 17
5.248.0.0/16 maxlen: 16
46.211.0.0/16 maxlen: 17
37.115.0.0/16 maxlen: 16
178.137.0.0/16 maxlen: 16
2a02:2378::/32 maxlen: 32
2a02:8a8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c0:f9:36:fb:b1:bb:45:7b:48:da:ee:2c:73:a8:b4:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52b9b9e256580c4344bb241445b4d52e54fdd50b
Validity
Not Before: Oct 10 08:18:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=943340ce22db31bd5752a7fae58457bab99d44ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:72:bc:97:81:20:ba:10:01:59:fc:23:74:db:
dc:9e:2e:7c:71:a9:55:6b:7d:8f:ee:2f:54:44:c3:
78:f5:bf:57:fc:14:17:c6:e8:7c:fe:3f:f7:c5:b7:
67:b6:ec:f8:ee:09:a9:9a:00:af:73:7a:f6:e8:dc:
9a:a6:30:4b:c4:cb:fb:80:a1:0e:4e:ce:93:f1:f6:
0a:a7:e1:04:a8:bb:0d:a2:cc:99:a1:03:be:c5:16:
cc:c3:b6:5c:c2:9b:3f:6e:eb:33:0a:33:47:44:6a:
6d:c2:3e:ed:56:f0:c2:d8:6e:a7:cd:c5:83:c4:2b:
46:72:36:d6:8c:e5:02:9d:c3:9b:0e:ac:9d:3e:99:
d6:7d:39:4c:b7:87:60:9c:3f:88:84:54:bb:99:03:
88:70:7c:91:1d:7a:43:e7:87:f3:49:88:17:f3:be:
26:59:26:ae:38:93:ba:fe:5e:55:44:ef:0c:d8:47:
53:c6:aa:e1:67:4a:99:71:3d:89:07:9b:5e:a9:1b:
61:16:4d:d8:b2:f6:9e:a9:d1:b9:be:f1:53:3f:c0:
19:28:d7:fe:34:1e:f3:eb:b6:29:6f:9f:fe:6c:68:
4b:cd:e0:cb:01:dd:d6:18:bc:3e:c2:d4:aa:d3:e5:
0e:53:32:6a:84:4f:92:9a:4a:94:1f:23:4b:4b:87:
b0:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:33:40:CE:22:DB:31:BD:57:52:A7:FA:E5:84:57:BA:B9:9D:44:AD
X509v3 Authority Key Identifier:
keyid:52:B9:B9:E2:56:58:0C:43:44:BB:24:14:45:B4:D5:2E:54:FD:D5:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Urm54lZYDENEuyQURbTVLlT91Qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/lDNAziLbMb1XUqf65YRXurmdRK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/Urm54lZYDENEuyQURbTVLlT91Qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.248.0.0/16
37.115.0.0/16
37.229.0.0/16
46.118.0.0/15
46.185.0.0/17
46.211.0.0/16
62.64.64.0/18
77.247.216.0/21
81.23.16.0/20
83.170.192.0/18
85.223.128.0/17
89.162.128.0/17
94.27.0.0/17
94.153.0.0/16
109.162.0.0/17
134.249.0.0/16
176.8.0.0/16
178.137.0.0/16
188.163.0.0/16
193.41.60.0/22
212.82.192.0/19
212.109.32.0/19
IPv6:
2a02:8a8::/32
2a02:2378::/32
Signature Algorithm: sha256WithRSAEncryption
5a:93:af:a0:44:cf:1b:f1:e1:a5:48:f3:01:ab:65:74:84:2b:
38:30:d8:ec:03:3b:36:5e:da:04:e4:1f:e3:b7:b2:ab:95:40:
0c:37:1d:11:67:dd:77:53:57:4a:94:a0:0b:35:ca:15:12:1a:
dc:f9:8c:50:34:11:57:1c:da:35:6a:c8:79:78:1d:aa:7a:ac:
9d:c3:95:e1:3d:1c:ab:0c:8a:3f:d3:f4:bf:94:a6:1d:a4:a9:
51:22:30:64:1f:49:84:78:4d:18:e8:2b:30:1d:bc:1f:41:b7:
1f:2c:ea:d0:47:52:59:e9:ec:60:59:ea:f8:a8:1a:ca:38:51:
9e:78:19:30:31:c5:66:c7:5c:ad:4e:9b:52:68:66:4a:cf:53:
bf:5e:1f:f2:e0:5c:93:00:82:d7:24:51:0c:77:1e:a5:8c:0a:
90:21:ae:43:17:e2:0d:f8:fd:07:b2:0e:9d:73:a4:a8:20:5f:
2f:ee:ab:3c:b6:5c:7b:e1:54:b1:38:bc:3b:4b:c0:11:89:1b:
0c:0c:4d:93:20:d3:50:6e:36:bd:37:06:33:21:5b:ba:9e:4f:
e5:3a:a2:d4:d4:90:6d:87:12:2c:e3:f4:7e:10:7c:3f:f5:c8:
37:4d:46:bc:f6:8c:5d:88:57:4f:4d:25:a1:b7:96:d8:21:09:
9f:22:29:6b
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAYPA+Tb7sbtFe0ja7ixzqLTUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYjliOWUyNTY1ODBjNDM0NGJiMjQxNDQ1YjRkNTJlNTRm
ZGQ1MGIwHhcNMjIxMDEwMDgxODIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDMzNDBjZTIyZGIzMWJkNTc1MmE3ZmFlNTg0NTdiYWI5OWQ0NGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHK8l4EguhABWfwjdNvcni58calV
a32P7i9URMN49b9X/BQXxuh8/j/3xbdntuz47gmpmgCvc3r26NyapjBLxMv7gKEO
Ts6T8fYKp+EEqLsNosyZoQO+xRbMw7Zcwps/buszCjNHRGptwj7tVvDC2G6nzcWD
xCtGcjbWjOUCncObDqydPpnWfTlMt4dgnD+IhFS7mQOIcHyRHXpD54fzSYgX874m
WSauOJO6/l5VRO8M2EdTxqrhZ0qZcT2JB5teqRthFk3YsvaeqdG5vvFTP8AZKNf+
NB7z67Ypb5/+bGhLzeDLAd3WGLw+wtSq0+UOUzJqhE+SmkqUHyNLS4ewDQIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFJQzQM4i2zG9V1Kn+uWEV7q5nUStMB8GA1UdIwQY
MBaAFFK5ueJWWAxDRLskFEW01S5U/dULMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXJtNTRsWllERU5FdXlRVVJiVFZMbFQ5MVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lYWY4MWQtYTlkZi00YTZhLWI2MTAt
ZGUwNWM1NDA0NWJiLzEvbEROQXppTGJNYjFYVXFmNjVZUlh1cm1kUkswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lYWY4MWQtYTlkZi00YTZhLWI2MTAtZGUwNWM1NDA0NWJi
LzEvVXJtNTRsWllERU5FdXlRVVJiVFZMbFQ5MVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBgAQCAAEwegMDAAX4
AwMAJXMDAwAl5QMDAS52AwQHLrkAAwMALtMDBAY+QEADBANN99gDBARRFxADBAZT
qsADBAdV34ADBAdZooADBAdeGwADAwBemQMEB22iAAMDAIb5AwMAsAgDAwCyiQMD
ALyjAwQCwSk8AwQF1FLAAwQF1G0gMBQEAgACMA4DBQAqAgioAwUAKgIjeDANBgkq
hkiG9w0BAQsFAAOCAQEAWpOvoETPG/HhpUjzAatldIQrODDY7AM7Nl7aBOQf47ey
q5VADDcdEWfdd1NXSpSgCzXKFRIa3PmMUDQRVxzaNWrIeXgdqnqsncOV4T0cqwyK
P9P0v5SmHaSpUSIwZB9JhHhNGOgrMB28H0G3Hyzq0EdSWensYFnq+KgayjhRnngZ
MDHFZsdcrU6bUmhmSs9Tv14f8uBckwCC1yRRDHcepYwKkCGuQxfiDfj9B7IOnXOk
qCBfL+6rPLZce+FUsTi8O0vAEYkbDAxNkyDTUG42vTcGMyFbup5P5Tqi1NSQbYcS
LOP0fhB8P/XIN01GvPaMXYhXT00lobeW2CEJnyIpaw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:09 2025 by rpki-client