Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/9rC8Gn0QYcXH7p_JOvPNHcp4nus.roa
File: 9rC8Gn0QYcXH7p_JOvPNHcp4nus.roa (raw, json)
Hash identifier: /Lso+Qp9xKukG9uNeVUeYO50jWWhrpnCSOTDLYbtJ9A=
Subject key identifier: F6:B0:BC:1A:7D:10:61:C5:C7:EE:9F:C9:3A:F3:CD:1D:CA:78:9E:EB
Certificate issuer: /CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Certificate serial: 1CF145FA
Authority key identifier: 18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/9rC8Gn0QYcXH7p_JOvPNHcp4nus.roa
Signing time: Wed 09 Mar 2022 06:18:14 +0000
ROA not before: Wed 09 Mar 2022 06:18:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48716
IP address blocks: 185.146.0.0/22 maxlen: 24
185.22.64.0/22 maxlen: 24
185.102.72.0/22 maxlen: 24
78.40.108.0/23 maxlen: 24
195.93.152.0/23 maxlen: 24
195.49.208.0/21 maxlen: 24
109.233.108.0/22 maxlen: 32
89.219.32.0/22 maxlen: 24
194.110.54.0/23 maxlen: 24
94.247.128.0/21 maxlen: 24
91.215.137.0/24 maxlen: 32
91.215.136.0/24 maxlen: 24
91.215.136.0/23 maxlen: 24
91.215.139.0/24 maxlen: 32
195.210.46.0/23 maxlen: 24
194.39.64.0/23 maxlen: 24
194.39.64.0/22 maxlen: 24
185.35.222.0/23 maxlen: 24
194.39.67.0/24 maxlen: 24
194.39.66.0/24 maxlen: 24
91.201.214.0/23 maxlen: 24
2a00:5da0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 485574138 (0x1cf145fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Validity
Not Before: Mar 9 06:18:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f6b0bc1a7d1061c5c7ee9fc93af3cd1dca789eeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e3:74:9a:cc:fa:51:43:43:c8:8c:2e:cf:fb:
2a:a2:fc:2b:57:a0:25:1e:ab:93:3a:df:03:9f:f0:
cf:14:67:ab:dd:af:51:0a:40:57:c4:d5:07:9e:23:
32:39:54:69:91:0d:47:7d:b1:fb:51:92:26:cd:28:
6e:30:4f:bc:c0:58:5e:f8:6e:6f:3b:66:29:f8:99:
24:4e:94:b4:b2:f7:17:7c:c1:1c:fc:ae:c3:3d:dc:
df:51:0d:ad:78:ae:b1:54:c1:96:a9:2f:a9:ac:48:
ea:97:3f:12:13:ea:80:cc:9b:f2:d4:3e:e3:83:cb:
e1:62:cf:f3:6b:46:49:42:80:83:f6:de:25:04:bf:
6a:af:cc:76:3f:f0:af:bd:1c:66:39:50:3c:68:90:
27:ef:82:c6:7a:0f:e2:e2:ab:04:22:8e:10:72:4a:
c6:b4:ed:f3:0c:df:2c:55:72:e3:23:77:43:1e:da:
54:5e:c3:cc:89:84:34:c1:21:ec:0d:71:9b:2f:52:
c0:bd:ee:12:ca:28:e5:ad:4b:3f:8e:2e:f3:8e:85:
80:4e:90:c2:8b:53:9d:d4:6f:80:58:7e:15:82:f1:
f7:17:3e:c5:e7:b8:58:c9:f2:aa:f2:29:72:75:f0:
fc:e5:19:af:3b:cc:c3:d0:ca:f9:b2:3a:c8:9c:98:
9f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:B0:BC:1A:7D:10:61:C5:C7:EE:9F:C9:3A:F3:CD:1D:CA:78:9E:EB
X509v3 Authority Key Identifier:
keyid:18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/9rC8Gn0QYcXH7p_JOvPNHcp4nus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.108.0/23
89.219.32.0/22
91.201.214.0/23
91.215.136.0/23
91.215.139.0/24
94.247.128.0/21
109.233.108.0/22
185.22.64.0/22
185.35.222.0/23
185.102.72.0/22
185.146.0.0/22
194.39.64.0/22
194.110.54.0/23
195.49.208.0/21
195.93.152.0/23
195.210.46.0/23
IPv6:
2a00:5da0::/32
Signature Algorithm: sha256WithRSAEncryption
a3:8e:a8:c0:80:f7:62:8c:a6:0c:1d:45:ff:a3:46:b5:7c:9b:
fe:21:0a:b0:5f:a4:ee:0c:61:20:0b:87:1b:cb:39:2c:a9:fa:
06:e6:32:96:67:ba:37:a8:4d:7d:33:c8:55:9a:f7:ab:61:f0:
b4:00:61:57:75:6e:ee:ef:e2:66:73:7e:dd:d7:1f:7d:06:b6:
24:8e:16:4c:19:64:42:22:c7:6a:0a:54:d0:c0:a4:87:35:4b:
15:94:60:82:34:4e:dd:41:83:87:3b:05:bf:cb:cb:66:cf:43:
6f:20:f4:c5:3a:4f:c5:38:41:59:8c:f1:b4:ce:f7:86:db:3b:
2a:48:e9:34:59:e9:d6:ef:46:5c:fc:65:30:c3:d5:5d:c1:2e:
58:87:4b:05:3f:de:b0:8a:3b:5a:9a:7f:bd:2c:07:b6:5e:eb:
66:59:18:87:6a:21:53:96:e9:92:12:11:fd:99:b6:65:c8:eb:
32:bf:d6:a0:d8:e0:f1:a8:fc:43:c4:f6:88:b3:a1:52:57:10:
a0:42:ac:d5:ba:b2:c5:ed:aa:af:fa:8d:38:e3:5f:be:a1:79:
3a:19:fe:0a:e8:b3:80:68:90:29:54:65:d3:ff:59:86:2f:a8:
a7:5e:c6:a3:fb:88:fc:f3:9a:ca:c6:c5:84:38:c6:71:e6:ac:
15:11:4d:b1
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgIEHPFF+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ODQ3YjU5ZDIxZWEzNmIzMDYyZmNhODBjZTc1YzE2MTZhZjUxMTlhMB4XDTIyMDMw
OTA2MTgxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjZiMGJjMWE3ZDEw
NjFjNWM3ZWU5ZmM5M2FmM2NkMWRjYTc4OWVlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKXjdJrM+lFDQ8iMLs/7KqL8K1egJR6rkzrfA5/wzxRnq92v
UQpAV8TVB54jMjlUaZENR32x+1GSJs0objBPvMBYXvhubztmKfiZJE6UtLL3F3zB
HPyuwz3c31ENrXiusVTBlqkvqaxI6pc/EhPqgMyb8tQ+44PL4WLP82tGSUKAg/be
JQS/aq/Mdj/wr70cZjlQPGiQJ++CxnoP4uKrBCKOEHJKxrTt8wzfLFVy4yN3Qx7a
VF7DzImENMEh7A1xmy9SwL3uEsoo5a1LP44u846FgE6QwotTndRvgFh+FYLx9xc+
xee4WMnyqvIpcnXw/OUZrzvMw9DK+bI6yJyYn8sCAwEAAaOCAnMwggJvMB0GA1Ud
DgQWBBT2sLwafRBhxcfun8k6880dynie6zAfBgNVHSMEGDAWgBQYR7WdIeo2swYv
yoDOdcFhavURmjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dFZTFuU0hxTnJNR0w4cUF6blhCWVdyMUVaby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWYvMzgyNGNkLWU1MjctNGFkYy1hNDEyLWY5MWJiNTE3OTIxNy8x
LzlyQzhHbjBRWWNYSDdwX0pPdlBOSGNwNG51cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWYv
MzgyNGNkLWU1MjctNGFkYy1hNDEyLWY5MWJiNTE3OTIxNy8xL0dFZTFuU0hxTnJN
R0w4cUF6blhCWVdyMUVaby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
iAYIKwYBBQUHAQcBAf8EeTB3MGYEAgABMGADBAFOKGwDBAJZ2yADBAFbydYDBAFb
14gDBABb14sDBANe94ADBAJt6WwDBAK5FkADBAG5I94DBAK5ZkgDBAK5kgADBALC
J0ADBAHCbjYDBAPDMdADBAHDXZgDBAHD0i4wDQQCAAIwBwMFACoAXaAwDQYJKoZI
hvcNAQELBQADggEBAKOOqMCA92KMpgwdRf+jRrV8m/4hCrBfpO4MYSALhxvLOSyp
+gbmMpZnujeoTX0zyFWa96th8LQAYVd1bu7v4mZzft3XH30GtiSOFkwZZEIix2oK
VNDApIc1SxWUYII0Tt1Bg4c7Bb/Ly2bPQ28g9MU6T8U4QVmM8bTO94bbOypI6TRZ
6dbvRlz8ZTDD1V3BLliHSwU/3rCKO1qaf70sB7Ze62ZZGIdqIVOW6ZISEf2ZtmXI
6zK/1qDY4PGo/EPE9oizoVJXEKBCrNW6ssXtqq/6jTjjX76heToZ/gros4BokClU
ZdP/WYYvqKdexqP7iPzzmsrGxYQ4xnHmrBURTbE=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:19:44 2025 by rpki-client