Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/kQws0GWKnhORoaSXhDPTfNB_4ZE.roa
File: kQws0GWKnhORoaSXhDPTfNB_4ZE.roa (raw, json)
Hash identifier: 84PacSvU/zaxDt41ocTAN3UmX853RqtgOPFpNgRJFiM=
Subject key identifier: 91:0C:2C:D0:65:8A:9E:13:91:A1:A4:97:84:33:D3:7C:D0:7F:E1:91
Certificate issuer: /CN=fd261d45319e8375187436da44bf5b9adb044a7f
Certificate serial: 018C8C64B0BCBBBF0F4F02C5E0ADBDAD0B0B
Authority key identifier: FD:26:1D:45:31:9E:83:75:18:74:36:DA:44:BF:5B:9A:DB:04:4A:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_SYdRTGeg3UYdDbaRL9bmtsESn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/kQws0GWKnhORoaSXhDPTfNB_4ZE.roa
Signing time: Thu 21 Dec 2023 12:40:58 +0000
ROA not before: Thu 21 Dec 2023 12:40:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8758
IP address blocks: 37.46.144.0/22 maxlen: 24
194.31.128.0/23 maxlen: 24
217.71.240.0/20 maxlen: 24
178.250.130.0/23 maxlen: 24
185.160.244.0/22 maxlen: 24
217.150.224.0/20 maxlen: 24
157.143.0.0/17 maxlen: 24
109.70.112.0/21 maxlen: 24
109.70.116.0/22 maxlen: 24
109.70.115.0/24 maxlen: 24
212.25.0.0/19 maxlen: 24
77.74.96.0/21 maxlen: 24
145.40.192.0/19 maxlen: 24
84.254.80.0/20 maxlen: 24
95.143.48.0/20 maxlen: 24
91.84.64.0/19 maxlen: 24
84.254.96.0/20 maxlen: 24
83.150.0.0/18 maxlen: 24
87.239.200.0/21 maxlen: 24
88.218.24.0/22 maxlen: 24
31.24.8.0/21 maxlen: 24
178.22.104.0/21 maxlen: 24
80.89.208.0/20 maxlen: 24
194.246.118.0/23 maxlen: 24
217.22.128.0/20 maxlen: 24
2001:8e0::/29 maxlen: 32
2a01:bd00::/32 maxlen: 32
2a00:10c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8c:64:b0:bc:bb:bf:0f:4f:02:c5:e0:ad:bd:ad:0b:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd261d45319e8375187436da44bf5b9adb044a7f
Validity
Not Before: Dec 21 12:40:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=910c2cd0658a9e1391a1a4978433d37cd07fe191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:93:3b:45:cd:c7:e5:8e:3e:b9:e0:43:7d:37:
26:27:9e:c4:a5:47:13:c0:20:09:42:e1:56:a9:4f:
c7:59:03:02:6e:e2:ea:79:8a:41:b6:1f:ec:15:45:
ad:11:0c:2a:2d:6d:2e:2d:b2:3b:76:3a:77:e0:fe:
82:38:e9:e1:2f:8c:29:31:bb:25:89:95:90:61:cf:
fa:4c:53:ea:de:59:ce:96:d0:0a:e3:5f:75:d2:76:
92:5f:e3:22:4c:3c:95:6d:5e:a0:4d:31:67:43:f9:
0d:f6:af:81:5d:d4:f5:64:94:b4:c8:37:a6:8f:e8:
3b:65:55:a0:bb:42:d5:28:bd:86:c4:73:94:e3:8b:
18:1c:3b:73:01:e9:bf:a0:b2:d8:de:bc:ce:73:9d:
04:02:55:79:75:3f:b4:cd:b1:71:28:97:84:35:02:
cb:b2:42:51:86:e9:26:6f:f0:0d:af:37:f7:a6:ba:
32:a3:b6:e8:d5:15:27:3c:22:8c:ab:df:07:bd:eb:
1c:62:53:74:e0:ba:1f:ee:98:74:f9:f0:e1:f6:99:
1c:34:1e:39:4c:1a:aa:6d:43:58:3f:5b:16:0d:12:
bc:b3:dc:ef:a5:c6:1f:a6:50:68:b0:ce:53:22:09:
87:fc:46:98:f8:50:7f:2a:e6:7d:b5:ff:7a:d5:af:
26:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:0C:2C:D0:65:8A:9E:13:91:A1:A4:97:84:33:D3:7C:D0:7F:E1:91
X509v3 Authority Key Identifier:
keyid:FD:26:1D:45:31:9E:83:75:18:74:36:DA:44:BF:5B:9A:DB:04:4A:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_SYdRTGeg3UYdDbaRL9bmtsESn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/kQws0GWKnhORoaSXhDPTfNB_4ZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/_SYdRTGeg3UYdDbaRL9bmtsESn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.8.0/21
37.46.144.0/22
77.74.96.0/21
80.89.208.0/20
83.150.0.0/18
84.254.80.0-84.254.111.255
87.239.200.0/21
88.218.24.0/22
91.84.64.0/19
95.143.48.0/20
109.70.112.0/21
145.40.192.0/19
157.143.0.0/17
178.22.104.0/21
178.250.130.0/23
185.160.244.0/22
194.31.128.0/23
194.246.118.0/23
212.25.0.0/19
217.22.128.0/20
217.71.240.0/20
217.150.224.0/20
IPv6:
2001:8e0::/29
2a00:10c0::/32
2a01:bd00::/32
Signature Algorithm: sha256WithRSAEncryption
bc:43:57:2c:ed:c5:e9:a4:f6:3d:37:47:11:0e:a0:7a:1b:61:
2a:7b:5d:a9:6c:3b:bb:81:ee:5a:37:73:07:c5:d1:15:2b:ab:
3b:d4:56:3c:71:fb:68:66:ed:f8:99:8e:79:ab:3c:95:63:6f:
91:7a:ca:a3:b9:b5:59:c4:93:d1:d4:30:9a:bf:b9:03:e7:6f:
de:f4:03:29:40:62:c0:24:f2:21:42:e8:87:86:30:42:fb:55:
6f:b5:1f:55:34:0c:ef:c2:68:34:b1:65:d5:f1:3f:a8:ef:da:
62:30:6a:a9:ee:3d:fe:e5:08:12:6d:f7:e3:a9:f2:fa:eb:ea:
fa:4a:82:d9:c6:98:dd:4a:52:a0:8e:d4:52:6d:3f:2e:4b:d3:
54:4e:7a:7b:49:20:a8:87:62:f7:92:43:da:08:a6:81:38:40:
9e:d1:2c:a2:b3:b9:bc:ad:18:4c:15:0d:e8:fa:5f:e6:67:a9:
a4:8b:d0:88:fb:4d:2c:39:94:fc:1e:b7:65:77:e8:5e:19:c2:
50:45:9b:34:aa:7d:7a:f7:d8:3e:ba:8e:49:01:bf:f6:29:23:
21:6a:73:bc:a2:f7:94:88:c6:80:36:44:0b:d5:3e:f9:20:62:
3d:b6:7b:ab:89:5e:29:43:74:c9:5b:19:0a:e5:20:ef:10:47:
0d:dd:ed:ac
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAYyMZLC8u78PTwLF4K29rQsLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMjYxZDQ1MzE5ZTgzNzUxODc0MzZkYTQ0YmY1YjlhZGIw
NDRhN2YwHhcNMjMxMjIxMTI0MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTBjMmNkMDY1OGE5ZTEzOTFhMWE0OTc4NDMzZDM3Y2QwN2ZlMTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5M7Rc3H5Y4+ueBDfTcmJ57EpUcT
wCAJQuFWqU/HWQMCbuLqeYpBth/sFUWtEQwqLW0uLbI7djp34P6COOnhL4wpMbsl
iZWQYc/6TFPq3lnOltAK41910naSX+MiTDyVbV6gTTFnQ/kN9q+BXdT1ZJS0yDem
j+g7ZVWgu0LVKL2GxHOU44sYHDtzAem/oLLY3rzOc50EAlV5dT+0zbFxKJeENQLL
skJRhukmb/ANrzf3proyo7bo1RUnPCKMq98HvescYlN04Lof7ph0+fDh9pkcNB45
TBqqbUNYP1sWDRK8s9zvpcYfplBosM5TIgmH/EaY+FB/KuZ9tf961a8meQIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFJEMLNBlip4TkaGkl4Qz03zQf+GRMB8GA1UdIwQY
MBaAFP0mHUUxnoN1GHQ22kS/W5rbBEp/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NZZFJUR2VnM1VZZERiYVJMOWJtdHNFU244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS81ODJiMTctZjQ2Zi00MWViLThmZDQt
ZWI1MDkzYjIzMWMxLzEva1F3czBHV0tuaE9Sb2FTWGhEUFRmTkJfNFpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS81ODJiMTctZjQ2Zi00MWViLThmZDQtZWI1MDkzYjIzMWMx
LzEvX1NZZFJUR2VnM1VZZERiYVJMOWJtdHNFU244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHGBggrBgEFBQcBBwEB/wSBtjCBszCBkwQCAAEwgYwDBAMf
GAgDBAIlLpADBANNSmADBARQWdADBAZTlgAwDAMEBFT+UAMEBFT+YAMEA1fvyAME
AljaGAMEBVtUQAMEBF+PMAMEA21GcAMEBZEowAMEB52PAAMEA7IWaAMEAbL6ggME
Armg9AMEAcIfgAMEAcL2dgMEBdQZAAMEBNkWgAMEBNlH8AMEBNmW4DAbBAIAAjAV
AwUDIAEI4AMFACoAEMADBQAqAb0AMA0GCSqGSIb3DQEBCwUAA4IBAQC8Q1cs7cXp
pPY9N0cRDqB6G2Eqe12pbDu7ge5aN3MHxdEVK6s71FY8cftoZu34mY55qzyVY2+R
esqjubVZxJPR1DCav7kD52/e9AMpQGLAJPIhQuiHhjBC+1VvtR9VNAzvwmg0sWXV
8T+o79piMGqp7j3+5QgSbffjqfL66+r6SoLZxpjdSlKgjtRSbT8uS9NUTnp7SSCo
h2L3kkPaCKaBOECe0Syis7m8rRhMFQ3o+l/mZ6mki9CI+00sOZT8Hrdld+heGcJQ
RZs0qn1699g+uo5JAb/2KSMhanO8oveUiMaANkQL1T75IGI9tnuriV4pQ3TJWxkK
5SDvEEcN3e2s
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:40 2025 by rpki-client