Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/8dX_R-iy1z20f4WTsp9b4hh_6kQ.roa
File: 8dX_R-iy1z20f4WTsp9b4hh_6kQ.roa (raw, json)
Hash identifier: y2yzJo2TRItk3qbt1R1rFdu0qaGFSfU5ep6aH9ziB/c=
Subject key identifier: F1:D5:FF:47:E8:B2:D7:3D:B4:7F:85:93:B2:9F:5B:E2:18:7F:EA:44
Certificate issuer: /CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Certificate serial: 01896870C0477A4F4842362C7C9473215384
Authority key identifier: B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/8dX_R-iy1z20f4WTsp9b4hh_6kQ.roa
Signing time: Tue 18 Jul 2023 09:59:26 +0000
ROA not before: Tue 18 Jul 2023 09:59:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57497
IP address blocks: 195.226.223.0/24 maxlen: 24
45.135.240.0/24 maxlen: 24
45.135.243.0/24 maxlen: 24
45.135.241.0/24 maxlen: 24
45.135.242.0/24 maxlen: 24
158.58.191.0/24 maxlen: 24
158.58.190.0/23 maxlen: 23
158.58.189.0/24 maxlen: 24
158.58.190.0/24 maxlen: 24
158.58.188.0/24 maxlen: 24
158.58.188.0/23 maxlen: 23
158.58.187.0/24 maxlen: 24
194.62.17.0/24 maxlen: 24
158.58.184.0/24 maxlen: 24
158.58.185.0/24 maxlen: 24
158.58.184.0/22 maxlen: 22
158.58.186.0/24 maxlen: 24
185.2.14.0/23 maxlen: 24
185.2.12.0/22 maxlen: 22
185.2.12.0/23 maxlen: 24
5.63.10.0/24 maxlen: 24
5.63.11.0/24 maxlen: 24
5.63.8.0/24 maxlen: 24
5.63.10.0/23 maxlen: 23
5.63.9.0/24 maxlen: 24
5.63.13.0/24 maxlen: 24
5.63.14.0/24 maxlen: 24
5.63.14.0/23 maxlen: 23
5.63.12.0/24 maxlen: 24
185.229.204.0/24 maxlen: 24
185.179.90.0/24 maxlen: 24
2a01:4ac0:3::/48 maxlen: 48
2a01:4ac0:2::/48 maxlen: 48
2a01:4ac0::/48 maxlen: 48
2a01:4ac0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:68:70:c0:47:7a:4f:48:42:36:2c:7c:94:73:21:53:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Validity
Not Before: Jul 18 09:59:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1d5ff47e8b2d73db47f8593b29f5be2187fea44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3c:35:b6:e4:e6:b0:5e:be:6e:14:57:1a:71:
87:49:4a:7d:53:75:2c:89:ce:54:a9:38:8c:c8:81:
99:ab:8b:af:49:ff:fe:0b:8a:ad:74:1d:91:6d:48:
22:06:16:8d:a4:47:63:d6:7a:80:7a:39:31:9b:db:
ec:6b:22:39:45:e4:ca:6c:15:66:d6:18:e1:b6:66:
2c:44:61:6b:de:52:75:19:4f:a9:89:65:4a:59:0d:
25:9e:32:c3:4f:b0:80:69:a4:49:a9:64:eb:69:3e:
b5:bd:89:a3:7e:3c:5d:99:bb:66:66:56:43:ae:f0:
dd:80:87:58:d8:a9:58:40:dd:99:3f:7e:b8:e8:62:
df:56:3a:7c:8a:46:a4:7e:60:3f:d4:e6:e6:18:5a:
bb:1e:16:c0:e4:cf:8a:d4:54:fd:e6:de:a9:16:85:
3b:f5:34:59:2a:d1:85:ea:ab:84:b4:f2:58:e1:68:
00:fa:34:89:a6:c4:d5:ce:5a:87:12:79:96:b2:72:
9f:d6:2b:07:31:65:b3:d5:34:4c:c1:02:c7:a2:3a:
29:4e:51:da:d9:53:74:cd:a6:13:2d:08:7e:13:bb:
d9:81:83:7d:7c:66:dd:d5:12:df:7b:d0:11:b0:e3:
f2:38:46:e7:e1:6f:84:85:91:3d:2b:10:fd:03:e4:
5a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:D5:FF:47:E8:B2:D7:3D:B4:7F:85:93:B2:9F:5B:E2:18:7F:EA:44
X509v3 Authority Key Identifier:
keyid:B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/8dX_R-iy1z20f4WTsp9b4hh_6kQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tsFn36mIKyqo-EWV9YqXwwXKQ8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.8.0/21
45.135.240.0/22
158.58.184.0/21
185.2.12.0/22
185.179.90.0/24
185.229.204.0/24
194.62.17.0/24
195.226.223.0/24
IPv6:
2a01:4ac0::/46
Signature Algorithm: sha256WithRSAEncryption
9e:a1:83:b2:46:eb:f2:e8:3a:82:fc:cc:d0:58:4c:57:ec:44:
dd:cf:32:0f:5c:e0:cf:62:d9:1b:09:80:06:ea:80:0e:a0:43:
9b:fc:73:0c:c7:05:e8:08:ea:eb:ef:32:f3:7a:d2:79:be:22:
1f:24:a9:23:6b:53:ed:d0:75:74:10:1c:b9:30:04:33:62:86:
45:8d:38:83:a6:59:ec:e0:c3:3e:90:6e:3d:ef:2f:c1:75:41:
ad:cc:a7:b5:ef:7d:20:06:d1:24:8c:11:6a:1f:09:40:eb:22:
97:9a:0c:c8:9b:c8:ee:06:ff:17:20:ac:1b:e2:9c:e1:2b:2d:
20:66:ad:bb:c3:9a:32:61:1e:58:10:ad:7a:98:98:4c:08:9f:
e5:af:db:28:32:58:2d:cd:2d:27:ad:d3:b3:25:75:4d:77:0b:
a4:eb:29:08:27:42:4a:fa:7f:1a:2f:df:ba:95:02:9a:18:ef:
e3:7d:da:ff:cd:48:a5:a6:16:eb:25:c9:fb:dd:dc:6a:60:70:
76:c3:0a:70:10:62:ef:b3:53:52:87:81:59:1f:e2:a0:69:94:
62:26:f6:0b:b1:d4:46:e1:a1:3c:1c:6e:31:8b:53:15:c6:37:
1f:33:04:f1:de:5e:14:12:56:04:00:71:1c:30:4d:37:e5:e7:
17:59:1e:50
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYlocMBHek9IQjYsfJRzIVOEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YzE2N2RmYTk4ODJiMmFhOGY4NDU5NWY1OGE5N2MzMDVj
YTQzYzUwHhcNMjMwNzE4MDk1OTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWQ1ZmY0N2U4YjJkNzNkYjQ3Zjg1OTNiMjlmNWJlMjE4N2ZlYTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDw1tuTmsF6+bhRXGnGHSUp9U3Us
ic5UqTiMyIGZq4uvSf/+C4qtdB2RbUgiBhaNpEdj1nqAejkxm9vsayI5ReTKbBVm
1hjhtmYsRGFr3lJ1GU+piWVKWQ0lnjLDT7CAaaRJqWTraT61vYmjfjxdmbtmZlZD
rvDdgIdY2KlYQN2ZP3646GLfVjp8ikakfmA/1ObmGFq7HhbA5M+K1FT95t6pFoU7
9TRZKtGF6quEtPJY4WgA+jSJpsTVzlqHEnmWsnKf1isHMWWz1TRMwQLHojopTlHa
2VN0zaYTLQh+E7vZgYN9fGbd1RLfe9ARsOPyOEbn4W+EhZE9KxD9A+RalwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFPHV/0fostc9tH+Fk7KfW+IYf+pEMB8GA1UdIwQY
MBaAFLbBZ9+piCsqqPhFlfWKl8MFykPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUt
YWNmYzNkMmMyNTIyLzEvOGRYX1ItaXkxejIwZjRXVHNwOWI0aGhfNmtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUtYWNmYzNkMmMyNTIy
LzEvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA2BAIAATAwAwQDBT8IAwQC
LYfwAwQDnjq4AwQCuQIMAwQAubNaAwQAueXMAwQAwj4RAwQAw+LfMA8EAgACMAkD
BwIqAUrAAAAwDQYJKoZIhvcNAQELBQADggEBAJ6hg7JG6/LoOoL8zNBYTFfsRN3P
Mg9c4M9i2RsJgAbqgA6gQ5v8cwzHBegI6uvvMvN60nm+Ih8kqSNrU+3QdXQQHLkw
BDNihkWNOIOmWezgwz6Qbj3vL8F1Qa3Mp7XvfSAG0SSMEWofCUDrIpeaDMibyO4G
/xcgrBvinOErLSBmrbvDmjJhHlgQrXqYmEwIn+Wv2ygyWC3NLSet07MldU13C6Tr
KQgnQkr6fxov37qVApoY7+N92v/NSKWmFuslyfvd3GpgcHbDCnAQYu+zU1KHgVkf
4qBplGIm9gux1EbhoTwcbjGLUxXGNx8zBPHeXhQSVgQAcRwwTTfl5xdZHlA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:21:49 2025 by rpki-client