Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/v5mcD8LWHjRy4xrxgpM4wzsHAnU.roa
File: v5mcD8LWHjRy4xrxgpM4wzsHAnU.roa (raw, json)
Hash identifier: Ox///wgmLhmw0wDZGKPaEneJmDOv4TmlcJJ5GgVPg+Y=
Subject key identifier: BF:99:9C:0F:C2:D6:1E:34:72:E3:1A:F1:82:93:38:C3:3B:07:02:75
Certificate issuer: /CN=4f36103344fcd3b5759f2db3f3c7071376f9e233
Certificate serial: 05D652E7
Authority key identifier: 4F:36:10:33:44:FC:D3:B5:75:9F:2D:B3:F3:C7:07:13:76:F9:E2:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/v5mcD8LWHjRy4xrxgpM4wzsHAnU.roa
Signing time: Sat 01 Jan 2022 15:58:45 +0000
ROA not before: Sat 01 Jan 2022 15:58:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8990
IP address blocks: 212.92.0.0/19 maxlen: 19
82.150.32.0/19 maxlen: 19
91.144.64.0/18 maxlen: 24
95.171.64.0/19 maxlen: 19
45.88.204.0/22 maxlen: 22
109.199.32.0/19 maxlen: 24
109.199.46.0/24 maxlen: 24
109.199.57.0/24 maxlen: 24
91.144.121.0/24 maxlen: 24
109.199.58.0/24 maxlen: 24
109.199.62.0/24 maxlen: 24
109.199.61.0/24 maxlen: 24
2a03:9900:2::/48 maxlen: 48
2a03:9900:1::/48 maxlen: 48
2a03:9900::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97932007 (0x5d652e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f36103344fcd3b5759f2db3f3c7071376f9e233
Validity
Not Before: Jan 1 15:58:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf999c0fc2d61e3472e31af1829338c33b070275
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:db:12:47:d7:af:52:bb:5f:32:d2:be:3e:f3:
0c:2c:35:84:84:e0:48:33:63:e8:a0:1a:86:81:e7:
f4:1c:19:5a:46:7b:0d:02:ff:5e:a7:f0:ae:7c:39:
a2:d5:60:a5:34:b6:f1:42:f5:9e:3b:c9:ad:01:3a:
40:39:f5:ab:04:18:99:ef:c1:53:bb:d7:02:9d:af:
d5:07:b6:18:96:30:17:86:9e:80:11:d1:95:d4:5f:
f5:00:aa:f3:a7:95:88:8f:35:7b:c9:56:23:41:2c:
05:35:92:fe:1b:2f:a0:13:75:a1:df:6b:2c:30:b0:
56:49:c2:e0:1e:57:4d:80:7f:7e:0b:e2:33:44:13:
d4:4d:ca:46:83:df:32:a2:5f:6f:59:e8:e5:61:f0:
1d:c7:48:ba:a3:26:f5:09:27:1e:b7:0d:59:b5:c4:
3d:b0:8a:3c:ba:e7:be:90:4d:10:80:02:08:d8:a7:
1d:f4:80:db:20:10:4f:03:36:c1:bc:d4:d2:e5:5b:
84:80:89:d5:39:44:75:09:fa:7b:33:1b:6b:09:7a:
a9:eb:2f:a1:c1:c1:69:78:f5:fc:23:28:ea:b8:90:
38:ff:93:7a:be:e9:fb:6b:9c:27:2d:ed:3b:11:97:
eb:a0:aa:c8:72:d6:e6:d0:dd:23:8a:60:ed:7f:88:
e3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:99:9C:0F:C2:D6:1E:34:72:E3:1A:F1:82:93:38:C3:3B:07:02:75
X509v3 Authority Key Identifier:
keyid:4F:36:10:33:44:FC:D3:B5:75:9F:2D:B3:F3:C7:07:13:76:F9:E2:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/v5mcD8LWHjRy4xrxgpM4wzsHAnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/TzYQM0T807V1ny2z88cHE3b54jM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.204.0/22
82.150.32.0/19
91.144.64.0/18
95.171.64.0/19
109.199.32.0/19
212.92.0.0/19
IPv6:
2a03:9900::/32
Signature Algorithm: sha256WithRSAEncryption
76:eb:25:ca:02:53:95:bb:e6:e7:f6:1a:b5:5b:5a:3c:80:e9:
ae:43:76:f0:bc:1d:ac:dd:39:0c:ac:d5:97:ab:40:03:14:42:
40:50:90:98:82:49:49:65:fb:04:00:f3:cc:f4:8a:69:42:52:
47:63:d0:8e:e1:43:30:c7:24:99:e5:ae:52:a0:c5:cf:bf:32:
2b:61:2a:76:c6:44:94:54:d3:5c:cd:35:b5:52:ce:3c:a0:b8:
c4:a0:7a:a0:41:b1:f9:fa:be:22:e0:77:fd:88:6a:79:66:62:
d4:cf:08:62:49:40:d9:f5:ea:69:85:45:95:60:19:d0:6c:38:
3d:48:a8:6c:38:d5:6a:a9:ea:62:84:9c:ff:86:9e:d2:4c:a3:
6b:61:d7:34:d6:31:9e:f3:5c:77:9e:a2:30:24:88:16:59:3e:
43:94:34:4b:e6:66:43:0d:f1:30:2c:7f:b8:55:05:63:aa:ea:
f9:53:3f:67:0e:92:a7:cd:41:00:63:c2:a9:1c:a8:41:43:40:
53:cb:cd:0f:32:aa:65:c3:1d:a8:71:ff:a2:1c:93:ec:e4:88:
5f:58:3c:fa:54:c2:94:d6:b4:83:93:4c:b5:ae:e9:86:b4:be:
c2:74:ea:94:5c:53:39:f4:28:f4:4f:e7:6a:41:cd:78:18:2a:
6b:c9:cd:61
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEBdZS5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZjM2MTAzMzQ0ZmNkM2I1NzU5ZjJkYjNmM2M3MDcxMzc2ZjllMjMzMB4XDTIyMDEw
MTE1NTg0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmY5OTljMGZjMmQ2
MWUzNDcyZTMxYWYxODI5MzM4YzMzYjA3MDI3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALzbEkfXr1K7XzLSvj7zDCw1hITgSDNj6KAahoHn9BwZWkZ7
DQL/Xqfwrnw5otVgpTS28UL1njvJrQE6QDn1qwQYme/BU7vXAp2v1Qe2GJYwF4ae
gBHRldRf9QCq86eViI81e8lWI0EsBTWS/hsvoBN1od9rLDCwVknC4B5XTYB/fgvi
M0QT1E3KRoPfMqJfb1no5WHwHcdIuqMm9QknHrcNWbXEPbCKPLrnvpBNEIACCNin
HfSA2yAQTwM2wbzU0uVbhICJ1TlEdQn6ezMbawl6qesvocHBaXj1/CMo6riQOP+T
er7p+2ucJy3tOxGX66CqyHLW5tDdI4pg7X+I45cCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBS/mZwPwtYeNHLjGvGCkzjDOwcCdTAfBgNVHSMEGDAWgBRPNhAzRPzTtXWf
LbPzxwcTdvniMzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1R6WVFNMFQ4MDdWMW55Mno4OGNIRTNiNTRqTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmMvODBkOWRmLWVhZjMtNDhiNi04ZmQ1LTBhY2M4OTJiMTFkMi8x
L3Y1bWNEOExXSGpSeTR4cnhncE00d3pzSEFuVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMv
ODBkOWRmLWVhZjMtNDhiNi04ZmQ1LTBhY2M4OTJiMTFkMi8xL1R6WVFNMFQ4MDdW
MW55Mno4OGNIRTNiNTRqTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAi1YzAMEBVKWIAMEBluQQAMEBV+r
QAMEBW3HIAMEBdRcADANBAIAAjAHAwUAKgOZADANBgkqhkiG9w0BAQsFAAOCAQEA
duslygJTlbvm5/YatVtaPIDprkN28LwdrN05DKzVl6tAAxRCQFCQmIJJSWX7BADz
zPSKaUJSR2PQjuFDMMckmeWuUqDFz78yK2EqdsZElFTTXM01tVLOPKC4xKB6oEGx
+fq+IuB3/YhqeWZi1M8IYklA2fXqaYVFlWAZ0Gw4PUiobDjVaqnqYoSc/4ae0kyj
a2HXNNYxnvNcd56iMCSIFlk+Q5Q0S+ZmQw3xMCx/uFUFY6rq+VM/Zw6Sp81BAGPC
qRyoQUNAU8vNDzKqZcMdqHH/ohyT7OSIX1g8+lTClNa0g5NMta7phrS+wnTqlFxT
OfQo9E/nakHNeBgqa8nNYQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:14 2025 by rpki-client