Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/ccaa1a-9daa-44b8-9e26-87f341888560/1/8ex2SL-BHv3Kr3yC_5E7iyaqKRY.roa
File: 8ex2SL-BHv3Kr3yC_5E7iyaqKRY.roa (raw, json)
Hash identifier: TBWaywSQ25wBcgJl8hFJmb9eh9NG4WMnTcw+c6BW+JU=
Subject key identifier: F1:EC:76:48:BF:81:1E:FD:CA:AF:7C:82:FF:91:3B:8B:26:AA:29:16
Certificate issuer: /CN=b321cb828908f430749ee3a5f2a62de5f822f7d1
Certificate serial: 01856D93D7825D665079FD5933BE9DC5E1DC
Authority key identifier: B3:21:CB:82:89:08:F4:30:74:9E:E3:A5:F2:A6:2D:E5:F8:22:F7:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syHLgokI9DB0nuOl8qYt5fgi99E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/ccaa1a-9daa-44b8-9e26-87f341888560/1/8ex2SL-BHv3Kr3yC_5E7iyaqKRY.roa
Signing time: Sun 01 Jan 2023 13:44:43 +0000
ROA not before: Sun 01 Jan 2023 13:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41789
IP address blocks: 91.142.145.0/24 maxlen: 24
91.142.144.0/24 maxlen: 24
91.142.150.0/24 maxlen: 24
91.142.149.0/24 maxlen: 24
91.142.148.0/24 maxlen: 24
91.142.147.0/24 maxlen: 24
91.142.152.0/21 maxlen: 21
91.142.151.0/24 maxlen: 24
91.142.146.0/24 maxlen: 24
91.142.158.0/24 maxlen: 24
46.16.11.0/24 maxlen: 24
46.16.10.0/24 maxlen: 24
46.16.9.0/24 maxlen: 24
46.16.8.0/24 maxlen: 24
46.227.24.0/24 maxlen: 24
46.227.31.0/24 maxlen: 24
46.227.30.0/24 maxlen: 24
46.227.29.0/24 maxlen: 24
46.227.28.0/24 maxlen: 24
46.227.27.0/24 maxlen: 24
46.227.26.0/24 maxlen: 24
46.227.25.0/24 maxlen: 24
159.255.0.0/20 maxlen: 20
159.255.16.0/24 maxlen: 24
159.255.17.0/24 maxlen: 24
159.255.23.0/24 maxlen: 24
159.255.19.0/24 maxlen: 24
159.255.18.0/24 maxlen: 24
159.255.22.0/24 maxlen: 24
159.255.21.0/24 maxlen: 24
159.255.20.0/24 maxlen: 24
159.255.29.0/24 maxlen: 24
159.255.28.0/24 maxlen: 24
159.255.31.0/24 maxlen: 24
159.255.30.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:93:d7:82:5d:66:50:79:fd:59:33:be:9d:c5:e1:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b321cb828908f430749ee3a5f2a62de5f822f7d1
Validity
Not Before: Jan 1 13:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1ec7648bf811efdcaaf7c82ff913b8b26aa2916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:bc:d5:91:a3:66:78:5e:02:15:4a:c9:d7:23:
ad:9f:b8:eb:97:20:14:db:26:a4:8f:03:39:44:3b:
e1:69:b1:5d:b2:68:6f:b7:ab:7b:81:ff:04:fa:9b:
04:68:86:3e:6f:05:ec:32:a3:74:68:8c:ee:fa:8c:
25:49:5a:76:df:5b:d8:b8:1a:d8:4e:a6:2f:1a:57:
ff:b0:04:d0:5e:6c:1c:50:15:81:5f:7a:94:24:ba:
de:1d:76:f1:f5:dc:79:48:95:5a:54:71:24:b8:52:
14:9c:04:50:4f:a7:20:e8:80:93:a3:01:73:8c:8b:
ca:c9:31:1c:91:6b:93:e4:9e:ae:cc:e3:84:5a:48:
8b:10:0e:46:46:40:99:e0:76:d5:bc:c3:da:e2:c6:
76:6b:f5:85:e6:d9:5e:bb:dd:ec:69:d1:34:61:ac:
9d:41:2e:91:bf:2a:89:0d:16:70:2e:c9:88:dc:41:
5b:c8:af:88:c9:6a:22:55:6f:9f:d9:75:c0:6d:96:
0e:b7:14:1d:c7:ca:ee:21:dd:3e:b2:e8:ed:af:02:
bd:c4:ac:c5:9b:f4:2a:65:f9:7b:01:c7:1c:09:5b:
a5:88:0f:59:4c:e8:b0:45:41:b7:9a:a6:6b:20:5d:
35:5f:0a:c3:b2:cb:4c:41:e5:a8:c4:10:59:30:7a:
dc:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:EC:76:48:BF:81:1E:FD:CA:AF:7C:82:FF:91:3B:8B:26:AA:29:16
X509v3 Authority Key Identifier:
keyid:B3:21:CB:82:89:08:F4:30:74:9E:E3:A5:F2:A6:2D:E5:F8:22:F7:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syHLgokI9DB0nuOl8qYt5fgi99E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/ccaa1a-9daa-44b8-9e26-87f341888560/1/8ex2SL-BHv3Kr3yC_5E7iyaqKRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/ccaa1a-9daa-44b8-9e26-87f341888560/1/syHLgokI9DB0nuOl8qYt5fgi99E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.8.0/22
46.227.24.0/21
91.142.144.0/20
159.255.0.0-159.255.23.255
159.255.28.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:bc:50:26:6f:3b:e3:59:0a:c1:21:56:19:a7:66:a9:93:c8:
1c:35:d9:49:bd:bf:23:59:2e:6d:8c:c8:52:e7:d2:6c:f0:e4:
4a:8c:28:e7:3a:f2:7c:53:74:b2:ed:a9:f0:3b:c4:44:35:e7:
2d:f7:99:35:a0:56:ec:bb:cf:21:5c:d2:40:27:c2:d0:7a:c7:
5e:5f:be:38:c0:e2:95:58:55:8a:71:c3:a1:64:07:73:b7:c8:
09:67:77:4e:af:80:f4:f1:6c:ff:18:71:c0:8b:ca:a1:4c:e3:
0f:0b:61:57:74:37:75:62:5f:3e:c7:8a:23:20:9e:34:b4:34:
d2:2b:19:30:e4:94:04:bc:c8:22:6a:d8:8e:2d:53:d4:b7:f2:
4b:c7:bd:e7:6a:2c:73:a6:b8:5c:40:40:b7:60:e1:75:46:23:
63:4a:e2:4a:ce:82:b1:ec:9d:6e:35:ee:b5:c6:5e:d6:93:a3:
98:d9:83:01:0a:66:46:c1:0c:63:3b:86:d3:bc:4a:d2:21:74:
08:b0:47:68:38:d8:a5:b4:bd:51:28:a6:d5:63:32:cc:85:a2:
09:ce:a8:30:8a:f0:d6:0c:44:aa:f3:63:ea:77:fb:82:27:c0:
d5:b7:1f:18:5f:47:ac:e0:e2:22:9d:42:20:43:45:e4:e2:b1:
c1:9f:6f:aa
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYVtk9eCXWZQef1ZM76dxeHcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMjFjYjgyODkwOGY0MzA3NDllZTNhNWYyYTYyZGU1Zjgy
MmY3ZDEwHhcNMjMwMTAxMTM0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWVjNzY0OGJmODExZWZkY2FhZjdjODJmZjkxM2I4YjI2YWEyOTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbzVkaNmeF4CFUrJ1yOtn7jrlyAU
2yakjwM5RDvhabFdsmhvt6t7gf8E+psEaIY+bwXsMqN0aIzu+owlSVp231vYuBrY
TqYvGlf/sATQXmwcUBWBX3qUJLreHXbx9dx5SJVaVHEkuFIUnARQT6cg6ICTowFz
jIvKyTEckWuT5J6uzOOEWkiLEA5GRkCZ4HbVvMPa4sZ2a/WF5tleu93sadE0Yayd
QS6RvyqJDRZwLsmI3EFbyK+IyWoiVW+f2XXAbZYOtxQdx8ruId0+sujtrwK9xKzF
m/QqZfl7AcccCVuliA9ZTOiwRUG3mqZrIF01XwrDsstMQeWoxBBZMHrc+wIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPHsdki/gR79yq98gv+RO4smqikWMB8GA1UdIwQY
MBaAFLMhy4KJCPQwdJ7jpfKmLeX4IvfRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3lITGdva0k5REIwbnVPbDhxWXQ1ZmdpOTlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jY2FhMWEtOWRhYS00NGI4LTllMjYt
ODdmMzQxODg4NTYwLzEvOGV4MlNMLUJIdjNLcjN5Q181RTdpeWFxS1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jY2FhMWEtOWRhYS00NGI4LTllMjYtODdmMzQxODg4NTYw
LzEvc3lITGdva0k5REIwbnVPbDhxWXQ1ZmdpOTlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAATAlAwQCLhAIAwQD
LuMYAwQEW46QMAsDAwCf/wMEA5//EAMEAp//HDANBgkqhkiG9w0BAQsFAAOCAQEA
WrxQJm8741kKwSFWGadmqZPIHDXZSb2/I1kubYzIUufSbPDkSowo5zryfFN0su2p
8DvERDXnLfeZNaBW7LvPIVzSQCfC0HrHXl++OMDilVhVinHDoWQHc7fICWd3Tq+A
9PFs/xhxwIvKoUzjDwthV3Q3dWJfPseKIyCeNLQ00isZMOSUBLzIImrYji1T1Lfy
S8e952osc6a4XEBAt2DhdUYjY0riSs6CseydbjXutcZe1pOjmNmDAQpmRsEMYzuG
07xK0iF0CLBHaDjYpbS9USim1WMyzIWiCc6oMIrw1gxEqvNj6nf7gifA1bcfGF9H
rODiIp1CIENF5OKxwZ9vqg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:04:27 2025 by rpki-client