Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/650a6b-4826-4c1e-a972-48ad14ba7498/1/t22sKPmcT1HVR8McMfObihfHBY0.roa
File: t22sKPmcT1HVR8McMfObihfHBY0.roa (raw, json)
Hash identifier: 4EPhrEqKF+SNeh2KI1wU+YzY4jVOa2ZR6fu1HsupQso=
Subject key identifier: B7:6D:AC:28:F9:9C:4F:51:D5:47:C3:1C:31:F3:9B:8A:17:C7:05:8D
Certificate issuer: /CN=81eee17fdbcb09dbbceef663c6157b5fe3081ff4
Certificate serial: 01856C53ED4F7C7E683CD8727084F1F8CB7A
Authority key identifier: 81:EE:E1:7F:DB:CB:09:DB:BC:EE:F6:63:C6:15:7B:5F:E3:08:1F:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7hf9vLCdu87vZjxhV7X-MIH_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/650a6b-4826-4c1e-a972-48ad14ba7498/1/t22sKPmcT1HVR8McMfObihfHBY0.roa
Signing time: Sun 01 Jan 2023 07:55:17 +0000
ROA not before: Sun 01 Jan 2023 07:55:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197965
IP address blocks: 185.176.17.0/24 maxlen: 24
185.176.16.0/24 maxlen: 24
185.176.16.0/22 maxlen: 22
185.176.19.0/24 maxlen: 24
185.176.18.0/24 maxlen: 24
93.180.74.0/24 maxlen: 24
93.180.73.0/24 maxlen: 24
93.180.72.0/24 maxlen: 24
93.180.78.0/24 maxlen: 24
93.180.72.0/21 maxlen: 21
93.180.77.0/24 maxlen: 24
93.180.76.0/24 maxlen: 24
93.180.75.0/24 maxlen: 24
93.180.79.0/24 maxlen: 24
2a00:4c40::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:ed:4f:7c:7e:68:3c:d8:72:70:84:f1:f8:cb:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eee17fdbcb09dbbceef663c6157b5fe3081ff4
Validity
Not Before: Jan 1 07:55:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b76dac28f99c4f51d547c31c31f39b8a17c7058d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:61:41:a0:06:76:f2:12:e5:d0:a0:c0:64:3f:
37:db:0d:c2:00:32:47:70:b0:32:ee:22:67:02:fb:
15:da:4c:0e:e1:24:dc:e1:60:a2:92:09:a8:d4:12:
a2:59:46:0a:c2:10:d7:a5:c7:87:9b:78:21:ed:c5:
f2:e2:12:07:35:1a:be:27:c0:4a:69:74:60:e2:46:
e3:da:52:b9:40:6f:d3:c8:0e:e9:23:c1:41:81:83:
e9:9b:cc:8b:d3:bd:f8:05:c4:de:ac:a0:42:de:a5:
d5:53:01:4f:d5:01:39:03:00:e2:f8:99:91:50:89:
33:12:a6:ff:a4:d0:7e:1e:8c:08:2e:e4:78:39:b9:
ec:21:cc:0c:11:29:2a:95:74:50:ab:f0:db:33:e1:
e1:5b:34:01:0e:78:c0:06:05:69:3a:e3:d8:16:df:
23:ac:02:d1:24:9b:5a:4b:fa:9f:74:ad:67:e3:45:
b0:a5:6e:d9:89:6c:9b:75:55:58:06:04:f4:da:0f:
b0:67:c8:cf:36:35:a6:6b:b7:25:a2:60:12:27:9d:
86:41:b7:e7:a7:76:30:d6:82:68:07:2c:63:64:8e:
d9:32:8d:a7:78:b2:bf:fc:08:7e:e5:81:86:c9:e9:
92:ac:4c:31:ff:28:1a:66:91:e8:08:51:73:87:1a:
27:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:6D:AC:28:F9:9C:4F:51:D5:47:C3:1C:31:F3:9B:8A:17:C7:05:8D
X509v3 Authority Key Identifier:
keyid:81:EE:E1:7F:DB:CB:09:DB:BC:EE:F6:63:C6:15:7B:5F:E3:08:1F:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7hf9vLCdu87vZjxhV7X-MIH_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/650a6b-4826-4c1e-a972-48ad14ba7498/1/t22sKPmcT1HVR8McMfObihfHBY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/650a6b-4826-4c1e-a972-48ad14ba7498/1/ge7hf9vLCdu87vZjxhV7X-MIH_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.180.72.0/21
185.176.16.0/22
IPv6:
2a00:4c40::/32
Signature Algorithm: sha256WithRSAEncryption
1b:fa:0b:8d:45:70:51:99:47:8f:f0:bf:72:a5:63:58:1f:bb:
7c:45:f8:3c:ee:7a:a2:f8:cb:3d:1d:e7:b1:2a:89:d4:e5:04:
ff:8c:8d:dc:f9:fb:80:0c:ef:dd:44:c2:fd:07:e1:1b:2a:36:
69:d0:af:cd:d7:27:4e:57:8d:a6:43:5a:54:35:53:2c:71:f4:
07:06:6d:b3:05:2a:e6:ec:20:7b:d4:3a:34:58:c8:4b:d4:06:
84:a9:64:d0:d9:db:bf:b2:22:3b:fb:60:00:5d:78:3b:6e:78:
e8:2e:62:2b:b3:95:ca:23:46:f2:63:76:1d:3a:50:78:6e:63:
1a:c8:f0:73:b8:e3:cd:aa:c2:af:fb:62:c3:34:76:79:6c:ba:
9a:6a:87:ba:92:10:54:50:df:bb:78:b9:1e:c3:ed:d6:cf:92:
70:e7:3c:95:f0:44:5a:d5:34:94:43:75:98:52:c4:02:df:22:
ef:e9:09:5f:99:58:45:c5:fc:17:22:b4:72:1e:ba:5b:b6:ca:
d8:00:fb:5e:e0:a2:94:9d:a4:0c:3e:79:6b:b8:04:62:3f:6d:
41:1e:40:04:fd:5a:80:52:ff:25:5b:a6:f5:8d:0b:5c:2c:9c:
44:58:89:3a:ff:7e:b2:3b:5a:44:e6:9f:2d:b3:19:72:78:de:
56:99:f4:1b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsU+1PfH5oPNhycITx+Mt6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVlMTdmZGJjYjA5ZGJiY2VlZjY2M2M2MTU3YjVmZTMw
ODFmZjQwHhcNMjMwMTAxMDc1NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzZkYWMyOGY5OWM0ZjUxZDU0N2MzMWMzMWYzOWI4YTE3YzcwNThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2FBoAZ28hLl0KDAZD832w3CADJH
cLAy7iJnAvsV2kwO4STc4WCikgmo1BKiWUYKwhDXpceHm3gh7cXy4hIHNRq+J8BK
aXRg4kbj2lK5QG/TyA7pI8FBgYPpm8yL0734BcTerKBC3qXVUwFP1QE5AwDi+JmR
UIkzEqb/pNB+HowILuR4ObnsIcwMESkqlXRQq/DbM+HhWzQBDnjABgVpOuPYFt8j
rALRJJtaS/qfdK1n40WwpW7ZiWybdVVYBgT02g+wZ8jPNjWma7clomASJ52GQbfn
p3Yw1oJoByxjZI7ZMo2neLK//Ah+5YGGyemSrEwx/ygaZpHoCFFzhxon8QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLdtrCj5nE9R1UfDHDHzm4oXxwWNMB8GA1UdIwQY
MBaAFIHu4X/bywnbvO72Y8YVe1/jCB/0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3aGY5dkxDZHU4N3ZaanhoVjdYLU1JSF9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi82NTBhNmItNDgyNi00YzFlLWE5NzIt
NDhhZDE0YmE3NDk4LzEvdDIyc0tQbWNUMUhWUjhNY01mT2JpaGZIQlkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi82NTBhNmItNDgyNi00YzFlLWE5NzItNDhhZDE0YmE3NDk4
LzEvZ2U3aGY5dkxDZHU4N3ZaanhoVjdYLU1JSF9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXbRIAwQC
ubAQMA0EAgACMAcDBQAqAExAMA0GCSqGSIb3DQEBCwUAA4IBAQAb+guNRXBRmUeP
8L9ypWNYH7t8Rfg87nqi+Ms9HeexKonU5QT/jI3c+fuADO/dRML9B+EbKjZp0K/N
1ydOV42mQ1pUNVMscfQHBm2zBSrm7CB71Do0WMhL1AaEqWTQ2du/siI7+2AAXXg7
bnjoLmIrs5XKI0byY3YdOlB4bmMayPBzuOPNqsKv+2LDNHZ5bLqaaoe6khBUUN+7
eLkew+3Wz5Jw5zyV8ERa1TSUQ3WYUsQC3yLv6QlfmVhFxfwXIrRyHrpbtsrYAPte
4KKUnaQMPnlruARiP21BHkAE/VqAUv8lW6b1jQtcLJxEWIk6/36yO1pE5p8tsxly
eN5WmfQb
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:53 2025 by rpki-client