Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/m8O9kZT69vK8IHDGxgDadzcyu7I.roa
File: m8O9kZT69vK8IHDGxgDadzcyu7I.roa (raw, json)
Hash identifier: tVoh+36qq03VVr1qG9H5bObCOK+MzM0berSQbql+bns=
Subject key identifier: 9B:C3:BD:91:94:FA:F6:F2:BC:20:70:C6:C6:00:DA:77:37:32:BB:B2
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018C40D909A67751DCA2990B0E92C5057AE2
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/m8O9kZT69vK8IHDGxgDadzcyu7I.roa
Signing time: Wed 06 Dec 2023 20:36:54 +0000
ROA not before: Wed 06 Dec 2023 20:36:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8359
IP address blocks: 212.188.0.0/17 maxlen: 17
213.87.0.0/16 maxlen: 16
178.141.0.0/16 maxlen: 16
213.87.105.0/24 maxlen: 24
213.87.104.0/24 maxlen: 24
213.87.100.0/24 maxlen: 24
213.87.106.0/23 maxlen: 23
89.175.0.0/16 maxlen: 16
213.87.128.0/19 maxlen: 19
213.87.64.0/22 maxlen: 22
81.195.0.0/16 maxlen: 24
213.87.70.0/23 maxlen: 23
213.87.76.0/23 maxlen: 23
80.83.237.0/24 maxlen: 24
213.87.80.0/20 maxlen: 20
85.140.0.0/15 maxlen: 24
91.76.0.0/14 maxlen: 14
82.96.192.0/18 maxlen: 18
83.237.0.0/16 maxlen: 16
217.74.244.0/22 maxlen: 22
217.74.248.0/21 maxlen: 21
213.87.200.0/22 maxlen: 22
213.87.204.0/22 maxlen: 22
213.87.208.0/23 maxlen: 23
195.34.0.0/19 maxlen: 19
213.87.240.0/22 maxlen: 22
213.87.246.0/24 maxlen: 24
195.34.15.0/24 maxlen: 24
213.87.244.0/23 maxlen: 23
213.87.248.0/22 maxlen: 22
178.155.0.0/17 maxlen: 17
213.87.160.0/22 maxlen: 22
62.118.0.0/16 maxlen: 24
89.175.248.0/21 maxlen: 21
195.34.38.0/24 maxlen: 24
195.34.32.0/19 maxlen: 19
195.34.36.0/24 maxlen: 24
195.34.42.0/24 maxlen: 24
2a00:1fa0:8000::/33 maxlen: 33
2a00:1fa0::/33 maxlen: 33
2a00:1fa2::/33 maxlen: 33
2a00:1fa0::/29 maxlen: 29
2a02:28:a::/48 maxlen: 48
2a02:29::/36 maxlen: 36
2a02:28:1::/48 maxlen: 48
2a02:28::/29 maxlen: 29
2a00:1fa3::/33 maxlen: 33
2a00:1fa3:8000::/40 maxlen: 40
2a02:28::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:40:d9:09:a6:77:51:dc:a2:99:0b:0e:92:c5:05:7a:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Dec 6 20:36:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9bc3bd9194faf6f2bc2070c6c600da773732bbb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:4b:40:41:cd:20:6c:49:17:fe:a7:fa:62:26:
28:f5:28:1f:77:c3:b7:4c:a2:23:c4:b4:20:db:92:
ae:c1:d1:49:3b:55:99:8f:cf:61:50:59:50:50:02:
7f:47:d2:b7:80:92:bd:dc:f5:2d:0f:41:97:bc:93:
6a:e4:c0:95:79:08:8c:6d:cf:51:f5:3a:88:ca:ed:
7e:08:99:e7:c1:31:ba:d7:a9:98:0e:6d:e6:07:78:
4e:54:72:2b:af:7c:bd:32:82:49:7e:84:88:b0:44:
e1:a4:22:ba:52:91:35:71:3a:c4:82:bc:60:38:6c:
b2:cf:a1:bd:b5:9b:b6:a5:98:d9:9a:57:8a:e4:58:
fd:fe:04:a7:07:1b:8f:81:25:fa:51:4e:95:1e:3a:
8e:e1:83:70:a8:88:e2:e0:61:c1:57:10:59:30:47:
0a:ad:01:02:45:3d:67:af:6f:fd:8c:f6:cd:0a:47:
28:44:79:14:5a:df:64:85:aa:57:72:8a:73:01:51:
96:2c:9e:d2:63:ac:4c:39:0a:cf:13:d9:22:3b:f7:
a5:2f:75:06:e0:c2:36:b9:63:4a:fa:8b:15:62:e1:
2f:66:41:6f:7c:de:12:fc:d1:b6:bc:87:dc:b4:73:
c2:61:c7:6f:5e:ad:ac:d0:f3:22:5e:cb:86:e1:89:
5b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:C3:BD:91:94:FA:F6:F2:BC:20:70:C6:C6:00:DA:77:37:32:BB:B2
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/m8O9kZT69vK8IHDGxgDadzcyu7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.118.0.0/16
80.83.237.0/24
81.195.0.0/16
82.96.192.0/18
83.237.0.0/16
85.140.0.0/15
89.175.0.0/16
91.76.0.0/14
178.141.0.0/16
178.155.0.0/17
195.34.0.0/18
212.188.0.0/17
213.87.0.0/16
217.74.244.0-217.74.255.255
IPv6:
2a00:1fa0::/29
2a02:28::/29
Signature Algorithm: sha256WithRSAEncryption
8d:1a:e5:de:c8:b2:ec:7c:ff:0b:f6:a2:36:7b:b7:d6:0d:bd:
3e:fe:25:bb:04:ba:35:85:1d:cb:d5:27:f0:88:0b:3b:05:52:
10:04:f7:5a:86:39:5c:db:7a:5c:39:15:6b:47:89:b0:ab:af:
70:ba:34:92:74:4d:27:7f:9d:7d:9e:7b:28:66:0d:55:5e:5e:
90:e3:e9:75:f1:27:38:02:92:91:74:3c:4e:81:a3:00:d2:96:
b4:3c:57:ba:07:05:30:82:77:8b:88:dc:14:0c:90:00:db:1f:
78:4e:b2:34:20:23:c3:02:eb:2e:b9:d0:10:32:6d:49:c5:e8:
bf:23:1e:0a:82:e6:af:9f:31:b6:f9:6e:af:b1:e2:94:2f:be:
73:46:e3:6c:bc:8b:8a:63:48:1c:b1:39:9a:2a:92:a7:11:2e:
67:73:57:d0:f2:bc:06:30:98:ed:bc:8a:39:af:04:f1:4c:b2:
29:b5:02:33:5f:35:33:89:f8:1b:9e:2f:35:91:59:9c:26:f8:
c2:f3:c3:74:b2:a5:6b:bb:04:d8:d5:b2:9c:04:73:90:fd:37:
f1:78:2b:61:08:5f:a9:52:76:eb:3b:a0:4f:39:3e:6b:1e:b4:
9e:a5:f1:ab:c2:59:fd:b9:01:e4:56:c0:89:6a:9b:c7:94:15:
cf:5a:d8:d2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYxA2Qmmd1HcopkLDpLFBXriMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjMxMjA2MjAzNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmMzYmQ5MTk0ZmFmNmYyYmMyMDcwYzZjNjAwZGE3NzM3MzJiYmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/EtAQc0gbEkX/qf6YiYo9Sgfd8O3
TKIjxLQg25KuwdFJO1WZj89hUFlQUAJ/R9K3gJK93PUtD0GXvJNq5MCVeQiMbc9R
9TqIyu1+CJnnwTG616mYDm3mB3hOVHIrr3y9MoJJfoSIsEThpCK6UpE1cTrEgrxg
OGyyz6G9tZu2pZjZmleK5Fj9/gSnBxuPgSX6UU6VHjqO4YNwqIji4GHBVxBZMEcK
rQECRT1nr2/9jPbNCkcoRHkUWt9khapXcopzAVGWLJ7SY6xMOQrPE9kiO/elL3UG
4MI2uWNK+osVYuEvZkFvfN4S/NG2vIfctHPCYcdvXq2s0PMiXsuG4YlbhwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFJvDvZGU+vbyvCBwxsYA2nc3MruyMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvbThPOWtaVDY5dks4SUhER3hnRGFkemN5dTdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwWQQCAAEwUwMDAD52AwQA
UFPtAwMAUcMDBAZSYMADAwBT7QMDAVWMAwMAWa8DAwJbTAMDALKNAwQHspsAAwQG
wyIAAwQH1LwAAwMA1VcwCwMEAtlK9AMDANlKMBQEAgACMA4DBQMqAB+gAwUDKgIA
KDANBgkqhkiG9w0BAQsFAAOCAQEAjRrl3siy7Hz/C/aiNnu31g29Pv4luwS6NYUd
y9Un8IgLOwVSEAT3WoY5XNt6XDkVa0eJsKuvcLo0knRNJ3+dfZ57KGYNVV5ekOPp
dfEnOAKSkXQ8ToGjANKWtDxXugcFMIJ3i4jcFAyQANsfeE6yNCAjwwLrLrnQEDJt
ScXovyMeCoLmr58xtvlur7HilC++c0bjbLyLimNIHLE5miqSpxEuZ3NX0PK8BjCY
7byKOa8E8UyyKbUCM181M4n4G54vNZFZnCb4wvPDdLKla7sE2NWynARzkP038Xgr
YQhfqVJ26zugTzk+ax60nqXxq8JZ/bkB5FbAiWqbx5QVz1rY0g==
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:05:55 2025 by rpki-client