Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/t5QGMGlvxzJ9ErLnlU3QY8fbE_I.roa
File: t5QGMGlvxzJ9ErLnlU3QY8fbE_I.roa (raw, json)
Hash identifier: +HU0+FmLv3+Ac8hkPA3K8oGQpaEtQlva+d0CVIRpo5c=
Subject key identifier: B7:94:06:30:69:6F:C7:32:7D:12:B2:E7:95:4D:D0:63:C7:DB:13:F2
Certificate issuer: /CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Certificate serial: 0187126516EA6633F99B7E8AC65DD24F2424
Authority key identifier: 0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/t5QGMGlvxzJ9ErLnlU3QY8fbE_I.roa
Signing time: Fri 24 Mar 2023 06:53:47 +0000
ROA not before: Fri 24 Mar 2023 06:53:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29518
IP address blocks: 94.255.128.0/17 maxlen: 17
91.191.128.0/20 maxlen: 20
89.160.0.0/17 maxlen: 17
62.220.160.0/19 maxlen: 19
31.208.0.0/16 maxlen: 16
217.118.208.0/20 maxlen: 20
31.209.0.0/18 maxlen: 18
217.78.32.0/20 maxlen: 20
82.209.128.0/18 maxlen: 18
195.238.255.0/24 maxlen: 24
87.251.192.0/19 maxlen: 19
83.219.192.0/19 maxlen: 19
193.23.57.0/24 maxlen: 24
89.233.192.0/18 maxlen: 18
185.113.96.0/22 maxlen: 22
217.76.80.0/20 maxlen: 20
46.162.64.0/18 maxlen: 18
83.233.0.0/16 maxlen: 16
213.185.10.0/24 maxlen: 24
217.115.32.0/19 maxlen: 19
2001:9c8::/29 maxlen: 29
2a00:1598::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:12:65:16:ea:66:33:f9:9b:7e:8a:c6:5d:d2:4f:24:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Validity
Not Before: Mar 24 06:53:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7940630696fc7327d12b2e7954dd063c7db13f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fc:71:aa:c6:78:cb:f4:e4:58:7f:8d:1f:b5:
bc:9d:be:74:d4:91:ae:af:c1:54:ce:6a:ad:d6:69:
5e:6f:a4:14:a7:3b:5f:65:cb:d2:94:72:c9:db:14:
39:de:83:8d:e7:11:9c:ec:26:74:ee:84:70:cb:1f:
49:10:21:67:0f:23:ef:99:3f:48:d6:b1:a0:28:3e:
01:2f:c3:18:48:fe:8e:a8:10:af:e4:5b:99:4a:fc:
c9:60:e9:3e:4e:db:28:9f:ce:d1:a5:e6:54:cc:a8:
7d:56:fc:d8:dc:0b:2e:57:d5:30:1c:19:78:66:ec:
1c:33:c1:45:c4:40:59:b8:65:b5:4c:2d:0c:fb:d2:
ff:21:bd:66:9a:a3:09:28:ff:de:22:57:90:90:81:
5a:35:e4:9a:d7:3f:c2:1b:61:aa:55:78:65:c0:95:
a6:b0:1e:52:71:fd:0c:ef:47:51:d5:58:2d:a6:b0:
83:33:b9:14:75:cb:86:71:5d:68:be:93:36:ec:1f:
76:fc:e5:ff:42:23:9e:14:ad:be:d0:74:2c:f4:f4:
01:3a:5e:45:8b:7d:a3:8d:d2:e3:37:a7:ae:df:00:
a1:60:90:9c:f7:ce:7b:97:c8:c0:43:ed:af:5f:a8:
7e:22:52:29:71:58:49:25:57:76:01:c9:1d:32:c0:
13:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:94:06:30:69:6F:C7:32:7D:12:B2:E7:95:4D:D0:63:C7:DB:13:F2
X509v3 Authority Key Identifier:
keyid:0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/t5QGMGlvxzJ9ErLnlU3QY8fbE_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.208.0.0-31.209.63.255
46.162.64.0/18
62.220.160.0/19
82.209.128.0/18
83.219.192.0/19
83.233.0.0/16
87.251.192.0/19
89.160.0.0/17
89.233.192.0/18
91.191.128.0/20
94.255.128.0/17
185.113.96.0/22
193.23.57.0/24
195.238.255.0/24
213.185.10.0/24
217.76.80.0/20
217.78.32.0/20
217.115.32.0/19
217.118.208.0/20
IPv6:
2001:9c8::/29
2a00:1598::/29
Signature Algorithm: sha256WithRSAEncryption
27:d1:63:21:d5:74:d2:64:f2:b1:98:ec:84:49:da:07:3e:c2:
43:18:57:00:da:ae:9d:59:97:ea:15:db:c5:74:a6:b1:1e:4c:
bb:51:94:4c:94:13:ec:9b:99:d5:a9:af:f5:44:81:50:bf:89:
3b:06:4a:a7:7b:aa:70:88:08:62:5a:0c:56:da:06:f3:63:32:
eb:02:6b:89:31:61:cf:fa:8d:bd:30:61:da:e1:42:3b:88:5d:
3d:4a:9c:f5:95:fb:f5:a8:24:fc:8c:10:15:66:04:4e:5d:92:
ab:8d:af:95:e8:aa:99:06:f5:be:fd:96:0c:f4:ae:f1:4b:f9:
db:d5:e3:55:22:bd:14:47:60:3e:5a:c3:e7:65:0e:2b:16:60:
ad:68:7d:34:b3:5d:c8:39:4c:b7:df:66:fa:43:89:d0:6e:0d:
e2:b8:b1:7d:9a:c4:bc:e9:7d:21:c4:be:49:93:c9:2a:df:ab:
51:ad:5e:ce:d7:4a:7c:19:d0:04:46:9b:5f:d8:69:23:46:cb:
37:10:4b:1d:93:da:82:9e:00:8e:c0:9a:ad:9c:dd:3a:7b:ab:
a5:25:18:4b:c3:fd:b1:cf:34:9d:7f:3e:22:0e:98:28:24:ca:
6b:59:81:bc:ce:bb:e1:fe:5c:e9:eb:26:f1:80:7c:95:0f:9b:
ec:4d:96:32
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYcSZRbqZjP5m36Kxl3STyQkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTEzMDhlYWQ2YWRiMWQwODVlN2U1OTEwYTBjYjJkZTU2
YWEzMmUwHhcNMjMwMzI0MDY1MzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzk0MDYzMDY5NmZjNzMyN2QxMmIyZTc5NTRkZDA2M2M3ZGIxM2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvxxqsZ4y/TkWH+NH7W8nb501JGu
r8FUzmqt1mleb6QUpztfZcvSlHLJ2xQ53oON5xGc7CZ07oRwyx9JECFnDyPvmT9I
1rGgKD4BL8MYSP6OqBCv5FuZSvzJYOk+Ttson87RpeZUzKh9VvzY3AsuV9UwHBl4
ZuwcM8FFxEBZuGW1TC0M+9L/Ib1mmqMJKP/eIleQkIFaNeSa1z/CG2GqVXhlwJWm
sB5Scf0M70dR1VgtprCDM7kUdcuGcV1ovpM27B92/OX/QiOeFK2+0HQs9PQBOl5F
i32jjdLjN6eu3wChYJCc9857l8jAQ+2vX6h+IlIpcVhJJVd2AckdMsATbQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFLeUBjBpb8cyfRKy55VN0GPH2xPyMB8GA1UdIwQY
MBaAFAzhMI6tatsdCF5+WRCgyy3laqMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUt
YjBiYWQxOGYwMmQwLzEvdDVRR01HbHZ4eko5RXJMbmxVM1FZOGZiRV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUtYjBiYWQxOGYwMmQw
LzEvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljB+BAIAATB4MAsDAwQf
0AMEBh/RAAMEBi6iQAMEBT7coAMEBlLRgAMEBVPbwAMDAFPpAwQFV/vAAwQHWaAA
AwQGWenAAwQEW7+AAwQHXv+AAwQCuXFgAwQAwRc5AwQAw+7/AwQA1bkKAwQE2UxQ
AwQE2U4gAwQF2XMgAwQE2XbQMBQEAgACMA4DBQMgAQnIAwUDKgAVmDANBgkqhkiG
9w0BAQsFAAOCAQEAJ9FjIdV00mTysZjshEnaBz7CQxhXANqunVmX6hXbxXSmsR5M
u1GUTJQT7JuZ1amv9USBUL+JOwZKp3uqcIgIYloMVtoG82My6wJriTFhz/qNvTBh
2uFCO4hdPUqc9ZX79agk/IwQFWYETl2Sq42vleiqmQb1vv2WDPSu8Uv529XjVSK9
FEdgPlrD52UOKxZgrWh9NLNdyDlMt99m+kOJ0G4N4rixfZrEvOl9IcS+SZPJKt+r
Ua1eztdKfBnQBEabX9hpI0bLNxBLHZPagp4AjsCarZzdOnurpSUYS8P9sc80nX8+
Ig6YKCTKa1mBvM674f5c6esm8YB8lQ+b7E2WMg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:08:06 2025 by rpki-client