Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/1-vgHorsolVLGSn5h9ddYs8smMvE.roa
File: 1-vgHorsolVLGSn5h9ddYs8smMvE.roa (raw, json)
Hash identifier: 1Pi86lHZs68eHKlPS7DOKPp8wmRiWRzVg2TZM8lmxug=
Subject key identifier: FA:F8:07:A2:BB:28:95:52:C6:4A:7E:61:F5:D7:58:B3:CB:26:32:F1
Certificate issuer: /CN=1074db96402ff5cf187564560ea8f13eeeb5ffeb
Certificate serial: 0187231B2D3D482B18FAC8B5002FE08556D7
Authority key identifier: 10:74:DB:96:40:2F:F5:CF:18:75:64:56:0E:A8:F1:3E:EE:B5:FF:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHTblkAv9c8YdWRWDqjxPu61_-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/1-vgHorsolVLGSn5h9ddYs8smMvE.roa
Signing time: Mon 27 Mar 2023 12:46:36 +0000
ROA not before: Mon 27 Mar 2023 12:46:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8685
IP address blocks: 212.2.192.0/19 maxlen: 24
212.2.192.0/21 maxlen: 21
212.2.192.0/24 maxlen: 24
212.2.194.0/24 maxlen: 24
212.2.193.0/24 maxlen: 24
212.2.199.0/24 maxlen: 24
212.2.198.0/24 maxlen: 24
212.2.197.0/24 maxlen: 24
212.2.196.0/24 maxlen: 24
212.2.195.0/24 maxlen: 24
212.2.206.0/24 maxlen: 24
212.2.204.0/22 maxlen: 22
212.2.205.0/24 maxlen: 24
212.2.204.0/23 maxlen: 23
212.2.204.0/24 maxlen: 24
212.2.213.0/24 maxlen: 24
212.2.212.0/24 maxlen: 24
212.2.212.0/23 maxlen: 23
212.2.211.0/24 maxlen: 24
212.2.210.0/24 maxlen: 24
212.2.209.0/24 maxlen: 24
212.2.208.0/24 maxlen: 24
212.2.216.0/21 maxlen: 21
212.2.217.0/24 maxlen: 24
212.2.216.0/24 maxlen: 24
212.2.215.0/24 maxlen: 24
212.2.222.0/24 maxlen: 24
82.151.131.0/24 maxlen: 24
82.151.128.0/19 maxlen: 24
82.151.128.0/20 maxlen: 20
82.151.132.0/24 maxlen: 24
82.151.138.0/24 maxlen: 24
82.151.134.0/24 maxlen: 24
82.151.133.0/24 maxlen: 24
82.151.144.0/20 maxlen: 20
82.151.144.0/24 maxlen: 24
82.151.143.0/24 maxlen: 24
82.151.142.0/24 maxlen: 24
82.151.140.0/24 maxlen: 24
185.58.244.0/22 maxlen: 24
94.102.64.0/20 maxlen: 24
94.102.64.0/21 maxlen: 21
94.102.70.0/23 maxlen: 24
94.102.72.0/21 maxlen: 24
94.102.76.0/24 maxlen: 24
212.58.31.0/24 maxlen: 24
212.58.28.0/24 maxlen: 24
81.21.174.0/24 maxlen: 24
81.21.166.0/24 maxlen: 24
81.21.164.0/22 maxlen: 22
81.21.161.0/24 maxlen: 24
81.21.160.0/20 maxlen: 24
81.21.160.0/21 maxlen: 21
81.21.170.0/24 maxlen: 24
81.21.169.0/24 maxlen: 24
81.21.168.0/21 maxlen: 24
81.21.167.0/24 maxlen: 24
82.151.154.0/23 maxlen: 24
212.58.0.0/19 maxlen: 24
212.58.0.0/24 maxlen: 24
212.58.0.0/21 maxlen: 21
212.58.8.0/21 maxlen: 24
212.58.16.0/24 maxlen: 24
212.58.16.0/21 maxlen: 24
212.58.13.0/24 maxlen: 24
212.58.24.0/21 maxlen: 24
212.58.18.0/24 maxlen: 24
213.155.96.0/19 maxlen: 24
213.155.96.0/21 maxlen: 21
213.155.104.0/21 maxlen: 24
213.155.103.0/24 maxlen: 24
213.155.99.0/24 maxlen: 24
213.155.112.0/21 maxlen: 24
213.155.124.0/22 maxlen: 24
213.155.122.0/23 maxlen: 24
213.155.121.0/24 maxlen: 24
213.155.120.0/23 maxlen: 24
2a02:480::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:23:1b:2d:3d:48:2b:18:fa:c8:b5:00:2f:e0:85:56:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1074db96402ff5cf187564560ea8f13eeeb5ffeb
Validity
Not Before: Mar 27 12:46:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=faf807a2bb289552c64a7e61f5d758b3cb2632f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1c:c6:1c:46:e1:b5:ff:a6:2c:54:0c:a2:f9:
18:9c:ac:5a:3f:31:4c:f4:02:89:7e:f5:db:90:e2:
4f:64:3a:c3:2e:ee:69:d1:d3:a3:87:ee:e7:8f:0f:
5d:0b:7c:c0:7c:43:a4:2a:e3:04:d7:02:ef:de:43:
80:4c:1e:00:5f:70:65:ca:ce:d6:a3:4d:79:44:76:
5b:19:a0:de:6e:0e:7f:21:ae:ce:ce:e7:ab:8e:f1:
40:1f:42:3e:69:4a:ab:27:45:4e:41:48:82:d9:92:
4c:09:81:61:62:47:67:24:af:b6:42:f5:25:33:48:
8d:62:ef:9f:7f:3e:d7:9c:d4:f5:f9:fc:05:ca:8e:
55:d0:c2:63:99:78:59:2b:f9:ff:46:c7:3e:a3:5a:
fb:8e:72:55:9e:a1:8b:83:a8:2f:c5:ab:b8:04:73:
88:fb:21:61:e0:6b:25:72:bc:6b:74:66:eb:98:20:
3d:54:31:5b:9e:4d:52:ad:88:59:4b:af:30:d1:5d:
c4:e9:3d:67:89:c0:a7:af:a4:e6:0b:05:6c:b6:98:
a1:c2:7f:31:1d:8d:17:09:9c:06:23:8c:cf:a9:97:
99:0b:39:56:0d:1e:98:35:40:1a:f0:c4:74:38:42:
90:31:47:bd:6f:02:bd:3b:79:44:5b:a0:39:8b:92:
c5:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:F8:07:A2:BB:28:95:52:C6:4A:7E:61:F5:D7:58:B3:CB:26:32:F1
X509v3 Authority Key Identifier:
keyid:10:74:DB:96:40:2F:F5:CF:18:75:64:56:0E:A8:F1:3E:EE:B5:FF:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHTblkAv9c8YdWRWDqjxPu61_-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/1-vgHorsolVLGSn5h9ddYs8smMvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/EHTblkAv9c8YdWRWDqjxPu61_-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.160.0/20
82.151.128.0/19
94.102.64.0/20
185.58.244.0/22
212.2.192.0/19
212.58.0.0/19
213.155.96.0/19
IPv6:
2a02:480::/32
Signature Algorithm: sha256WithRSAEncryption
30:05:9a:e3:e1:6e:7e:74:b0:70:9a:b0:b7:ca:cb:a0:6b:2a:
96:6a:73:30:2f:17:26:f2:5a:74:6c:0a:26:d0:ec:c4:3b:33:
f8:ab:19:a4:41:18:d1:34:bf:0b:37:fd:c0:a7:4f:31:50:a0:
55:a6:f9:db:c5:7c:9b:2e:1b:38:fd:a7:2e:2f:68:72:f6:b3:
c1:8c:d1:b4:7e:4e:5e:b3:b4:da:93:05:e2:fd:1d:28:64:00:
f4:39:68:da:d9:de:e1:7c:46:71:f5:48:e0:96:0a:35:92:92:
3d:8a:44:a2:de:20:ba:33:c4:e6:72:1a:b7:eb:cb:01:15:b0:
7e:19:fa:22:93:54:c9:20:4e:aa:e8:df:70:7a:6f:1e:c8:b1:
24:a6:c4:dc:ff:6e:65:f0:0b:f9:81:28:a7:db:9f:54:b5:b6:
71:2e:9f:58:b7:02:ea:1a:52:55:ce:6c:52:c4:91:c0:b1:a1:
0f:24:5d:6f:29:0c:ee:1c:71:4e:90:d0:53:73:30:6e:30:53:
54:b8:01:7b:8a:22:6c:46:d7:e2:73:07:60:ea:60:30:c5:94:
51:14:89:82:b5:86:45:cc:52:d3:7a:3c:a9:9c:e8:ad:d5:cc:
e9:fb:47:de:32:a6:6d:76:b1:0a:f6:f8:4e:1e:c0:ff:93:7d:
a1:f2:50:55
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYcjGy09SCsY+si1AC/ghVbXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzRkYjk2NDAyZmY1Y2YxODc1NjQ1NjBlYThmMTNlZWVi
NWZmZWIwHhcNMjMwMzI3MTI0NjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWY4MDdhMmJiMjg5NTUyYzY0YTdlNjFmNWQ3NThiM2NiMjYzMmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhzGHEbhtf+mLFQMovkYnKxaPzFM
9AKJfvXbkOJPZDrDLu5p0dOjh+7njw9dC3zAfEOkKuME1wLv3kOATB4AX3Blys7W
o015RHZbGaDebg5/Ia7OzuerjvFAH0I+aUqrJ0VOQUiC2ZJMCYFhYkdnJK+2QvUl
M0iNYu+ffz7XnNT1+fwFyo5V0MJjmXhZK/n/Rsc+o1r7jnJVnqGLg6gvxau4BHOI
+yFh4GslcrxrdGbrmCA9VDFbnk1SrYhZS68w0V3E6T1nicCnr6TmCwVstpihwn8x
HY0XCZwGI4zPqZeZCzlWDR6YNUAa8MR0OEKQMUe9bwK9O3lEW6A5i5LFbQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFPr4B6K7KJVSxkp+YfXXWLPLJjLxMB8GA1UdIwQY
MBaAFBB025ZAL/XPGHVkVg6o8T7utf/rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhUYmxrQXY5YzhZZFdSV0RxanhQdTYxXy1zLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8xZTFkNjktMGJmZC00MGFmLTg4YjEt
YWI0MGI1OGEyODkyLzEvMS12Z0hvcnNvbFZMR1NuNWg5ZGRZczhzbU12RS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDMvMWUxZDY5LTBiZmQtNDBhZi04OGIxLWFiNDBiNThhMjg5
Mi8xL0VIVGJsa0F2OWM4WWRXUldEcWp4UHU2MV8tcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBSBggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEBFEVoAME
BVKXgAMEBF5mQAMEArk69AMEBdQCwAMEBdQ6AAMEBdWbYDANBAIAAjAHAwUAKgIE
gDANBgkqhkiG9w0BAQsFAAOCAQEAMAWa4+FufnSwcJqwt8rLoGsqlmpzMC8XJvJa
dGwKJtDsxDsz+KsZpEEY0TS/Czf9wKdPMVCgVab528V8my4bOP2nLi9ocvazwYzR
tH5OXrO02pMF4v0dKGQA9Dlo2tne4XxGcfVI4JYKNZKSPYpEot4gujPE5nIat+vL
ARWwfhn6IpNUySBOqujfcHpvHsixJKbE3P9uZfAL+YEop9ufVLW2cS6fWLcC6hpS
Vc5sUsSRwLGhDyRdbykM7hxxTpDQU3MwbjBTVLgBe4oibEbX4nMHYOpgMMWUURSJ
grWGRcxS03o8qZzordXM6ftH3jKmbXaxCvb4Th7A/5N9ofJQVQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:23:09 2025 by rpki-client