Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/G_IdlUmDe-YrtnwgpQSO-YDHEws.roa
File: G_IdlUmDe-YrtnwgpQSO-YDHEws.roa (raw, json)
Hash identifier: gbqulECFOit6QOPkJZeeNuVLo+Zq1K1vtSA5Gqccmjk=
Subject key identifier: 1B:F2:1D:95:49:83:7B:E6:2B:B6:7C:20:A5:04:8E:F9:80:C7:13:0B
Certificate issuer: /CN=6f5c5712fbbcd832419d4c5884ae3bc3c4a16e7b
Certificate serial: 018571831122AD584F3F9EE25784B3EFBE87
Authority key identifier: 6F:5C:57:12:FB:BC:D8:32:41:9D:4C:58:84:AE:3B:C3:C4:A1:6E:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b1xXEvu82DJBnUxYhK47w8Shbns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/G_IdlUmDe-YrtnwgpQSO-YDHEws.roa
Signing time: Mon 02 Jan 2023 08:04:53 +0000
ROA not before: Mon 02 Jan 2023 08:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38917
IP address blocks: 185.24.112.0/22 maxlen: 24
109.111.64.0/19 maxlen: 24
87.255.224.0/20 maxlen: 24
87.255.224.0/19 maxlen: 24
149.255.16.0/22 maxlen: 22
87.255.240.0/20 maxlen: 24
87.255.252.0/24 maxlen: 24
87.255.248.0/22 maxlen: 24
217.175.32.0/20 maxlen: 24
176.110.206.0/23 maxlen: 23
176.110.208.0/21 maxlen: 24
185.86.112.0/20 maxlen: 24
194.32.156.0/22 maxlen: 22
2a04:2cc0::/32 maxlen: 32
2a04:2cc3::/32 maxlen: 32
2a04:2cc5::/32 maxlen: 32
2a04:2cc6::/32 maxlen: 32
2a04:2cc2::/32 maxlen: 32
2a04:2cc1::/32 maxlen: 32
2a04:2cc7::/32 maxlen: 32
2a04:2cc4::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:11:22:ad:58:4f:3f:9e:e2:57:84:b3:ef:be:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f5c5712fbbcd832419d4c5884ae3bc3c4a16e7b
Validity
Not Before: Jan 2 08:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1bf21d9549837be62bb67c20a5048ef980c7130b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:17:be:e9:d6:69:01:40:4f:b0:db:8c:1d:42:
69:dc:9f:58:d6:89:30:92:37:a4:e2:c3:57:47:e0:
66:cf:3e:62:c1:5b:31:ed:80:fd:ad:3b:49:45:21:
bb:e9:9c:32:a5:87:10:ed:37:75:ed:b5:6f:ad:7f:
27:fc:ac:d7:92:b7:14:cb:4b:80:d8:7c:c9:ca:c7:
f4:c8:c2:94:03:cd:cf:30:00:ea:6f:e3:fc:08:3f:
4b:d1:bb:77:3a:61:23:4c:b0:b9:a2:de:60:23:21:
dc:fa:24:02:c0:b6:cf:d1:a9:6e:19:ff:51:11:bf:
20:38:3f:e7:d7:12:53:7d:90:9f:9b:33:97:94:a4:
86:55:a7:5f:b3:a3:98:b3:c6:52:05:95:2e:69:22:
76:fd:14:34:ad:4a:76:60:6c:83:c3:23:28:16:c8:
ad:70:a4:db:e6:61:e6:07:7a:af:ad:e4:54:10:d1:
0d:2c:f2:2e:f4:a2:67:2d:37:47:65:4a:b3:5f:bf:
df:b2:7e:5f:29:c1:48:24:98:16:3a:0d:1f:0a:75:
be:72:ae:2c:69:3e:97:23:ff:74:dc:e4:8c:08:70:
fa:fd:36:e0:40:63:e8:1b:ae:58:89:cc:b6:48:10:
f2:64:2e:42:f8:e6:0d:40:0d:58:be:c5:0c:85:63:
2f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:F2:1D:95:49:83:7B:E6:2B:B6:7C:20:A5:04:8E:F9:80:C7:13:0B
X509v3 Authority Key Identifier:
keyid:6F:5C:57:12:FB:BC:D8:32:41:9D:4C:58:84:AE:3B:C3:C4:A1:6E:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1xXEvu82DJBnUxYhK47w8Shbns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/G_IdlUmDe-YrtnwgpQSO-YDHEws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/b1xXEvu82DJBnUxYhK47w8Shbns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.255.224.0/19
109.111.64.0/19
149.255.16.0/22
176.110.206.0-176.110.215.255
185.24.112.0/22
185.86.112.0/20
194.32.156.0/22
217.175.32.0/20
IPv6:
2a04:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
62:00:47:ff:3a:d9:25:0e:1d:1f:5c:a9:d5:a8:a2:4d:41:b1:
05:28:32:23:9a:05:93:24:15:a8:eb:cb:e4:e5:c9:c3:25:07:
2c:0b:79:e0:92:35:b7:2d:37:1b:e6:d8:98:c5:08:9d:b8:37:
ce:3d:d4:64:97:46:28:0c:44:cf:b8:f6:d7:86:97:b6:d4:6c:
e8:1d:77:5f:61:d5:5f:3e:63:3f:de:ba:87:d0:0f:3c:45:26:
ea:c3:6c:c5:05:3a:05:b0:00:23:02:85:a5:4e:6f:fa:36:14:
64:92:54:ab:e2:ad:82:6e:25:17:8f:09:a3:6c:ef:f3:96:d6:
4d:4a:9d:fb:8b:88:cd:b1:ca:71:8d:05:14:88:57:9f:d4:f2:
43:fb:53:2d:95:38:4a:9b:1c:c0:2b:46:2e:16:12:95:0c:47:
d0:53:e5:db:1c:b7:be:b6:2f:62:79:d1:55:dc:d8:2f:25:ef:
1e:f5:09:9f:86:b1:81:e4:95:6e:da:8c:a6:1f:31:6d:00:f1:
6f:7c:26:83:58:ec:cb:a7:44:56:91:fd:f5:75:89:eb:72:ba:
60:75:d0:92:f0:bc:6f:cb:48:d2:72:75:96:04:b1:ea:9e:c4:
c3:61:15:5d:f3:eb:85:30:e6:d1:a7:ac:42:81:f7:0c:0b:2a:
9d:99:9b:f8
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYVxgxEirVhPP57iV4Sz776HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNWM1NzEyZmJiY2Q4MzI0MTlkNGM1ODg0YWUzYmMzYzRh
MTZlN2IwHhcNMjMwMTAyMDgwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmYyMWQ5NTQ5ODM3YmU2MmJiNjdjMjBhNTA0OGVmOTgwYzcxMzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRe+6dZpAUBPsNuMHUJp3J9Y1okw
kjek4sNXR+Bmzz5iwVsx7YD9rTtJRSG76ZwypYcQ7Td17bVvrX8n/KzXkrcUy0uA
2HzJysf0yMKUA83PMADqb+P8CD9L0bt3OmEjTLC5ot5gIyHc+iQCwLbP0aluGf9R
Eb8gOD/n1xJTfZCfmzOXlKSGVadfs6OYs8ZSBZUuaSJ2/RQ0rUp2YGyDwyMoFsit
cKTb5mHmB3qvreRUENENLPIu9KJnLTdHZUqzX7/fsn5fKcFIJJgWOg0fCnW+cq4s
aT6XI/903OSMCHD6/TbgQGPoG65Yicy2SBDyZC5C+OYNQA1YvsUMhWMvqwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBvyHZVJg3vmK7Z8IKUEjvmAxxMLMB8GA1UdIwQY
MBaAFG9cVxL7vNgyQZ1MWISuO8PEoW57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjF4WEV2dTgyREpCblV4WWhLNDd3OFNoYm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9iNDAzY2MtNGU2Yy00ZmU5LTgzYTEt
NzU1MDUyOWQ4NDdhLzEvR19JZGxVbURlLVlydG53Z3BRU08tWURIRXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9iNDAzY2MtNGU2Yy00ZmU5LTgzYTEtNzU1MDUyOWQ4NDdh
LzEvYjF4WEV2dTgyREpCblV4WWhLNDd3OFNoYm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQFV//gAwQF
bW9AAwQClf8QMAwDBAGwbs4DBAOwbtADBAK5GHADBAS5VnADBALCIJwDBATZryAw
DQQCAAIwBwMFAyoELMAwDQYJKoZIhvcNAQELBQADggEBAGIAR/862SUOHR9cqdWo
ok1BsQUoMiOaBZMkFajry+TlycMlBywLeeCSNbctNxvm2JjFCJ24N8491GSXRigM
RM+49teGl7bUbOgdd19h1V8+Yz/euofQDzxFJurDbMUFOgWwACMChaVOb/o2FGSS
VKvirYJuJRePCaNs7/OW1k1KnfuLiM2xynGNBRSIV5/U8kP7Uy2VOEqbHMArRi4W
EpUMR9BT5dsct762L2J50VXc2C8l7x71CZ+GsYHklW7ajKYfMW0A8W98JoNY7Mun
RFaR/fV1ietyumB10JLwvG/LSNJydZYEseqexMNhFV3z64Uw5tGnrEKB9wwLKp2Z
m/g=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:38 2025 by rpki-client