Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/vh8kJzoYGmjHtFYHVMo9t5vSRxE.roa
File: vh8kJzoYGmjHtFYHVMo9t5vSRxE.roa (raw, json)
Hash identifier: I0kuj1KDcg3gXBRMdFTQo90NzVDnAZqftTqWq0M/cXA=
Subject key identifier: BE:1F:24:27:3A:18:1A:68:C7:B4:56:07:54:CA:3D:B7:9B:D2:47:11
Certificate issuer: /CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Certificate serial: 06F86BD5
Authority key identifier: 5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/vh8kJzoYGmjHtFYHVMo9t5vSRxE.roa
Signing time: Mon 20 Jun 2022 07:07:44 +0000
ROA not before: Mon 20 Jun 2022 07:07:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34244
IP address blocks: 94.46.136.0/22 maxlen: 22
45.152.172.0/22 maxlen: 22
178.236.65.48/29 maxlen: 29
178.255.112.0/22 maxlen: 22
178.236.73.80/29 maxlen: 29
178.236.73.112/29 maxlen: 29
178.236.73.176/29 maxlen: 29
193.221.219.0/24 maxlen: 24
141.98.236.0/22 maxlen: 22
178.236.72.28/30 maxlen: 30
193.221.120.0/24 maxlen: 24
193.221.123.0/24 maxlen: 24
185.186.32.0/22 maxlen: 22
178.236.72.48/28 maxlen: 28
185.176.28.0/22 maxlen: 22
185.216.152.0/22 maxlen: 22
5.180.0.0/22 maxlen: 22
178.236.72.88/29 maxlen: 29
178.236.74.88/29 maxlen: 29
185.121.44.0/22 maxlen: 22
185.223.236.0/22 maxlen: 22
185.240.208.0/22 maxlen: 22
45.93.232.0/22 maxlen: 22
195.210.52.0/23 maxlen: 23
128.127.184.0/21 maxlen: 21
94.46.240.0/22 maxlen: 22
81.92.220.0/22 maxlen: 22
178.236.73.128/29 maxlen: 29
178.236.73.160/29 maxlen: 29
178.236.73.224/29 maxlen: 29
185.247.236.0/22 maxlen: 22
45.131.188.0/22 maxlen: 22
92.39.32.0/20 maxlen: 20
81.92.196.0/22 maxlen: 22
45.8.152.0/22 maxlen: 22
85.30.128.0/18 maxlen: 18
155.137.24.0/21 maxlen: 21
185.4.8.0/22 maxlen: 22
178.236.73.200/29 maxlen: 29
193.221.93.0/24 maxlen: 24
37.221.104.0/22 maxlen: 22
185.197.224.0/22 maxlen: 22
188.66.48.0/22 maxlen: 22
45.14.4.0/22 maxlen: 22
2a02:80::/32 maxlen: 32
2a02:80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116943829 (0x6f86bd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Validity
Not Before: Jun 20 07:07:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be1f24273a181a68c7b4560754ca3db79bd24711
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:54:45:ca:83:aa:0f:7b:34:3e:34:30:d4:1d:
25:c3:38:b9:63:de:51:e3:44:d7:6e:4d:39:1a:c3:
42:cd:c4:9f:c1:4b:c3:56:35:ae:d8:93:18:d9:c7:
f5:c6:7c:e5:49:10:6e:8e:ed:84:23:51:d3:c1:00:
83:c6:a1:3d:3f:21:e6:36:c4:ec:e1:01:da:2b:44:
12:37:28:fc:36:e7:91:c2:1f:d8:45:ee:cc:43:24:
7e:8a:bf:6a:ae:e5:fc:ba:61:d8:28:fe:5f:e1:41:
25:61:fe:f7:8d:12:64:2c:b8:d8:f9:7f:de:c8:e2:
2c:69:0d:f3:8b:83:6a:36:95:17:48:04:80:8f:d2:
ce:ba:d9:71:94:f0:c1:bc:4e:a2:fc:90:4a:b2:d4:
5f:f0:2a:1f:47:c1:9d:1f:a7:36:7b:40:fa:e7:ed:
56:0f:c8:6f:ea:9c:59:0e:13:ba:95:3e:0c:30:16:
07:20:ab:6e:35:af:22:86:5c:b0:31:76:74:a1:d7:
8a:15:ea:3e:5f:9e:fe:9a:c6:3c:15:58:6a:2f:9c:
f4:aa:f8:e2:d9:5f:f5:ac:c8:1b:1f:6b:0a:0d:71:
9d:49:7a:d0:0b:ed:ae:25:9f:99:60:96:12:43:b3:
fc:8e:39:93:2a:df:d2:99:cc:e7:6e:7b:f6:b8:a6:
44:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:1F:24:27:3A:18:1A:68:C7:B4:56:07:54:CA:3D:B7:9B:D2:47:11
X509v3 Authority Key Identifier:
keyid:5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/vh8kJzoYGmjHtFYHVMo9t5vSRxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/Xx-gbV262kPeRPTksdyUkrsofJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.0.0/22
37.221.104.0/22
45.8.152.0/22
45.14.4.0/22
45.93.232.0/22
45.131.188.0/22
45.152.172.0/22
81.92.196.0/22
81.92.220.0/22
85.30.128.0/18
92.39.32.0/20
94.46.136.0/22
94.46.240.0/22
128.127.184.0/21
141.98.236.0/22
155.137.24.0/21
178.236.65.48/29
178.236.72.28/30
178.236.72.48/28
178.236.72.88/29
178.236.73.80/29
178.236.73.112/29
178.236.73.128/29
178.236.73.160/29
178.236.73.176/29
178.236.73.200/29
178.236.73.224/29
178.236.74.88/29
178.255.112.0/22
185.4.8.0/22
185.121.44.0/22
185.176.28.0/22
185.186.32.0/22
185.197.224.0/22
185.216.152.0/22
185.223.236.0/22
185.240.208.0/22
185.247.236.0/22
188.66.48.0/22
193.221.93.0/24
193.221.120.0/24
193.221.123.0/24
193.221.219.0/24
195.210.52.0/23
IPv6:
2a02:80::/29
Signature Algorithm: sha256WithRSAEncryption
4e:bd:90:f5:5c:d6:05:96:ce:76:35:42:80:dd:00:49:f6:92:
02:a7:37:60:cf:26:44:b7:23:8a:ad:a4:65:73:3b:de:a4:e2:
c2:c3:63:b9:b1:16:8d:d5:b5:20:58:f1:2e:00:f2:f3:5d:f3:
66:ff:98:48:cd:1a:5b:79:9f:32:2d:1f:ec:56:53:e2:5f:e1:
14:03:1d:b6:1a:77:db:fa:f5:7e:2a:e7:ff:84:5e:99:dd:82:
cc:87:6d:64:5b:97:cc:12:9e:82:f8:24:cc:ce:8a:a8:df:12:
12:7f:08:a8:b4:d3:ac:7f:56:4e:c4:d4:af:61:5d:47:0d:44:
78:f4:07:8a:35:ee:a0:29:5f:78:00:27:0c:41:ee:ec:64:23:
bd:f3:82:d9:75:10:24:44:ec:a0:88:9a:6a:28:c9:9a:aa:53:
ba:3d:e0:3f:27:45:92:da:cd:f0:78:ef:b8:0a:a3:bf:a6:49:
41:6d:1d:27:60:1b:e6:e4:94:f7:ee:03:44:f3:f9:04:67:e2:
d7:ab:27:43:27:b0:0f:34:b2:1f:22:6b:b7:97:49:84:eb:e7:
7d:35:18:ee:c4:a9:9a:09:31:33:83:46:bd:68:ea:80:e6:f3:
ea:7b:f7:3b:61:f8:ca:17:21:4e:ca:10:09:20:51:e1:f9:87:
b4:c6:db:a2
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgIEBvhr1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZjFmYTA2ZDVkYmFkYTQzZGU0NGY0ZTRiMWRjOTQ5MmJiMjg3YzlkMB4XDTIyMDYy
MDA3MDc0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmUxZjI0MjczYTE4
MWE2OGM3YjQ1NjA3NTRjYTNkYjc5YmQyNDcxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVURcqDqg97ND40MNQdJcM4uWPeUeNE125NORrDQs3En8FL
w1Y1rtiTGNnH9cZ85UkQbo7thCNR08EAg8ahPT8h5jbE7OEB2itEEjco/DbnkcIf
2EXuzEMkfoq/aq7l/Lph2Cj+X+FBJWH+940SZCy42Pl/3sjiLGkN84uDajaVF0gE
gI/SzrrZcZTwwbxOovyQSrLUX/AqH0fBnR+nNntA+uftVg/Ib+qcWQ4TupU+DDAW
ByCrbjWvIoZcsDF2dKHXihXqPl+e/prGPBVYai+c9Kr44tlf9azIGx9rCg1xnUl6
0AvtriWfmWCWEkOz/I45kyrf0pnM52579rimRGUCAwEAAaOCAzAwggMsMB0GA1Ud
DgQWBBS+HyQnOhgaaMe0VgdUyj23m9JHETAfBgNVHSMEGDAWgBRfH6BtXbraQ95E
9OSx3JSSuyh8nTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1h4LWdiVjI2MmtQZVJQVGtzZHlVa3Jzb2ZKMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvODQ3ZDE3LWJhN2MtNGVhZS05ZDU1LTI1ODQ2ZDU5ZmQ2MC8x
L3ZoOGtKem9ZR21qSHRGWUhWTW85dDV2U1J4RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
ODQ3ZDE3LWJhN2MtNGVhZS05ZDU1LTI1ODQ2ZDU5ZmQ2MC8xL1h4LWdiVjI2MmtQ
ZVJQVGtzZHlVa3Jzb2ZKMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AUQGCCsGAQUFBwEHAQH/BIIBMzCCAS8wggEcBAIAATCCARQDBAIFtAADBAIl3WgD
BAItCJgDBAItDgQDBAItXegDBAItg7wDBAItmKwDBAJRXMQDBAJRXNwDBAZVHoAD
BARcJyADBAJeLogDBAJeLvADBAOAf7gDBAKNYuwDBAObiRgDBQOy7EEwAwUCsuxI
HAMFBLLsSDADBQOy7EhYAwUDsuxJUAMFA7LsSXADBQOy7EmAAwUDsuxJoAMFA7Ls
SbADBQOy7EnIAwUDsuxJ4AMFA7LsSlgDBAKy/3ADBAK5BAgDBAK5eSwDBAK5sBwD
BAK5uiADBAK5xeADBAK52JgDBAK53+wDBAK58NADBAK59+wDBAK8QjADBADB3V0D
BADB3XgDBADB3XsDBADB3dsDBAHD0jQwDQQCAAIwBwMFAyoCAIAwDQYJKoZIhvcN
AQELBQADggEBAE69kPVc1gWWznY1QoDdAEn2kgKnN2DPJkS3I4qtpGVzO96k4sLD
Y7mxFo3VtSBY8S4A8vNd82b/mEjNGlt5nzItH+xWU+Jf4RQDHbYad9v69X4q5/+E
XpndgsyHbWRbl8wSnoL4JMzOiqjfEhJ/CKi006x/Vk7E1K9hXUcNRHj0B4o17qAp
X3gAJwxB7uxkI73zgtl1ECRE7KCImmooyZqqU7o94D8nRZLazfB477gKo7+mSUFt
HSdgG+bklPfuA0Tz+QRn4terJ0MnsA80sh8ia7eXSYTr5301GO7EqZoJMTODRr1o
6oDm8+p79zth+MoXIU7KEAkgUeH5h7TG26I=
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:46:50 2025 by rpki-client