Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/soSbaFiQHv7COJdFlnbvfkBeSC8.roa
File: soSbaFiQHv7COJdFlnbvfkBeSC8.roa (raw, json)
Hash identifier: QtrSZg3jPCpvlr6e/hz0GYCRvFrb/TovefUcMz/oFE4=
Subject key identifier: B2:84:9B:68:58:90:1E:FE:C2:38:97:45:96:76:EF:7E:40:5E:48:2F
Certificate issuer: /CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Certificate serial: 018B19CEF65A31ABBD65ED142FC70FD9103E
Authority key identifier: A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/soSbaFiQHv7COJdFlnbvfkBeSC8.roa
Signing time: Tue 10 Oct 2023 13:37:55 +0000
ROA not before: Tue 10 Oct 2023 13:37:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 80.86.192.0/24 maxlen: 24
80.86.199.0/24 maxlen: 24
80.86.196.0/24 maxlen: 24
80.86.198.0/24 maxlen: 24
80.86.193.0/24 maxlen: 24
81.221.251.0/24 maxlen: 24
81.221.250.0/24 maxlen: 24
81.221.253.0/24 maxlen: 24
81.221.252.0/24 maxlen: 24
81.221.254.0/24 maxlen: 24
81.221.255.0/24 maxlen: 24
195.49.16.0/24 maxlen: 24
194.191.17.0/24 maxlen: 24
194.191.16.0/24 maxlen: 24
212.59.186.0/24 maxlen: 24
212.59.184.0/24 maxlen: 24
194.191.24.0/24 maxlen: 24
194.191.21.0/24 maxlen: 24
194.191.20.0/24 maxlen: 24
194.191.19.0/24 maxlen: 24
194.191.18.0/24 maxlen: 24
212.59.189.0/24 maxlen: 24
212.59.188.0/24 maxlen: 24
194.191.30.0/24 maxlen: 24
194.191.28.0/24 maxlen: 24
194.191.29.0/24 maxlen: 24
194.191.26.0/24 maxlen: 24
194.191.25.0/24 maxlen: 24
82.195.224.0/24 maxlen: 24
82.195.226.0/24 maxlen: 24
82.195.225.0/24 maxlen: 24
82.195.227.0/24 maxlen: 24
2a01:2a8:2001::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:ce:f6:5a:31:ab:bd:65:ed:14:2f:c7:0f:d9:10:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Validity
Not Before: Oct 10 13:37:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2849b6858901efec23897459676ef7e405e482f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e2:a2:bc:63:d7:7e:a8:15:8c:56:24:9a:e6:
c3:0d:16:55:92:c6:50:07:b6:61:08:ef:ec:42:f2:
2a:3e:45:4e:73:bc:93:90:66:11:21:66:de:5e:ab:
6b:eb:d9:ff:d4:e3:29:83:3d:b4:32:0c:b0:cc:6d:
fa:89:08:ed:ef:93:2d:4a:86:a1:d2:ad:d8:1b:1e:
ed:ff:fc:75:5f:6a:e6:28:32:f7:fa:ad:77:52:b0:
7a:42:57:ce:f1:1e:5d:9a:77:6c:1b:c5:eb:08:11:
38:dc:5f:e6:62:a9:2f:f9:c1:5b:cb:e0:da:5a:5f:
92:d2:d0:f6:0e:18:46:11:86:0f:44:9a:88:c3:fb:
fb:24:20:45:7b:98:93:f9:a6:3e:d6:11:53:d9:a2:
e7:be:8e:18:80:4d:c3:7f:e9:23:f7:fa:d4:ba:f5:
dc:3b:eb:84:97:71:cb:71:b4:5e:52:dd:f9:54:87:
bc:27:8e:45:06:14:ab:c1:26:55:46:05:cd:bb:60:
55:97:b7:18:b3:95:5d:54:b4:26:09:42:65:66:8e:
b6:5e:2b:c2:4a:1d:17:de:4b:a5:cb:d0:dd:77:7e:
76:dd:6b:83:3e:f2:d5:cb:fe:bc:d2:8f:84:dc:1b:
d8:d2:4e:d1:a9:60:13:a5:53:e3:e6:f0:7a:6c:b8:
cd:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:84:9B:68:58:90:1E:FE:C2:38:97:45:96:76:EF:7E:40:5E:48:2F
X509v3 Authority Key Identifier:
keyid:A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/soSbaFiQHv7COJdFlnbvfkBeSC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.86.192.0/23
80.86.196.0/24
80.86.198.0/23
81.221.250.0-81.221.255.255
82.195.224.0/22
194.191.16.0-194.191.21.255
194.191.24.0-194.191.26.255
194.191.28.0-194.191.30.255
195.49.16.0/24
212.59.184.0/24
212.59.186.0/24
212.59.188.0/23
IPv6:
2a01:2a8:2001::/48
Signature Algorithm: sha256WithRSAEncryption
3b:41:35:6e:88:53:56:2b:29:68:d2:d0:d0:d3:e8:e7:5d:1d:
f8:98:b1:e3:57:35:a6:f2:9b:88:ee:9a:ff:99:4b:10:09:fd:
3d:c6:29:61:3a:96:c9:f2:e9:fd:0e:9a:6b:fa:48:77:bc:10:
8b:a8:25:11:89:20:a1:30:e7:dd:16:27:fb:8e:27:f7:03:e3:
39:56:8f:dc:cb:db:5f:31:80:b3:22:df:5c:3c:2f:59:65:b4:
f7:ff:b7:64:97:7f:75:69:ec:e5:6d:e5:a6:f9:6a:34:c0:9e:
21:29:78:9d:3e:28:ee:50:d5:ba:b3:0a:6c:87:3b:89:e4:b3:
59:92:79:3d:e2:3b:06:ef:f8:c4:87:82:c7:09:71:28:d6:f0:
ce:c0:99:a3:b9:7f:a2:28:8e:bf:ee:f3:c2:6d:1c:4b:fe:73:
87:e8:a5:cb:c1:ef:6c:1b:27:de:66:97:12:ee:3d:d6:22:60:
42:a8:fc:57:b2:94:0a:fe:3f:e4:e8:86:d6:88:54:03:aa:11:
8b:17:72:db:85:12:ad:a8:a6:d9:3c:20:41:1f:e0:d2:44:8b:
86:6a:ed:39:67:a5:75:c2:d3:7a:41:cd:e5:b8:7d:09:5f:ea:
a0:6b:13:e2:04:d5:56:c9:f7:1c:92:5a:8e:7a:a3:26:b8:81:
80:b1:af:89
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYsZzvZaMau9Ze0UL8cP2RA+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NGM2NzA2ZTNmYmViZGZmMTQ2YThhMTRlYzJhMzI4NGE5
MmJhNjIwHhcNMjMxMDEwMTMzNzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjg0OWI2ODU4OTAxZWZlYzIzODk3NDU5Njc2ZWY3ZTQwNWU0ODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeKivGPXfqgVjFYkmubDDRZVksZQ
B7ZhCO/sQvIqPkVOc7yTkGYRIWbeXqtr69n/1OMpgz20MgywzG36iQjt75MtSoah
0q3YGx7t//x1X2rmKDL3+q13UrB6QlfO8R5dmndsG8XrCBE43F/mYqkv+cFby+Da
Wl+S0tD2DhhGEYYPRJqIw/v7JCBFe5iT+aY+1hFT2aLnvo4YgE3Df+kj9/rUuvXc
O+uEl3HLcbReUt35VIe8J45FBhSrwSZVRgXNu2BVl7cYs5VdVLQmCUJlZo62XivC
Sh0X3kuly9Ddd3523WuDPvLVy/680o+E3BvY0k7RqWATpVPj5vB6bLjNewIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFLKEm2hYkB7+wjiXRZZ2735AXkgvMB8GA1UdIwQY
MBaAFKdMZwbj++vf8UaooU7CoyhKkrpiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjIt
YWE3ODhhNDIwYWVjLzEvc29TYmFGaVFIdjdDT0pkRmxuYnZma0JlU0M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjItYWE3ODhhNDIwYWVj
LzEvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDBtBAIAATBnAwQBUFbA
AwQAUFbEAwQBUFbGMAsDBAFR3foDAwFR3AMEAlLD4DAMAwQEwr8QAwQBwr8UMAwD
BAPCvxgDBADCvxowDAMEAsK/HAMEAMK/HgMEAMMxEAMEANQ7uAMEANQ7ugMEAdQ7
vDAPBAIAAjAJAwcAKgECqCABMA0GCSqGSIb3DQEBCwUAA4IBAQA7QTVuiFNWKylo
0tDQ0+jnXR34mLHjVzWm8puI7pr/mUsQCf09xilhOpbJ8un9Dppr+kh3vBCLqCUR
iSChMOfdFif7jif3A+M5Vo/cy9tfMYCzIt9cPC9ZZbT3/7dkl391aezlbeWm+Wo0
wJ4hKXidPijuUNW6swpshzuJ5LNZknk94jsG7/jEh4LHCXEo1vDOwJmjuX+iKI6/
7vPCbRxL/nOH6KXLwe9sGyfeZpcS7j3WImBCqPxXspQK/j/k6IbWiFQDqhGLF3Lb
hRKtqKbZPCBBH+DSRIuGau05Z6V1wtN6Qc3luH0JX+qgaxPiBNVWyfccklqOeqMm
uIGAsa+J
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:36 2025 by rpki-client