Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/IyPUXUX0L1uRfUDUwhICgu5ByeA.roa
File: IyPUXUX0L1uRfUDUwhICgu5ByeA.roa (raw, json)
Hash identifier: lmHN2jfDabVH0OohbncPIanIlGN0gCn9KARw5cHqZtY=
Subject key identifier: 23:23:D4:5D:45:F4:2F:5B:91:7D:40:D4:C2:12:02:82:EE:41:C9:E0
Certificate issuer: /CN=69a4d6916b93159aa80984a9b3774683bb550ebd
Certificate serial: 01856FF041774034C79558EBCCFEF3851C34
Authority key identifier: 69:A4:D6:91:6B:93:15:9A:A8:09:84:A9:B3:77:46:83:BB:55:0E:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaTWkWuTFZqoCYSps3dGg7tVDr0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/IyPUXUX0L1uRfUDUwhICgu5ByeA.roa
Signing time: Mon 02 Jan 2023 00:44:54 +0000
ROA not before: Mon 02 Jan 2023 00:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205952
IP address blocks: 62.213.72.0/21 maxlen: 21
62.213.86.0/24 maxlen: 24
62.213.94.0/23 maxlen: 23
62.213.102.0/23 maxlen: 23
212.158.168.0/24 maxlen: 24
212.158.170.0/23 maxlen: 23
212.158.174.0/23 maxlen: 23
62.213.112.0/23 maxlen: 23
62.213.116.0/24 maxlen: 24
217.23.152.0/21 maxlen: 21
46.183.166.0/23 maxlen: 23
185.48.236.0/22 maxlen: 22
212.24.57.0/24 maxlen: 24
217.23.129.0/24 maxlen: 24
217.23.139.0/24 maxlen: 24
212.24.37.0/24 maxlen: 24
212.24.43.0/24 maxlen: 24
212.24.40.0/24 maxlen: 24
212.24.39.0/24 maxlen: 24
212.24.50.0/24 maxlen: 24
2a01:9860::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:41:77:40:34:c7:95:58:eb:cc:fe:f3:85:1c:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69a4d6916b93159aa80984a9b3774683bb550ebd
Validity
Not Before: Jan 2 00:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2323d45d45f42f5b917d40d4c2120282ee41c9e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:31:cd:90:c6:57:1f:bd:02:85:8d:54:0e:e4:
8d:a0:64:0c:66:2e:f3:3c:fd:60:66:57:bb:32:09:
a7:7d:77:32:f4:04:c9:0b:9e:03:bc:37:fb:fd:39:
e3:ae:e0:73:e1:56:46:1a:3c:37:3a:2d:f7:a3:70:
14:db:74:c6:21:09:9b:51:3b:95:c7:46:bd:65:f3:
91:f2:7e:74:60:2d:00:2f:be:33:66:10:97:d1:ec:
8d:7c:d4:95:70:16:e8:2d:a0:a6:90:53:02:54:71:
b3:78:50:2c:93:b7:8e:3b:0c:53:36:5f:a5:75:67:
66:56:8c:3b:2b:fe:d9:4b:79:c2:aa:2e:ad:64:54:
3a:1b:c1:38:de:c3:96:39:81:a7:4e:a1:a7:70:46:
55:d7:4b:2a:ca:dd:cd:56:f2:0f:c5:40:79:0c:95:
26:a6:39:81:be:70:a3:00:57:2b:5d:97:e3:9d:fd:
68:91:1e:99:eb:c4:25:70:79:ac:88:3b:3d:e3:15:
47:f7:1e:f2:45:07:16:18:e0:b0:e5:55:f0:f0:57:
b5:62:97:aa:59:43:e0:f6:07:90:ec:c5:82:92:86:
ae:b3:36:7c:fb:c5:42:ff:0f:68:a5:63:81:c4:e5:
d4:96:22:37:17:31:cf:0c:12:35:13:4a:b1:72:18:
16:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:23:D4:5D:45:F4:2F:5B:91:7D:40:D4:C2:12:02:82:EE:41:C9:E0
X509v3 Authority Key Identifier:
keyid:69:A4:D6:91:6B:93:15:9A:A8:09:84:A9:B3:77:46:83:BB:55:0E:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaTWkWuTFZqoCYSps3dGg7tVDr0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/IyPUXUX0L1uRfUDUwhICgu5ByeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/aaTWkWuTFZqoCYSps3dGg7tVDr0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.166.0/23
62.213.72.0/21
62.213.86.0/24
62.213.94.0/23
62.213.102.0/23
62.213.112.0/23
62.213.116.0/24
185.48.236.0/22
212.24.37.0/24
212.24.39.0-212.24.40.255
212.24.43.0/24
212.24.50.0/24
212.24.57.0/24
212.158.168.0/24
212.158.170.0/23
212.158.174.0/23
217.23.129.0/24
217.23.139.0/24
217.23.152.0/21
IPv6:
2a01:9860::/32
Signature Algorithm: sha256WithRSAEncryption
34:40:28:eb:ed:06:fa:65:37:d7:e1:78:3c:cd:69:90:45:18:
ee:03:75:6f:72:a9:de:6f:3f:37:7e:ed:47:39:3c:e8:a5:dd:
c0:17:a9:57:5f:7a:92:bb:9a:92:2f:8b:63:6a:0e:5e:da:88:
7a:82:f2:23:86:52:71:6b:aa:b9:70:68:ef:c4:54:f9:fd:47:
fa:39:0a:bc:0f:aa:11:c9:4d:00:4a:3b:d2:6a:11:56:89:8b:
3c:59:2e:fa:74:ef:41:51:94:29:29:26:ad:42:3f:a9:04:58:
96:ad:5b:62:bf:b5:a9:cb:e3:8e:f2:f9:e9:d3:da:ad:97:1c:
e1:d8:92:cb:8a:43:49:66:cf:92:4d:cd:ef:47:7b:b9:08:74:
e9:f7:4a:6d:60:e6:a2:08:cb:3b:be:e4:76:44:6b:b2:26:fd:
a2:e0:80:71:2e:bd:d0:51:f5:e4:af:8d:c7:fb:b3:5c:93:4a:
28:af:f5:5d:a2:c3:01:81:da:a2:75:7f:5b:90:da:f4:24:b2:
0a:34:09:20:68:cb:3f:a6:da:c4:f6:ac:33:c1:55:4c:36:f4:
a7:8f:ef:ff:45:77:c5:5b:0f:0b:9e:77:03:57:47:ad:28:de:
5d:38:a9:57:7a:61:0d:21:83:a6:d5:1f:ab:4a:8a:3f:13:1f:
14:a1:00:d6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYVv8EF3QDTHlVjrzP7zhRw0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTRkNjkxNmI5MzE1OWFhODA5ODRhOWIzNzc0NjgzYmI1
NTBlYmQwHhcNMjMwMTAyMDA0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzIzZDQ1ZDQ1ZjQyZjViOTE3ZDQwZDRjMjEyMDI4MmVlNDFjOWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDHNkMZXH70ChY1UDuSNoGQMZi7z
PP1gZle7MgmnfXcy9ATJC54DvDf7/TnjruBz4VZGGjw3Oi33o3AU23TGIQmbUTuV
x0a9ZfOR8n50YC0AL74zZhCX0eyNfNSVcBboLaCmkFMCVHGzeFAsk7eOOwxTNl+l
dWdmVow7K/7ZS3nCqi6tZFQ6G8E43sOWOYGnTqGncEZV10sqyt3NVvIPxUB5DJUm
pjmBvnCjAFcrXZfjnf1okR6Z68QlcHmsiDs94xVH9x7yRQcWGOCw5VXw8Fe1Ypeq
WUPg9geQ7MWCkoauszZ8+8VC/w9opWOBxOXUliI3FzHPDBI1E0qxchgWSQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFCMj1F1F9C9bkX1A1MISAoLuQcngMB8GA1UdIwQY
MBaAFGmk1pFrkxWaqAmEqbN3RoO7VQ69MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFUV2tXdVRGWnFvQ1lTcHMzZEdnN3RWRHIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jMDMxZTUtZmM2Ny00MWY1LThlYmUt
MzE5NzExMDA5N2M5LzEvSXlQVVhVWDBMMXVSZlVEVXdoSUNndTVCeWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jMDMxZTUtZmM2Ny00MWY1LThlYmUtMzE5NzExMDA5N2M5
LzEvYWFUV2tXdVRGWnFvQ1lTcHMzZEdnN3RWRHIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBgAQCAAEwegMEAS63
pgMEAz7VSAMEAD7VVgMEAT7VXgMEAT7VZgMEAT7VcAMEAD7VdAMEArkw7AMEANQY
JTAMAwQA1BgnAwQA1BgoAwQA1BgrAwQA1BgyAwQA1Bg5AwQA1J6oAwQB1J6qAwQB
1J6uAwQA2ReBAwQA2ReLAwQD2ReYMA0EAgACMAcDBQAqAZhgMA0GCSqGSIb3DQEB
CwUAA4IBAQA0QCjr7Qb6ZTfX4Xg8zWmQRRjuA3Vvcqnebz83fu1HOTzopd3AF6lX
X3qSu5qSL4tjag5e2oh6gvIjhlJxa6q5cGjvxFT5/Uf6OQq8D6oRyU0ASjvSahFW
iYs8WS76dO9BUZQpKSatQj+pBFiWrVtiv7Wpy+OO8vnp09qtlxzh2JLLikNJZs+S
Tc3vR3u5CHTp90ptYOaiCMs7vuR2RGuyJv2i4IBxLr3QUfXkr43H+7Nck0oor/Vd
osMBgdqidX9bkNr0JLIKNAkgaMs/ptrE9qwzwVVMNvSnj+//RXfFWw8LnncDV0et
KN5dOKlXemENIYOm1R+rSoo/Ex8UoQDW
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:58 2025 by rpki-client