Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/7Nqi326A4AlmCQ4QWGKJ2zxkHow.roa
File: 7Nqi326A4AlmCQ4QWGKJ2zxkHow.roa (raw, json)
Hash identifier: 6MkUiiumFlTD5lmNdOYDHaclyuTtnettjXSGbnZ4kBU=
Subject key identifier: EC:DA:A2:DF:6E:80:E0:09:66:09:0E:10:58:62:89:DB:3C:64:1E:8C
Certificate issuer: /CN=ab8c6c58b607ff23ae7175a61682c75480f1e214
Certificate serial: 018BDE11FC2E16E0FE7E7ADC86A9FA47A5C9
Authority key identifier: AB:8C:6C:58:B6:07:FF:23:AE:71:75:A6:16:82:C7:54:80:F1:E2:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4xsWLYH_yOucXWmFoLHVIDx4hQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/7Nqi326A4AlmCQ4QWGKJ2zxkHow.roa
Signing time: Fri 17 Nov 2023 16:16:42 +0000
ROA not before: Fri 17 Nov 2023 16:16:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39737
IP address blocks: 77.93.176.0/20 maxlen: 20
89.46.160.0/22 maxlen: 22
77.93.160.0/23 maxlen: 23
77.93.162.0/24 maxlen: 24
77.93.164.0/22 maxlen: 22
77.93.168.0/22 maxlen: 22
86.107.183.0/24 maxlen: 24
89.43.193.0/24 maxlen: 24
94.177.32.0/21 maxlen: 21
188.247.226.0/23 maxlen: 23
94.177.40.0/21 maxlen: 21
188.247.238.0/24 maxlen: 24
188.247.239.0/24 maxlen: 24
188.247.240.0/21 maxlen: 21
188.247.248.0/21 maxlen: 21
188.247.252.0/22 maxlen: 22
193.58.243.0/24 maxlen: 24
92.55.152.0/24 maxlen: 24
92.55.153.0/24 maxlen: 24
92.55.154.0/24 maxlen: 24
194.102.221.0/24 maxlen: 24
193.254.242.0/23 maxlen: 23
89.44.232.0/22 maxlen: 22
89.18.0.0/21 maxlen: 21
89.18.1.0/24 maxlen: 24
89.18.2.0/24 maxlen: 24
89.18.0.0/20 maxlen: 20
89.18.0.0/24 maxlen: 24
89.18.4.0/24 maxlen: 24
89.18.3.0/24 maxlen: 24
89.18.5.0/24 maxlen: 24
89.18.8.0/24 maxlen: 24
89.18.9.0/24 maxlen: 24
89.18.6.0/24 maxlen: 24
89.18.7.0/24 maxlen: 24
89.18.11.0/24 maxlen: 24
89.18.10.0/24 maxlen: 24
89.18.12.0/24 maxlen: 24
89.18.15.0/24 maxlen: 24
89.18.13.0/24 maxlen: 24
89.18.14.0/24 maxlen: 24
89.38.140.0/22 maxlen: 22
188.247.129.0/24 maxlen: 24
89.35.74.0/23 maxlen: 23
188.247.132.0/23 maxlen: 23
92.55.131.0/24 maxlen: 24
92.55.132.0/24 maxlen: 24
92.55.134.0/24 maxlen: 24
92.55.135.0/24 maxlen: 24
92.55.144.0/21 maxlen: 21
89.18.31.0/24 maxlen: 24
86.105.181.0/24 maxlen: 24
195.20.145.0/24 maxlen: 24
89.47.224.0/21 maxlen: 21
89.37.120.0/21 maxlen: 21
87.243.0.0/21 maxlen: 21
89.34.72.0/23 maxlen: 23
2a00:1480:1::/48 maxlen: 48
2a00:1480:5::/48 maxlen: 48
2a00:1480::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:de:11:fc:2e:16:e0:fe:7e:7a:dc:86:a9:fa:47:a5:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab8c6c58b607ff23ae7175a61682c75480f1e214
Validity
Not Before: Nov 17 16:16:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ecdaa2df6e80e00966090e10586289db3c641e8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:54:ba:ba:84:60:3d:9c:ea:e1:46:16:71:43:
c4:31:94:50:14:df:1d:9b:c6:e0:38:46:af:be:72:
e5:3e:40:63:d8:2c:80:c9:ee:2b:a6:a9:21:f8:d0:
f4:ee:8e:5d:4b:7b:57:f8:eb:c9:78:6f:0d:41:fe:
e3:4d:ef:d6:10:ef:04:75:41:2e:f6:b5:af:17:ef:
f9:f3:e5:3a:44:17:ab:59:7e:9c:19:92:3c:21:c0:
3d:bb:26:cd:9e:b1:99:8b:f7:16:47:c4:c8:57:ca:
38:da:70:b7:a6:93:37:b7:6a:51:b8:ee:13:b7:6b:
3b:13:08:d1:b4:70:d7:d8:4f:33:f6:cb:1f:f6:fa:
9c:01:f6:95:0c:22:c6:bc:e6:7c:f1:8f:fc:22:71:
69:d8:13:e5:d5:17:73:48:15:44:93:47:88:a4:71:
db:c2:72:b8:b0:1e:0a:35:61:01:66:7e:f0:29:b2:
3a:25:a9:0b:07:f3:f3:21:c0:e6:b6:28:d8:d6:d0:
a5:9a:b1:2c:3f:5f:35:54:d1:08:44:b8:49:a0:0d:
dc:3d:1a:cf:89:e0:10:55:da:a6:08:b1:dd:b8:66:
76:ec:0a:d1:cc:00:b3:6a:68:b2:25:df:66:f8:57:
86:b5:d0:8f:b2:d6:36:7c:f7:e3:d0:04:f7:d5:ec:
28:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:DA:A2:DF:6E:80:E0:09:66:09:0E:10:58:62:89:DB:3C:64:1E:8C
X509v3 Authority Key Identifier:
keyid:AB:8C:6C:58:B6:07:FF:23:AE:71:75:A6:16:82:C7:54:80:F1:E2:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4xsWLYH_yOucXWmFoLHVIDx4hQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/7Nqi326A4AlmCQ4QWGKJ2zxkHow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/q4xsWLYH_yOucXWmFoLHVIDx4hQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.160.0-77.93.162.255
77.93.164.0-77.93.171.255
77.93.176.0/20
86.105.181.0/24
86.107.183.0/24
87.243.0.0/21
89.18.0.0/20
89.18.31.0/24
89.34.72.0/23
89.35.74.0/23
89.37.120.0/21
89.38.140.0/22
89.43.193.0/24
89.44.232.0/22
89.46.160.0/22
89.47.224.0/21
92.55.131.0-92.55.132.255
92.55.134.0/23
92.55.144.0-92.55.154.255
94.177.32.0/20
188.247.129.0/24
188.247.132.0/23
188.247.226.0/23
188.247.238.0-188.247.255.255
193.58.243.0/24
193.254.242.0/23
194.102.221.0/24
195.20.145.0/24
IPv6:
2a00:1480::/47
2a00:1480:5::/48
Signature Algorithm: sha256WithRSAEncryption
45:f6:19:7a:17:0e:d3:a3:27:68:1d:9e:ff:07:69:ef:d3:83:
5a:3e:01:2c:80:35:c5:47:18:3f:31:b6:1d:7c:75:60:8c:f8:
b5:dc:5b:e0:05:4c:e8:78:8a:03:d6:3f:58:77:c3:05:15:6a:
47:0b:db:f9:9c:1d:0f:1e:69:5f:df:1a:21:48:3f:0c:53:c3:
04:39:1c:44:53:a5:08:94:d4:51:15:76:ad:7d:69:32:dc:1a:
43:aa:13:ec:b2:09:61:4d:bd:38:67:98:e5:dd:c4:87:ef:59:
a6:ef:c2:36:55:e4:89:df:08:18:63:78:c2:61:54:6c:66:e8:
47:c5:b1:61:d8:df:c7:45:74:00:90:56:e2:ce:a0:5d:47:21:
c9:7c:8e:eb:c4:b7:f7:20:86:ae:55:4d:b4:9e:4c:7d:22:9f:
f9:28:4d:cf:be:39:31:e1:23:7b:3d:b3:46:9b:31:4f:51:a6:
6c:11:35:51:b7:af:39:d6:e2:35:70:45:88:f3:74:f1:32:88:
f3:ab:f8:b2:f9:fe:81:5c:4a:d5:1d:77:a5:8a:93:e3:23:c6:
37:66:ac:db:4f:4c:68:40:a2:df:b9:90:e8:6a:90:d9:8e:9d:
be:07:0c:7e:d1:36:0b:e0:70:cf:47:1a:01:4b:c9:21:2e:e0:
cb:31:f2:54
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgISAYveEfwuFuD+fnrchqn6R6XJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOGM2YzU4YjYwN2ZmMjNhZTcxNzVhNjE2ODJjNzU0ODBm
MWUyMTQwHhcNMjMxMTE3MTYxNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2RhYTJkZjZlODBlMDA5NjYwOTBlMTA1ODYyODlkYjNjNjQxZThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1S6uoRgPZzq4UYWcUPEMZRQFN8d
m8bgOEavvnLlPkBj2CyAye4rpqkh+ND07o5dS3tX+OvJeG8NQf7jTe/WEO8EdUEu
9rWvF+/58+U6RBerWX6cGZI8IcA9uybNnrGZi/cWR8TIV8o42nC3ppM3t2pRuO4T
t2s7EwjRtHDX2E8z9ssf9vqcAfaVDCLGvOZ88Y/8InFp2BPl1RdzSBVEk0eIpHHb
wnK4sB4KNWEBZn7wKbI6JakLB/PzIcDmtijY1tClmrEsP181VNEIRLhJoA3cPRrP
ieAQVdqmCLHduGZ27ArRzACzamiyJd9m+FeGtdCPstY2fPfj0AT31ewo3QIDAQAB
o4IC8jCCAu4wHQYDVR0OBBYEFOzaot9ugOAJZgkOEFhiids8ZB6MMB8GA1UdIwQY
MBaAFKuMbFi2B/8jrnF1phaCx1SA8eIUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTR4c1dMWUhfeU91Y1hXbUZvTEhWSUR4NGhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lZmI4ZWUtYzVjNC00NDY3LWEwY2Mt
ODhhM2M0MWZhZWUyLzEvN05xaTMyNkE0QWxtQ1E0UVdHS0oyenhrSG93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lZmI4ZWUtYzVjNC00NDY3LWEwY2MtODhhM2M0MWZhZWUy
LzEvcTR4c1dMWUhfeU91Y1hXbUZvTEhWSUR4NGhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBgYIKwYBBQUHAQcBAf8EgfYwgfMwgdYEAgABMIHPMAwD
BAVNXaADBABNXaIwDAMEAk1dpAMEAk1dqAMEBE1dsAMEAFZptQMEAFZrtwMEA1fz
AAMEBFkSAAMEAFkSHwMEAVkiSAMEAVkjSgMEA1kleAMEAlkmjAMEAFkrwQMEAlks
6AMEAlkuoAMEA1kv4DAMAwQAXDeDAwQAXDeEAwQBXDeGMAwDBARcN5ADBABcN5oD
BAResSADBAC894EDBAG894QDBAG89+IwCwMEAbz37gMDA7zwAwQAwTrzAwQBwf7y
AwQAwmbdAwQAwxSRMBgEAgACMBIDBwEqABSAAAADBwAqABSAAAUwDQYJKoZIhvcN
AQELBQADggEBAEX2GXoXDtOjJ2gdnv8Hae/Tg1o+ASyANcVHGD8xth18dWCM+LXc
W+AFTOh4igPWP1h3wwUVakcL2/mcHQ8eaV/fGiFIPwxTwwQ5HERTpQiU1FEVdq19
aTLcGkOqE+yyCWFNvThnmOXdxIfvWabvwjZV5InfCBhjeMJhVGxm6EfFsWHY38dF
dACQVuLOoF1HIcl8juvEt/cghq5VTbSeTH0in/koTc++OTHhI3s9s0abMU9RpmwR
NVG3rznW4jVwRYjzdPEyiPOr+LL5/oFcStUdd6WKk+MjxjdmrNtPTGhAot+5kOhq
kNmOnb4HDH7RNgvgcM9HGgFLySEu4Msx8lQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:50 2025 by rpki-client