Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/aZuNFTfycHS89_lTeKWPSwUGWv4.roa
File: aZuNFTfycHS89_lTeKWPSwUGWv4.roa (raw, json)
Hash identifier: 7O1TIkiWdOh7KMticsKl4XWQllOyaz450t0Z7o+/Va8=
Subject key identifier: 69:9B:8D:15:37:F2:70:74:BC:F7:F9:53:78:A5:8F:4B:05:06:5A:FE
Certificate issuer: /CN=b9df156ee18b6958d4306b6311b4a086763eff62
Certificate serial: 018C07247EE6EE3F1D040186D8A92F1ADABB
Authority key identifier: B9:DF:15:6E:E1:8B:69:58:D4:30:6B:63:11:B4:A0:86:76:3E:FF:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ud8VbuGLaVjUMGtjEbSghnY-_2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/aZuNFTfycHS89_lTeKWPSwUGWv4.roa
Signing time: Sat 25 Nov 2023 15:41:21 +0000
ROA not before: Sat 25 Nov 2023 15:41:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60798
IP address blocks: 37.156.244.0/24 maxlen: 24
89.45.228.0/24 maxlen: 24
185.116.60.0/24 maxlen: 24
2a0c:79c0:5::/48 maxlen: 48
2a0c:79c0:3::/48 maxlen: 48
2a0c:79c0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:07:24:7e:e6:ee:3f:1d:04:01:86:d8:a9:2f:1a:da:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9df156ee18b6958d4306b6311b4a086763eff62
Validity
Not Before: Nov 25 15:41:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=699b8d1537f27074bcf7f95378a58f4b05065afe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:14:2a:eb:69:b6:31:b1:d9:e7:f2:f5:b5:24:
97:0d:73:60:eb:de:b4:76:04:11:e5:3f:38:b3:2f:
d5:7d:84:26:8c:e3:86:4c:86:15:d9:70:49:cd:f2:
cb:6d:2f:77:80:b6:eb:e0:12:58:3a:2e:de:64:f0:
a2:e9:24:77:eb:6a:9e:e5:f6:d3:56:67:8e:28:54:
a4:ef:21:71:b1:3e:81:60:5b:07:8b:72:cf:6b:ff:
cb:70:e9:af:99:55:86:2c:95:aa:cb:7f:ca:cc:5a:
3f:6b:aa:d3:40:8b:e7:3c:2c:f3:a9:32:d6:38:61:
d1:49:3f:6a:5c:21:89:0e:63:43:e1:85:54:7c:56:
81:f9:29:6d:a3:c7:a7:db:3a:cd:27:2a:62:87:ac:
39:87:9f:84:e9:e0:50:03:bd:4c:7c:48:6d:47:3a:
59:a7:ac:fa:67:ac:61:c9:e0:fe:11:74:2e:95:e9:
96:4b:da:a9:b2:c8:7d:62:42:9f:de:fe:02:5a:27:
56:9a:ef:8c:c0:6e:c4:06:74:47:98:04:e4:a5:2f:
57:55:a6:63:e0:bf:9b:4c:0f:2d:f6:1e:50:74:b9:
88:84:ab:5f:fe:5d:84:b4:67:7e:76:97:99:02:32:
55:a3:1b:9e:b2:e4:09:74:d2:3d:45:d0:ae:84:09:
51:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:9B:8D:15:37:F2:70:74:BC:F7:F9:53:78:A5:8F:4B:05:06:5A:FE
X509v3 Authority Key Identifier:
keyid:B9:DF:15:6E:E1:8B:69:58:D4:30:6B:63:11:B4:A0:86:76:3E:FF:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ud8VbuGLaVjUMGtjEbSghnY-_2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/aZuNFTfycHS89_lTeKWPSwUGWv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/ud8VbuGLaVjUMGtjEbSghnY-_2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.244.0/24
89.45.228.0/24
185.116.60.0/24
IPv6:
2a0c:79c0:1::/48
2a0c:79c0:3::/48
2a0c:79c0:5::/48
Signature Algorithm: sha256WithRSAEncryption
aa:37:36:01:46:cd:a0:4d:71:02:f3:98:4b:b3:88:37:ef:8f:
f0:83:a7:e7:7e:49:ba:93:17:e0:8b:77:be:7d:e1:47:7f:3c:
3d:05:ff:57:61:5b:fd:8f:76:3e:ca:0d:63:e4:bc:fa:a0:4c:
a0:9b:a0:b1:42:e7:9e:ba:17:60:e7:2a:f8:e6:15:b4:57:c1:
e1:6e:a5:a5:10:17:f7:cf:1e:d6:40:a0:1a:03:7c:9c:dc:69:
05:3c:15:3a:d1:1d:fa:d0:c6:89:1d:bf:76:42:80:5a:c7:4c:
7e:a3:b9:82:65:e4:fe:4e:0a:08:41:7f:52:79:bc:47:56:c3:
15:0b:8f:ed:96:46:a9:57:0b:df:30:78:49:9e:0c:a0:69:7b:
1d:51:7b:22:44:88:b6:af:ce:40:93:de:1c:ea:bb:88:cb:94:
aa:03:c9:20:bc:34:f9:f9:6d:bd:2e:3d:e1:2a:29:f3:47:c0:
43:3b:b6:61:d9:c3:a3:74:2b:01:7e:e3:4e:73:59:91:11:f9:
db:d8:01:a1:64:78:a4:20:ef:43:19:de:fa:98:84:77:db:b1:
e1:a0:a3:80:07:d4:26:85:cc:a2:0d:6d:31:84:42:0d:9a:cb:
ac:9d:67:75:04:6d:76:e4:12:9d:2e:66:7a:ce:63:a3:4f:b7:
85:bd:c9:41
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYwHJH7m7j8dBAGG2KkvGtq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZGYxNTZlZTE4YjY5NThkNDMwNmI2MzExYjRhMDg2NzYz
ZWZmNjIwHhcNMjMxMTI1MTU0MTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTliOGQxNTM3ZjI3MDc0YmNmN2Y5NTM3OGE1OGY0YjA1MDY1YWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxQq62m2MbHZ5/L1tSSXDXNg6960
dgQR5T84sy/VfYQmjOOGTIYV2XBJzfLLbS93gLbr4BJYOi7eZPCi6SR362qe5fbT
VmeOKFSk7yFxsT6BYFsHi3LPa//LcOmvmVWGLJWqy3/KzFo/a6rTQIvnPCzzqTLW
OGHRST9qXCGJDmND4YVUfFaB+Slto8en2zrNJypih6w5h5+E6eBQA71MfEhtRzpZ
p6z6Z6xhyeD+EXQulemWS9qpssh9YkKf3v4CWidWmu+MwG7EBnRHmATkpS9XVaZj
4L+bTA8t9h5QdLmIhKtf/l2EtGd+dpeZAjJVoxuesuQJdNI9RdCuhAlRdQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFGmbjRU38nB0vPf5U3ilj0sFBlr+MB8GA1UdIwQY
MBaAFLnfFW7hi2lY1DBrYxG0oIZ2Pv9iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWQ4VmJ1R0xhVmpVTUd0akViU2doblktXzJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9kNjQ2MWYtMTdlMy00OTg2LWE1ZjYt
NzJhNGIzYTliYjQ0LzEvYVp1TkZUZnljSFM4OV9sVGVLV1BTd1VHV3Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9kNjQ2MWYtMTdlMy00OTg2LWE1ZjYtNzJhNGIzYTliYjQ0
LzEvdWQ4VmJ1R0xhVmpVTUd0akViU2doblktXzJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQAJZz0AwQA
WS3kAwQAuXQ8MCEEAgACMBsDBwAqDHnAAAEDBwAqDHnAAAMDBwAqDHnAAAUwDQYJ
KoZIhvcNAQELBQADggEBAKo3NgFGzaBNcQLzmEuziDfvj/CDp+d+SbqTF+CLd759
4Ud/PD0F/1dhW/2Pdj7KDWPkvPqgTKCboLFC5566F2DnKvjmFbRXweFupaUQF/fP
HtZAoBoDfJzcaQU8FTrRHfrQxokdv3ZCgFrHTH6juYJl5P5OCghBf1J5vEdWwxUL
j+2WRqlXC98weEmeDKBpex1ReyJEiLavzkCT3hzqu4jLlKoDySC8NPn5bb0uPeEq
KfNHwEM7tmHZw6N0KwF+405zWZER+dvYAaFkeKQg70MZ3vqYhHfbseGgo4AH1CaF
zKINbTGEQg2ay6ydZ3UEbXbkEp0uZnrOY6NPt4W9yUE=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:27:05 2025 by rpki-client