Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/4b6354-a7a3-4351-a7de-aeac5d9cdc7b/1/1-Tl2dvf0W64u0e8gZdXhmrYcPUY.roa
File: 1-Tl2dvf0W64u0e8gZdXhmrYcPUY.roa (raw, json)
Hash identifier: hbhXoBOPfqooNIskQmKsanAxDxU4IH4QBg7JsAvXAHs=
Subject key identifier: F9:39:76:76:F7:F4:5B:AE:2E:D1:EF:20:65:D5:E1:9A:B6:1C:3D:46
Certificate issuer: /CN=048eefb5b26483561711c990f20ff552ac4e2c9c
Certificate serial: 0189264F7C0F4B6BD94FCB88517788141FFC
Authority key identifier: 04:8E:EF:B5:B2:64:83:56:17:11:C9:90:F2:0F:F5:52:AC:4E:2C:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BI7vtbJkg1YXEcmQ8g_1UqxOLJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/4b6354-a7a3-4351-a7de-aeac5d9cdc7b/1/1-Tl2dvf0W64u0e8gZdXhmrYcPUY.roa
Signing time: Wed 05 Jul 2023 13:48:10 +0000
ROA not before: Wed 05 Jul 2023 13:48:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35805
IP address blocks: 77.92.224.0/19 maxlen: 24
37.110.160.0/19 maxlen: 24
31.146.0.0/16 maxlen: 24
92.54.192.0/18 maxlen: 24
176.221.128.0/17 maxlen: 24
94.43.0.0/16 maxlen: 24
178.134.0.0/16 maxlen: 24
213.217.16.0/22 maxlen: 24
188.123.150.0/24 maxlen: 24
146.255.224.0/19 maxlen: 24
5.152.0.0/17 maxlen: 24
37.232.0.0/17 maxlen: 24
149.3.0.0/17 maxlen: 24
87.253.32.0/19 maxlen: 24
188.123.128.0/19 maxlen: 24
188.169.0.0/16 maxlen: 24
79.99.248.0/21 maxlen: 24
2a01:9c80::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:26:4f:7c:0f:4b:6b:d9:4f:cb:88:51:77:88:14:1f:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048eefb5b26483561711c990f20ff552ac4e2c9c
Validity
Not Before: Jul 5 13:48:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9397676f7f45bae2ed1ef2065d5e19ab61c3d46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ad:7e:79:62:ae:9c:f9:f5:c3:79:94:cf:7a:
0c:4d:8b:b9:e9:ba:ba:ba:d8:41:01:17:5d:c7:ab:
63:0c:71:1b:6a:6d:97:c8:f5:71:a0:aa:f2:ae:8b:
e8:b6:df:09:0d:c1:e0:a8:b3:1c:dc:02:43:2e:2c:
7b:87:cd:51:61:e9:24:0f:41:cf:eb:ad:fc:d7:53:
94:dc:09:cd:de:11:ee:d3:48:30:76:ef:dd:bc:cb:
c1:14:ed:f0:e5:16:67:10:fd:ff:8e:38:34:13:7d:
cc:c7:53:98:53:01:65:19:0b:45:62:aa:32:6a:70:
31:18:b3:f8:97:5a:74:ff:6b:3f:1c:a9:85:5a:f9:
89:90:e5:df:54:f4:41:81:18:30:44:d5:e4:4c:3c:
d6:c1:b0:f5:75:58:62:4b:c4:86:7d:90:d5:50:ae:
91:81:ea:3a:6d:33:f5:08:03:49:5a:12:fd:54:54:
09:79:9b:1d:f4:56:74:96:80:13:a7:a9:cb:d3:4b:
31:20:9c:a9:41:78:af:bb:a3:77:ba:2f:4f:38:42:
50:36:8d:46:21:b8:73:79:18:2d:92:a5:f5:8a:50:
08:aa:fb:5c:40:d5:1f:00:48:6c:5f:13:54:79:99:
d6:eb:e2:20:6b:58:1c:39:d9:d0:4e:fb:41:46:05:
dc:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:39:76:76:F7:F4:5B:AE:2E:D1:EF:20:65:D5:E1:9A:B6:1C:3D:46
X509v3 Authority Key Identifier:
keyid:04:8E:EF:B5:B2:64:83:56:17:11:C9:90:F2:0F:F5:52:AC:4E:2C:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BI7vtbJkg1YXEcmQ8g_1UqxOLJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4b6354-a7a3-4351-a7de-aeac5d9cdc7b/1/1-Tl2dvf0W64u0e8gZdXhmrYcPUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4b6354-a7a3-4351-a7de-aeac5d9cdc7b/1/BI7vtbJkg1YXEcmQ8g_1UqxOLJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.0.0/17
31.146.0.0/16
37.110.160.0/19
37.232.0.0/17
77.92.224.0/19
79.99.248.0/21
87.253.32.0/19
92.54.192.0/18
94.43.0.0/16
146.255.224.0/19
149.3.0.0/17
176.221.128.0/17
178.134.0.0/16
188.123.128.0/19
188.169.0.0/16
213.217.16.0/22
IPv6:
2a01:9c80::/29
Signature Algorithm: sha256WithRSAEncryption
5e:da:9c:37:ac:7c:ce:b5:31:b8:a2:31:b5:ba:1a:12:11:2a:
fb:9d:97:b7:9a:0e:5b:83:d5:fd:11:1d:35:7b:38:07:b8:3c:
2e:b9:15:f3:72:b9:f2:7e:53:bf:4c:85:6c:04:a0:05:9d:af:
b0:2b:a9:cc:82:b9:57:bc:c1:1e:e1:09:a6:80:07:17:3a:0d:
4e:82:76:d2:ef:b1:48:5a:f5:ff:d2:a0:95:4d:c3:6a:01:2b:
76:7e:34:ae:6e:cd:39:d7:86:51:17:8a:31:65:82:83:9f:71:
1a:ba:1b:21:ba:35:d0:f6:9d:bd:a9:19:59:d7:35:3f:84:8b:
c1:a1:d9:dd:14:8d:00:86:2e:09:0f:87:eb:27:b9:56:1b:ea:
16:cf:ac:17:c2:9a:b8:4e:a4:b1:fd:2e:09:17:6f:8d:19:0a:
f9:8c:99:d1:64:f4:67:ce:59:cc:16:81:66:d2:5c:10:e3:fd:
70:5d:03:d4:f2:1c:59:d4:b5:c1:f3:21:8d:e0:60:78:4f:f9:
71:c5:fb:ed:b1:e7:cf:15:35:7c:c1:db:49:7c:97:9e:14:fe:
39:a4:8f:c9:83:5f:52:bb:c7:d5:84:45:5b:8c:a3:71:e7:d7:
03:44:3f:72:f8:c1:18:7f:bb:dc:6f:48:86:97:e6:4a:bb:3b:
2a:e0:5f:89
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYkmT3wPS2vZT8uIUXeIFB/8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0OGVlZmI1YjI2NDgzNTYxNzExYzk5MGYyMGZmNTUyYWM0
ZTJjOWMwHhcNMjMwNzA1MTM0ODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTM5NzY3NmY3ZjQ1YmFlMmVkMWVmMjA2NWQ1ZTE5YWI2MWMzZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmq1+eWKunPn1w3mUz3oMTYu56bq6
uthBARddx6tjDHEbam2XyPVxoKryrovott8JDcHgqLMc3AJDLix7h81RYekkD0HP
663811OU3AnN3hHu00gwdu/dvMvBFO3w5RZnEP3/jjg0E33Mx1OYUwFlGQtFYqoy
anAxGLP4l1p0/2s/HKmFWvmJkOXfVPRBgRgwRNXkTDzWwbD1dVhiS8SGfZDVUK6R
geo6bTP1CANJWhL9VFQJeZsd9FZ0loATp6nL00sxIJypQXivu6N3ui9POEJQNo1G
IbhzeRgtkqX1ilAIqvtcQNUfAEhsXxNUeZnW6+Iga1gcOdnQTvtBRgXcYwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFPk5dnb39FuuLtHvIGXV4Zq2HD1GMB8GA1UdIwQY
MBaAFASO77WyZINWFxHJkPIP9VKsTiycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkk3dnRiSmtnMVlYRWNtUThnXzFVcXhPTEp3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80YjYzNTQtYTdhMy00MzUxLWE3ZGUt
YWVhYzVkOWNkYzdiLzEvMS1UbDJkdmYwVzY0dTBlOGdaZFhobXJZY1BVWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjEvNGI2MzU0LWE3YTMtNDM1MS1hN2RlLWFlYWM1ZDljZGM3
Yi8xL0JJN3Z0YkprZzFZWEVjbVE4Z18xVXF4T0xKdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBhAYIKwYBBQUHAQcBAf8EdTBzMGIEAgABMFwDBAcFmAAD
AwAfkgMEBSVuoAMEByXoAAMEBU1c4AMEA09j+AMEBVf9IAMEBlw2wAMDAF4rAwQF
kv/gAwQHlQMAAwQHsN2AAwMAsoYDBAW8e4ADAwC8qQMEAtXZEDANBAIAAjAHAwUD
KgGcgDANBgkqhkiG9w0BAQsFAAOCAQEAXtqcN6x8zrUxuKIxtboaEhEq+52Xt5oO
W4PV/REdNXs4B7g8LrkV83K58n5Tv0yFbASgBZ2vsCupzIK5V7zBHuEJpoAHFzoN
ToJ20u+xSFr1/9KglU3DagErdn40rm7NOdeGUReKMWWCg59xGrobIbo10PadvakZ
Wdc1P4SLwaHZ3RSNAIYuCQ+H6ye5VhvqFs+sF8KauE6ksf0uCRdvjRkK+YyZ0WT0
Z85ZzBaBZtJcEOP9cF0D1PIcWdS1wfMhjeBgeE/5ccX77bHnzxU1fMHbSXyXnhT+
OaSPyYNfUrvH1YRFW4yjcefXA0Q/cvjBGH+73G9IhpfmSrs7KuBfiQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:21:01 2025 by rpki-client