Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/MDtIaQb4YQg6yaPXmyCBvgGB7Wc.roa
File: MDtIaQb4YQg6yaPXmyCBvgGB7Wc.roa (raw, json)
Hash identifier: wKOwcK0d0eRmQckLe4iMt8T1HFg7la17ufTo8Ef+EnE=
Subject key identifier: 30:3B:48:69:06:F8:61:08:3A:C9:A3:D7:9B:20:81:BE:01:81:ED:67
Certificate issuer: /CN=f7aa039b886b226578bdb6a42781bf59044bb138
Certificate serial: 01856E5D4C4B6E9048E11DB7A8C0691C40DA
Authority key identifier: F7:AA:03:9B:88:6B:22:65:78:BD:B6:A4:27:81:BF:59:04:4B:B1:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/96oDm4hrImV4vbakJ4G_WQRLsTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/MDtIaQb4YQg6yaPXmyCBvgGB7Wc.roa
Signing time: Sun 01 Jan 2023 17:24:46 +0000
ROA not before: Sun 01 Jan 2023 17:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31191
IP address blocks: 213.135.93.0/24 maxlen: 25
213.208.185.0/24 maxlen: 25
84.47.137.0/24 maxlen: 25
213.135.68.0/24 maxlen: 25
213.135.75.0/24 maxlen: 25
213.135.76.0/24 maxlen: 25
213.135.78.0/24 maxlen: 25
84.47.188.0/24 maxlen: 25
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:4c:4b:6e:90:48:e1:1d:b7:a8:c0:69:1c:40:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7aa039b886b226578bdb6a42781bf59044bb138
Validity
Not Before: Jan 1 17:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=303b486906f861083ac9a3d79b2081be0181ed67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:7f:c0:b5:19:29:9d:ca:fe:68:61:dd:5f:ef:
df:13:d9:75:c6:23:46:3d:ea:18:ed:7f:29:73:19:
01:17:bd:a7:6a:7c:a1:17:9f:8c:1b:6a:e4:31:50:
38:a4:10:55:fe:72:0e:96:11:a7:46:90:13:70:50:
2f:6e:8a:b0:54:d2:b3:e3:dc:ab:b1:b4:f5:b5:2b:
6e:50:09:a3:e4:5f:f9:d2:49:21:f9:95:74:07:45:
39:93:84:fe:95:f2:2b:10:69:e7:32:b1:fe:29:71:
09:ea:5e:ba:76:52:23:8c:f4:c0:2e:29:01:22:33:
04:13:2b:e2:6c:aa:b1:db:da:84:55:54:c1:e3:e9:
c2:d0:21:37:79:05:4e:57:b2:0e:0c:cd:79:87:57:
54:f0:24:c3:ea:c5:12:94:04:ee:79:54:39:8e:39:
5e:c0:e8:b0:7f:49:f8:04:ec:5e:1b:0b:b7:5b:80:
81:17:b3:45:6a:b5:89:04:28:b7:82:11:96:65:06:
f8:0e:9d:fc:d5:fb:67:a4:03:c5:1b:32:fe:06:dd:
7d:1f:0f:f1:4a:ca:e3:1d:15:4f:50:45:e8:a6:3b:
2e:2a:05:94:9e:26:62:92:83:82:82:0d:8b:1a:8b:
50:69:34:25:fb:f8:a9:03:d2:f6:49:a9:6d:2e:46:
b8:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:3B:48:69:06:F8:61:08:3A:C9:A3:D7:9B:20:81:BE:01:81:ED:67
X509v3 Authority Key Identifier:
keyid:F7:AA:03:9B:88:6B:22:65:78:BD:B6:A4:27:81:BF:59:04:4B:B1:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/96oDm4hrImV4vbakJ4G_WQRLsTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/MDtIaQb4YQg6yaPXmyCBvgGB7Wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/96oDm4hrImV4vbakJ4G_WQRLsTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.47.137.0/24
84.47.188.0/24
213.135.68.0/24
213.135.75.0-213.135.76.255
213.135.78.0/24
213.135.93.0/24
213.208.185.0/24
Signature Algorithm: sha256WithRSAEncryption
79:13:7c:8b:9c:83:59:79:88:9e:39:27:0d:c7:39:e0:c1:bb:
37:55:03:6d:bc:73:f4:ce:bd:eb:f4:f9:f3:5a:49:dc:2d:e1:
79:74:a2:e2:3f:18:71:19:fb:63:bb:25:97:b7:2e:39:c4:bf:
a4:c2:9e:9d:88:45:86:bd:df:89:6c:29:cf:43:48:be:2f:2c:
5f:e2:d3:39:bf:53:73:9e:e0:31:01:2a:ff:5f:14:6a:00:39:
a2:9d:0f:37:d0:4b:8b:30:99:b2:05:e7:88:1d:d4:06:8b:0b:
39:33:1c:41:0d:a9:f5:89:36:28:ab:36:7e:5b:49:f3:52:09:
07:36:b0:c5:f6:f0:33:5b:44:12:17:e6:69:3f:f0:b3:19:21:
d0:b1:a6:76:6a:46:89:90:15:c6:8a:c3:f2:43:f6:37:04:8e:
14:e6:f8:95:8d:a4:00:c6:b5:10:ff:25:a3:4d:94:72:61:ab:
10:09:2a:b6:6f:e5:c1:a7:33:cf:ca:16:82:15:7b:d7:80:31:
e5:1c:0e:dc:b7:5c:52:1f:67:b5:98:32:7d:43:0b:ec:bf:fc:
91:cd:3f:9d:83:67:c6:a7:67:8f:4a:05:76:82:71:d8:90:a5:
ae:50:2d:86:e8:cb:ba:8d:58:f8:b0:28:fa:63:cf:72:32:1b:
71:e4:fb:51
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVuXUxLbpBI4R23qMBpHEDaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YWEwMzliODg2YjIyNjU3OGJkYjZhNDI3ODFiZjU5MDQ0
YmIxMzgwHhcNMjMwMTAxMTcyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDNiNDg2OTA2Zjg2MTA4M2FjOWEzZDc5YjIwODFiZTAxODFlZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyX/AtRkpncr+aGHdX+/fE9l1xiNG
PeoY7X8pcxkBF72nanyhF5+MG2rkMVA4pBBV/nIOlhGnRpATcFAvboqwVNKz49yr
sbT1tStuUAmj5F/50kkh+ZV0B0U5k4T+lfIrEGnnMrH+KXEJ6l66dlIjjPTALikB
IjMEEyvibKqx29qEVVTB4+nC0CE3eQVOV7IODM15h1dU8CTD6sUSlATueVQ5jjle
wOiwf0n4BOxeGwu3W4CBF7NFarWJBCi3ghGWZQb4Dp381ftnpAPFGzL+Bt19Hw/x
SsrjHRVPUEXopjsuKgWUniZikoOCgg2LGotQaTQl+/ipA9L2SaltLka4jwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFDA7SGkG+GEIOsmj15sggb4Bge1nMB8GA1UdIwQY
MBaAFPeqA5uIayJleL22pCeBv1kES7E4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTZvRG00aHJJbVY0dmJha0o0R19XUVJMc1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80YmJkNmMtOTFlZi00NDYxLTgyMWIt
NmY2MjFkNzM2YWZmLzEvTUR0SWFRYjRZUWc2eWFQWG15Q0J2Z0dCN1djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS80YmJkNmMtOTFlZi00NDYxLTgyMWItNmY2MjFkNzM2YWZm
LzEvOTZvRG00aHJJbVY0dmJha0o0R19XUVJMc1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAVC+JAwQA
VC+8AwQA1YdEMAwDBADVh0sDBADVh0wDBADVh04DBADVh10DBADV0LkwDQYJKoZI
hvcNAQELBQADggEBAHkTfIucg1l5iJ45Jw3HOeDBuzdVA228c/TOvev0+fNaSdwt
4Xl0ouI/GHEZ+2O7JZe3LjnEv6TCnp2IRYa934lsKc9DSL4vLF/i0zm/U3Oe4DEB
Kv9fFGoAOaKdDzfQS4swmbIF54gd1AaLCzkzHEENqfWJNiirNn5bSfNSCQc2sMX2
8DNbRBIX5mk/8LMZIdCxpnZqRomQFcaKw/JD9jcEjhTm+JWNpADGtRD/JaNNlHJh
qxAJKrZv5cGnM8/KFoIVe9eAMeUcDty3XFIfZ7WYMn1DC+y//JHNP52DZ8anZ49K
BXaCcdiQpa5QLYboy7qNWPiwKPpjz3IyG3Hk+1E=
-----END CERTIFICATE-----
Generated at Wed Apr 23 02:19:00 2025 by rpki-client