Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/XdK-CymrI7B1gziAjhmlKE-RLKI.roa
File: XdK-CymrI7B1gziAjhmlKE-RLKI.roa (raw, json)
Hash identifier: spgb1GYX43geUK9xQ6kkD5TW8qBLdOo/yap4QusKZvk=
Subject key identifier: 5D:D2:BE:0B:29:AB:23:B0:75:83:38:80:8E:19:A5:28:4F:91:2C:A2
Certificate issuer: /CN=cbd745ebfcec382df252c2f750db648f4f034abf
Certificate serial: 018BCFE165D743D5F56BF64920119E9B1F9E
Authority key identifier: CB:D7:45:EB:FC:EC:38:2D:F2:52:C2:F7:50:DB:64:8F:4F:03:4A:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9dF6_zsOC3yUsL3UNtkj08DSr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/XdK-CymrI7B1gziAjhmlKE-RLKI.roa
Signing time: Tue 14 Nov 2023 22:08:57 +0000
ROA not before: Tue 14 Nov 2023 22:08:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3209
IP address blocks: 146.60.0.0/16 maxlen: 24
213.23.0.0/16 maxlen: 24
82.82.0.0/20 maxlen: 20
82.82.0.0/15 maxlen: 24
212.144.0.0/16 maxlen: 24
92.208.0.0/14 maxlen: 24
92.72.0.0/13 maxlen: 24
92.212.0.0/15 maxlen: 24
195.50.128.0/18 maxlen: 18
176.94.0.0/17 maxlen: 24
85.238.224.0/19 maxlen: 19
145.254.0.0/16 maxlen: 24
213.128.96.0/19 maxlen: 19
145.253.0.0/20 maxlen: 20
145.253.0.0/16 maxlen: 16
92.214.0.0/15 maxlen: 24
195.158.128.0/19 maxlen: 19
176.94.128.0/17 maxlen: 24
84.56.0.0/13 maxlen: 24
94.216.0.0/13 maxlen: 24
193.25.240.0/22 maxlen: 22
193.25.244.0/23 maxlen: 23
176.95.0.0/16 maxlen: 24
193.25.247.0/24 maxlen: 24
185.2.132.0/22 maxlen: 24
188.96.0.0/12 maxlen: 24
88.64.0.0/12 maxlen: 24
178.0.0.0/12 maxlen: 24
92.216.0.0/14 maxlen: 24
2a00:20::/32 maxlen: 48
2a00::/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cf:e1:65:d7:43:d5:f5:6b:f6:49:20:11:9e:9b:1f:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd745ebfcec382df252c2f750db648f4f034abf
Validity
Not Before: Nov 14 22:08:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dd2be0b29ab23b0758338808e19a5284f912ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8a:ce:68:6e:e6:2f:e1:d2:e8:e0:e2:36:43:
ab:93:56:91:38:3c:17:b3:39:6a:0f:d3:a2:07:f5:
b6:1b:4c:ae:c9:d7:74:ed:61:29:89:86:1c:47:b0:
f1:51:10:d3:8e:7f:fb:b6:53:8c:6d:d8:81:85:a5:
96:0a:a9:7a:f4:3f:61:c0:27:76:e4:5b:52:e4:e8:
6d:24:8d:6a:25:16:ab:67:82:ea:b8:08:af:74:49:
43:a0:63:cf:2d:4c:de:ad:96:0c:08:54:73:28:72:
1b:3f:99:19:f3:a2:ab:da:7e:49:90:9a:2a:e9:2f:
6b:8f:34:50:92:6e:fa:58:e0:9c:fb:3a:a7:bf:c5:
71:af:13:e1:22:16:e0:da:2b:89:bc:2d:2c:46:ea:
2a:e1:fe:b1:86:89:52:16:82:20:8e:e9:71:a0:2f:
ad:73:08:18:cd:bb:9b:49:ff:aa:5f:8e:eb:67:7c:
c8:09:3b:15:5a:2e:ae:ba:f3:93:5d:cb:6e:ad:dc:
d6:10:70:68:9f:f7:2d:22:f4:26:f8:58:b6:ff:e5:
b6:ee:68:bd:30:9c:1c:a8:5a:77:a2:8e:0d:96:0c:
7d:84:8e:51:e4:b5:18:cb:8d:99:2f:55:79:a8:05:
9e:7c:ec:27:39:50:42:ab:e1:ea:db:b6:f2:35:de:
a8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D2:BE:0B:29:AB:23:B0:75:83:38:80:8E:19:A5:28:4F:91:2C:A2
X509v3 Authority Key Identifier:
keyid:CB:D7:45:EB:FC:EC:38:2D:F2:52:C2:F7:50:DB:64:8F:4F:03:4A:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9dF6_zsOC3yUsL3UNtkj08DSr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/XdK-CymrI7B1gziAjhmlKE-RLKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/y9dF6_zsOC3yUsL3UNtkj08DSr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.82.0.0/15
84.56.0.0/13
85.238.224.0/19
88.64.0.0/12
92.72.0.0/13
92.208.0.0-92.219.255.255
94.216.0.0/13
145.253.0.0-145.254.255.255
146.60.0.0/16
176.94.0.0/15
178.0.0.0/12
185.2.132.0/22
188.96.0.0/12
193.25.240.0-193.25.245.255
193.25.247.0/24
195.50.128.0/18
195.158.128.0/19
212.144.0.0/16
213.23.0.0/16
213.128.96.0/19
IPv6:
2a00::/22
Signature Algorithm: sha256WithRSAEncryption
75:3d:4f:0d:25:9d:ea:be:30:f3:13:55:83:c8:92:fc:14:8a:
65:7a:ec:f4:ed:27:1a:96:df:ad:af:7e:91:e5:47:3e:31:c8:
24:fb:30:76:64:45:16:9b:59:98:59:c8:c7:43:a6:41:d8:7b:
43:93:2e:15:85:5e:8b:1f:c0:39:0d:c6:c4:cf:87:fe:82:3e:
dc:94:07:dd:c1:08:ea:47:5d:79:e8:e3:e5:9e:4c:da:dc:6d:
e3:48:e2:f9:b8:8f:99:47:4c:c9:19:a1:fc:2e:18:ac:fd:65:
87:85:24:fe:0f:83:9a:ce:81:bd:ab:eb:a3:2c:40:a1:7f:3b:
2c:26:d5:ce:18:75:8a:2a:87:a7:80:55:04:11:b9:3b:5c:3f:
ac:6e:14:7f:64:85:07:e4:36:48:b9:32:98:75:d7:ac:cb:e0:
66:79:c5:9d:54:0b:15:39:6a:38:30:8e:c6:64:29:7c:dd:4b:
f7:5f:ca:dd:92:90:aa:1f:28:d5:9b:6a:33:20:01:00:39:11:
7e:f7:66:1b:6a:39:4c:0a:b8:93:8e:3c:5a:b3:f4:e7:14:da:
b1:53:13:d4:fd:ca:a9:0c:88:07:be:17:61:24:21:c9:7e:75:
86:f4:fc:c3:19:14:05:9f:c2:07:1f:41:60:c0:0b:64:af:6d:
cf:d6:f8:3f
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAYvP4WXXQ9X1a/ZJIBGemx+eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZDc0NWViZmNlYzM4MmRmMjUyYzJmNzUwZGI2NDhmNGYw
MzRhYmYwHhcNMjMxMTE0MjIwODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGQyYmUwYjI5YWIyM2IwNzU4MzM4ODA4ZTE5YTUyODRmOTEyY2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4rOaG7mL+HS6ODiNkOrk1aRODwX
szlqD9OiB/W2G0yuydd07WEpiYYcR7DxURDTjn/7tlOMbdiBhaWWCql69D9hwCd2
5FtS5OhtJI1qJRarZ4LquAivdElDoGPPLUzerZYMCFRzKHIbP5kZ86Kr2n5JkJoq
6S9rjzRQkm76WOCc+zqnv8VxrxPhIhbg2iuJvC0sRuoq4f6xholSFoIgjulxoC+t
cwgYzbubSf+qX47rZ3zICTsVWi6uuvOTXcturdzWEHBon/ctIvQm+Fi2/+W27mi9
MJwcqFp3oo4Nlgx9hI5R5LUYy42ZL1V5qAWefOwnOVBCq+Hq27byNd6oWwIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFF3SvgspqyOwdYM4gI4ZpShPkSyiMB8GA1UdIwQY
MBaAFMvXRev87Dgt8lLC91DbZI9PA0q/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTlkRjZfenNPQzN5VXNMM1VOdGtqMDhEU3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82YjMyOWYtZjRmNS00YWYwLWE4MWUt
OTJiNjc5NmM3N2NjLzEvWGRLLUN5bXJJN0IxZ3ppQWpobWxLRS1STEtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82YjMyOWYtZjRmNS00YWYwLWE4MWUtOTJiNjc5NmM3N2Nj
LzEveTlkRjZfenNPQzN5VXNMM1VOdGtqMDhEU3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBiAQCAAEwgYEDAwFS
UgMDA1Q4AwQFVe7gAwMEWEADAwNcSDAKAwMEXNADAwJc2AMDA17YMAoDAwCR/QMD
AJH+AwMAkjwDAwGwXgMDBLIAAwQCuQKEAwMEvGAwDAMEBMEZ8AMEAcEZ9AMEAMEZ
9wMEBsMygAMEBcOegAMDANSQAwMA1RcDBAXVgGAwDAQCAAIwBgMEAioAADANBgkq
hkiG9w0BAQsFAAOCAQEAdT1PDSWd6r4w8xNVg8iS/BSKZXrs9O0nGpbfra9+keVH
PjHIJPswdmRFFptZmFnIx0OmQdh7Q5MuFYVeix/AOQ3GxM+H/oI+3JQH3cEI6kdd
eejj5Z5M2txt40ji+biPmUdMyRmh/C4YrP1lh4Uk/g+Dms6BvavroyxAoX87LCbV
zhh1iiqHp4BVBBG5O1w/rG4Uf2SFB+Q2SLkymHXXrMvgZnnFnVQLFTlqODCOxmQp
fN1L91/K3ZKQqh8o1ZtqMyABADkRfvdmG2o5TAq4k448WrP05xTasVMT1P3KqQyI
B74XYSQhyX51hvT8wxkUBZ/CBx9BYMALZK9tz9b4Pw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:24:14 2025 by rpki-client