Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/ldvHbfkzbiPeay_T7lFMzX5IftY.roa
File: ldvHbfkzbiPeay_T7lFMzX5IftY.roa (raw, json)
Hash identifier: tPuTTfU5ThPwestvwRdXECQYI9MGDQygWJw7kjYERf0=
Subject key identifier: 95:DB:C7:6D:F9:33:6E:23:DE:6B:2F:D3:EE:51:4C:CD:7E:48:7E:D6
Certificate issuer: /CN=cbd745ebfcec382df252c2f750db648f4f034abf
Certificate serial: 018A454D9F5532A20E1665E0A33A00BA59AE
Authority key identifier: CB:D7:45:EB:FC:EC:38:2D:F2:52:C2:F7:50:DB:64:8F:4F:03:4A:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9dF6_zsOC3yUsL3UNtkj08DSr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/ldvHbfkzbiPeay_T7lFMzX5IftY.roa
Signing time: Wed 30 Aug 2023 07:17:09 +0000
ROA not before: Wed 30 Aug 2023 07:17:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3209
IP address blocks: 146.60.0.0/16 maxlen: 24
213.23.0.0/16 maxlen: 24
212.144.0.0/16 maxlen: 24
195.158.128.0/19 maxlen: 19
92.72.0.0/13 maxlen: 24
94.216.0.0/13 maxlen: 24
84.56.0.0/13 maxlen: 24
195.50.128.0/18 maxlen: 18
185.2.132.0/22 maxlen: 22
88.64.0.0/12 maxlen: 24
188.96.0.0/12 maxlen: 24
85.238.224.0/19 maxlen: 19
2a00:20::/32 maxlen: 42
2a00::/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:45:4d:9f:55:32:a2:0e:16:65:e0:a3:3a:00:ba:59:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd745ebfcec382df252c2f750db648f4f034abf
Validity
Not Before: Aug 30 07:17:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95dbc76df9336e23de6b2fd3ee514ccd7e487ed6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:34:42:4c:0f:fb:fa:e0:02:27:c6:3f:21:09:
82:db:b9:98:cd:6d:10:2f:bc:07:fb:e3:de:20:88:
c5:09:44:56:2d:8e:21:15:b9:27:e8:73:cb:e7:b4:
9c:bc:59:87:ec:f1:c9:53:d4:1c:47:69:46:fc:9d:
2a:bf:01:5b:18:0b:06:2c:76:a9:fa:ac:0b:4a:35:
63:1f:83:2a:b3:d4:f1:41:11:65:2d:a6:42:db:5b:
1b:15:5b:0c:d2:a7:a8:e9:d8:1b:69:6f:be:4d:f2:
43:e3:5c:0c:b3:c7:bb:a7:36:8f:f0:bf:a3:b4:a9:
e6:a2:90:9e:c8:aa:de:4b:ca:91:e5:96:14:f0:4f:
7d:25:40:eb:de:00:df:75:9c:70:24:6b:80:54:cb:
a4:1b:6b:3d:7c:66:90:7b:3d:1c:dc:e8:2f:9d:d2:
50:4d:44:03:2f:74:e8:c2:43:e2:15:63:57:07:d2:
27:e7:0d:52:8f:3f:e1:ee:84:b4:23:51:62:66:71:
7a:46:4d:ab:e4:d1:eb:b2:41:e2:ee:d6:c0:ca:12:
5f:ee:2c:af:87:80:e4:d4:50:15:3e:a3:f4:72:c6:
7f:6c:7d:67:ff:9c:67:d4:bc:29:bc:52:be:42:68:
2b:b9:f3:cf:df:e1:af:c4:3e:60:0d:f1:4b:67:2b:
f5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:DB:C7:6D:F9:33:6E:23:DE:6B:2F:D3:EE:51:4C:CD:7E:48:7E:D6
X509v3 Authority Key Identifier:
keyid:CB:D7:45:EB:FC:EC:38:2D:F2:52:C2:F7:50:DB:64:8F:4F:03:4A:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9dF6_zsOC3yUsL3UNtkj08DSr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/ldvHbfkzbiPeay_T7lFMzX5IftY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/y9dF6_zsOC3yUsL3UNtkj08DSr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.56.0.0/13
85.238.224.0/19
88.64.0.0/12
92.72.0.0/13
94.216.0.0/13
146.60.0.0/16
185.2.132.0/22
188.96.0.0/12
195.50.128.0/18
195.158.128.0/19
212.144.0.0/16
213.23.0.0/16
IPv6:
2a00::/22
Signature Algorithm: sha256WithRSAEncryption
7c:a9:11:01:08:b7:7a:7c:fe:d9:b3:6b:60:82:12:5f:22:35:
f4:56:f4:c8:92:54:81:65:ad:94:23:fe:d8:5f:38:87:d6:a8:
3a:22:55:fc:29:8a:b9:d7:65:42:13:9e:72:2a:29:43:f9:5f:
c7:0f:61:39:19:75:c6:ee:3c:e7:cc:ec:25:c4:18:bb:d7:3a:
4b:bf:a5:6a:5c:55:51:8b:93:2c:8e:9c:66:ef:2d:98:24:4f:
95:f8:09:cd:fe:f1:aa:70:08:55:ea:11:09:92:5a:ee:06:8f:
16:0a:42:e8:72:3b:20:23:eb:ac:6d:7e:81:b7:3b:82:a2:a4:
38:f8:d3:ba:66:bf:d5:ee:8c:a7:05:d0:0d:98:82:79:99:d6:
3c:b4:8d:df:a3:f7:01:a8:02:de:89:67:01:8b:e4:9e:df:81:
ea:2e:82:73:47:53:84:cf:62:08:d1:85:c4:0e:4f:de:05:e3:
fd:05:23:5d:f0:6c:68:65:ab:19:6a:1f:0e:66:69:57:fd:b0:
69:58:7a:f3:35:01:b6:cd:9f:5e:b5:35:7c:c3:7f:68:b6:33:
1e:06:d7:ac:9a:ed:09:65:ab:2c:9e:ca:7c:ff:ce:25:5d:84:
ae:4a:8d:0a:0b:cb:d1:49:06:90:38:0a:82:a5:54:8f:5b:4e:
52:40:00:23
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYpFTZ9VMqIOFmXgozoAulmuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZDc0NWViZmNlYzM4MmRmMjUyYzJmNzUwZGI2NDhmNGYw
MzRhYmYwHhcNMjMwODMwMDcxNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWRiYzc2ZGY5MzM2ZTIzZGU2YjJmZDNlZTUxNGNjZDdlNDg3ZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6jRCTA/7+uACJ8Y/IQmC27mYzW0Q
L7wH++PeIIjFCURWLY4hFbkn6HPL57ScvFmH7PHJU9QcR2lG/J0qvwFbGAsGLHap
+qwLSjVjH4Mqs9TxQRFlLaZC21sbFVsM0qeo6dgbaW++TfJD41wMs8e7pzaP8L+j
tKnmopCeyKreS8qR5ZYU8E99JUDr3gDfdZxwJGuAVMukG2s9fGaQez0c3OgvndJQ
TUQDL3TowkPiFWNXB9In5w1Sjz/h7oS0I1FiZnF6Rk2r5NHrskHi7tbAyhJf7iyv
h4Dk1FAVPqP0csZ/bH1n/5xn1LwpvFK+QmgrufPP3+GvxD5gDfFLZyv1RwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFJXbx235M24j3msv0+5RTM1+SH7WMB8GA1UdIwQY
MBaAFMvXRev87Dgt8lLC91DbZI9PA0q/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTlkRjZfenNPQzN5VXNMM1VOdGtqMDhEU3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82YjMyOWYtZjRmNS00YWYwLWE4MWUt
OTJiNjc5NmM3N2NjLzEvbGR2SGJma3piaVBlYXlfVDdsRk16WDVJZnRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82YjMyOWYtZjRmNS00YWYwLWE4MWUtOTJiNjc5NmM3N2Nj
LzEveTlkRjZfenNPQzN5VXNMM1VOdGtqMDhEU3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBGBAIAATBAAwMDVDgDBAVV
7uADAwRYQAMDA1xIAwMDXtgDAwCSPAMEArkChAMDBLxgAwQGwzKAAwQFw56AAwMA
1JADAwDVFzAMBAIAAjAGAwQCKgAAMA0GCSqGSIb3DQEBCwUAA4IBAQB8qREBCLd6
fP7Zs2tgghJfIjX0VvTIklSBZa2UI/7YXziH1qg6IlX8KYq512VCE55yKilD+V/H
D2E5GXXG7jznzOwlxBi71zpLv6VqXFVRi5Msjpxm7y2YJE+V+AnN/vGqcAhV6hEJ
klruBo8WCkLocjsgI+usbX6BtzuCoqQ4+NO6Zr/V7oynBdANmIJ5mdY8tI3fo/cB
qALeiWcBi+Se34HqLoJzR1OEz2II0YXEDk/eBeP9BSNd8GxoZasZah8OZmlX/bBp
WHrzNQG2zZ9etTV8w39otjMeBtesmu0JZassnsp8/84lXYSuSo0KC8vRSQaQOAqC
pVSPW05SQAAj
-----END CERTIFICATE-----
Generated at Sun Apr 13 13:21:44 2025 by rpki-client