Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/CNg1oiJ8yEQ6FLc8q0NZ3wuvBhM.roa
File: CNg1oiJ8yEQ6FLc8q0NZ3wuvBhM.roa (raw, json)
Hash identifier: idEJYf/JyjDwPwL9+w9pcvTmBo1WEsbYAK/WYKhQqz4=
Subject key identifier: 08:D8:35:A2:22:7C:C8:44:3A:14:B7:3C:AB:43:59:DF:0B:AF:06:13
Certificate issuer: /CN=210da9e7af01de75448f4906aac41bd2964e8847
Certificate serial: 018571958697CFD800C1CBDDB23479B84F4F
Authority key identifier: 21:0D:A9:E7:AF:01:DE:75:44:8F:49:06:AA:C4:1B:D2:96:4E:88:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/CNg1oiJ8yEQ6FLc8q0NZ3wuvBhM.roa
Signing time: Mon 02 Jan 2023 08:25:02 +0000
ROA not before: Mon 02 Jan 2023 08:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47524
IP address blocks: 176.240.0.0/16 maxlen: 24
185.26.68.0/22 maxlen: 24
185.26.68.0/24 maxlen: 24
185.26.69.0/24 maxlen: 24
185.26.70.0/24 maxlen: 24
185.26.71.0/24 maxlen: 24
94.55.96.0/22 maxlen: 24
94.55.112.0/22 maxlen: 24
94.55.116.0/22 maxlen: 24
94.55.124.0/23 maxlen: 24
94.55.120.0/23 maxlen: 24
94.55.122.0/23 maxlen: 24
94.55.127.0/24 maxlen: 24
94.55.126.0/24 maxlen: 24
24.133.0.0/16 maxlen: 24
94.55.64.0/20 maxlen: 24
94.55.80.0/21 maxlen: 24
94.55.88.0/22 maxlen: 24
94.54.0.0/15 maxlen: 24
46.196.0.0/15 maxlen: 24
24.133.152.0/22 maxlen: 24
24.133.156.0/22 maxlen: 24
178.233.0.0/16 maxlen: 24
2a00:1d58::/36 maxlen: 36
2a00:1d58::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:86:97:cf:d8:00:c1:cb:dd:b2:34:79:b8:4f:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=210da9e7af01de75448f4906aac41bd2964e8847
Validity
Not Before: Jan 2 08:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08d835a2227cc8443a14b73cab4359df0baf0613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:33:36:7f:72:40:0e:ab:9a:d3:85:ba:6b:d3:
c1:73:bd:a7:8c:aa:8a:52:88:b6:51:04:e9:b4:e0:
84:79:68:64:1e:af:f6:d3:44:a6:15:01:b5:ef:fb:
2b:1d:6c:60:92:49:a6:9e:ff:60:a6:8f:5f:8b:7b:
1a:8c:0e:2d:4f:00:a7:a8:63:04:a8:6d:63:46:c7:
ed:a6:53:60:7d:4a:92:58:2b:88:49:e3:d0:6d:59:
4f:cc:31:cc:30:be:8a:74:fa:7c:79:cc:8d:2b:18:
bc:03:71:af:bf:0c:66:e7:9d:8b:7d:1d:ff:1a:ca:
e7:a3:31:1f:3f:51:c3:6e:0b:49:37:29:07:59:e7:
41:99:32:e5:8e:62:13:01:32:09:a9:bc:f7:aa:d5:
6d:69:25:90:ea:aa:86:6b:d4:35:b7:64:df:ce:82:
65:41:7f:ab:d8:12:1e:62:c4:4f:89:40:65:27:7d:
a8:20:6f:11:40:9d:86:a6:75:4e:70:60:6d:93:85:
6c:f6:fe:fb:15:f7:85:e4:90:b2:84:e9:5d:c2:f3:
c0:4e:1c:fd:3e:97:53:98:73:f3:6a:01:4c:35:2e:
7c:89:a8:95:50:a0:86:a4:4b:25:30:ab:a2:f7:9a:
df:11:5d:0c:04:04:15:ae:6e:9d:8e:03:02:9e:5c:
6a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D8:35:A2:22:7C:C8:44:3A:14:B7:3C:AB:43:59:DF:0B:AF:06:13
X509v3 Authority Key Identifier:
keyid:21:0D:A9:E7:AF:01:DE:75:44:8F:49:06:AA:C4:1B:D2:96:4E:88:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/CNg1oiJ8yEQ6FLc8q0NZ3wuvBhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/IQ2p568B3nVEj0kGqsQb0pZOiEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.133.0.0/16
46.196.0.0/15
94.54.0.0/15
176.240.0.0/16
178.233.0.0/16
185.26.68.0/22
IPv6:
2a00:1d58::/32
Signature Algorithm: sha256WithRSAEncryption
68:0c:af:56:66:f6:02:d5:74:6f:7f:01:f9:86:37:35:48:ac:
33:f4:c2:7a:b0:60:81:fb:68:21:21:58:24:ea:2f:48:e7:be:
37:2b:31:1b:0c:ef:ce:ef:fc:19:9a:38:0c:3e:15:7d:04:65:
d1:14:7b:cb:92:26:df:0f:f4:e5:94:6b:a9:43:06:4f:72:19:
e9:98:97:44:75:b4:90:b8:78:22:f3:66:9b:09:1c:47:f3:45:
4a:e7:0b:b1:ab:2c:d9:91:3b:a8:f6:0c:87:ee:42:e7:4d:87:
30:06:d4:e9:d5:75:4e:74:eb:1e:ef:42:c6:c6:10:28:6a:1d:
63:64:36:13:08:ba:0f:d2:de:88:ba:83:b1:ce:74:57:19:a6:
ce:7d:0a:9a:a6:92:21:09:69:2b:f3:17:1e:91:25:22:23:92:
38:02:26:7a:57:62:32:39:f8:b9:cf:7c:0b:78:c6:99:5d:54:
ac:a1:31:c6:b7:4a:2a:41:28:94:19:76:10:2a:a6:7f:78:9e:
c1:98:0b:85:e9:d5:37:fe:c4:05:db:e8:9e:eb:92:11:1c:a1:
31:a5:fd:01:f5:54:fa:cb:db:d2:8f:61:28:90:8c:12:9f:15:
83:07:5c:0b:3e:18:9f:ce:c1:83:a5:2a:f1:a9:bf:24:5c:9c:
e8:e4:1f:79
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVxlYaXz9gAwcvdsjR5uE9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMGRhOWU3YWYwMWRlNzU0NDhmNDkwNmFhYzQxYmQyOTY0
ZTg4NDcwHhcNMjMwMTAyMDgyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGQ4MzVhMjIyN2NjODQ0M2ExNGI3M2NhYjQzNTlkZjBiYWYwNjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTM2f3JADqua04W6a9PBc72njKqK
Uoi2UQTptOCEeWhkHq/200SmFQG17/srHWxgkkmmnv9gpo9fi3sajA4tTwCnqGME
qG1jRsftplNgfUqSWCuISePQbVlPzDHMML6KdPp8ecyNKxi8A3Gvvwxm552LfR3/
GsrnozEfP1HDbgtJNykHWedBmTLljmITATIJqbz3qtVtaSWQ6qqGa9Q1t2TfzoJl
QX+r2BIeYsRPiUBlJ32oIG8RQJ2GpnVOcGBtk4Vs9v77FfeF5JCyhOldwvPAThz9
PpdTmHPzagFMNS58iaiVUKCGpEslMKui95rfEV0MBAQVrm6djgMCnlxq8wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFAjYNaIifMhEOhS3PKtDWd8LrwYTMB8GA1UdIwQY
MBaAFCENqeevAd51RI9JBqrEG9KWTohHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVEycDU2OEIzblZFajBrR3FzUWIwcFpPaUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9mMjc4MjEtNGNjZi00ZDJlLThiMTUt
NmUxMjc3NGY4NTFlLzEvQ05nMW9pSjh5RVE2RkxjOHEwTlozd3V2QmhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9mMjc4MjEtNGNjZi00ZDJlLThiMTUtNmUxMjc3NGY4NTFl
LzEvSVEycDU2OEIzblZFajBrR3FzUWIwcFpPaUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAlBAIAATAfAwMAGIUDAwEu
xAMDAV42AwMAsPADAwCy6QMEArkaRDANBAIAAjAHAwUAKgAdWDANBgkqhkiG9w0B
AQsFAAOCAQEAaAyvVmb2AtV0b38B+YY3NUisM/TCerBggftoISFYJOovSOe+Nysx
Gwzvzu/8GZo4DD4VfQRl0RR7y5Im3w/05ZRrqUMGT3IZ6ZiXRHW0kLh4IvNmmwkc
R/NFSucLsass2ZE7qPYMh+5C502HMAbU6dV1TnTrHu9CxsYQKGodY2Q2Ewi6D9Le
iLqDsc50Vxmmzn0KmqaSIQlpK/MXHpElIiOSOAImeldiMjn4uc98C3jGmV1UrKEx
xrdKKkEolBl2ECqmf3iewZgLhenVN/7EBdvonuuSERyhMaX9AfVU+svb0o9hKJCM
Ep8VgwdcCz4Yn87Bg6Uq8am/JFyc6OQfeQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:59:24 2025 by rpki-client