Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/a0shYhQqPOb5H-n36icwH9FwYFs.roa
File: a0shYhQqPOb5H-n36icwH9FwYFs.roa (raw, json)
Hash identifier: csC1u+fB2rDofnVVaQOxwhAiWsvJlHyA4qJB8rvUFQM=
Subject key identifier: 6B:4B:21:62:14:2A:3C:E6:F9:1F:E9:F7:EA:27:30:1F:D1:70:60:5B
Certificate issuer: /CN=210da9e7af01de75448f4906aac41bd2964e8847
Certificate serial: 0187362877A29BCA7B1098888F1E086FE200
Authority key identifier: 21:0D:A9:E7:AF:01:DE:75:44:8F:49:06:AA:C4:1B:D2:96:4E:88:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/a0shYhQqPOb5H-n36icwH9FwYFs.roa
Signing time: Fri 31 Mar 2023 05:33:54 +0000
ROA not before: Fri 31 Mar 2023 05:33:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9121
IP address blocks: 46.197.69.0/24 maxlen: 24
178.233.156.0/23 maxlen: 23
178.233.164.0/23 maxlen: 23
24.133.118.0/23 maxlen: 23
176.240.2.0/24 maxlen: 24
176.240.3.0/24 maxlen: 24
176.240.0.0/23 maxlen: 23
46.197.16.0/21 maxlen: 21
176.240.228.0/22 maxlen: 22
94.54.8.0/22 maxlen: 22
94.54.12.0/23 maxlen: 23
178.233.112.0/20 maxlen: 20
178.233.36.0/22 maxlen: 22
94.55.124.0/23 maxlen: 24
94.55.120.0/21 maxlen: 24
94.55.122.0/23 maxlen: 24
94.55.126.0/24 maxlen: 24
94.55.127.0/24 maxlen: 24
24.133.225.0/24 maxlen: 24
2a00:1d58::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:36:28:77:a2:9b:ca:7b:10:98:88:8f:1e:08:6f:e2:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=210da9e7af01de75448f4906aac41bd2964e8847
Validity
Not Before: Mar 31 05:33:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b4b2162142a3ce6f91fe9f7ea27301fd170605b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:92:7c:ff:13:5a:6a:d4:84:f5:75:94:75:76:
a4:e6:11:13:15:00:80:33:ee:1d:21:da:e9:62:3c:
b3:c2:5c:99:77:82:ad:96:34:a6:9c:e1:72:0c:80:
45:07:8a:09:73:16:c1:fa:4a:ba:1d:e4:00:10:05:
1b:b2:fb:94:a0:ed:a4:89:2b:9c:a5:72:79:cf:f5:
f4:95:64:aa:50:67:3e:45:32:d7:f8:8d:50:e4:f3:
89:09:cb:8e:a0:ff:c4:18:29:4f:1f:da:64:f1:3c:
39:b5:b8:25:0c:4a:0d:e1:1e:83:3f:1e:73:62:ee:
ff:70:32:94:55:27:f4:53:89:da:e6:78:80:d9:8c:
b3:45:c3:b7:f8:67:64:5f:7c:f5:ec:41:7a:cc:a1:
ae:e7:90:6f:0e:ff:d6:90:0f:bb:58:3d:f1:68:aa:
f3:45:94:af:1f:7e:4e:6a:d0:ee:ee:1f:46:1f:58:
7f:d2:48:65:87:05:c7:e0:b0:38:f6:b9:89:76:df:
f9:63:41:4c:cf:f0:fe:0b:82:ba:14:10:77:25:82:
9e:13:9b:db:d5:e7:6a:94:69:66:0a:f5:00:af:1d:
37:40:cc:55:90:59:29:91:c4:61:2c:75:4c:a1:1f:
8b:b9:42:79:8e:5f:c8:d3:5d:50:ae:92:9b:35:3d:
63:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:4B:21:62:14:2A:3C:E6:F9:1F:E9:F7:EA:27:30:1F:D1:70:60:5B
X509v3 Authority Key Identifier:
keyid:21:0D:A9:E7:AF:01:DE:75:44:8F:49:06:AA:C4:1B:D2:96:4E:88:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/a0shYhQqPOb5H-n36icwH9FwYFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/IQ2p568B3nVEj0kGqsQb0pZOiEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.133.118.0/23
24.133.225.0/24
46.197.16.0/21
46.197.69.0/24
94.54.8.0-94.54.13.255
94.55.120.0/21
176.240.0.0/22
176.240.228.0/22
178.233.36.0/22
178.233.112.0/20
178.233.156.0/23
178.233.164.0/23
IPv6:
2a00:1d58::/36
Signature Algorithm: sha256WithRSAEncryption
8d:b3:80:03:ba:0b:61:45:fe:ad:a9:ec:21:cb:e0:2f:1b:fb:
91:fa:ad:f7:68:6c:1e:39:d6:a9:0f:c1:14:3d:9b:e8:ca:39:
64:9d:43:59:87:64:8d:25:3b:22:45:c8:ff:5a:a9:ec:bc:f8:
3c:21:f5:a3:7a:b7:ac:c3:1b:e3:74:f5:7c:6c:a1:23:43:44:
43:29:a2:1a:5b:58:b4:bf:d7:3b:70:19:0d:c6:02:45:44:9a:
14:f4:52:ee:63:5a:e4:62:23:8c:62:b0:62:4c:ab:34:be:c1:
6b:d4:28:dd:a8:7e:05:6b:9a:da:01:ce:03:45:f1:ba:ec:97:
3c:96:be:d7:bd:b6:1c:18:e2:29:b4:42:06:ef:71:2d:12:c6:
fb:6a:4f:dc:e3:14:f8:fa:be:bc:98:03:7a:49:7f:57:4e:e6:
c5:a6:09:41:09:f0:a2:09:ec:e5:37:ef:6d:7c:c0:1f:48:7a:
81:bd:ba:b7:02:4c:68:a5:2d:b5:79:41:2f:3b:69:6b:41:0e:
63:84:41:68:47:ec:07:b9:7d:f3:cb:36:3d:2f:e3:97:58:4f:
74:29:6d:64:a3:d0:d9:b2:9d:e9:46:a5:bd:b0:1d:9c:7d:3c:
7e:9e:93:02:76:21:f7:62:c5:93:ab:a2:74:34:1c:f1:0e:02:
4a:31:03:7d
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYc2KHeim8p7EJiIjx4Ib+IAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMGRhOWU3YWYwMWRlNzU0NDhmNDkwNmFhYzQxYmQyOTY0
ZTg4NDcwHhcNMjMwMzMxMDUzMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjRiMjE2MjE0MmEzY2U2ZjkxZmU5ZjdlYTI3MzAxZmQxNzA2MDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpJ8/xNaatSE9XWUdXak5hETFQCA
M+4dIdrpYjyzwlyZd4KtljSmnOFyDIBFB4oJcxbB+kq6HeQAEAUbsvuUoO2kiSuc
pXJ5z/X0lWSqUGc+RTLX+I1Q5POJCcuOoP/EGClPH9pk8Tw5tbglDEoN4R6DPx5z
Yu7/cDKUVSf0U4na5niA2YyzRcO3+GdkX3z17EF6zKGu55BvDv/WkA+7WD3xaKrz
RZSvH35OatDu7h9GH1h/0khlhwXH4LA49rmJdt/5Y0FMz/D+C4K6FBB3JYKeE5vb
1edqlGlmCvUArx03QMxVkFkpkcRhLHVMoR+LuUJ5jl/I011QrpKbNT1j0wIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFGtLIWIUKjzm+R/p9+onMB/RcGBbMB8GA1UdIwQY
MBaAFCENqeevAd51RI9JBqrEG9KWTohHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVEycDU2OEIzblZFajBrR3FzUWIwcFpPaUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9mMjc4MjEtNGNjZi00ZDJlLThiMTUt
NmUxMjc3NGY4NTFlLzEvYTBzaFloUXFQT2I1SC1uMzZpY3dIOUZ3WUZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9mMjc4MjEtNGNjZi00ZDJlLThiMTUtNmUxMjc3NGY4NTFl
LzEvSVEycDU2OEIzblZFajBrR3FzUWIwcFpPaUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBWBAIAATBQAwQBGIV2AwQA
GIXhAwQDLsUQAwQALsVFMAwDBANeNggDBAFeNgwDBANeN3gDBAKw8AADBAKw8OQD
BAKy6SQDBASy6XADBAGy6ZwDBAGy6aQwDgQCAAIwCAMGBCoAHVgAMA0GCSqGSIb3
DQEBCwUAA4IBAQCNs4ADugthRf6tqewhy+AvG/uR+q33aGweOdapD8EUPZvoyjlk
nUNZh2SNJTsiRcj/WqnsvPg8IfWjereswxvjdPV8bKEjQ0RDKaIaW1i0v9c7cBkN
xgJFRJoU9FLuY1rkYiOMYrBiTKs0vsFr1CjdqH4Fa5raAc4DRfG67Jc8lr7XvbYc
GOIptEIG73EtEsb7ak/c4xT4+r68mAN6SX9XTubFpglBCfCiCezlN+9tfMAfSHqB
vbq3AkxopS21eUEvO2lrQQ5jhEFoR+wHuX3zyzY9L+OXWE90KW1ko9DZsp3pRqW9
sB2cfTx+npMCdiH3YsWTq6J0NBzxDgJKMQN9
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:21:39 2025 by rpki-client