Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/SufJjbm8bwQRybEr8Z54YbWXnIg.roa
File: SufJjbm8bwQRybEr8Z54YbWXnIg.roa (raw, json)
Hash identifier: RfdRrxnRuojfDW2jWyDOrS6Qhooi0Pvo1ou25gH27Q4=
Subject key identifier: 4A:E7:C9:8D:B9:BC:6F:04:11:C9:B1:2B:F1:9E:78:61:B5:97:9C:88
Certificate issuer: /CN=13932782ee7758990404fa1ccfb09ec23a86123f
Certificate serial: 0188DE9F86967D3D2E6E6AEA5E78FDCFBFEF
Authority key identifier: 13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/SufJjbm8bwQRybEr8Z54YbWXnIg.roa
Signing time: Wed 21 Jun 2023 15:42:56 +0000
ROA not before: Wed 21 Jun 2023 15:42:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2856
IP address blocks: 46.248.112.0/22 maxlen: 24
46.248.108.0/22 maxlen: 24
46.248.106.0/23 maxlen: 23
46.248.116.0/22 maxlen: 24
46.248.124.0/23 maxlen: 23
46.248.120.0/22 maxlen: 24
46.248.126.0/23 maxlen: 23
82.136.56.0/22 maxlen: 24
85.116.2.0/23 maxlen: 23
85.116.4.0/23 maxlen: 23
82.136.52.0/24 maxlen: 24
82.136.54.0/23 maxlen: 24
85.116.0.0/23 maxlen: 23
85.116.11.0/24 maxlen: 24
85.116.6.0/23 maxlen: 23
85.116.16.0/21 maxlen: 21
85.116.24.0/24 maxlen: 24
85.116.26.0/24 maxlen: 24
85.116.25.0/24 maxlen: 24
85.116.27.0/24 maxlen: 24
82.136.30.0/23 maxlen: 24
82.136.26.0/24 maxlen: 24
82.136.43.0/24 maxlen: 24
82.136.48.0/22 maxlen: 24
82.136.47.0/24 maxlen: 24
46.248.96.0/22 maxlen: 22
46.248.102.0/23 maxlen: 24
46.248.104.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:de:9f:86:96:7d:3d:2e:6e:6a:ea:5e:78:fd:cf:bf:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13932782ee7758990404fa1ccfb09ec23a86123f
Validity
Not Before: Jun 21 15:42:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ae7c98db9bc6f0411c9b12bf19e7861b5979c88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:8a:d2:b0:4e:3e:53:8b:90:d5:2c:71:2b:14:
3d:a1:fb:cd:6d:24:06:8b:de:79:02:3f:d0:f5:74:
ad:a6:0c:c5:4b:7e:4c:9b:01:85:9a:aa:03:93:ef:
5a:8a:86:1c:87:40:e4:1d:fd:0b:4d:67:e2:b3:6d:
d5:5d:3f:a1:9f:62:79:e0:36:bf:05:37:4e:d7:fd:
c8:64:a8:64:4e:cf:6d:82:44:46:38:02:48:bf:3c:
13:6b:10:75:65:9d:e1:56:c5:3f:45:62:8a:0f:1d:
69:7a:cc:cf:43:17:cf:32:b9:8b:26:9e:2b:15:27:
2e:f3:80:bb:1f:7a:de:04:cc:b9:2d:61:07:05:38:
b0:54:bc:19:c6:c8:83:2e:ce:7a:8c:e1:df:e0:6c:
24:03:60:56:05:44:05:9a:3d:b4:8a:64:2a:ae:1f:
3d:f3:27:20:61:51:ad:16:e9:51:d8:b8:d7:25:c7:
5d:4e:11:b0:21:5f:da:97:b1:0f:2e:3b:7b:75:9c:
62:6e:cd:6e:aa:49:ac:58:9a:77:66:df:ff:80:e1:
97:e8:63:16:a6:31:9c:53:dd:10:20:3e:cb:ae:81:
a0:36:4a:8a:6e:41:6c:fa:ac:3d:78:94:1e:1a:67:
31:e2:d7:81:b3:19:c1:6e:b4:fa:c8:fe:7b:8a:6b:
15:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:E7:C9:8D:B9:BC:6F:04:11:C9:B1:2B:F1:9E:78:61:B5:97:9C:88
X509v3 Authority Key Identifier:
keyid:13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/SufJjbm8bwQRybEr8Z54YbWXnIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/E5Mngu53WJkEBPocz7CewjqGEj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.248.96.0/22
46.248.102.0-46.248.127.255
82.136.26.0/24
82.136.30.0/23
82.136.43.0/24
82.136.47.0-82.136.52.255
82.136.54.0-82.136.59.255
85.116.0.0/21
85.116.11.0/24
85.116.16.0-85.116.27.255
Signature Algorithm: sha256WithRSAEncryption
73:95:87:8a:cd:48:7d:fd:3b:64:ab:9f:80:3a:9a:16:78:de:
51:be:b3:2b:01:67:f3:dd:f6:d1:ec:bd:80:a2:24:ce:16:8e:
3c:cc:e3:fd:ee:bc:b7:a9:a5:03:2e:b0:73:81:a5:a0:b8:26:
46:78:39:25:a3:3d:aa:a6:01:bc:d9:35:e5:5f:4d:12:2e:d8:
6b:c6:fc:15:77:62:73:3a:3c:34:f4:b9:53:1b:3d:61:39:d2:
ea:a4:87:7e:2c:27:8d:47:7e:4a:09:41:85:72:08:ff:34:d5:
ff:dd:d9:3f:20:20:e9:a7:3d:55:c4:23:58:93:62:60:63:a5:
a7:f8:e7:cd:4e:ff:40:1b:f6:09:5c:62:29:1c:5c:d4:70:8a:
3b:ac:b7:63:fc:27:0e:0f:da:4d:38:9d:bb:50:af:ac:f1:1d:
90:67:15:c7:a8:cd:f6:05:e2:46:11:1d:fc:42:d0:81:09:d9:
69:7d:b5:6f:88:3c:e0:82:cd:71:b2:90:be:97:3a:27:56:92:
0c:2d:27:3f:26:ea:62:9b:b1:16:1b:56:f1:d5:83:b4:ae:41:
82:7e:07:7d:cb:80:a4:ad:3d:a4:ce:5e:10:50:46:6f:15:fb:
51:90:09:83:f1:8d:14:58:35:5b:2c:d7:7d:86:29:e9:a4:1f:
0d:5b:1d:5a
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYjen4aWfT0ubmrqXnj9z7/vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzOTMyNzgyZWU3NzU4OTkwNDA0ZmExY2NmYjA5ZWMyM2E4
NjEyM2YwHhcNMjMwNjIxMTU0MjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWU3Yzk4ZGI5YmM2ZjA0MTFjOWIxMmJmMTllNzg2MWI1OTc5Yzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YrSsE4+U4uQ1SxxKxQ9ofvNbSQG
i955Aj/Q9XStpgzFS35MmwGFmqoDk+9aioYch0DkHf0LTWfis23VXT+hn2J54Da/
BTdO1/3IZKhkTs9tgkRGOAJIvzwTaxB1ZZ3hVsU/RWKKDx1peszPQxfPMrmLJp4r
FScu84C7H3reBMy5LWEHBTiwVLwZxsiDLs56jOHf4GwkA2BWBUQFmj20imQqrh89
8ycgYVGtFulR2LjXJcddThGwIV/al7EPLjt7dZxibs1uqkmsWJp3Zt//gOGX6GMW
pjGcU90QID7LroGgNkqKbkFs+qw9eJQeGmcx4teBsxnBbrT6yP57imsVrwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFErnyY25vG8EEcmxK/GeeGG1l5yIMB8GA1UdIwQY
MBaAFBOTJ4Lud1iZBAT6HM+wnsI6hhI/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYt
NGIxZjYxNjUzZjNkLzEvU3VmSmpibThid1FSeWJFcjhaNTRZYldYbklnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYtNGIxZjYxNjUzZjNk
LzEvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQCLvhgMAwD
BAEu+GYDBAcu+AADBABSiBoDBAFSiB4DBABSiCswDAMEAFKILwMEAFKINDAMAwQB
Uog2AwQCUog4AwQDVXQAAwQAVXQLMAwDBARVdBADBAJVdBgwDQYJKoZIhvcNAQEL
BQADggEBAHOVh4rNSH39O2Srn4A6mhZ43lG+sysBZ/Pd9tHsvYCiJM4WjjzM4/3u
vLeppQMusHOBpaC4JkZ4OSWjPaqmAbzZNeVfTRIu2GvG/BV3YnM6PDT0uVMbPWE5
0uqkh34sJ41HfkoJQYVyCP801f/d2T8gIOmnPVXEI1iTYmBjpaf4581O/0Ab9glc
YikcXNRwijust2P8Jw4P2k04nbtQr6zxHZBnFceozfYF4kYRHfxC0IEJ2Wl9tW+I
POCCzXGykL6XOidWkgwtJz8m6mKbsRYbVvHVg7SuQYJ+B33LgKStPaTOXhBQRm8V
+1GQCYPxjRRYNVss132GKemkHw1bHVo=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:43 2025 by rpki-client