Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/9fce78-4f9d-4847-b759-b451e477b9c2/1/C0rmaqh7JEtc6n4kctROmlAlsqg.roa
File: C0rmaqh7JEtc6n4kctROmlAlsqg.roa (raw, json)
Hash identifier: VjomAwGxwij3Ho0jafKfDX+dSDqVvp4yhooHzROlqN0=
Subject key identifier: 0B:4A:E6:6A:A8:7B:24:4B:5C:EA:7E:24:72:D4:4E:9A:50:25:B2:A8
Certificate issuer: /CN=5094a26aba71007621fd599d537bb7aeaade8b33
Certificate serial: 01856F023B26E9CF76B9A93FC5E1E463D71C
Authority key identifier: 50:94:A2:6A:BA:71:00:76:21:FD:59:9D:53:7B:B7:AE:AA:DE:8B:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJSiarpxAHYh_VmdU3u3rqreizM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/9fce78-4f9d-4847-b759-b451e477b9c2/1/C0rmaqh7JEtc6n4kctROmlAlsqg.roa
Signing time: Sun 01 Jan 2023 20:24:55 +0000
ROA not before: Sun 01 Jan 2023 20:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32590
IP address blocks: 155.133.233.0/24 maxlen: 24
155.133.232.0/24 maxlen: 24
155.133.230.0/23 maxlen: 24
155.133.228.0/23 maxlen: 24
155.133.227.0/24 maxlen: 24
155.133.240.0/23 maxlen: 24
155.133.239.0/24 maxlen: 24
155.133.238.0/24 maxlen: 24
155.133.236.0/23 maxlen: 24
155.133.235.0/24 maxlen: 24
155.133.234.0/24 maxlen: 24
146.66.152.0/23 maxlen: 24
155.133.246.0/23 maxlen: 24
155.133.245.0/24 maxlen: 24
155.133.244.0/24 maxlen: 24
155.133.242.0/23 maxlen: 24
155.133.251.0/24 maxlen: 24
146.66.158.0/23 maxlen: 24
155.133.253.0/24 maxlen: 24
155.133.252.0/24 maxlen: 24
155.133.250.0/24 maxlen: 24
146.66.156.0/23 maxlen: 24
155.133.249.0/24 maxlen: 24
146.66.155.0/24 maxlen: 24
146.66.154.0/24 maxlen: 24
155.133.248.0/24 maxlen: 24
155.133.255.0/24 maxlen: 24
155.133.254.0/24 maxlen: 24
155.133.226.0/24 maxlen: 24
155.133.224.0/23 maxlen: 24
185.25.183.0/24 maxlen: 24
185.25.182.0/24 maxlen: 24
185.25.180.0/23 maxlen: 24
2a01:bc80:9::/48 maxlen: 48
2a01:bc80:c::/48 maxlen: 48
2a01:bc80:7::/48 maxlen: 48
2a01:bc80:2::/48 maxlen: 48
2a01:bc80:b::/48 maxlen: 48
2a01:bc80:6::/48 maxlen: 48
2a01:bc80:1::/48 maxlen: 48
2a01:bc80:4::/48 maxlen: 48
2a01:bc80:8::/48 maxlen: 48
2a01:bc80:3::/48 maxlen: 48
2a01:bc80::/48 maxlen: 48
2a01:bc80:a::/48 maxlen: 48
2a01:bc80:5::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:3b:26:e9:cf:76:b9:a9:3f:c5:e1:e4:63:d7:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5094a26aba71007621fd599d537bb7aeaade8b33
Validity
Not Before: Jan 1 20:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b4ae66aa87b244b5cea7e2472d44e9a5025b2a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:cc:45:3b:88:0b:34:5f:4e:44:3f:bc:39:22:
4f:d9:55:30:08:b7:aa:8f:06:5f:18:f5:26:1e:02:
3b:07:71:4c:84:b7:e0:80:f8:45:bc:de:f2:36:cc:
b2:6a:5c:fe:6d:69:de:f8:ff:67:66:b2:79:f0:7e:
7f:58:01:11:3c:65:95:db:10:d0:06:e9:69:44:a0:
b3:fa:ac:12:1b:40:c5:9a:03:ec:92:2a:8d:0b:b1:
42:99:46:7f:70:e7:12:27:ba:93:75:da:ee:eb:31:
ea:83:6a:81:7a:b2:3d:63:a6:a1:c6:04:15:79:83:
6c:05:17:39:13:b1:0b:6d:8f:1a:72:cd:8e:6d:29:
d1:f0:7f:17:05:71:8e:7a:41:5e:89:e4:c8:6d:7f:
0f:41:24:54:51:0f:83:62:73:68:0a:27:13:f2:8c:
57:ed:8f:85:b4:49:89:94:9e:9b:6c:9e:9e:ff:73:
d6:a6:cf:6b:02:ec:d6:73:70:e5:55:9c:d0:2a:e2:
85:0d:9d:02:17:63:df:7f:c0:80:ea:64:45:20:c6:
55:a3:f6:33:30:09:8c:f3:26:d0:8c:9e:1b:c1:3b:
75:1f:9e:9b:d8:07:90:26:e1:8b:6a:a4:5c:99:73:
a6:62:44:a4:a7:4a:41:3c:b4:ed:ff:d9:e0:2d:c6:
1a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:4A:E6:6A:A8:7B:24:4B:5C:EA:7E:24:72:D4:4E:9A:50:25:B2:A8
X509v3 Authority Key Identifier:
keyid:50:94:A2:6A:BA:71:00:76:21:FD:59:9D:53:7B:B7:AE:AA:DE:8B:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJSiarpxAHYh_VmdU3u3rqreizM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/9fce78-4f9d-4847-b759-b451e477b9c2/1/C0rmaqh7JEtc6n4kctROmlAlsqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/9fce78-4f9d-4847-b759-b451e477b9c2/1/UJSiarpxAHYh_VmdU3u3rqreizM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.66.152.0/21
155.133.224.0/19
185.25.180.0/22
IPv6:
2a01:bc80::-2a01:bc80:c:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a3:bc:86:43:02:c9:91:e9:31:24:ad:82:24:cd:98:2f:48:ca:
a5:77:af:da:09:5e:a4:c6:f3:74:9f:e4:9b:b3:06:60:fc:df:
b4:2d:34:fb:c6:9e:2f:57:c3:0c:e8:c9:0b:82:02:c6:c0:ed:
1e:36:69:46:fd:a5:ab:de:d8:ad:af:08:7c:11:fa:6d:50:37:
08:85:39:89:c9:43:08:c9:ca:88:ac:b3:60:ad:79:53:47:cd:
3e:b4:4b:ed:0b:af:08:4c:f8:69:84:19:4a:10:06:ef:a9:2f:
4b:ee:57:8a:f1:a8:0b:ca:71:d2:c5:49:f4:c5:7e:95:c5:1d:
12:fc:76:16:fb:e2:80:36:1e:11:c0:a7:06:53:17:b5:43:fb:
4b:bc:29:77:80:c2:0b:fb:ac:e3:0c:01:df:1a:88:9d:01:8d:
6e:9b:1c:fe:0b:26:ee:e6:71:a1:95:f2:50:41:95:76:83:19:
dd:a6:1b:95:5e:4d:96:35:87:1a:8d:eb:bc:4d:63:25:33:ea:
74:58:89:9e:4f:4c:7f:70:ca:13:51:20:60:10:d2:b3:7f:79:
1f:87:ba:eb:cd:af:2d:e6:91:e7:31:3c:61:c3:d0:c2:fb:03:
96:eb:f2:a9:21:b4:9d:53:bb:09:da:81:d1:45:51:d9:e3:db:
1a:8a:59:33
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVvAjsm6c92uak/xeHkY9ccMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOTRhMjZhYmE3MTAwNzYyMWZkNTk5ZDUzN2JiN2FlYWFk
ZThiMzMwHhcNMjMwMTAxMjAyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjRhZTY2YWE4N2IyNDRiNWNlYTdlMjQ3MmQ0NGU5YTUwMjViMmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMxFO4gLNF9ORD+8OSJP2VUwCLeq
jwZfGPUmHgI7B3FMhLfggPhFvN7yNsyyalz+bWne+P9nZrJ58H5/WAERPGWV2xDQ
BulpRKCz+qwSG0DFmgPskiqNC7FCmUZ/cOcSJ7qTddru6zHqg2qBerI9Y6ahxgQV
eYNsBRc5E7ELbY8acs2ObSnR8H8XBXGOekFeieTIbX8PQSRUUQ+DYnNoCicT8oxX
7Y+FtEmJlJ6bbJ6e/3PWps9rAuzWc3DlVZzQKuKFDZ0CF2Pff8CA6mRFIMZVo/Yz
MAmM8ybQjJ4bwTt1H56b2AeQJuGLaqRcmXOmYkSkp0pBPLTt/9ngLcYaWQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFAtK5mqoeyRLXOp+JHLUTppQJbKoMB8GA1UdIwQY
MBaAFFCUomq6cQB2If1ZnVN7t66q3oszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpTaWFycHhBSFloX1ZtZFUzdTNycXJlaXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85ZmNlNzgtNGY5ZC00ODQ3LWI3NTkt
YjQ1MWU0NzdiOWMyLzEvQzBybWFxaDdKRXRjNm40a2N0Uk9tbEFsc3FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85ZmNlNzgtNGY5ZC00ODQ3LWI3NTktYjQ1MWU0NzdiOWMy
LzEvVUpTaWFycHhBSFloX1ZtZFUzdTNycXJlaXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQDkkKYAwQF
m4XgAwQCuRm0MBgEAgACMBIwEAMFByoBvIADBwAqAbyAAAwwDQYJKoZIhvcNAQEL
BQADggEBAKO8hkMCyZHpMSStgiTNmC9IyqV3r9oJXqTG83Sf5JuzBmD837QtNPvG
ni9XwwzoyQuCAsbA7R42aUb9pave2K2vCHwR+m1QNwiFOYnJQwjJyoiss2CteVNH
zT60S+0LrwhM+GmEGUoQBu+pL0vuV4rxqAvKcdLFSfTFfpXFHRL8dhb74oA2HhHA
pwZTF7VD+0u8KXeAwgv7rOMMAd8aiJ0BjW6bHP4LJu7mcaGV8lBBlXaDGd2mG5Ve
TZY1hxqN67xNYyUz6nRYiZ5PTH9wyhNRIGAQ0rN/eR+HuuvNry3mkecxPGHD0ML7
A5br8qkhtJ1TuwnagdFFUdnj2xqKWTM=
-----END CERTIFICATE-----
Generated at Sat Apr 12 20:55:26 2025 by rpki-client