Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/tBjbpWfwDpMIE_3LXJ71Mjfrfes.roa
File: tBjbpWfwDpMIE_3LXJ71Mjfrfes.roa (raw, json)
Hash identifier: WhEALbCyQLhC7+t3kwjkFjjUMjPP4gbhPYgrZCT6NpQ=
Subject key identifier: B4:18:DB:A5:67:F0:0E:93:08:13:FD:CB:5C:9E:F5:32:37:EB:7D:EB
Certificate issuer: /CN=510b419f0c17b4c8be217f64388d268d14dc261e
Certificate serial: 0188E45578FAD9CF4AED7B2E06851DAD1B1C
Authority key identifier: 51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/tBjbpWfwDpMIE_3LXJ71Mjfrfes.roa
Signing time: Thu 22 Jun 2023 18:19:46 +0000
ROA not before: Thu 22 Jun 2023 18:19:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 109.198.32.0/20 maxlen: 32
109.198.48.0/20 maxlen: 32
94.176.80.0/20 maxlen: 32
43.252.28.0/22 maxlen: 32
89.184.192.0/19 maxlen: 32
203.78.168.0/21 maxlen: 32
103.211.184.0/23 maxlen: 32
37.61.226.0/24 maxlen: 32
92.255.86.0/23 maxlen: 32
103.225.128.0/22 maxlen: 32
185.10.7.0/24 maxlen: 32
37.200.104.0/21 maxlen: 32
37.61.227.0/24 maxlen: 32
193.151.52.0/22 maxlen: 32
213.188.80.0/20 maxlen: 32
103.30.12.0/22 maxlen: 32
85.208.148.0/22 maxlen: 32
206.204.0.0/18 maxlen: 32
194.32.88.0/22 maxlen: 32
139.5.104.0/22 maxlen: 32
45.114.240.0/22 maxlen: 32
89.104.110.0/23 maxlen: 32
78.156.160.0/20 maxlen: 32
78.156.176.0/20 maxlen: 32
216.194.80.0/20 maxlen: 32
94.46.32.0/21 maxlen: 32
89.223.14.0/23 maxlen: 32
89.223.18.0/23 maxlen: 32
46.182.168.0/22 maxlen: 32
45.130.120.0/22 maxlen: 32
92.255.32.0/21 maxlen: 32
45.12.56.0/22 maxlen: 32
116.212.188.0/22 maxlen: 32
180.94.216.0/22 maxlen: 32
94.46.2.0/23 maxlen: 32
94.46.0.0/21 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e4:55:78:fa:d9:cf:4a:ed:7b:2e:06:85:1d:ad:1b:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=510b419f0c17b4c8be217f64388d268d14dc261e
Validity
Not Before: Jun 22 18:19:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b418dba567f00e930813fdcb5c9ef53237eb7deb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0d:df:52:fd:8f:5b:35:07:06:a4:fa:aa:dc:
63:3b:09:f0:f4:79:03:a5:d6:a9:d1:8e:76:ef:55:
a7:32:0a:e0:78:90:28:f7:84:c5:6b:58:be:7e:8c:
28:8f:cd:e1:6a:a8:67:b1:a1:76:c4:c3:ce:90:bb:
f9:d0:c5:30:ed:7e:52:da:66:f3:ff:0b:ee:e5:3b:
5b:46:99:75:ca:02:01:bd:fa:af:3b:58:49:a2:a5:
46:d1:34:7c:d8:85:e9:a1:8b:a0:1c:2d:5d:67:ff:
4a:70:ee:e1:73:b0:bd:19:9b:d2:73:4a:20:10:e3:
90:ae:72:cd:78:0f:4f:03:92:f7:b8:2f:87:da:fa:
6f:53:1a:e1:a0:29:50:c2:22:4e:7a:e1:38:76:ce:
a9:fc:1f:af:78:fc:9d:2a:0c:bf:f8:42:33:d1:66:
fc:13:99:2d:fb:c5:a3:ba:32:fc:ce:63:cb:b6:11:
31:46:03:c0:0c:d0:d9:ae:cd:65:fa:26:3d:49:18:
30:83:20:99:f0:da:c8:c7:50:98:89:e1:34:45:c9:
2f:67:6b:2b:26:92:6b:11:af:a0:24:c8:a0:76:33:
2e:f5:a6:ea:06:ea:bf:63:56:c4:c2:d3:9b:ff:04:
de:34:4e:ca:b8:57:b2:6c:89:89:71:70:c5:cc:d7:
b6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:18:DB:A5:67:F0:0E:93:08:13:FD:CB:5C:9E:F5:32:37:EB:7D:EB
X509v3 Authority Key Identifier:
keyid:51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/tBjbpWfwDpMIE_3LXJ71Mjfrfes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.226.0/23
37.200.104.0/21
43.252.28.0/22
45.12.56.0/22
45.114.240.0/22
45.130.120.0/22
46.182.168.0/22
78.156.160.0/19
85.208.148.0/22
89.104.110.0/23
89.184.192.0/19
89.223.14.0/23
89.223.18.0/23
92.255.32.0/21
92.255.86.0/23
94.46.0.0/21
94.46.32.0/21
94.176.80.0/20
103.30.12.0/22
103.211.184.0/23
103.225.128.0/22
109.198.32.0/19
116.212.188.0/22
139.5.104.0/22
180.94.216.0/22
185.10.7.0/24
193.151.52.0/22
194.32.88.0/22
203.78.168.0/21
206.204.0.0/18
213.188.80.0/20
216.194.80.0/20
Signature Algorithm: sha256WithRSAEncryption
23:a3:c3:5a:cd:a6:93:c4:8c:72:de:8e:27:5b:ec:20:6d:00:
67:e0:16:46:30:61:85:b1:6b:eb:d3:61:3e:ee:67:55:fc:d6:
54:8d:02:11:32:c6:60:37:77:3c:fb:fc:fd:f2:7a:8f:8e:1c:
b4:ca:3b:00:d2:c0:a7:1d:d8:c4:30:f1:ed:2b:d7:83:09:07:
bd:30:58:35:59:a9:97:d8:cf:3b:8d:f7:b2:8d:d9:5b:9e:bf:
09:f4:58:66:b0:45:f2:f7:6f:7a:60:6c:e4:f2:75:3e:75:aa:
ff:4a:77:f3:1d:06:04:29:18:f8:69:ff:00:75:7d:67:6b:18:
b0:ff:67:a8:1d:d4:2a:81:06:c1:d8:84:7e:04:2f:a2:ba:3f:
49:f0:eb:69:d7:8e:3c:eb:11:c5:7d:d7:19:cc:0b:c9:3f:f1:
e9:b5:86:fe:d8:f6:32:32:ed:4b:a0:79:ef:13:3d:bd:4c:b0:
b8:d8:e7:ec:f7:4d:37:19:9e:57:37:b4:fc:45:30:47:1a:14:
d8:14:71:fd:3b:13:cf:da:97:c1:80:ce:11:08:dc:04:b1:17:
d6:22:f4:32:6b:7f:1a:5e:4f:61:a5:b1:93:09:3e:31:1a:db:
42:70:ea:2a:2b:a6:c6:68:df:b2:4d:c0:57:bd:c6:08:46:cf:
1e:3f:5c:e1
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAYjkVXj62c9K7XsuBoUdrRscMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMGI0MTlmMGMxN2I0YzhiZTIxN2Y2NDM4OGQyNjhkMTRk
YzI2MWUwHhcNMjMwNjIyMTgxOTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDE4ZGJhNTY3ZjAwZTkzMDgxM2ZkY2I1YzllZjUzMjM3ZWI3ZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQ3fUv2PWzUHBqT6qtxjOwnw9HkD
pdap0Y5271WnMgrgeJAo94TFa1i+fowoj83haqhnsaF2xMPOkLv50MUw7X5S2mbz
/wvu5TtbRpl1ygIBvfqvO1hJoqVG0TR82IXpoYugHC1dZ/9KcO7hc7C9GZvSc0og
EOOQrnLNeA9PA5L3uC+H2vpvUxrhoClQwiJOeuE4ds6p/B+vePydKgy/+EIz0Wb8
E5kt+8WjujL8zmPLthExRgPADNDZrs1l+iY9SRgwgyCZ8NrIx1CYieE0RckvZ2sr
JpJrEa+gJMigdjMu9abqBuq/Y1bEwtOb/wTeNE7KuFeybImJcXDFzNe2YwIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFLQY26Vn8A6TCBP9y1ye9TI3633rMB8GA1UdIwQY
MBaAFFELQZ8MF7TIviF/ZDiNJo0U3CYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYt
MTRhMDk5OTNkNjcxLzEvdEJqYnBXZndEcE1JRV8zTFhKNzFNamZyZmVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYtMTRhMDk5OTNkNjcx
LzEvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBxwQCAAEwgcADBAEl
PeIDBAMlyGgDBAIr/BwDBAItDDgDBAItcvADBAItgngDBAIutqgDBAVOnKADBAJV
0JQDBAFZaG4DBAVZuMADBAFZ3w4DBAFZ3xIDBANc/yADBAFc/1YDBANeLgADBANe
LiADBAResFADBAJnHgwDBAFn07gDBAJn4YADBAVtxiADBAJ01LwDBAKLBWgDBAK0
XtgDBAC5CgcDBALBlzQDBALCIFgDBAPLTqgDBAbOzAADBATVvFADBATYwlAwDQYJ
KoZIhvcNAQELBQADggEBACOjw1rNppPEjHLejidb7CBtAGfgFkYwYYWxa+vTYT7u
Z1X81lSNAhEyxmA3dzz7/P3yeo+OHLTKOwDSwKcd2MQw8e0r14MJB70wWDVZqZfY
zzuN97KN2Vuevwn0WGawRfL3b3pgbOTydT51qv9Kd/MdBgQpGPhp/wB1fWdrGLD/
Z6gd1CqBBsHYhH4EL6K6P0nw62nXjjzrEcV91xnMC8k/8em1hv7Y9jIy7Uugee8T
Pb1MsLjY5+z3TTcZnlc3tPxFMEcaFNgUcf07E8/al8GAzhEI3ASxF9Yi9DJrfxpe
T2GlsZMJPjEa20Jw6iorpsZo37JNwFe9xghGzx4/XOE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:58 2025 by rpki-client