Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/8wnj7w4uACVWlrnI5iL46ERhurQ.roa
File: 8wnj7w4uACVWlrnI5iL46ERhurQ.roa (raw, json)
Hash identifier: CKMYkzjxscN/cbZ4Kp8NH+LRFiN5NMDJ2X2HcG8QIHY=
Subject key identifier: F3:09:E3:EF:0E:2E:00:25:56:96:B9:C8:E6:22:F8:E8:44:61:BA:B4
Certificate issuer: /CN=4e15df688c3aeae3f685ed44b396c2198395861d
Certificate serial: 01856C781283366DDEEF77A8DC1A17A00D31
Authority key identifier: 4E:15:DF:68:8C:3A:EA:E3:F6:85:ED:44:B3:96:C2:19:83:95:86:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThXfaIw66uP2he1Es5bCGYOVhh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/8wnj7w4uACVWlrnI5iL46ERhurQ.roa
Signing time: Sun 01 Jan 2023 08:34:46 +0000
ROA not before: Sun 01 Jan 2023 08:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29314
IP address blocks: 217.172.224.0/19 maxlen: 19
217.75.48.0/20 maxlen: 20
217.70.48.0/20 maxlen: 20
195.93.222.0/23 maxlen: 23
83.68.64.0/19 maxlen: 19
195.93.134.0/23 maxlen: 23
89.230.0.0/16 maxlen: 16
89.17.224.0/19 maxlen: 19
94.78.128.0/18 maxlen: 18
80.245.176.0/20 maxlen: 20
217.144.192.0/19 maxlen: 19
31.42.16.0/20 maxlen: 20
89.229.0.0/16 maxlen: 16
84.38.80.0/20 maxlen: 20
176.107.112.0/21 maxlen: 21
185.31.184.0/22 maxlen: 22
81.190.0.0/16 maxlen: 16
31.6.128.0/18 maxlen: 18
62.141.192.0/18 maxlen: 18
89.231.0.0/16 maxlen: 16
80.244.128.0/19 maxlen: 19
194.116.132.0/23 maxlen: 23
92.42.112.0/21 maxlen: 21
93.94.184.0/21 maxlen: 21
31.6.192.0/19 maxlen: 19
193.200.118.0/23 maxlen: 23
194.149.240.0/24 maxlen: 24
31.6.218.0/24 maxlen: 24
37.131.128.0/19 maxlen: 19
193.43.240.0/22 maxlen: 22
193.106.76.0/22 maxlen: 22
95.129.224.0/21 maxlen: 21
37.190.128.0/17 maxlen: 17
89.228.0.0/16 maxlen: 16
95.174.32.0/19 maxlen: 19
82.115.64.0/19 maxlen: 19
94.251.168.0/24 maxlen: 24
176.221.96.0/19 maxlen: 19
85.117.0.0/19 maxlen: 19
213.136.224.0/19 maxlen: 19
62.61.32.0/19 maxlen: 19
94.251.128.0/17 maxlen: 17
87.116.192.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:12:83:36:6d:de:ef:77:a8:dc:1a:17:a0:0d:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e15df688c3aeae3f685ed44b396c2198395861d
Validity
Not Before: Jan 1 08:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f309e3ef0e2e00255696b9c8e622f8e84461bab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a2:3f:5e:1b:75:ea:b0:42:cc:06:7a:67:18:
48:aa:0c:b6:71:e2:10:da:a5:b3:a3:2c:b4:bb:ac:
e5:eb:bf:62:36:5e:2e:b2:f7:68:a5:1b:ed:ce:a3:
9e:13:2c:78:48:1e:73:a3:24:d9:56:51:0b:64:f3:
d5:5b:3c:20:e5:c1:ef:b9:1a:5e:85:84:e7:24:ae:
2a:c4:e8:ae:b7:cc:1d:0b:c7:8f:0e:46:a9:0d:d9:
83:7a:70:0d:9d:94:0e:9f:d4:d9:76:4e:c9:db:53:
44:14:10:7e:45:ac:91:c7:02:a5:58:2a:74:db:b5:
e3:ce:3b:41:43:fc:9e:23:fc:ed:48:71:2a:56:ba:
10:bc:50:8b:9b:a7:cd:48:b1:ac:8d:7f:b5:ce:2f:
a4:b3:e2:17:ef:19:67:15:46:ce:af:f1:18:75:73:
b6:2f:a5:bc:0d:b8:37:c4:8b:34:c8:e9:e1:f3:a5:
f1:a9:0b:41:2a:1e:3c:1b:f4:5d:d2:aa:84:24:5c:
a8:a8:56:40:4a:cb:f0:fb:64:9f:7a:19:24:ed:c7:
37:4f:cc:9f:ae:24:89:b5:a4:22:aa:4a:25:4d:e1:
5d:59:e9:1d:8e:43:02:6e:52:be:7e:6f:1f:db:ed:
ec:d5:cc:5d:8d:ed:8b:8a:fc:c5:51:3c:6c:8d:db:
a8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:09:E3:EF:0E:2E:00:25:56:96:B9:C8:E6:22:F8:E8:44:61:BA:B4
X509v3 Authority Key Identifier:
keyid:4E:15:DF:68:8C:3A:EA:E3:F6:85:ED:44:B3:96:C2:19:83:95:86:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThXfaIw66uP2he1Es5bCGYOVhh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/8wnj7w4uACVWlrnI5iL46ERhurQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/ThXfaIw66uP2he1Es5bCGYOVhh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.128.0-31.6.223.255
31.42.16.0/20
37.131.128.0/19
37.190.128.0/17
62.61.32.0/19
62.141.192.0/18
80.244.128.0/19
80.245.176.0/20
81.190.0.0/16
82.115.64.0/19
83.68.64.0/19
84.38.80.0/20
85.117.0.0/19
87.116.192.0/18
89.17.224.0/19
89.228.0.0/14
92.42.112.0/21
93.94.184.0/21
94.78.128.0/18
94.251.128.0/17
95.129.224.0/21
95.174.32.0/19
176.107.112.0/21
176.221.96.0/19
185.31.184.0/22
193.43.240.0/22
193.106.76.0/22
193.200.118.0/23
194.116.132.0/23
194.149.240.0/24
195.93.134.0/23
195.93.222.0/23
213.136.224.0/19
217.70.48.0/20
217.75.48.0/20
217.144.192.0/19
217.172.224.0/19
Signature Algorithm: sha256WithRSAEncryption
99:53:18:6a:dc:69:59:66:b2:14:47:66:4e:2c:cc:90:25:54:
ad:36:b0:58:9c:ea:7c:b1:72:a9:5c:02:1d:e7:fb:8b:12:40:
95:0f:e0:6a:93:80:95:22:e2:55:13:43:a2:4b:c2:1b:ab:fd:
ab:70:f2:4e:79:29:59:bc:4c:ac:53:a1:48:38:a3:e9:60:9c:
e6:8e:17:69:01:60:f5:7b:86:a5:a4:d2:77:f2:44:09:a2:34:
97:e1:ab:f4:f6:03:d0:ff:58:dd:e8:52:0f:b4:1b:e7:5d:bd:
0f:a7:0f:0b:67:a9:ee:18:63:71:18:2f:6c:50:fc:f9:ce:73:
12:c4:0b:c8:c9:28:ad:59:41:95:d9:c4:51:ce:11:85:55:40:
aa:cc:9e:e0:08:e8:7a:96:ac:c2:55:0e:0e:28:e7:c4:0a:91:
73:83:bf:fa:ab:39:dd:79:86:f1:e0:cb:79:cf:ad:38:f7:44:
37:28:6b:98:e3:8d:25:1b:b3:76:b9:64:9d:0b:56:f4:33:4d:
88:e3:10:c2:d8:58:59:5d:d4:82:73:bc:44:25:2f:e8:69:63:
16:e7:4c:c9:8f:b7:bc:9b:cf:bc:04:26:b1:42:31:8e:6f:c4:
3a:49:47:86:74:d1:1d:17:12:fd:02:be:ed:07:2e:6e:d1:fd:
06:ed:0b:9d
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAYVseBKDNm3e73eo3BoXoA0xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTVkZjY4OGMzYWVhZTNmNjg1ZWQ0NGIzOTZjMjE5ODM5
NTg2MWQwHhcNMjMwMTAxMDgzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzA5ZTNlZjBlMmUwMDI1NTY5NmI5YzhlNjIyZjhlODQ0NjFiYWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqI/Xht16rBCzAZ6ZxhIqgy2ceIQ
2qWzoyy0u6zl679iNl4usvdopRvtzqOeEyx4SB5zoyTZVlELZPPVWzwg5cHvuRpe
hYTnJK4qxOiut8wdC8ePDkapDdmDenANnZQOn9TZdk7J21NEFBB+RayRxwKlWCp0
27XjzjtBQ/yeI/ztSHEqVroQvFCLm6fNSLGsjX+1zi+ks+IX7xlnFUbOr/EYdXO2
L6W8Dbg3xIs0yOnh86XxqQtBKh48G/Rd0qqEJFyoqFZASsvw+2Sfehkk7cc3T8yf
riSJtaQiqkolTeFdWekdjkMCblK+fm8f2+3s1cxdje2LivzFUTxsjduoBwIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFPMJ4+8OLgAlVpa5yOYi+OhEYbq0MB8GA1UdIwQY
MBaAFE4V32iMOurj9oXtRLOWwhmDlYYdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhYZmFJdzY2dVAyaGUxRXM1YkNHWU9WaGgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYmY3YWItNWFhYi00MzM3LWEwMmEt
OGE2ZTU1NDE5NmJiLzEvOHduajd3NHVBQ1ZXbHJuSTVpTDQ2RVJodXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wYmY3YWItNWFhYi00MzM3LWEwMmEtOGE2ZTU1NDE5NmJi
LzEvVGhYZmFJdzY2dVAyaGUxRXM1YkNHWU9WaGgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgesEAgABMIHkMAwD
BAcfBoADBAUfBsADBAQfKhADBAUlg4ADBAclvoADBAU+PSADBAY+jcADBAVQ9IAD
BARQ9bADAwBRvgMEBVJzQAMEBVNEQAMEBFQmUAMEBVV1AAMEBld0wAMEBVkR4AMD
AlnkAwQDXCpwAwQDXV64AwQGXk6AAwQHXvuAAwQDX4HgAwQFX64gAwQDsGtwAwQF
sN1gAwQCuR+4AwQCwSvwAwQCwWpMAwQBwch2AwQBwnSEAwQAwpXwAwQBw12GAwQB
w13eAwQF1YjgAwQE2UYwAwQE2UswAwQF2ZDAAwQF2azgMA0GCSqGSIb3DQEBCwUA
A4IBAQCZUxhq3GlZZrIUR2ZOLMyQJVStNrBYnOp8sXKpXAId5/uLEkCVD+Bqk4CV
IuJVE0OiS8Ibq/2rcPJOeSlZvEysU6FIOKPpYJzmjhdpAWD1e4alpNJ38kQJojSX
4av09gPQ/1jd6FIPtBvnXb0Ppw8LZ6nuGGNxGC9sUPz5znMSxAvIySitWUGV2cRR
zhGFVUCqzJ7gCOh6lqzCVQ4OKOfECpFzg7/6qzndeYbx4Mt5z60490Q3KGuY440l
G7N2uWSdC1b0M02I4xDC2FhZXdSCc7xEJS/oaWMW50zJj7e8m8+8BCaxQjGOb8Q6
SUeGdNEdFxL9Ar7tBy5u0f0G7Qud
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:36:18 2025 by rpki-client