Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/P-msgN44BD8z2VmKMNWYZI6asjg.roa
File: P-msgN44BD8z2VmKMNWYZI6asjg.roa (raw, json)
Hash identifier: o6vPxfmfhFwoaQjDiAKsxlkSOiHmGwW/IfQoVER9cRU=
Subject key identifier: 3F:E9:AC:80:DE:38:04:3F:33:D9:59:8A:30:D5:98:64:8E:9A:B2:38
Certificate issuer: /CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Certificate serial: 01856F82411AE8219A6694CF12D577BD13CD
Authority key identifier: AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/P-msgN44BD8z2VmKMNWYZI6asjg.roa
Signing time: Sun 01 Jan 2023 22:44:45 +0000
ROA not before: Sun 01 Jan 2023 22:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39251
IP address blocks: 193.37.238.0/24 maxlen: 24
185.229.252.0/22 maxlen: 24
91.223.66.0/24 maxlen: 24
185.163.140.0/22 maxlen: 24
194.169.230.0/24 maxlen: 24
194.169.237.0/24 maxlen: 24
91.245.192.0/24 maxlen: 24
194.169.242.0/24 maxlen: 24
85.217.250.0/24 maxlen: 24
85.217.251.0/24 maxlen: 24
85.217.252.0/22 maxlen: 24
213.232.88.0/22 maxlen: 24
185.225.84.0/22 maxlen: 24
91.92.72.0/21 maxlen: 24
91.92.80.0/20 maxlen: 24
91.92.96.0/21 maxlen: 24
194.169.223.0/24 maxlen: 24
2a0b:f800::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:41:1a:e8:21:9a:66:94:cf:12:d5:77:bd:13:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Validity
Not Before: Jan 1 22:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fe9ac80de38043f33d9598a30d598648e9ab238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:bf:e4:f5:6b:3a:d5:d4:4d:d6:66:3c:b1:1c:
94:9e:4f:81:22:9d:2d:5a:d2:7d:5c:c8:53:bc:9a:
a3:85:ef:12:c2:2f:1b:b2:71:e7:76:1c:74:d4:f9:
5d:00:fd:63:2d:32:0e:a4:b5:28:ac:e1:01:1c:35:
f1:b0:54:95:c1:15:9a:a7:8e:d0:c7:c0:a7:46:38:
04:ba:f8:93:8d:65:d7:cb:37:49:91:96:db:19:14:
79:40:51:43:78:f2:02:35:b0:da:f6:74:3a:d6:f5:
3e:ef:14:a6:d7:43:15:95:f1:a0:81:96:aa:28:bb:
71:d3:1c:a3:83:c7:d0:d2:73:6b:b8:0b:7a:c9:5c:
10:da:e6:fc:ae:e0:7d:6d:80:f2:98:e9:1f:08:cc:
bb:60:d4:41:5c:a4:42:40:d3:20:01:00:89:f5:ec:
c6:a6:1b:99:2c:a0:4d:0c:61:4b:2d:04:f8:95:b6:
30:15:2b:87:83:63:8b:46:91:9c:90:6a:8b:cb:7e:
49:ef:a4:a9:f2:7b:1e:4f:fd:7c:0c:0d:d3:87:08:
3b:ff:d8:2a:a0:69:cd:c2:8c:58:62:29:a0:8f:5d:
9d:54:3d:5a:7b:43:f6:cd:e2:25:1f:d9:b2:73:02:
af:9a:ae:69:89:f8:3b:75:87:16:12:22:da:99:42:
83:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:E9:AC:80:DE:38:04:3F:33:D9:59:8A:30:D5:98:64:8E:9A:B2:38
X509v3 Authority Key Identifier:
keyid:AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/P-msgN44BD8z2VmKMNWYZI6asjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.250.0-85.217.255.255
91.92.72.0-91.92.103.255
91.223.66.0/24
91.245.192.0/24
185.163.140.0/22
185.225.84.0/22
185.229.252.0/22
193.37.238.0/24
194.169.223.0/24
194.169.230.0/24
194.169.237.0/24
194.169.242.0/24
213.232.88.0/22
IPv6:
2a0b:f800::/32
Signature Algorithm: sha256WithRSAEncryption
ae:72:29:50:23:c1:d8:70:e8:7d:4c:87:94:91:43:f6:b8:d3:
cb:95:15:77:cd:07:dc:71:b5:ae:16:91:0f:da:78:62:11:51:
04:2b:f9:2c:3c:60:18:cf:55:38:b9:ed:44:fc:f0:03:16:57:
82:a9:71:8a:77:76:c7:2c:f1:25:76:ba:11:99:54:6e:40:6d:
88:99:ac:72:42:2f:8c:84:f9:61:b6:f9:23:63:b2:e6:5e:d3:
e2:80:5e:b6:d1:88:a3:55:b1:7a:7c:38:f9:3b:54:30:07:6c:
a1:34:e9:b6:12:cb:54:b2:2e:e2:48:12:81:83:ba:6e:52:32:
a3:ce:67:25:19:2d:9b:48:5e:83:67:db:f6:85:7d:81:d4:d2:
47:aa:20:67:d6:94:7c:1f:2c:64:dd:9f:f5:1d:66:a9:84:22:
53:58:f4:d1:2a:57:6b:c4:91:85:f2:67:db:8a:b8:b1:d6:48:
e9:83:03:42:30:00:df:8d:0e:36:6d:dd:38:0c:dd:d9:0a:a3:
48:4e:37:7f:f3:e5:fc:44:b0:b1:c9:7d:79:e9:a2:a3:f7:29:
56:66:06:d4:12:b4:81:ab:e6:c5:79:c1:70:27:2e:f5:47:86:
69:2c:33:1e:be:51:3f:ff:b6:5d:c3:50:3b:42:c8:4d:40:63:
40:ac:92:ea
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYVvgkEa6CGaZpTPEtV3vRPNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMWY3MjFiN2I3ZTZkMDQ5ZmJmZTUyMGUxY2E4OWMxY2Ey
NTY4MTMwHhcNMjMwMTAxMjI0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmU5YWM4MGRlMzgwNDNmMzNkOTU5OGEzMGQ1OTg2NDhlOWFiMjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmL/k9Ws61dRN1mY8sRyUnk+BIp0t
WtJ9XMhTvJqjhe8Swi8bsnHndhx01PldAP1jLTIOpLUorOEBHDXxsFSVwRWap47Q
x8CnRjgEuviTjWXXyzdJkZbbGRR5QFFDePICNbDa9nQ61vU+7xSm10MVlfGggZaq
KLtx0xyjg8fQ0nNruAt6yVwQ2ub8ruB9bYDymOkfCMy7YNRBXKRCQNMgAQCJ9ezG
phuZLKBNDGFLLQT4lbYwFSuHg2OLRpGckGqLy35J76Sp8nseT/18DA3Thwg7/9gq
oGnNwoxYYimgj12dVD1ae0P2zeIlH9mycwKvmq5pifg7dYcWEiLamUKDiwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFD/prIDeOAQ/M9lZijDVmGSOmrI4MB8GA1UdIwQY
MBaAFKwfcht7fm0En7/lIOHKicHKJWgTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjIt
NjRkMjljODZiZjNlLzEvUC1tc2dONDRCRDh6MlZtS01OV1laSTZhc2pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjItNjRkMjljODZiZjNl
LzEvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwYwQCAAEwXTALAwQBVdn6
AwMBVdgwDAMEA1tcSAMEA1tcYAMEAFvfQgMEAFv1wAMEArmjjAMEArnhVAMEArnl
/AMEAMEl7gMEAMKp3wMEAMKp5gMEAMKp7QMEAMKp8gMEAtXoWDANBAIAAjAHAwUA
Kgv4ADANBgkqhkiG9w0BAQsFAAOCAQEArnIpUCPB2HDofUyHlJFD9rjTy5UVd80H
3HG1rhaRD9p4YhFRBCv5LDxgGM9VOLntRPzwAxZXgqlxind2xyzxJXa6EZlUbkBt
iJmsckIvjIT5Ybb5I2Oy5l7T4oBettGIo1Wxenw4+TtUMAdsoTTpthLLVLIu4kgS
gYO6blIyo85nJRktm0heg2fb9oV9gdTSR6ogZ9aUfB8sZN2f9R1mqYQiU1j00SpX
a8SRhfJn24q4sdZI6YMDQjAA340ONm3dOAzd2QqjSE43f/Pl/ESwscl9eemio/cp
VmYG1BK0gavmxXnBcCcu9UeGaSwzHr5RP/+2XcNQO0LITUBjQKyS6g==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:22 2025 by rpki-client