Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/IPlnsSZkySQaqODCavFNHBlaFck.roa
File: IPlnsSZkySQaqODCavFNHBlaFck.roa (raw, json)
Hash identifier: 5Z//36uh/I4KUDVCEJi0ZHElnJAFzLi0yurIbbr9T6E=
Subject key identifier: 20:F9:67:B1:26:64:C9:24:1A:A8:E0:C2:6A:F1:4D:1C:19:5A:15:C9
Certificate issuer: /CN=7ccd0cacfafa2e0d31495dd950f76af5f98ba5d7
Certificate serial: 0189D94995C3CF3F674A47A8DED6B5C42A59
Authority key identifier: 7C:CD:0C:AC:FA:FA:2E:0D:31:49:5D:D9:50:F7:6A:F5:F9:8B:A5:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/IPlnsSZkySQaqODCavFNHBlaFck.roa
Signing time: Wed 09 Aug 2023 07:53:45 +0000
ROA not before: Wed 09 Aug 2023 07:53:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42925
IP address blocks: 147.236.224.0/22 maxlen: 24
37.60.44.0/22 maxlen: 24
37.60.40.0/22 maxlen: 24
37.60.40.0/21 maxlen: 24
213.151.32.0/19 maxlen: 24
213.151.32.0/24 maxlen: 24
147.236.212.0/22 maxlen: 24
213.151.48.0/20 maxlen: 24
95.86.64.0/19 maxlen: 24
164.138.112.0/21 maxlen: 24
164.138.112.0/20 maxlen: 24
164.138.120.0/21 maxlen: 24
95.86.64.0/18 maxlen: 24
185.10.64.0/22 maxlen: 24
212.76.112.0/20 maxlen: 24
31.44.128.0/21 maxlen: 24
31.44.128.0/20 maxlen: 24
31.44.136.0/21 maxlen: 24
95.86.96.0/19 maxlen: 24
212.76.96.0/20 maxlen: 24
212.76.96.0/19 maxlen: 24
2a01:6507::/32 maxlen: 32
2a01:6502:a58::/46 maxlen: 46
2a01:6500::/32 maxlen: 32
2a01:6506::/32 maxlen: 32
2a01:6500:a040::/46 maxlen: 46
2a01:6505::/32 maxlen: 32
2a01:6500:a044::/46 maxlen: 46
2a01:6502::/32 maxlen: 32
2a01:6502:a54::/46 maxlen: 46
2a01:6500:a058::/46 maxlen: 46
2a01:6503::/32 maxlen: 32
2a01:6500::/29 maxlen: 29
2a01:6500:a050::/46 maxlen: 46
2a01:6501::/32 maxlen: 32
2a01:6500:a054::/46 maxlen: 46
2a01:6504::/32 maxlen: 32
2a01:6500:3::/48 maxlen: 48
2a01:6500:a048::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d9:49:95:c3:cf:3f:67:4a:47:a8:de:d6:b5:c4:2a:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ccd0cacfafa2e0d31495dd950f76af5f98ba5d7
Validity
Not Before: Aug 9 07:53:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20f967b12664c9241aa8e0c26af14d1c195a15c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:be:89:16:08:da:bf:57:4a:aa:2e:f7:f8:31:
d9:1c:92:16:bf:3b:cc:92:22:c6:1a:79:d7:7e:3c:
fa:65:7e:4e:8b:2d:90:95:92:3e:37:48:1d:bd:d1:
5f:f5:76:fd:97:ce:b2:1e:30:21:89:0e:60:83:96:
94:59:9e:04:d0:76:83:da:02:05:fd:91:03:78:21:
05:1f:cb:68:cc:00:5d:86:c3:4d:52:a7:8f:69:da:
05:1e:f8:e2:3b:33:0a:10:47:3f:98:a4:d0:d3:b6:
12:f3:19:f2:fb:60:e7:7c:2b:97:73:76:c1:59:59:
32:6d:c9:ab:6a:e8:30:02:69:fa:88:1b:ff:7d:fa:
12:d4:d6:f9:56:03:b1:23:22:29:c5:69:a7:3f:84:
19:eb:2d:8a:ed:c4:65:6f:13:7e:6a:dd:22:7f:c4:
68:10:05:af:04:6a:cf:15:be:c3:80:b4:79:43:6a:
66:42:76:aa:ae:e6:53:5b:7e:c1:37:01:0f:f5:19:
a5:1a:0b:d1:0d:f9:49:5d:8f:90:ca:de:1d:6b:a3:
7e:d9:68:02:23:48:d7:31:d2:d1:bd:64:b2:be:5b:
72:7a:73:25:c7:01:58:74:5c:f2:ee:b0:47:7d:c1:
fe:d9:1f:4f:c9:e4:d2:9a:ff:a4:e5:26:9d:33:f3:
26:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:F9:67:B1:26:64:C9:24:1A:A8:E0:C2:6A:F1:4D:1C:19:5A:15:C9
X509v3 Authority Key Identifier:
keyid:7C:CD:0C:AC:FA:FA:2E:0D:31:49:5D:D9:50:F7:6A:F5:F9:8B:A5:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/IPlnsSZkySQaqODCavFNHBlaFck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.128.0/20
37.60.40.0/21
95.86.64.0/18
147.236.212.0/22
147.236.224.0/22
164.138.112.0/20
185.10.64.0/22
212.76.96.0/19
213.151.32.0/19
IPv6:
2a01:6500::/29
Signature Algorithm: sha256WithRSAEncryption
98:fb:80:1c:1d:90:1c:d2:db:42:28:c1:19:b6:88:58:7e:44:
53:ac:03:a6:8d:81:51:12:ad:4b:e1:df:ba:32:ec:78:f6:bb:
b0:4b:ef:36:42:2b:56:30:82:74:90:3c:5a:e7:5a:9f:42:32:
cf:8a:23:0e:cb:f5:89:46:9e:1c:88:72:3f:a3:60:54:f6:ad:
24:cd:a0:9e:9d:9b:8f:37:74:07:a7:0c:d0:1e:1b:ce:44:ef:
44:7d:cc:8f:54:45:8d:26:f3:d9:a8:a4:49:91:0f:28:f1:75:
65:6b:d2:a5:07:78:d6:8c:a1:6d:6d:64:4e:6c:ab:ae:3d:a3:
bc:e5:0b:db:be:52:ad:0c:fb:0e:24:39:b6:2f:bd:f6:4e:59:
52:ac:15:b5:db:6d:71:d8:25:df:2d:06:e7:61:d0:e6:b1:65:
3e:f1:08:d6:6b:95:88:d7:fd:4e:b5:f1:b5:bd:ea:4e:d2:f7:
35:6c:9e:1c:df:b1:a8:d4:d9:8e:99:d8:f3:c6:cf:3e:5e:fa:
41:cf:36:06:61:59:9f:60:be:6a:b7:3d:c9:b3:fc:a6:86:4b:
77:da:57:ec:1a:08:83:85:f2:e5:02:38:b0:a0:9e:a1:ea:a0:
09:77:58:63:c8:6c:be:09:07:3b:37:e9:69:12:f0:6f:f3:55:
d7:6e:6c:1e
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYnZSZXDzz9nSkeo3ta1xCpZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjY2QwY2FjZmFmYTJlMGQzMTQ5NWRkOTUwZjc2YWY1Zjk4
YmE1ZDcwHhcNMjMwODA5MDc1MzQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGY5NjdiMTI2NjRjOTI0MWFhOGUwYzI2YWYxNGQxYzE5NWExNWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnL6JFgjav1dKqi73+DHZHJIWvzvM
kiLGGnnXfjz6ZX5Oiy2QlZI+N0gdvdFf9Xb9l86yHjAhiQ5gg5aUWZ4E0HaD2gIF
/ZEDeCEFH8tozABdhsNNUqePadoFHvjiOzMKEEc/mKTQ07YS8xny+2DnfCuXc3bB
WVkybcmraugwAmn6iBv/ffoS1Nb5VgOxIyIpxWmnP4QZ6y2K7cRlbxN+at0if8Ro
EAWvBGrPFb7DgLR5Q2pmQnaqruZTW37BNwEP9RmlGgvRDflJXY+Qyt4da6N+2WgC
I0jXMdLRvWSyvltyenMlxwFYdFzy7rBHfcH+2R9PyeTSmv+k5SadM/MmBwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFCD5Z7EmZMkkGqjgwmrxTRwZWhXJMB8GA1UdIwQY
MBaAFHzNDKz6+i4NMUld2VD3avX5i6XXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk0wTXJQcjZMZzB4U1YzWlVQZHE5Zm1McGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9iZTVkY2YtY2IwNS00NjFhLTg2OGUt
NDM5ZmM4ZjliMzg2LzEvSVBsbnNTWmt5U1FhcU9EQ2F2Rk5IQmxhRmNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9iZTVkY2YtY2IwNS00NjFhLTg2OGUtNDM5ZmM4ZjliMzg2
LzEvZk0wTXJQcjZMZzB4U1YzWlVQZHE5Zm1McGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQEHyyAAwQD
JTwoAwQGX1ZAAwQCk+zUAwQCk+zgAwQEpIpwAwQCuQpAAwQF1ExgAwQF1ZcgMA0E
AgACMAcDBQMqAWUAMA0GCSqGSIb3DQEBCwUAA4IBAQCY+4AcHZAc0ttCKMEZtohY
fkRTrAOmjYFREq1L4d+6Mux49ruwS+82QitWMIJ0kDxa51qfQjLPiiMOy/WJRp4c
iHI/o2BU9q0kzaCenZuPN3QHpwzQHhvORO9EfcyPVEWNJvPZqKRJkQ8o8XVla9Kl
B3jWjKFtbWRObKuuPaO85QvbvlKtDPsOJDm2L732TllSrBW1221x2CXfLQbnYdDm
sWU+8QjWa5WI1/1OtfG1vepO0vc1bJ4c37Go1NmOmdjzxs8+XvpBzzYGYVmfYL5q
tz3Js/ymhkt32lfsGgiDhfLlAjiwoJ6h6qAJd1hjyGy+CQc7N+lpEvBv81XXbmwe
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:06 2025 by rpki-client