Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/4C8YanyohHIQwp6lTnqWjHNWU-k.roa
File: 4C8YanyohHIQwp6lTnqWjHNWU-k.roa (raw, json)
Hash identifier: jUdASZ2FjfSZ+4AjeiZPwZRAjgmOthmGGWU6BoAHJik=
Subject key identifier: E0:2F:18:6A:7C:A8:84:72:10:C2:9E:A5:4E:7A:96:8C:73:56:53:E9
Certificate issuer: /CN=a322f229edc2f314a2fa5ef0d7af1dddb499ea31
Certificate serial: 01856F0B76B38DEB587F6ADA407C8D441195
Authority key identifier: A3:22:F2:29:ED:C2:F3:14:A2:FA:5E:F0:D7:AF:1D:DD:B4:99:EA:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oyLyKe3C8xSi-l7w168d3bSZ6jE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/4C8YanyohHIQwp6lTnqWjHNWU-k.roa
Signing time: Sun 01 Jan 2023 20:35:00 +0000
ROA not before: Sun 01 Jan 2023 20:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8473
IP address blocks: 109.228.128.0/18 maxlen: 18
213.80.96.0/19 maxlen: 19
5.150.192.0/18 maxlen: 18
85.24.128.0/17 maxlen: 17
82.196.96.0/19 maxlen: 19
178.174.128.0/17 maxlen: 17
212.85.64.0/19 maxlen: 19
79.136.0.0/17 maxlen: 17
217.31.160.0/19 maxlen: 19
94.254.0.0/17 maxlen: 17
213.164.192.0/19 maxlen: 19
213.136.32.0/19 maxlen: 19
185.57.4.0/22 maxlen: 22
185.90.176.0/22 maxlen: 22
62.63.192.0/18 maxlen: 18
81.170.128.0/17 maxlen: 17
176.10.128.0/17 maxlen: 17
98.128.0.0/16 maxlen: 16
212.116.64.0/19 maxlen: 19
46.59.0.0/17 maxlen: 17
195.178.160.0/19 maxlen: 19
217.27.160.0/19 maxlen: 19
37.123.128.0/18 maxlen: 18
2a02:508::/32 maxlen: 32
2001:9b0::/32 maxlen: 32
2001:9b0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:76:b3:8d:eb:58:7f:6a:da:40:7c:8d:44:11:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a322f229edc2f314a2fa5ef0d7af1dddb499ea31
Validity
Not Before: Jan 1 20:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e02f186a7ca8847210c29ea54e7a968c735653e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f3:66:82:21:b0:67:2a:2b:26:d9:07:5c:b6:
ac:f6:a6:f6:2f:23:9f:dd:b0:f5:8a:1c:ec:ee:c7:
84:82:a3:2f:c2:d1:a4:ad:b4:b7:91:b9:d7:0f:d7:
7e:10:aa:f6:bd:19:6a:8b:1d:3c:88:a7:d7:99:71:
4d:ac:b6:8f:42:5c:90:01:43:4a:90:ae:44:8c:fb:
62:d4:45:17:00:8e:c4:2c:5f:cb:3b:4b:e2:84:78:
6d:d3:b5:8f:3b:19:d9:18:03:d8:e4:24:ec:06:17:
f2:34:c3:57:c7:77:73:58:d7:a4:d0:d8:26:06:fa:
9b:59:fb:51:24:78:7d:5e:ff:7e:04:f0:4b:86:55:
b8:84:9e:75:08:69:b7:1e:48:eb:57:ea:c1:4c:72:
66:3d:f5:28:75:91:34:bb:fd:af:ab:fd:5d:53:99:
9d:8c:89:54:f4:fc:51:74:75:69:9d:23:b7:c9:3e:
d4:91:e8:6e:11:c4:70:19:6b:86:cc:ac:a2:ce:29:
b6:b1:95:94:d2:5d:ee:f2:62:4b:0f:f9:c8:ec:41:
eb:a1:25:27:81:06:c2:9e:c4:77:ac:b5:80:70:17:
eb:41:ce:41:07:ff:79:7d:0b:8b:7e:78:02:02:30:
a7:66:77:00:9d:4e:cd:cc:f0:4a:87:ae:00:fc:05:
df:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:2F:18:6A:7C:A8:84:72:10:C2:9E:A5:4E:7A:96:8C:73:56:53:E9
X509v3 Authority Key Identifier:
keyid:A3:22:F2:29:ED:C2:F3:14:A2:FA:5E:F0:D7:AF:1D:DD:B4:99:EA:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyLyKe3C8xSi-l7w168d3bSZ6jE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/4C8YanyohHIQwp6lTnqWjHNWU-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/oyLyKe3C8xSi-l7w168d3bSZ6jE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.150.192.0/18
37.123.128.0/18
46.59.0.0/17
62.63.192.0/18
79.136.0.0/17
81.170.128.0/17
82.196.96.0/19
85.24.128.0/17
94.254.0.0/17
98.128.0.0/16
109.228.128.0/18
176.10.128.0/17
178.174.128.0/17
185.57.4.0/22
185.90.176.0/22
195.178.160.0/19
212.85.64.0/19
212.116.64.0/19
213.80.96.0/19
213.136.32.0/19
213.164.192.0/19
217.27.160.0/19
217.31.160.0/19
IPv6:
2001:9b0::/29
2a02:508::/32
Signature Algorithm: sha256WithRSAEncryption
a9:2a:39:b4:aa:28:b8:f0:b8:4d:a5:f8:fe:0b:ed:a2:bf:5c:
7c:2b:b6:f9:62:a0:b9:69:6a:3f:06:d2:1a:05:82:9e:7b:49:
5e:43:85:01:64:d4:f8:25:9e:f0:4a:9b:1f:c8:66:a7:f9:44:
3e:b3:47:e7:dc:d7:c8:ce:4c:b9:58:00:5b:67:31:34:4c:c1:
7c:1f:1a:7b:43:cc:a1:ce:9f:83:d2:a4:b4:4d:44:af:99:0a:
5a:3c:68:24:5d:10:6d:28:81:de:ec:61:b1:51:06:34:fe:0e:
c6:31:64:a8:d0:41:0f:d5:de:a7:5a:3a:40:cd:36:1e:e2:f0:
14:34:e4:5f:28:b6:57:28:b9:c1:c6:10:1e:93:80:1c:52:21:
df:31:f2:3b:5d:05:7b:f3:d0:8a:2a:d3:36:27:5f:67:32:a6:
f1:67:c6:33:e7:93:59:9d:01:c5:a3:5b:43:08:57:39:30:f3:
24:75:d2:65:e8:72:73:ae:6e:18:7b:ad:2a:d6:c9:e7:c9:a5:
41:1f:a8:0a:ad:54:95:0c:dd:ff:da:0b:62:55:f2:8e:f9:d4:
c5:0f:3b:3e:1b:be:bc:6a:e3:c9:ad:86:d4:0f:5e:df:0f:cb:
c2:bd:af:fb:52:f3:fc:b3:66:1a:c3:45:b6:79:e0:b5:93:c5:
42:d9:82:5e
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAYVvC3azjetYf2raQHyNRBGVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjJmMjI5ZWRjMmYzMTRhMmZhNWVmMGQ3YWYxZGRkYjQ5
OWVhMzEwHhcNMjMwMTAxMjAzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDJmMTg2YTdjYTg4NDcyMTBjMjllYTU0ZTdhOTY4YzczNTY1M2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvNmgiGwZyorJtkHXLas9qb2LyOf
3bD1ihzs7seEgqMvwtGkrbS3kbnXD9d+EKr2vRlqix08iKfXmXFNrLaPQlyQAUNK
kK5EjPti1EUXAI7ELF/LO0vihHht07WPOxnZGAPY5CTsBhfyNMNXx3dzWNek0Ngm
BvqbWftRJHh9Xv9+BPBLhlW4hJ51CGm3HkjrV+rBTHJmPfUodZE0u/2vq/1dU5md
jIlU9PxRdHVpnSO3yT7UkehuEcRwGWuGzKyizim2sZWU0l3u8mJLD/nI7EHroSUn
gQbCnsR3rLWAcBfrQc5BB/95fQuLfngCAjCnZncAnU7NzPBKh64A/AXf5wIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFOAvGGp8qIRyEMKepU56loxzVlPpMB8GA1UdIwQY
MBaAFKMi8intwvMUovpe8NevHd20meoxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lMeUtlM0M4eFNpLWw3dzE2OGQzYlNaNmpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lZGZmYmItMTA4Mi00NDgyLThhMDgt
NjVmODI0N2ZmYTkxLzEvNEM4WWFueW9oSElRd3A2bFRucVdqSE5XVS1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lZGZmYmItMTA4Mi00NDgyLThhMDgtNjVmODI0N2ZmYTkx
LzEvb3lMeUtlM0M4eFNpLWw3dzE2OGQzYlNaNmpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBkAQCAAEwgYkDBAYF
lsADBAYle4ADBAcuOwADBAY+P8ADBAdPiAADBAdRqoADBAVSxGADBAdVGIADBAde
/gADAwBigAMEBm3kgAMEB7AKgAMEB7KugAMEArk5BAMEArlasAMEBcOyoAMEBdRV
QAMEBdR0QAMEBdVQYAMEBdWIIAMEBdWkwAMEBdkboAMEBdkfoDAUBAIAAjAOAwUD
IAEJsAMFACoCBQgwDQYJKoZIhvcNAQELBQADggEBAKkqObSqKLjwuE2l+P4L7aK/
XHwrtvlioLlpaj8G0hoFgp57SV5DhQFk1PglnvBKmx/IZqf5RD6zR+fc18jOTLlY
AFtnMTRMwXwfGntDzKHOn4PSpLRNRK+ZClo8aCRdEG0ogd7sYbFRBjT+DsYxZKjQ
QQ/V3qdaOkDNNh7i8BQ05F8otlcoucHGEB6TgBxSId8x8jtdBXvz0Ioq0zYnX2cy
pvFnxjPnk1mdAcWjW0MIVzkw8yR10mXocnOubhh7rSrWyefJpUEfqAqtVJUM3f/a
C2JV8o751MUPOz4bvrxq48mthtQPXt8Py8K9r/tS8/yzZhrDRbZ54LWTxULZgl4=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:54 2025 by rpki-client