Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/prPUSZIlNHZzHquFk6onYGMi01U.roa
File: prPUSZIlNHZzHquFk6onYGMi01U.roa (raw, json)
Hash identifier: NRD7InncKjIcMoEW6nO2LDIyCu/2Rf6eyRKlg2z8KKw=
Subject key identifier: A6:B3:D4:49:92:25:34:76:73:1E:AB:85:93:AA:27:60:63:22:D3:55
Certificate issuer: /CN=a322f229edc2f314a2fa5ef0d7af1dddb499ea31
Certificate serial: 018848426E9C5D78AFE835FC6F3625F71B9B
Authority key identifier: A3:22:F2:29:ED:C2:F3:14:A2:FA:5E:F0:D7:AF:1D:DD:B4:99:EA:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oyLyKe3C8xSi-l7w168d3bSZ6jE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/prPUSZIlNHZzHquFk6onYGMi01U.roa
Signing time: Tue 23 May 2023 10:58:13 +0000
ROA not before: Tue 23 May 2023 10:58:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8473
IP address blocks: 109.228.128.0/18 maxlen: 18
213.80.96.0/19 maxlen: 19
5.150.192.0/18 maxlen: 18
85.24.128.0/17 maxlen: 17
82.196.96.0/19 maxlen: 19
178.174.128.0/17 maxlen: 17
212.85.64.0/19 maxlen: 19
79.136.0.0/17 maxlen: 17
217.31.160.0/19 maxlen: 19
94.254.0.0/17 maxlen: 17
213.164.192.0/19 maxlen: 19
213.136.32.0/19 maxlen: 19
185.57.4.0/22 maxlen: 22
185.90.176.0/22 maxlen: 22
62.63.192.0/18 maxlen: 18
176.10.128.0/17 maxlen: 17
81.170.128.0/17 maxlen: 17
98.128.0.0/16 maxlen: 16
212.116.64.0/19 maxlen: 19
46.59.0.0/17 maxlen: 17
195.178.160.0/19 maxlen: 19
217.27.160.0/19 maxlen: 19
37.123.128.0/18 maxlen: 18
2a02:508::/32 maxlen: 32
2001:9b2::/34 maxlen: 34
2001:9b0::/32 maxlen: 32
2001:9b0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:48:42:6e:9c:5d:78:af:e8:35:fc:6f:36:25:f7:1b:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a322f229edc2f314a2fa5ef0d7af1dddb499ea31
Validity
Not Before: May 23 10:58:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6b3d44992253476731eab8593aa27606322d355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:69:7f:5a:05:16:15:b7:d5:22:87:f5:2d:7d:
1d:78:88:f1:64:4c:5f:56:60:55:68:cc:28:0f:3b:
ed:ef:b4:46:a3:51:61:cd:21:8e:a2:ab:1e:a2:1d:
d2:89:c0:b1:65:e5:26:71:89:f1:d9:b3:cd:9a:d5:
e9:0a:78:bf:82:ea:0f:c9:51:b4:c1:82:9d:ea:18:
56:a4:16:4c:34:99:47:b7:99:2c:78:cc:7e:95:a8:
f1:bc:b9:5d:38:fa:f5:0f:e7:b8:0c:ed:31:63:b8:
fc:47:27:98:97:96:a5:09:f9:08:15:4c:9f:98:08:
6b:60:86:a5:58:ac:41:50:9c:32:d2:f8:60:5c:59:
f1:58:05:94:5d:c0:a6:e1:13:8c:45:db:27:9b:d8:
d9:4a:6c:25:c1:b0:5e:87:37:77:10:8f:35:e9:a1:
4d:c0:e1:8c:f7:22:8f:e0:6b:3a:e3:c2:a5:6f:26:
52:86:75:fd:28:f1:3e:b5:77:de:09:38:99:04:79:
45:9f:cf:d4:3c:aa:c0:28:ae:f9:71:d8:f1:97:b4:
ea:bb:94:eb:bd:4c:0a:c2:4e:12:b0:90:93:12:6e:
6b:bf:ba:f0:e8:f1:54:d3:41:95:0b:e6:42:d2:53:
93:0c:ab:db:52:45:a0:fb:2b:c0:1e:9b:f9:81:02:
e4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:B3:D4:49:92:25:34:76:73:1E:AB:85:93:AA:27:60:63:22:D3:55
X509v3 Authority Key Identifier:
keyid:A3:22:F2:29:ED:C2:F3:14:A2:FA:5E:F0:D7:AF:1D:DD:B4:99:EA:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyLyKe3C8xSi-l7w168d3bSZ6jE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/prPUSZIlNHZzHquFk6onYGMi01U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/oyLyKe3C8xSi-l7w168d3bSZ6jE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.150.192.0/18
37.123.128.0/18
46.59.0.0/17
62.63.192.0/18
79.136.0.0/17
81.170.128.0/17
82.196.96.0/19
85.24.128.0/17
94.254.0.0/17
98.128.0.0/16
109.228.128.0/18
176.10.128.0/17
178.174.128.0/17
185.57.4.0/22
185.90.176.0/22
195.178.160.0/19
212.85.64.0/19
212.116.64.0/19
213.80.96.0/19
213.136.32.0/19
213.164.192.0/19
217.27.160.0/19
217.31.160.0/19
IPv6:
2001:9b0::/29
2a02:508::/32
Signature Algorithm: sha256WithRSAEncryption
ac:3f:5b:db:77:be:f7:82:98:3b:e0:e6:77:65:5b:08:f4:c8:
81:c1:c1:ef:8e:8f:fe:cb:4b:0f:70:b4:25:1d:0f:80:82:54:
a3:45:a0:d5:65:60:65:db:74:a5:6c:f1:2a:b4:79:af:c5:9c:
cc:bf:ba:d3:da:56:86:f1:2b:8a:f4:8d:1d:6e:af:79:8a:57:
8d:77:6a:81:e4:55:56:fc:35:38:35:9a:ec:37:b7:17:d4:c4:
37:08:62:aa:f5:5b:c4:36:5c:2d:14:fe:f3:d1:25:ac:7a:7c:
49:14:12:a6:ff:5e:57:fb:4f:7c:1f:03:37:8a:e8:4e:d3:9a:
55:68:f6:6a:1e:03:41:e5:ab:aa:1a:b4:9b:51:4b:42:cd:49:
b8:17:22:63:3a:2b:0c:bb:64:4e:f7:7b:bb:14:76:d5:92:ea:
0c:a0:0b:8a:b9:c4:f5:a6:e1:8b:54:c5:2f:69:38:3b:bf:2e:
d8:c9:40:f6:72:b3:d9:29:fb:59:d0:43:f5:6c:64:a4:f4:b8:
61:b3:5b:0e:a6:da:43:50:d6:6e:14:a9:94:9a:ef:df:20:dc:
ae:6a:80:3d:e3:4c:44:c1:f7:54:80:33:30:98:69:ae:ed:93:
b5:64:ca:af:9e:8c:11:03:78:1f:3d:30:b0:69:9d:56:1e:ee:
cf:d4:95:4d
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAYhIQm6cXXiv6DX8bzYl9xubMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjJmMjI5ZWRjMmYzMTRhMmZhNWVmMGQ3YWYxZGRkYjQ5
OWVhMzEwHhcNMjMwNTIzMTA1ODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmIzZDQ0OTkyMjUzNDc2NzMxZWFiODU5M2FhMjc2MDYzMjJkMzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGl/WgUWFbfVIof1LX0deIjxZExf
VmBVaMwoDzvt77RGo1FhzSGOoqseoh3SicCxZeUmcYnx2bPNmtXpCni/guoPyVG0
wYKd6hhWpBZMNJlHt5kseMx+lajxvLldOPr1D+e4DO0xY7j8RyeYl5alCfkIFUyf
mAhrYIalWKxBUJwy0vhgXFnxWAWUXcCm4ROMRdsnm9jZSmwlwbBehzd3EI816aFN
wOGM9yKP4Gs648KlbyZShnX9KPE+tXfeCTiZBHlFn8/UPKrAKK75cdjxl7Tqu5Tr
vUwKwk4SsJCTEm5rv7rw6PFU00GVC+ZC0lOTDKvbUkWg+yvAHpv5gQLkIwIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFKaz1EmSJTR2cx6rhZOqJ2BjItNVMB8GA1UdIwQY
MBaAFKMi8intwvMUovpe8NevHd20meoxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lMeUtlM0M4eFNpLWw3dzE2OGQzYlNaNmpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lZGZmYmItMTA4Mi00NDgyLThhMDgt
NjVmODI0N2ZmYTkxLzEvcHJQVVNaSWxOSFp6SHF1Rms2b25ZR01pMDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lZGZmYmItMTA4Mi00NDgyLThhMDgtNjVmODI0N2ZmYTkx
LzEvb3lMeUtlM0M4eFNpLWw3dzE2OGQzYlNaNmpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBkAQCAAEwgYkDBAYF
lsADBAYle4ADBAcuOwADBAY+P8ADBAdPiAADBAdRqoADBAVSxGADBAdVGIADBAde
/gADAwBigAMEBm3kgAMEB7AKgAMEB7KugAMEArk5BAMEArlasAMEBcOyoAMEBdRV
QAMEBdR0QAMEBdVQYAMEBdWIIAMEBdWkwAMEBdkboAMEBdkfoDAUBAIAAjAOAwUD
IAEJsAMFACoCBQgwDQYJKoZIhvcNAQELBQADggEBAKw/W9t3vveCmDvg5ndlWwj0
yIHBwe+Oj/7LSw9wtCUdD4CCVKNFoNVlYGXbdKVs8Sq0ea/FnMy/utPaVobxK4r0
jR1ur3mKV413aoHkVVb8NTg1muw3txfUxDcIYqr1W8Q2XC0U/vPRJax6fEkUEqb/
Xlf7T3wfAzeK6E7TmlVo9moeA0Hlq6oatJtRS0LNSbgXImM6Kwy7ZE73e7sUdtWS
6gygC4q5xPWm4YtUxS9pODu/LtjJQPZys9kp+1nQQ/VsZKT0uGGzWw6m2kNQ1m4U
qZSa798g3K5qgD3jTETB91SAMzCYaa7tk7Vkyq+ejBEDeB89MLBpnVYe7s/UlU0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:36 2025 by rpki-client