Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/3a1094-9b70-4251-b68f-7267073761d4/1/_sOb8ntbCK81iSdepT4tlW4dNz8.roa
File: _sOb8ntbCK81iSdepT4tlW4dNz8.roa (raw, json)
Hash identifier: kZ3pfZ//7wbMSR14Eyft7WnFqC9UnClABtFXMBGGfYc=
Subject key identifier: FE:C3:9B:F2:7B:5B:08:AF:35:89:27:5E:A5:3E:2D:95:6E:1D:37:3F
Certificate issuer: /CN=3b230442feae9fc26b8bd887faa0ed0275827a58
Certificate serial: 0186930E7C23A5F9FB1A93C170C3D8B56D7C
Authority key identifier: 3B:23:04:42:FE:AE:9F:C2:6B:8B:D8:87:FA:A0:ED:02:75:82:7A:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OyMEQv6un8Jri9iH-qDtAnWCelg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/3a1094-9b70-4251-b68f-7267073761d4/1/_sOb8ntbCK81iSdepT4tlW4dNz8.roa
Signing time: Mon 27 Feb 2023 13:27:25 +0000
ROA not before: Mon 27 Feb 2023 13:27:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48951
IP address blocks: 93.122.84.0/22 maxlen: 22
93.122.80.0/22 maxlen: 22
93.122.88.0/22 maxlen: 22
93.122.92.0/22 maxlen: 22
93.122.28.0/22 maxlen: 22
93.122.32.0/22 maxlen: 22
93.122.36.0/22 maxlen: 22
93.122.44.0/22 maxlen: 22
93.122.40.0/22 maxlen: 22
93.122.48.0/22 maxlen: 22
93.122.52.0/22 maxlen: 22
93.122.56.0/22 maxlen: 22
93.122.60.0/22 maxlen: 22
93.122.64.0/22 maxlen: 22
93.122.68.0/22 maxlen: 22
93.122.72.0/21 maxlen: 21
82.210.224.0/19 maxlen: 19
93.122.16.0/22 maxlen: 22
93.122.20.0/22 maxlen: 22
93.122.24.0/22 maxlen: 22
78.140.64.0/24 maxlen: 24
78.140.64.0/21 maxlen: 21
78.140.67.0/24 maxlen: 24
82.210.255.0/24 maxlen: 24
78.140.66.0/24 maxlen: 24
78.140.68.0/24 maxlen: 24
82.210.254.0/24 maxlen: 24
78.140.65.0/24 maxlen: 24
78.140.64.0/18 maxlen: 18
78.140.72.0/22 maxlen: 22
78.140.72.0/24 maxlen: 24
78.140.76.0/24 maxlen: 24
78.140.76.0/22 maxlen: 22
78.140.81.0/24 maxlen: 24
78.140.80.0/23 maxlen: 23
78.140.80.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:93:0e:7c:23:a5:f9:fb:1a:93:c1:70:c3:d8:b5:6d:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b230442feae9fc26b8bd887faa0ed0275827a58
Validity
Not Before: Feb 27 13:27:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fec39bf27b5b08af3589275ea53e2d956e1d373f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:11:02:a5:70:21:e7:82:17:3e:ce:2b:bf:33:
84:63:37:86:d5:c9:e7:fd:6c:f0:2f:39:08:05:27:
42:64:66:f2:08:75:37:31:a6:75:4e:61:c8:a3:7d:
69:72:21:5d:82:59:2f:9e:61:b3:f0:d9:a1:35:5a:
44:70:a0:6f:b2:3e:64:82:73:13:7c:95:33:6a:f2:
44:f9:05:dc:03:17:09:d2:17:1d:f5:a5:62:8b:87:
f5:14:07:2c:3d:39:2c:fc:f7:df:96:20:9d:ae:bf:
52:4e:f4:19:17:86:20:fc:ca:7d:8b:09:ac:a3:e7:
c3:da:d1:24:f9:cc:70:54:d0:39:91:32:06:4d:12:
3e:27:8d:53:8f:46:e0:00:0c:14:22:9e:56:de:5e:
68:87:80:05:35:f0:2e:fa:ac:a3:e2:a5:ce:f4:1b:
42:17:1d:d3:a3:26:f1:29:a6:1f:6b:23:3e:e1:f1:
3b:af:f1:e1:a6:dc:aa:db:48:39:7d:c5:89:ce:47:
7f:0d:c5:37:e5:e0:6d:38:f0:98:95:a7:52:92:a5:
37:f5:5f:ef:e2:4d:11:c2:9b:ce:82:13:22:25:32:
2d:60:03:92:6f:eb:17:7b:dc:fd:6a:37:0e:f7:24:
da:bf:e2:bb:31:ef:d6:64:b3:5c:5c:a8:3d:c8:67:
04:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:C3:9B:F2:7B:5B:08:AF:35:89:27:5E:A5:3E:2D:95:6E:1D:37:3F
X509v3 Authority Key Identifier:
keyid:3B:23:04:42:FE:AE:9F:C2:6B:8B:D8:87:FA:A0:ED:02:75:82:7A:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OyMEQv6un8Jri9iH-qDtAnWCelg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/3a1094-9b70-4251-b68f-7267073761d4/1/_sOb8ntbCK81iSdepT4tlW4dNz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/3a1094-9b70-4251-b68f-7267073761d4/1/OyMEQv6un8Jri9iH-qDtAnWCelg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.140.64.0/18
82.210.224.0/19
93.122.16.0-93.122.95.255
Signature Algorithm: sha256WithRSAEncryption
b2:0c:e3:bf:80:be:b3:aa:05:d9:4d:e5:7a:99:39:7a:d5:43:
b8:8c:15:c0:08:e1:f9:f1:54:d6:05:55:e6:7e:f5:64:8b:08:
f4:d3:e9:39:e2:c8:d3:c3:36:c7:6f:3a:88:e3:79:84:f8:af:
08:fa:a6:91:d8:f0:72:6b:96:a8:e3:fb:d9:a2:12:52:95:12:
09:90:a7:d5:10:9d:0f:89:20:40:34:d4:d6:38:9c:75:3a:b8:
9c:2c:11:31:c9:b4:d1:7a:aa:32:d9:33:ba:29:98:48:4b:38:
9c:00:53:03:68:93:de:ac:06:02:da:97:0e:13:dd:ad:41:9f:
7b:c3:f6:8f:3f:13:6c:22:d0:37:c8:46:db:93:a8:65:5c:55:
2f:47:f6:ee:19:e2:61:2b:fb:9e:e3:73:92:fd:ce:3b:b2:97:
fd:bf:87:8d:27:d0:06:af:ec:4b:1a:fe:a4:54:37:33:69:1e:
cb:64:e3:5d:17:83:99:62:79:31:fa:3e:d2:a1:47:a4:34:9f:
66:ca:08:6d:68:f7:e7:75:9f:63:80:37:96:3d:04:86:a1:90:
eb:7a:cc:d1:ca:f2:7d:d9:16:77:d4:22:f4:09:ea:13:e5:bb:
e8:ca:0f:4a:4f:54:6e:6a:ff:02:b6:c0:f4:0a:c4:c8:94:91:
58:cb:9b:e9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYaTDnwjpfn7GpPBcMPYtW18MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMjMwNDQyZmVhZTlmYzI2YjhiZDg4N2ZhYTBlZDAyNzU4
MjdhNTgwHhcNMjMwMjI3MTMyNzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWMzOWJmMjdiNWIwOGFmMzU4OTI3NWVhNTNlMmQ5NTZlMWQzNzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhECpXAh54IXPs4rvzOEYzeG1cnn
/WzwLzkIBSdCZGbyCHU3MaZ1TmHIo31pciFdglkvnmGz8NmhNVpEcKBvsj5kgnMT
fJUzavJE+QXcAxcJ0hcd9aVii4f1FAcsPTks/PffliCdrr9STvQZF4Yg/Mp9iwms
o+fD2tEk+cxwVNA5kTIGTRI+J41Tj0bgAAwUIp5W3l5oh4AFNfAu+qyj4qXO9BtC
Fx3ToybxKaYfayM+4fE7r/Hhptyq20g5fcWJzkd/DcU35eBtOPCYladSkqU39V/v
4k0RwpvOghMiJTItYAOSb+sXe9z9ajcO9yTav+K7Me/WZLNcXKg9yGcEWwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFP7Dm/J7WwivNYknXqU+LZVuHTc/MB8GA1UdIwQY
MBaAFDsjBEL+rp/Ca4vYh/qg7QJ1gnpYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3lNRVF2NnVuOEpyaTlpSC1xRHRBbldDZWxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8zYTEwOTQtOWI3MC00MjUxLWI2OGYt
NzI2NzA3Mzc2MWQ0LzEvX3NPYjhudGJDSzgxaVNkZXBUNHRsVzRkTno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8zYTEwOTQtOWI3MC00MjUxLWI2OGYtNzI2NzA3Mzc2MWQ0
LzEvT3lNRVF2NnVuOEpyaTlpSC1xRHRBbldDZWxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQGToxAAwQF
UtLgMAwDBARdehADBAVdekAwDQYJKoZIhvcNAQELBQADggEBALIM47+AvrOqBdlN
5XqZOXrVQ7iMFcAI4fnxVNYFVeZ+9WSLCPTT6TniyNPDNsdvOojjeYT4rwj6ppHY
8HJrlqjj+9miElKVEgmQp9UQnQ+JIEA01NY4nHU6uJwsETHJtNF6qjLZM7opmEhL
OJwAUwNok96sBgLalw4T3a1Bn3vD9o8/E2wi0DfIRtuTqGVcVS9H9u4Z4mEr+57j
c5L9zjuyl/2/h40n0Aav7Esa/qRUNzNpHstk410Xg5lieTH6PtKhR6Q0n2bKCG1o
9+d1n2OAN5Y9BIahkOt6zNHK8n3ZFnfUIvQJ6hPlu+jKD0pPVG5q/wK2wPQKxMiU
kVjLm+k=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:15:23 2025 by rpki-client