Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/M0XTS6tZSmz0BD2dMu2zOlV1gnU.roa
File: M0XTS6tZSmz0BD2dMu2zOlV1gnU.roa (raw, json)
Hash identifier: V0ioZsM+xeDDGuZ9u3zubm1y/Zlxji+a8cLnn+a6Fs4=
Subject key identifier: 33:45:D3:4B:AB:59:4A:6C:F4:04:3D:9D:32:ED:B3:3A:55:75:82:75
Certificate issuer: /CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Certificate serial: 018B7DF035350CA44D7D0003E244ACA8231D
Authority key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/M0XTS6tZSmz0BD2dMu2zOlV1gnU.roa
Signing time: Mon 30 Oct 2023 00:16:16 +0000
ROA not before: Mon 30 Oct 2023 00:16:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204957
IP address blocks: 176.126.163.0/24 maxlen: 24
185.39.30.0/24 maxlen: 24
185.237.224.0/23 maxlen: 23
91.210.164.0/23 maxlen: 23
91.210.167.0/24 maxlen: 24
91.90.195.0/24 maxlen: 24
91.90.193.0/24 maxlen: 24
92.118.151.0/24 maxlen: 24
92.118.150.0/24 maxlen: 24
92.118.149.0/24 maxlen: 24
193.162.47.0/24 maxlen: 24
185.253.44.0/23 maxlen: 23
185.253.46.0/23 maxlen: 23
2a0a:8c44::/32 maxlen: 32
2a0a:8c45::/32 maxlen: 32
2a0a:8c43::/32 maxlen: 32
2a0a:8c42::/32 maxlen: 32
2a0a:8c47::/32 maxlen: 32
2a0a:8c41::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7d:f0:35:35:0c:a4:4d:7d:00:03:e2:44:ac:a8:23:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Validity
Not Before: Oct 30 00:16:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3345d34bab594a6cf4043d9d32edb33a55758275
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:52:c1:d2:7c:ed:4b:91:5d:fd:50:4a:de:e5:
3a:74:c1:62:4e:96:a3:a1:50:bf:54:b9:59:25:14:
e8:27:e2:ba:a5:52:4c:aa:88:87:72:7c:d4:27:96:
69:a5:1d:a0:8f:34:15:51:4a:f5:c4:8f:8a:84:46:
ef:26:d6:f3:78:45:20:45:41:f4:5c:47:12:ad:c6:
18:9b:08:c5:b8:10:aa:c7:0f:b2:b6:8f:bc:a4:79:
8c:a0:4a:66:42:3f:94:95:03:08:8d:8d:85:d7:6c:
db:5f:1d:7b:20:97:0b:d2:8a:8d:56:58:4d:21:a7:
d8:0d:a8:28:1c:f3:d8:77:5d:0d:a2:a7:61:31:e5:
ca:fe:2c:1b:45:cd:4c:fe:d8:b3:51:3b:f9:33:4f:
69:6c:7d:47:12:70:4f:42:64:30:3d:44:b8:84:be:
5a:da:87:8e:1d:65:e0:f0:09:5c:35:d0:e5:cb:35:
3d:ef:35:ab:c0:76:6d:97:e0:41:2d:8a:c1:0a:58:
04:6a:6f:e0:19:18:00:0b:17:8c:3a:9f:13:00:ed:
1e:75:51:39:60:1d:de:1f:ba:39:6f:83:a2:6f:82:
20:55:64:bb:d8:dd:cb:5c:c0:fb:7f:e1:60:df:7c:
62:0b:4c:b6:da:69:ed:09:a4:b2:8d:32:6a:87:61:
d8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:45:D3:4B:AB:59:4A:6C:F4:04:3D:9D:32:ED:B3:3A:55:75:82:75
X509v3 Authority Key Identifier:
keyid:6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/M0XTS6tZSmz0BD2dMu2zOlV1gnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.90.193.0/24
91.90.195.0/24
91.210.164.0/23
91.210.167.0/24
92.118.149.0-92.118.151.255
176.126.163.0/24
185.39.30.0/24
185.237.224.0/23
185.253.44.0/22
193.162.47.0/24
IPv6:
2a0a:8c41::-2a0a:8c45:ffff:ffff:ffff:ffff:ffff:ffff
2a0a:8c47::/32
Signature Algorithm: sha256WithRSAEncryption
6f:e0:b3:73:f9:e5:fd:f6:8b:22:26:14:20:c8:57:40:f2:cb:
7b:25:d2:43:aa:6c:5d:49:4c:eb:bf:4a:80:d3:47:ca:75:7c:
be:82:7a:e7:95:f4:b3:dc:3c:64:e2:8d:32:e0:2b:d4:a1:03:
f8:6f:9b:6f:c1:62:43:3b:a7:51:6d:c1:19:19:10:3e:20:49:
6f:c0:19:1a:aa:f9:12:bc:b8:01:38:3b:8d:5c:f7:2e:40:9e:
df:2b:3a:82:af:83:e1:a4:0d:54:e4:cd:8c:0b:f4:0e:8c:f0:
62:80:8c:54:b9:71:52:2f:91:cf:08:ac:07:e0:4f:9a:dd:8e:
76:3c:7f:bd:ec:17:44:13:2c:b5:51:0d:af:f5:96:38:27:6c:
09:5e:ac:3c:0b:b8:dc:91:4b:76:f2:1a:81:fc:5f:39:ea:bd:
3c:72:e3:eb:61:3e:83:ac:b7:3b:1b:bf:63:62:fb:98:0a:f4:
2e:81:b3:ad:78:55:a2:40:02:66:bb:96:7a:26:ab:e3:a4:f4:
7e:73:af:be:d2:ab:ee:c5:ed:f4:90:06:9d:e9:4d:e7:6a:d4:
57:15:ca:1b:56:a6:ce:14:bc:c8:5b:5c:72:63:c0:05:0b:66:
76:32:5b:75:9d:97:37:ee:28:68:28:85:bc:c9:75:e3:d3:f8:
99:bd:55:8c
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYt98DU1DKRNfQAD4kSsqCMdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmY2NkZmZkYTZhNGM0ODkxNGI1ZThjZGU3ZGE1ZDgyMGI5
Yzk3MTgwHhcNMjMxMDMwMDAxNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzQ1ZDM0YmFiNTk0YTZjZjQwNDNkOWQzMmVkYjMzYTU1NzU4Mjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1LB0nztS5Fd/VBK3uU6dMFiTpaj
oVC/VLlZJRToJ+K6pVJMqoiHcnzUJ5ZppR2gjzQVUUr1xI+KhEbvJtbzeEUgRUH0
XEcSrcYYmwjFuBCqxw+yto+8pHmMoEpmQj+UlQMIjY2F12zbXx17IJcL0oqNVlhN
IafYDagoHPPYd10NoqdhMeXK/iwbRc1M/tizUTv5M09pbH1HEnBPQmQwPUS4hL5a
2oeOHWXg8AlcNdDlyzU97zWrwHZtl+BBLYrBClgEam/gGRgACxeMOp8TAO0edVE5
YB3eH7o5b4Oib4IgVWS72N3LXMD7f+Fg33xiC0y22mntCaSyjTJqh2HYfQIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFDNF00urWUps9AQ9nTLtszpVdYJ1MB8GA1UdIwQY
MBaAFG/M3/2mpMSJFLXozefaXYILnJcYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQt
YTc3NGU0MWQyNjRjLzEvTTBYVFM2dFpTbXowQkQyZE11MnpPbFYxZ25VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQtYTc3NGU0MWQyNjRj
LzEvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBKBAIAATBEAwQAW1rBAwQA
W1rDAwQBW9KkAwQAW9KnMAwDBABcdpUDBANcdpADBACwfqMDBAC5Jx4DBAG57eAD
BAK5/SwDBADBoi8wHQQCAAIwFzAOAwUAKgqMQQMFASoKjEQDBQAqCoxHMA0GCSqG
SIb3DQEBCwUAA4IBAQBv4LNz+eX99osiJhQgyFdA8st7JdJDqmxdSUzrv0qA00fK
dXy+gnrnlfSz3Dxk4o0y4CvUoQP4b5tvwWJDO6dRbcEZGRA+IElvwBkaqvkSvLgB
ODuNXPcuQJ7fKzqCr4PhpA1U5M2MC/QOjPBigIxUuXFSL5HPCKwH4E+a3Y52PH+9
7BdEEyy1UQ2v9ZY4J2wJXqw8C7jckUt28hqB/F856r08cuPrYT6DrLc7G79jYvuY
CvQugbOteFWiQAJmu5Z6JqvjpPR+c6++0qvuxe30kAad6U3natRXFcobVqbOFLzI
W1xyY8AFC2Z2Mlt1nZc37ihoKIW8yXXj0/iZvVWM
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:11:10 2025 by rpki-client