Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/N60fq6tGNS7nN2TGRPJ5VfD3xKE.roa
File: N60fq6tGNS7nN2TGRPJ5VfD3xKE.roa (raw, json)
Hash identifier: SG0IO9klxGC7h1zOHJSC4Emgyt3dTP3VwPx8wt9Wa2E=
Subject key identifier: 37:AD:1F:AB:AB:46:35:2E:E7:37:64:C6:44:F2:79:55:F0:F7:C4:A1
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189CF8BE09D3611CCA01FA1686C0B85C7BA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/N60fq6tGNS7nN2TGRPJ5VfD3xKE.roa
Signing time: Mon 07 Aug 2023 10:29:57 +0000
ROA not before: Mon 07 Aug 2023 10:29:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.168.41.0/24 maxlen: 24
82.153.137.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.140.0/24 maxlen: 24
109.176.214.0/24 maxlen: 24
109.176.215.0/24 maxlen: 24
109.176.216.0/24 maxlen: 24
109.176.218.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
109.176.220.0/24 maxlen: 24
82.153.78.0/24 maxlen: 24
109.176.240.0/24 maxlen: 24
109.176.242.0/24 maxlen: 24
109.176.243.0/24 maxlen: 24
109.176.250.0/24 maxlen: 24
109.176.251.0/24 maxlen: 24
109.176.247.0/24 maxlen: 24
109.176.248.0/24 maxlen: 24
82.153.227.0/24 maxlen: 24
185.49.125.0/24 maxlen: 24
82.153.240.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
82.153.249.0/24 maxlen: 24
81.5.156.0/24 maxlen: 24
82.153.221.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
82.152.111.0/24 maxlen: 24
89.213.41.0/24 maxlen: 24
89.213.42.0/24 maxlen: 24
89.213.44.0/24 maxlen: 24
89.213.173.0/24 maxlen: 24
89.213.175.0/24 maxlen: 24
89.213.179.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.177.0/24 maxlen: 24
89.213.180.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.182.0/24 maxlen: 24
89.213.186.0/24 maxlen: 24
89.213.184.0/24 maxlen: 24
89.213.185.0/24 maxlen: 24
89.213.187.0/24 maxlen: 24
109.176.211.0/24 maxlen: 24
109.176.213.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.136.0/24 maxlen: 24
89.213.140.0/24 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.148.0/24 maxlen: 24
89.213.149.0/24 maxlen: 24
89.213.150.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.252.0/24 maxlen: 24
89.213.158.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/24 maxlen: 24
89.213.157.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.1.0/24 maxlen: 24
89.213.160.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.163.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.168.0/24 maxlen: 24
81.168.116.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
89.213.7.0/24 maxlen: 24
213.152.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cf:8b:e0:9d:36:11:cc:a0:1f:a1:68:6c:0b:85:c7:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 7 10:29:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37ad1fabab46352ee73764c644f27955f0f7c4a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a9:b2:31:0b:1a:1e:81:5c:54:e3:5a:0f:1e:
eb:c5:82:2c:ab:ff:6b:76:cd:47:ed:98:34:49:cc:
9f:57:0f:cf:4d:20:b8:f2:d3:b8:c3:10:c4:dd:19:
48:3c:98:48:06:b5:64:26:e6:40:60:0c:06:0c:ee:
57:12:ae:26:44:c4:f3:ee:97:f8:1c:67:b5:2d:dd:
cf:aa:0f:cc:37:11:41:bb:e0:41:34:92:ed:e0:1c:
3d:b4:93:0d:16:c7:5e:15:36:50:6e:d9:24:34:d6:
c2:43:a9:a0:e9:d9:ed:7e:c5:fc:a7:22:41:e9:5a:
37:4b:c0:07:3b:05:bb:c5:f1:b1:13:37:26:63:89:
19:b1:58:de:72:72:f6:e8:ac:78:86:7b:0d:35:30:
ce:88:af:64:f8:bb:6e:15:7b:be:1b:8f:bc:3a:92:
99:0d:42:30:ce:96:37:12:60:9e:ca:68:64:2b:03:
74:d0:16:07:8b:64:c8:f0:bf:6b:6e:e5:86:e8:d4:
6a:3f:d0:34:94:ed:47:e0:4d:0f:1c:22:6b:27:71:
73:51:ad:99:83:0d:2e:38:ed:04:8b:1e:c7:33:93:
df:db:39:92:f1:88:b3:7f:d2:91:20:1b:be:18:e2:
e2:1b:5b:95:13:e3:a0:cd:48:4a:c8:72:43:60:19:
7f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:AD:1F:AB:AB:46:35:2E:E7:37:64:C6:44:F2:79:55:F0:F7:C4:A1
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/N60fq6tGNS7nN2TGRPJ5VfD3xKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.156.0/24
81.168.41.0/24
81.168.116.0/24
81.168.119.0/24
81.168.123.0/24
82.152.111.0/24
82.152.252.0/23
82.152.255.0/24
82.153.1.0/24
82.153.73.0/24
82.153.78.0/24
82.153.136.0-82.153.140.255
82.153.221.0/24
82.153.223.0/24
82.153.227.0/24
82.153.240.0/24
82.153.249.0/24
89.213.7.0/24
89.213.41.0-89.213.42.255
89.213.44.0/24
89.213.136.0/24
89.213.139.0-89.213.140.255
89.213.148.0-89.213.150.255
89.213.152.0/24
89.213.155.0-89.213.158.255
89.213.160.0/24
89.213.162.0/23
89.213.168.0/23
89.213.173.0/24
89.213.175.0-89.213.177.255
89.213.179.0-89.213.182.255
89.213.184.0/22
109.176.211.0/24
109.176.213.0-109.176.216.255
109.176.218.0/24
109.176.220.0/24
109.176.240.0/24
109.176.242.0/23
109.176.247.0-109.176.248.255
109.176.250.0/23
185.49.125.0-185.49.127.255
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
98:a4:9d:8c:3d:2d:d1:61:ab:6a:2a:98:f4:72:15:4b:7b:a2:
4b:8f:c7:17:6d:ed:26:e0:d6:95:aa:b5:35:d3:ee:94:0c:be:
18:0c:dc:93:6a:56:9f:2d:5c:7b:5d:b5:3a:2b:88:84:b3:ae:
2f:ec:00:23:51:21:f0:2f:b5:39:f8:fd:fd:7a:3d:78:c1:30:
05:2f:62:9c:f4:4b:5f:90:f4:74:87:e5:72:f0:90:9d:2d:f9:
cb:d1:b1:d0:18:13:e9:83:20:71:41:68:9e:b2:6a:a3:ce:a2:
75:78:2d:c9:7d:af:ee:80:f0:16:19:75:f8:44:89:30:ed:a5:
ad:d5:c6:cc:05:9b:7a:3d:ca:7b:26:67:85:74:6b:e6:7b:da:
fe:54:ec:77:16:74:4e:3d:b5:a8:c9:64:6c:13:c7:13:e0:a3:
14:66:aa:42:0f:18:4e:37:38:9e:20:dd:85:c1:c9:41:b9:ca:
80:4e:36:b6:6d:a4:4f:c8:32:1f:32:ef:3a:8b:16:25:15:55:
e4:54:63:a8:bb:33:68:55:f4:e2:3d:14:ca:05:21:17:15:0b:
21:68:66:f6:a1:5b:f3:36:11:de:e5:1d:0b:e3:6a:0a:10:7e:
5c:32:f3:98:5a:96:2b:03:2c:95:ac:5f:9d:50:4b:a0:ea:a0:
1c:23:89:e3
-----BEGIN CERTIFICATE-----
MIIGTTCCBTWgAwIBAgISAYnPi+CdNhHMoB+haGwLhce6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODA3MTAyOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2FkMWZhYmFiNDYzNTJlZTczNzY0YzY0NGYyNzk1NWYwZjdjNGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6myMQsaHoFcVONaDx7rxYIsq/9r
ds1H7Zg0ScyfVw/PTSC48tO4wxDE3RlIPJhIBrVkJuZAYAwGDO5XEq4mRMTz7pf4
HGe1Ld3Pqg/MNxFBu+BBNJLt4Bw9tJMNFsdeFTZQbtkkNNbCQ6mg6dntfsX8pyJB
6Vo3S8AHOwW7xfGxEzcmY4kZsVjecnL26Kx4hnsNNTDOiK9k+LtuFXu+G4+8OpKZ
DUIwzpY3EmCeymhkKwN00BYHi2TI8L9rbuWG6NRqP9A0lO1H4E0PHCJrJ3FzUa2Z
gw0uOO0Eix7HM5Pf2zmS8Yizf9KRIBu+GOLiG1uVE+OgzUhKyHJDYBl/0QIDAQAB
o4IDWTCCA1UwHQYDVR0OBBYEFDetH6urRjUu5zdkxkTyeVXw98ShMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTjYwZnE2dEdOUzduTjJUR1JQSjVWZkQzeEtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbQYIKwYBBQUHAQcBAf8EggFcMIIBWDCCAVQEAgABMIIB
TAMEAFEFnAMEAFGoKQMEAFGodAMEAFGodwMEAFGoewMEAFKYbwMEAVKY/AMEAFKY
/wMEAFKZAQMEAFKZSQMEAFKZTjAMAwQDUpmIAwQAUpmMAwQAUpndAwQAUpnfAwQA
UpnjAwQAUpnwAwQAUpn5AwQAWdUHMAwDBABZ1SkDBABZ1SoDBABZ1SwDBABZ1Ygw
DAMEAFnViwMEAFnVjDAMAwQCWdWUAwQAWdWWAwQAWdWYMAwDBABZ1ZsDBABZ1Z4D
BABZ1aADBAFZ1aIDBAFZ1agDBABZ1a0wDAMEAFnVrwMEAVnVsDAMAwQAWdWzAwQA
WdW2AwQCWdW4AwQAbbDTMAwDBABtsNUDBABtsNgDBABtsNoDBABtsNwDBABtsPAD
BAFtsPIwDAMEAG2w9wMEAG2w+AMEAW2w+jAMAwQAuTF9AwQHuTEAAwQA1ZgqMA0G
CSqGSIb3DQEBCwUAA4IBAQCYpJ2MPS3RYatqKpj0chVLe6JLj8cXbe0m4NaVqrU1
0+6UDL4YDNyTalafLVx7XbU6K4iEs64v7AAjUSHwL7U5+P39ej14wTAFL2Kc9Etf
kPR0h+Vy8JCdLfnL0bHQGBPpgyBxQWiesmqjzqJ1eC3Jfa/ugPAWGXX4RIkw7aWt
1cbMBZt6Pcp7JmeFdGvme9r+VOx3FnROPbWoyWRsE8cT4KMUZqpCDxhONzieIN2F
wclBucqATja2baRPyDIfMu86ixYlFVXkVGOouzNoVfTiPRTKBSEXFQshaGb2oVvz
NhHe5R0L42oKEH5cMvOYWpYrAyyVrF+dUEug6qAcI4nj
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:09:02 2025 by rpki-client