Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rb_5vUSQ0dqfYQDNuPLkmIANx34.roa
File: rb_5vUSQ0dqfYQDNuPLkmIANx34.roa (raw, json)
Hash identifier: e2PUi+4/NHvJMmu2ajt599Qjj+Cfp4SgmlfoOv90qpI=
Subject key identifier: AD:BF:F9:BD:44:90:D1:DA:9F:61:00:CD:B8:F2:E4:98:80:0D:C7:7E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189E3FC1ED9ED05BE2B0B71109F40B48E30
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rb_5vUSQ0dqfYQDNuPLkmIANx34.roa
Signing time: Fri 11 Aug 2023 09:44:58 +0000
ROA not before: Fri 11 Aug 2023 09:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.168.41.0/24 maxlen: 24
82.153.137.0/24 maxlen: 24
82.153.139.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.140.0/24 maxlen: 24
109.176.214.0/24 maxlen: 24
109.176.215.0/24 maxlen: 24
109.176.216.0/24 maxlen: 24
109.176.217.0/24 maxlen: 24
109.176.218.0/24 maxlen: 24
109.176.219.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
109.176.221.0/24 maxlen: 24
109.176.222.0/24 maxlen: 24
109.176.223.0/24 maxlen: 24
109.176.220.0/24 maxlen: 24
82.153.78.0/24 maxlen: 24
109.176.240.0/24 maxlen: 24
109.176.242.0/24 maxlen: 24
109.176.243.0/24 maxlen: 24
109.176.245.0/24 maxlen: 24
109.176.246.0/24 maxlen: 24
109.176.249.0/24 maxlen: 24
109.176.250.0/24 maxlen: 24
109.176.248.0/24 maxlen: 24
82.153.227.0/24 maxlen: 24
185.49.125.0/24 maxlen: 24
82.153.240.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
82.153.249.0/24 maxlen: 24
81.5.156.0/24 maxlen: 24
82.153.221.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
82.153.225.0/24 maxlen: 24
82.152.111.0/24 maxlen: 24
89.213.41.0/24 maxlen: 24
89.213.42.0/24 maxlen: 24
89.213.44.0/24 maxlen: 24
89.213.47.0/24 maxlen: 24
89.213.45.0/24 maxlen: 24
89.213.46.0/24 maxlen: 24
89.213.173.0/24 maxlen: 24
89.213.174.0/24 maxlen: 24
89.213.175.0/24 maxlen: 24
89.213.179.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.177.0/24 maxlen: 24
89.213.180.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.182.0/24 maxlen: 24
89.213.186.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.184.0/24 maxlen: 24
89.213.185.0/24 maxlen: 24
89.213.187.0/24 maxlen: 24
89.213.188.0/24 maxlen: 24
89.213.189.0/24 maxlen: 24
109.176.211.0/24 maxlen: 24
89.213.133.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.134.0/24 maxlen: 24
89.213.136.0/24 maxlen: 24
89.213.141.0/24 maxlen: 24
89.213.140.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.151.0/24 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.148.0/24 maxlen: 24
89.213.149.0/24 maxlen: 24
89.213.150.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.252.0/24 maxlen: 24
89.213.153.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.158.0/24 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.157.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.1.0/24 maxlen: 24
89.213.160.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.163.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.168.0/24 maxlen: 24
81.168.116.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
213.152.61.0/24 maxlen: 24
89.213.5.0/24 maxlen: 24
213.152.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e3:fc:1e:d9:ed:05:be:2b:0b:71:10:9f:40:b4:8e:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 11 09:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=adbff9bd4490d1da9f6100cdb8f2e498800dc77e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f3:47:74:fa:a3:48:07:70:a8:2c:97:5e:b5:
19:f7:ad:56:89:95:88:28:37:c8:13:bf:9a:74:c2:
74:20:8e:c1:45:36:ea:cb:76:87:b4:41:e5:1b:ce:
e6:34:2a:3c:29:7a:b7:b3:1e:c1:ae:a7:43:a0:2d:
74:b0:36:fc:86:f4:32:06:38:8b:45:57:42:d8:85:
b6:ab:a2:09:c1:b3:3e:9f:67:7e:f3:b7:73:65:20:
9f:56:84:8f:89:fc:41:5a:03:76:ff:c1:79:9d:b6:
69:7d:9a:23:47:56:f6:b1:94:79:c4:22:44:e8:8f:
6d:35:89:0c:f7:cc:7c:16:0b:38:5d:01:52:52:15:
2a:f3:e3:64:4f:6f:c4:e1:a1:27:2f:54:37:fa:a7:
e4:77:4f:85:79:16:75:32:3e:29:86:5f:53:3b:58:
25:a7:e3:88:fd:7b:0c:14:91:70:96:c0:14:b5:a1:
04:c3:78:56:df:05:5d:2a:55:c8:1e:2d:77:e7:84:
df:a1:c0:69:1d:6c:c7:a8:b0:a7:e6:3a:cf:14:18:
ef:89:33:8c:67:eb:35:8f:a0:12:84:82:00:27:17:
9b:ee:86:18:e8:60:5f:0f:a8:5e:9e:3c:e8:01:a9:
75:f6:77:05:e3:c3:91:46:52:5d:fc:4d:29:61:64:
8a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:BF:F9:BD:44:90:D1:DA:9F:61:00:CD:B8:F2:E4:98:80:0D:C7:7E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rb_5vUSQ0dqfYQDNuPLkmIANx34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.156.0/24
81.168.41.0/24
81.168.116.0/24
81.168.119.0/24
81.168.123.0/24
82.152.111.0/24
82.152.252.0/23
82.152.255.0/24
82.153.1.0/24
82.153.73.0/24
82.153.78.0/24
82.153.136.0-82.153.140.255
82.153.221.0/24
82.153.223.0/24
82.153.225.0/24
82.153.227.0/24
82.153.240.0/24
82.153.249.0/24
89.213.5.0/24
89.213.41.0-89.213.42.255
89.213.44.0/22
89.213.133.0-89.213.134.255
89.213.136.0/24
89.213.139.0-89.213.141.255
89.213.146.0/24
89.213.148.0-89.213.155.255
89.213.157.0-89.213.160.255
89.213.162.0-89.213.164.255
89.213.168.0/23
89.213.173.0-89.213.177.255
89.213.179.0-89.213.189.255
109.176.211.0/24
109.176.214.0-109.176.223.255
109.176.240.0/24
109.176.242.0/23
109.176.245.0-109.176.246.255
109.176.248.0-109.176.250.255
185.49.125.0-185.49.127.255
213.152.42.0/24
213.152.61.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:61:6c:d3:b1:02:2c:5c:d3:dc:aa:99:be:ee:fc:f5:51:df:
d6:77:c7:52:58:00:f1:4a:d3:28:cb:06:25:f1:8e:37:8a:e1:
fa:8b:96:7f:e1:04:b1:24:35:d6:ec:2b:45:70:1c:c4:63:b5:
6d:d8:8b:3e:f0:38:4f:65:4a:8d:4b:10:16:83:01:a3:cb:28:
31:aa:9c:06:3d:74:44:cd:21:b4:45:b4:7c:fe:b0:e1:12:43:
22:3e:f5:7f:cd:49:12:4e:be:3b:1a:04:a0:a5:d9:65:a7:fe:
df:80:c5:7d:6f:6c:1f:a0:4a:09:01:0e:d7:4e:66:5e:be:c8:
1b:5f:2e:e9:4f:e7:03:64:12:7d:e5:16:91:91:28:27:2b:97:
52:19:1d:76:2e:a6:ee:ad:7f:22:37:8b:27:1e:af:ee:5e:31:
69:5c:b8:e2:f3:2b:50:72:3e:9b:50:10:d7:d6:47:2b:a8:32:
2b:87:e0:b7:35:2d:6f:0c:98:9d:41:09:7c:e1:ca:33:48:11:
e3:81:ac:38:dc:b4:5a:11:88:ed:6b:2a:47:9b:92:89:3e:c1:
ca:1a:71:36:b4:83:a2:b9:e0:77:12:50:ae:91:1a:f2:c2:6e:
4d:1d:4f:e5:8f:aa:f1:bb:08:1f:ce:b2:df:43:25:eb:cd:7d:
9b:74:49:5c
-----BEGIN CERTIFICATE-----
MIIGWTCCBUGgAwIBAgISAYnj/B7Z7QW+KwtxEJ9AtI4wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODExMDk0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGJmZjliZDQ0OTBkMWRhOWY2MTAwY2RiOGYyZTQ5ODgwMGRjNzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvNHdPqjSAdwqCyXXrUZ961WiZWI
KDfIE7+adMJ0II7BRTbqy3aHtEHlG87mNCo8KXq3sx7BrqdDoC10sDb8hvQyBjiL
RVdC2IW2q6IJwbM+n2d+87dzZSCfVoSPifxBWgN2/8F5nbZpfZojR1b2sZR5xCJE
6I9tNYkM98x8Fgs4XQFSUhUq8+NkT2/E4aEnL1Q3+qfkd0+FeRZ1Mj4phl9TO1gl
p+OI/XsMFJFwlsAUtaEEw3hW3wVdKlXIHi1354TfocBpHWzHqLCn5jrPFBjviTOM
Z+s1j6AShIIAJxeb7oYY6GBfD6henjzoAal19ncF48ORRlJd/E0pYWSKEwIDAQAB
o4IDZTCCA2EwHQYDVR0OBBYEFK2/+b1EkNHan2EAzbjy5JiADcd+MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcmJfNXZVU1EwZHFmWVFETnVQTGttSUFOeDM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBeQYIKwYBBQUHAQcBAf8EggFoMIIBZDCCAWAEAgABMIIB
WAMEAFEFnAMEAFGoKQMEAFGodAMEAFGodwMEAFGoewMEAFKYbwMEAVKY/AMEAFKY
/wMEAFKZAQMEAFKZSQMEAFKZTjAMAwQDUpmIAwQAUpmMAwQAUpndAwQAUpnfAwQA
UpnhAwQAUpnjAwQAUpnwAwQAUpn5AwQAWdUFMAwDBABZ1SkDBABZ1SoDBAJZ1Sww
DAMEAFnVhQMEAFnVhgMEAFnViDAMAwQAWdWLAwQBWdWMAwQAWdWSMAwDBAJZ1ZQD
BAJZ1ZgwDAMEAFnVnQMEAFnVoDAMAwQBWdWiAwQAWdWkAwQBWdWoMAwDBABZ1a0D
BAFZ1bAwDAMEAFnVswMEAVnVvAMEAG2w0zAMAwQBbbDWAwQFbbDAAwQAbbDwAwQB
bbDyMAwDBABtsPUDBABtsPYwDAMEA22w+AMEAG2w+jAMAwQAuTF9AwQHuTEAAwQA
1ZgqAwQA1Zg9MA0GCSqGSIb3DQEBCwUAA4IBAQCiYWzTsQIsXNPcqpm+7vz1Ud/W
d8dSWADxStMoywYl8Y43iuH6i5Z/4QSxJDXW7CtFcBzEY7Vt2Is+8DhPZUqNSxAW
gwGjyygxqpwGPXREzSG0RbR8/rDhEkMiPvV/zUkSTr47GgSgpdllp/7fgMV9b2wf
oEoJAQ7XTmZevsgbXy7pT+cDZBJ95RaRkSgnK5dSGR12LqburX8iN4snHq/uXjFp
XLji8ytQcj6bUBDX1kcrqDIrh+C3NS1vDJidQQl84cozSBHjgaw43LRaEYjtaypH
m5KJPsHKGnE2tIOiueB3ElCukRrywm5NHU/lj6rxuwgfzrLfQyXrzX2bdElc
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:27:56 2025 by rpki-client