Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/X1heP8yMb2Mo7XgGjGkR9OUZRj8.roa
File: X1heP8yMb2Mo7XgGjGkR9OUZRj8.roa (raw, json)
Hash identifier: 2f7U8zJu7ZqImE8c2p9I3BYqs3XuDpu5EZ6wZaDkFK8=
Subject key identifier: 5F:58:5E:3F:CC:8C:6F:63:28:ED:78:06:8C:69:11:F4:E5:19:46:3F
Certificate issuer: /CN=1795ac843cd8ba90188f7313652bb561299b296f
Certificate serial: 0189FD13011FF94BEF0A934BC8ACFC1C796B
Authority key identifier: 17:95:AC:84:3C:D8:BA:90:18:8F:73:13:65:2B:B5:61:29:9B:29:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5WshDzYupAYj3MTZSu1YSmbKW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/X1heP8yMb2Mo7XgGjGkR9OUZRj8.roa
Signing time: Wed 16 Aug 2023 06:40:28 +0000
ROA not before: Wed 16 Aug 2023 06:40:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31313
IP address blocks: 213.177.16.0/21 maxlen: 32
213.177.24.0/21 maxlen: 32
93.113.29.0/24 maxlen: 32
203.25.143.0/24 maxlen: 32
89.42.116.0/23 maxlen: 32
193.151.28.0/22 maxlen: 32
89.35.192.0/24 maxlen: 32
91.235.4.0/23 maxlen: 32
213.177.0.0/21 maxlen: 32
86.105.108.0/22 maxlen: 32
213.177.8.0/21 maxlen: 32
193.169.21.0/24 maxlen: 32
89.41.56.0/23 maxlen: 32
89.43.190.0/23 maxlen: 32
195.242.244.0/22 maxlen: 32
89.200.246.0/23 maxlen: 32
89.200.247.0/24 maxlen: 32
86.105.216.0/22 maxlen: 32
2a00:5dc0::/29 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fd:13:01:1f:f9:4b:ef:0a:93:4b:c8:ac:fc:1c:79:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1795ac843cd8ba90188f7313652bb561299b296f
Validity
Not Before: Aug 16 06:40:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f585e3fcc8c6f6328ed78068c6911f4e519463f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c0:ff:27:b4:bc:99:8c:f8:49:85:1f:d7:7e:
b6:af:8e:72:27:37:0e:5b:7f:5d:f4:b4:8a:6c:b7:
da:32:69:54:51:f9:56:01:c0:c0:b5:c7:dc:2b:e3:
2f:ce:04:ed:0d:bc:4b:8d:a8:08:5b:e6:22:c7:b5:
18:ff:cd:da:56:ff:c9:81:35:7e:67:d5:78:0f:41:
5b:24:46:17:53:80:50:f3:0b:fc:f5:20:24:bf:a9:
0b:87:b7:ca:94:bf:b1:67:2c:81:b6:29:98:dc:b3:
74:50:ba:5c:be:a2:2f:29:33:56:b0:01:7a:94:44:
f7:1d:b5:11:fa:aa:70:26:ea:f8:b0:dd:4e:1d:dc:
a8:f5:0f:45:f5:88:37:59:ce:d2:f8:3e:77:00:42:
e8:14:97:60:fa:69:9a:ba:39:52:56:aa:90:c1:79:
99:07:5c:35:af:5e:69:89:83:68:0e:c6:54:c0:1c:
79:8b:45:6d:0c:f0:9d:4a:72:21:6b:18:0e:73:ed:
23:e5:a1:6c:ef:c5:17:6d:32:d4:f4:e7:c8:52:7d:
99:a8:f9:b4:cd:b1:30:d8:6a:09:47:29:d8:a8:c5:
b6:90:55:73:d1:ff:21:a9:5d:10:ec:8b:cf:bc:18:
42:f9:b1:4c:79:4f:02:25:76:89:cf:fd:fa:5f:5c:
7d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:58:5E:3F:CC:8C:6F:63:28:ED:78:06:8C:69:11:F4:E5:19:46:3F
X509v3 Authority Key Identifier:
keyid:17:95:AC:84:3C:D8:BA:90:18:8F:73:13:65:2B:B5:61:29:9B:29:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5WshDzYupAYj3MTZSu1YSmbKW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/X1heP8yMb2Mo7XgGjGkR9OUZRj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/F5WshDzYupAYj3MTZSu1YSmbKW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.108.0/22
86.105.216.0/22
89.35.192.0/24
89.41.56.0/23
89.42.116.0/23
89.43.190.0/23
89.200.246.0/23
91.235.4.0/23
93.113.29.0/24
193.151.28.0/22
193.169.21.0/24
195.242.244.0/22
203.25.143.0/24
213.177.0.0/19
IPv6:
2a00:5dc0::/29
Signature Algorithm: sha256WithRSAEncryption
2f:77:65:22:e1:a5:06:53:0b:18:cb:d7:cc:00:72:27:84:45:
6a:cd:04:ce:a8:aa:55:16:6b:6b:72:35:e3:46:45:c6:28:8e:
b7:b6:5e:0f:af:d8:a5:85:dc:62:ad:84:17:fe:c0:d3:5b:d5:
b0:ae:6b:32:5c:d5:86:2e:71:7a:4f:cf:75:27:f6:5e:8e:34:
c9:79:a4:f4:99:21:45:97:f0:ef:ea:0b:07:4e:b8:10:82:70:
1a:1d:fc:e3:01:0a:16:1b:e7:84:d1:ba:e7:59:17:f5:4c:26:
64:30:57:82:33:3c:e7:d6:6b:9c:9f:39:af:10:a7:ff:71:c2:
12:2e:95:db:de:ba:05:c0:a0:8f:79:fa:d8:4e:be:f6:a3:ed:
ed:db:6e:be:3f:7b:7a:86:cb:26:a6:44:93:5d:f4:7f:3f:8a:
4b:a0:af:ef:be:5e:e7:42:69:dc:4f:51:1e:ec:83:10:77:47:
20:7d:99:e5:f3:c7:3a:70:18:51:1e:99:96:cc:a2:7f:9a:36:
51:ac:30:bb:9d:a8:76:2e:5b:af:bc:25:7f:c2:3c:9d:7f:d4:
3c:8b:7c:a7:ea:55:3d:08:0f:e3:19:ba:b4:bc:86:b4:a4:01:
32:8d:39:bb:28:26:1d:ca:97:78:23:ef:26:ee:6d:63:7a:ca:
ab:d2:3a:db
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYn9EwEf+UvvCpNLyKz8HHlrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTVhYzg0M2NkOGJhOTAxODhmNzMxMzY1MmJiNTYxMjk5
YjI5NmYwHhcNMjMwODE2MDY0MDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjU4NWUzZmNjOGM2ZjYzMjhlZDc4MDY4YzY5MTFmNGU1MTk0NjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMD/J7S8mYz4SYUf1362r45yJzcO
W39d9LSKbLfaMmlUUflWAcDAtcfcK+MvzgTtDbxLjagIW+Yix7UY/83aVv/JgTV+
Z9V4D0FbJEYXU4BQ8wv89SAkv6kLh7fKlL+xZyyBtimY3LN0ULpcvqIvKTNWsAF6
lET3HbUR+qpwJur4sN1OHdyo9Q9F9Yg3Wc7S+D53AELoFJdg+mmaujlSVqqQwXmZ
B1w1r15piYNoDsZUwBx5i0VtDPCdSnIhaxgOc+0j5aFs78UXbTLU9OfIUn2ZqPm0
zbEw2GoJRynYqMW2kFVz0f8hqV0Q7IvPvBhC+bFMeU8CJXaJz/36X1x9BQIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFF9YXj/MjG9jKO14BoxpEfTlGUY/MB8GA1UdIwQY
MBaAFBeVrIQ82LqQGI9zE2UrtWEpmylvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVXc2hEell1cEFZajNNVFpTdTFZU21iS1c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS82NjgzZjQtM2VlYy00ZGNiLTg3ODct
NzMxYWJjNmY3NWNhLzEvWDFoZVA4eU1iMk1vN1hnR2pHa1I5T1VaUmo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS82NjgzZjQtM2VlYy00ZGNiLTg3ODctNzMxYWJjNmY3NWNh
LzEvRjVXc2hEell1cEFZajNNVFpTdTFZU21iS1c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQCVmlsAwQC
VmnYAwQAWSPAAwQBWSk4AwQBWSp0AwQBWSu+AwQBWcj2AwQBW+sEAwQAXXEdAwQC
wZccAwQAwakVAwQCw/L0AwQAyxmPAwQF1bEAMA0EAgACMAcDBQMqAF3AMA0GCSqG
SIb3DQEBCwUAA4IBAQAvd2Ui4aUGUwsYy9fMAHInhEVqzQTOqKpVFmtrcjXjRkXG
KI63tl4Pr9ilhdxirYQX/sDTW9WwrmsyXNWGLnF6T891J/ZejjTJeaT0mSFFl/Dv
6gsHTrgQgnAaHfzjAQoWG+eE0brnWRf1TCZkMFeCMzzn1mucnzmvEKf/ccISLpXb
3roFwKCPefrYTr72o+3t226+P3t6hssmpkSTXfR/P4pLoK/vvl7nQmncT1Ee7IMQ
d0cgfZnl88c6cBhRHpmWzKJ/mjZRrDC7nah2LluvvCV/wjydf9Q8i3yn6lU9CA/j
Gbq0vIa0pAEyjTm7KCYdypd4I+8m7m1jesqr0jrb
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:20 2025 by rpki-client