Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/Y8JdUvVg-HmVfN9dxXg9mMEgPtk.roa
File: Y8JdUvVg-HmVfN9dxXg9mMEgPtk.roa (raw, json)
Hash identifier: 6YTlttruJ3oiOxL0GkO63FmcrO44E6AGk2bAq6d4xCU=
Subject key identifier: 63:C2:5D:52:F5:60:F8:79:95:7C:DF:5D:C5:78:3D:98:C1:20:3E:D9
Certificate issuer: /CN=cfeace714c29568ef197007b141d12758cc415d5
Certificate serial: 018A2662E19B24BECC7C292E226AE204E9CC
Authority key identifier: CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/Y8JdUvVg-HmVfN9dxXg9mMEgPtk.roa
Signing time: Thu 24 Aug 2023 07:12:08 +0000
ROA not before: Thu 24 Aug 2023 07:12:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57829
IP address blocks: 185.57.168.0/22 maxlen: 24
185.56.212.0/22 maxlen: 24
193.138.74.0/24 maxlen: 24
193.41.118.0/23 maxlen: 24
195.78.37.0/24 maxlen: 24
195.78.36.0/24 maxlen: 24
185.114.104.0/22 maxlen: 24
188.65.152.0/21 maxlen: 24
193.254.192.0/23 maxlen: 24
81.201.208.0/20 maxlen: 24
45.137.208.0/22 maxlen: 24
2a0b:fd80::/32 maxlen: 48
2a02:5120::/32 maxlen: 48
2a00:e900::/29 maxlen: 48
2a01:4400::/32 maxlen: 48
2a0b:fd82::/32 maxlen: 48
2a0b:fd81::/32 maxlen: 48
2a0b:fd87::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:26:62:e1:9b:24:be:cc:7c:29:2e:22:6a:e2:04:e9:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfeace714c29568ef197007b141d12758cc415d5
Validity
Not Before: Aug 24 07:12:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63c25d52f560f879957cdf5dc5783d98c1203ed9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:99:1e:be:40:c9:70:58:a3:c8:20:9c:c3:4e:
55:f8:f0:a6:65:a8:d1:7f:86:10:56:71:e8:b3:22:
fa:8c:d9:95:69:4f:ec:1f:42:06:18:fc:e8:f3:8c:
a6:a4:18:5b:d0:69:0e:53:4e:95:b9:84:e2:e2:13:
50:f1:3c:ae:63:cf:24:31:3b:94:34:36:1a:04:3d:
f3:a3:85:fe:17:e7:6b:ff:45:5f:b5:0f:ef:51:d2:
e0:f7:bd:65:bb:1e:74:3f:8b:79:53:b7:1c:25:aa:
86:df:21:ee:58:0b:fa:f6:06:79:08:e4:b2:f8:e6:
21:a8:51:44:ae:0d:a5:59:95:4e:75:a5:11:a3:6d:
32:57:24:02:80:be:0a:b0:52:9b:b1:fc:ce:84:80:
4f:2e:cf:c4:1b:6b:b7:11:f4:36:23:2c:cc:5e:9e:
80:73:5e:83:97:3c:22:60:23:e4:fa:5d:fd:c1:42:
2a:3f:25:f5:44:68:c6:1b:66:2a:12:0f:42:74:8e:
eb:25:75:66:9e:6f:c9:37:1d:a5:7d:11:fe:b8:6c:
f5:0e:5f:56:0f:c6:bf:eb:2a:f7:fa:7a:d0:e8:88:
6d:53:00:cc:46:f9:24:df:2b:fa:51:06:c8:db:2e:
6e:fd:9f:b2:64:cf:67:06:bb:8b:34:da:9d:90:97:
84:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:C2:5D:52:F5:60:F8:79:95:7C:DF:5D:C5:78:3D:98:C1:20:3E:D9
X509v3 Authority Key Identifier:
keyid:CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/Y8JdUvVg-HmVfN9dxXg9mMEgPtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.208.0/22
81.201.208.0/20
185.56.212.0/22
185.57.168.0/22
185.114.104.0/22
188.65.152.0/21
193.41.118.0/23
193.138.74.0/24
193.254.192.0/23
195.78.36.0/23
IPv6:
2a00:e900::/29
2a01:4400::/32
2a02:5120::/32
2a0b:fd80::-2a0b:fd82:ffff:ffff:ffff:ffff:ffff:ffff
2a0b:fd87::/32
Signature Algorithm: sha256WithRSAEncryption
64:20:81:d9:47:3e:9c:eb:32:47:c6:66:8b:54:1c:b0:ee:72:
91:4f:e9:33:f4:bf:cc:23:9d:30:57:6f:cb:1b:b4:7e:7b:4c:
1f:e7:e1:e8:45:b1:20:ec:2e:cc:ea:e2:31:76:0a:61:c8:10:
37:86:49:92:8a:22:c7:1b:8b:88:fb:6f:21:53:ae:0b:14:95:
f9:f8:2e:3b:c2:a1:79:51:c1:03:15:4a:b3:73:29:4c:85:aa:
17:df:14:23:08:c4:0c:5d:d8:fb:f6:07:bc:a8:0c:b4:a7:8f:
59:b9:66:33:b2:e7:d4:3c:7e:d0:36:82:e4:d3:89:fb:9a:d8:
a3:3c:be:d6:7c:d4:40:0c:98:6d:fc:52:9d:ef:c3:4a:15:d9:
ed:ff:66:68:38:c0:e0:9c:29:bb:c3:cd:d2:50:e8:da:db:53:
30:6d:82:ef:5e:6e:c0:ba:e3:c9:37:00:0f:5c:de:18:de:cf:
f3:1c:87:0f:20:2b:2b:79:ff:1c:44:b5:87:b7:e4:65:f2:fb:
7e:ae:35:b2:49:14:7f:a8:2f:f6:d7:76:5e:bc:65:16:27:87:
d4:53:6b:29:ad:16:20:48:fe:a2:3e:79:6c:a7:25:56:2e:52:
70:1d:f9:dc:bb:b3:67:b4:97:c5:af:7b:d5:3d:a6:bf:80:73:
3d:c3:30:59
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYomYuGbJL7MfCkuImriBOnMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWFjZTcxNGMyOTU2OGVmMTk3MDA3YjE0MWQxMjc1OGNj
NDE1ZDUwHhcNMjMwODI0MDcxMjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2MyNWQ1MmY1NjBmODc5OTU3Y2RmNWRjNTc4M2Q5OGMxMjAzZWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZkevkDJcFijyCCcw05V+PCmZajR
f4YQVnHosyL6jNmVaU/sH0IGGPzo84ympBhb0GkOU06VuYTi4hNQ8TyuY88kMTuU
NDYaBD3zo4X+F+dr/0VftQ/vUdLg971lux50P4t5U7ccJaqG3yHuWAv69gZ5COSy
+OYhqFFErg2lWZVOdaURo20yVyQCgL4KsFKbsfzOhIBPLs/EG2u3EfQ2IyzMXp6A
c16DlzwiYCPk+l39wUIqPyX1RGjGG2YqEg9CdI7rJXVmnm/JNx2lfRH+uGz1Dl9W
D8a/6yr3+nrQ6IhtUwDMRvkk3yv6UQbI2y5u/Z+yZM9nBruLNNqdkJeE6wIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFGPCXVL1YPh5lXzfXcV4PZjBID7ZMB8GA1UdIwQY
MBaAFM/qznFMKVaO8ZcAexQdEnWMxBXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMt
OGZkMzk0YjUzNTdjLzEvWThKZFV2VmctSG1WZk45ZHhYZzltTUVnUHRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMtOGZkMzk0YjUzNTdj
LzEvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwQgQCAAEwPAMEAi2J0AME
BFHJ0AMEArk41AMEArk5qAMEArlyaAMEA7xBmAMEAcEpdgMEAMGKSgMEAcH+wAME
AcNOJDAyBAIAAjAsAwUDKgDpAAMFACoBRAADBQAqAlEgMA4DBQcqC/2AAwUAKgv9
ggMFACoL/YcwDQYJKoZIhvcNAQELBQADggEBAGQggdlHPpzrMkfGZotUHLDucpFP
6TP0v8wjnTBXb8sbtH57TB/n4ehFsSDsLszq4jF2CmHIEDeGSZKKIscbi4j7byFT
rgsUlfn4LjvCoXlRwQMVSrNzKUyFqhffFCMIxAxd2Pv2B7yoDLSnj1m5ZjOy59Q8
ftA2guTTifua2KM8vtZ81EAMmG38Up3vw0oV2e3/Zmg4wOCcKbvDzdJQ6NrbUzBt
gu9ebsC648k3AA9c3hjez/Mchw8gKyt5/xxEtYe35GXy+36uNbJJFH+oL/bXdl68
ZRYnh9RTaymtFiBI/qI+eWynJVYuUnAd+dy7s2e0l8Wve9U9pr+Acz3DMFk=
-----END CERTIFICATE-----
Generated at Wed May 7 18:07:19 2025 by rpki-client