Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/o6l1zRzVLk4JkCTMUopU7tIPIec.roa
File: o6l1zRzVLk4JkCTMUopU7tIPIec.roa (raw, json)
Hash identifier: AIa9vSIWJo/6Vlw9nZiBP/u15NMXZ6DqalaTuGtHcak=
Subject key identifier: A3:A9:75:CD:1C:D5:2E:4E:09:90:24:CC:52:8A:54:EE:D2:0F:21:E7
Certificate issuer: /CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Certificate serial: 34FF4D05
Authority key identifier: 4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/o6l1zRzVLk4JkCTMUopU7tIPIec.roa
Signing time: Thu 26 May 2022 10:03:13 +0000
ROA not before: Thu 26 May 2022 10:03:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25160
IP address blocks: 185.28.240.0/22 maxlen: 24
185.120.204.0/22 maxlen: 22
82.163.192.0/19 maxlen: 24
158.41.64.0/18 maxlen: 18
193.221.128.0/19 maxlen: 24
165.65.0.0/16 maxlen: 16
206.245.192.0/20 maxlen: 24
193.0.176.0/23 maxlen: 24
206.245.224.0/19 maxlen: 24
5.10.144.0/20 maxlen: 24
91.238.221.0/24 maxlen: 24
185.237.48.0/22 maxlen: 24
194.8.254.0/23 maxlen: 24
2a00:e342::/32 maxlen: 32
2a00:e340:3::/48 maxlen: 48
2a00:e346::/32 maxlen: 32
2a00:e347::/32 maxlen: 32
2a00:e341::/32 maxlen: 32
2a00:e344::/32 maxlen: 32
2a00:e340::/32 maxlen: 32
2a00:e343::/32 maxlen: 32
2a00:e345::/32 maxlen: 32
2a00:e340::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 889146629 (0x34ff4d05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Validity
Not Before: May 26 10:03:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3a975cd1cd52e4e099024cc528a54eed20f21e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:61:a9:b6:24:aa:e7:66:12:ef:06:0f:14:16:
75:35:b6:c5:21:b3:b5:36:ac:3e:41:e8:6d:c6:37:
5c:de:36:ef:0d:6b:c6:93:4b:b4:27:c5:b6:7f:29:
61:a6:f1:96:b7:3b:0b:e0:cc:2f:1f:50:d2:6d:6d:
b5:91:af:c9:b0:e2:e6:04:4a:64:68:66:e3:1e:1c:
7d:91:dc:a3:b6:1e:09:d4:58:ec:be:5e:63:b5:00:
b0:ce:82:ea:1a:ce:f0:39:88:70:00:8b:bf:eb:d4:
c1:fc:c1:67:26:76:03:af:dd:e9:2a:90:29:5d:48:
f0:bf:eb:3f:12:02:e4:c8:65:17:df:b1:2d:d0:63:
f4:dc:db:cf:d9:8e:01:21:c2:aa:23:c9:e1:5c:fd:
28:ce:d5:1d:aa:36:a7:bb:6a:58:41:18:da:91:f4:
59:27:1d:bb:27:bb:0a:b5:80:d9:22:ea:84:37:0d:
20:80:04:69:42:ab:4c:33:aa:62:d0:b0:fe:b4:3c:
b8:43:ed:55:a4:9d:c9:70:36:c2:12:0e:0c:55:78:
61:31:92:41:bd:0b:be:0b:f4:ba:6c:eb:18:de:f6:
6c:69:69:33:a7:23:3a:8c:25:18:d2:1b:6c:e1:c2:
52:7a:9e:c7:2a:6e:2c:04:83:5b:bd:28:17:e2:76:
91:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:A9:75:CD:1C:D5:2E:4E:09:90:24:CC:52:8A:54:EE:D2:0F:21:E7
X509v3 Authority Key Identifier:
keyid:4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/o6l1zRzVLk4JkCTMUopU7tIPIec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.144.0/20
82.163.192.0/19
91.238.221.0/24
158.41.64.0/18
165.65.0.0/16
185.28.240.0/22
185.120.204.0/22
185.237.48.0/22
193.0.176.0/23
193.221.128.0/19
194.8.254.0/23
206.245.192.0/20
206.245.224.0/19
IPv6:
2a00:e340::/29
Signature Algorithm: sha256WithRSAEncryption
a7:18:83:d8:f2:e7:f3:da:55:39:ed:7d:70:4a:8d:63:39:c7:
71:6b:08:be:ef:d6:be:6d:f6:c4:f8:f7:dd:f7:16:a4:9c:99:
53:7a:3c:8a:e2:c6:7c:e0:22:68:1c:1b:97:02:7d:52:81:06:
0e:f0:7b:95:c9:26:5d:ec:c1:0a:13:31:98:e2:c1:40:e9:5d:
61:44:7c:d7:3f:17:71:44:28:b9:1c:31:57:87:88:ad:b5:4a:
ba:b9:9b:50:78:af:b3:89:67:6f:9e:22:07:65:0d:47:3c:0d:
3e:8e:b8:34:12:8a:39:46:a6:dd:06:c1:95:11:fa:bd:9c:80:
e8:16:c2:b4:10:ec:ef:43:78:32:c6:45:b2:07:d0:b4:f0:d4:
f9:2a:65:0d:f5:3f:03:e6:29:cd:42:27:90:e4:9f:40:7f:31:
10:b6:44:ab:24:38:1c:87:27:0a:36:c9:8d:b2:06:07:cb:9b:
29:98:e4:2e:ca:4a:af:4d:65:fa:9d:a3:50:55:9a:c8:5c:e8:
5c:0d:f3:66:dc:a9:a3:98:c0:87:f6:5b:7c:c9:7f:8b:29:1e:
72:49:cb:91:0a:77:1a:3b:c6:60:f3:2c:38:19:4b:26:f2:c8:
a8:8c:96:bf:27:9c:1a:f7:e5:cb:12:8a:bf:cd:df:64:b0:f1:
de:a2:59:29
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIENP9NBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZWU4NDNhODVkZDY2NGU5ZGMwMzEwODkyYmQ3ZGQ5Y2U1MjU5MWM3MB4XDTIyMDUy
NjEwMDMxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTNhOTc1Y2QxY2Q1
MmU0ZTA5OTAyNGNjNTI4YTU0ZWVkMjBmMjFlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJhqbYkqudmEu8GDxQWdTW2xSGztTasPkHobcY3XN427w1r
xpNLtCfFtn8pYabxlrc7C+DMLx9Q0m1ttZGvybDi5gRKZGhm4x4cfZHco7YeCdRY
7L5eY7UAsM6C6hrO8DmIcACLv+vUwfzBZyZ2A6/d6SqQKV1I8L/rPxIC5MhlF9+x
LdBj9Nzbz9mOASHCqiPJ4Vz9KM7VHao2p7tqWEEY2pH0WScduye7CrWA2SLqhDcN
IIAEaUKrTDOqYtCw/rQ8uEPtVaSdyXA2whIODFV4YTGSQb0Lvgv0umzrGN72bGlp
M6cjOowlGNIbbOHCUnqexypuLASDW70oF+J2kecCAwEAAaOCAl8wggJbMB0GA1Ud
DgQWBBSjqXXNHNUuTgmQJMxSilTu0g8h5zAfBgNVHSMEGDAWgBRO6EOoXdZk6dwD
EIkr192c5SWRxzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1R1aERxRjNXWk9uY0F4Q0pLOWZkbk9VbGtjYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvYWRhZDIwLWM1MTItNGZiMC1hMTI3LTQ4Y2Y0MTJiMzg3Yi8x
L282bDF6UnpWTGs0SmtDVE1Vb3BVN3RJUEllYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
YWRhZDIwLWM1MTItNGZiMC1hMTI3LTQ4Y2Y0MTJiMzg3Yi8xL1R1aERxRjNXWk9u
Y0F4Q0pLOWZkbk9VbGtjYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB1
BggrBgEFBQcBBwEB/wRmMGQwUwQCAAEwTQMEBAUKkAMEBVKjwAMEAFvu3QMEBp4p
QAMDAKVBAwQCuRzwAwQCuXjMAwQCue0wAwQBwQCwAwQFwd2AAwQBwgj+AwQEzvXA
AwQFzvXgMA0EAgACMAcDBQMqAONAMA0GCSqGSIb3DQEBCwUAA4IBAQCnGIPY8ufz
2lU57X1wSo1jOcdxawi+79a+bfbE+Pfd9xaknJlTejyK4sZ84CJoHBuXAn1SgQYO
8HuVySZd7MEKEzGY4sFA6V1hRHzXPxdxRCi5HDFXh4ittUq6uZtQeK+ziWdvniIH
ZQ1HPA0+jrg0Eoo5RqbdBsGVEfq9nIDoFsK0EOzvQ3gyxkWyB9C08NT5KmUN9T8D
5inNQieQ5J9AfzEQtkSrJDgchycKNsmNsgYHy5spmOQuykqvTWX6naNQVZrIXOhc
DfNm3KmjmMCH9lt8yX+LKR5yScuRCncaO8Zg8yw4GUsm8siojJa/J5wa9+XLEoq/
zd9ksPHeolkp
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:12:53 2025 by rpki-client