Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/ABZk4zmIv86pgjxZVn6YODrlyvY.roa
File: ABZk4zmIv86pgjxZVn6YODrlyvY.roa (raw, json)
Hash identifier: ikNIz3PSWme8Ku4JhkkwaX0GIw280EC1K9y3FeHiEOM=
Subject key identifier: 00:16:64:E3:39:88:BF:CE:A9:82:3C:59:56:7E:98:38:3A:E5:CA:F6
Certificate issuer: /CN=50f2d6b21660fad1f60e2df9d0bd7c6ccf95c311
Certificate serial: 018C7CE97E212F892AAEF50A3E38ED6B1F95
Authority key identifier: 50:F2:D6:B2:16:60:FA:D1:F6:0E:2D:F9:D0:BD:7C:6C:CF:95:C3:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UPLWshZg-tH2Di350L18bM-VwxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/ABZk4zmIv86pgjxZVn6YODrlyvY.roa
Signing time: Mon 18 Dec 2023 12:32:06 +0000
ROA not before: Mon 18 Dec 2023 12:32:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41722
IP address blocks: 185.174.165.0/24 maxlen: 24
185.174.166.0/24 maxlen: 24
185.174.167.0/24 maxlen: 24
91.142.80.0/24 maxlen: 24
91.142.83.0/24 maxlen: 24
91.142.84.0/24 maxlen: 24
91.142.81.0/24 maxlen: 24
91.142.82.0/24 maxlen: 24
91.142.85.0/24 maxlen: 24
91.142.87.0/24 maxlen: 24
185.53.20.0/24 maxlen: 24
91.142.86.0/24 maxlen: 24
91.142.90.0/24 maxlen: 24
185.53.23.0/24 maxlen: 24
185.53.22.0/24 maxlen: 24
91.142.91.0/24 maxlen: 24
91.142.88.0/24 maxlen: 24
185.53.21.0/24 maxlen: 24
91.142.89.0/24 maxlen: 24
91.142.94.0/24 maxlen: 24
91.142.92.0/24 maxlen: 24
91.142.93.0/24 maxlen: 24
91.142.95.0/24 maxlen: 24
178.250.152.0/24 maxlen: 24
178.250.154.0/24 maxlen: 24
178.250.155.0/24 maxlen: 24
178.250.153.0/24 maxlen: 24
185.73.212.0/24 maxlen: 24
178.249.71.0/24 maxlen: 24
178.249.70.0/24 maxlen: 24
178.249.68.0/24 maxlen: 24
178.249.69.0/24 maxlen: 24
185.162.92.0/24 maxlen: 24
185.162.93.0/24 maxlen: 24
185.162.95.0/24 maxlen: 24
185.162.94.0/24 maxlen: 24
185.162.94.0/23 maxlen: 23
185.147.80.0/24 maxlen: 24
185.147.83.0/24 maxlen: 24
185.147.81.0/24 maxlen: 24
185.147.82.0/24 maxlen: 24
2a03:21c0::/32 maxlen: 32
2a07:a501::/32 maxlen: 32
2a07:a500::/32 maxlen: 32
2a07:a502::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:e9:7e:21:2f:89:2a:ae:f5:0a:3e:38:ed:6b:1f:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50f2d6b21660fad1f60e2df9d0bd7c6ccf95c311
Validity
Not Before: Dec 18 12:32:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=001664e33988bfcea9823c59567e98383ae5caf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:06:a0:cd:71:a6:c8:6f:fa:e4:10:ce:e3:01:
07:7c:56:45:a2:58:9a:bf:8d:d9:05:46:a0:84:e6:
54:c8:fc:27:90:32:58:42:01:15:e8:5a:7c:04:2b:
e7:0d:50:c8:d1:02:6c:31:c1:24:68:8a:2e:bc:bd:
26:59:82:8f:1f:0b:ac:93:d6:51:ca:c6:7b:37:a9:
b6:2e:4b:95:14:75:0e:6a:80:cc:62:a6:e6:0c:15:
f6:e5:af:98:1e:a3:93:5b:8d:6a:39:88:0d:e3:51:
62:08:68:ac:c9:75:d3:67:b8:42:39:fc:32:d8:e8:
ff:f6:00:71:3d:4e:32:cb:a3:d8:a6:3f:11:94:75:
7a:62:2c:10:88:5d:79:07:77:cc:bf:51:e9:58:7b:
cc:b6:4a:88:e2:15:89:a4:f7:b6:89:41:e1:00:99:
18:40:86:9d:f5:56:7e:15:c4:1e:3a:96:71:8d:b5:
a7:3d:2f:67:94:55:8c:91:ca:00:89:65:7a:d9:6c:
22:b6:dc:0f:84:03:66:33:4f:cd:e1:cd:c9:2b:d3:
36:35:89:fd:1e:d4:c3:4b:4d:70:60:0a:b5:1d:cb:
9c:11:6d:8e:28:d1:2f:45:e5:35:9e:70:88:41:af:
92:b8:4b:56:ac:2d:47:68:fe:fe:93:bb:1c:90:da:
0a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:16:64:E3:39:88:BF:CE:A9:82:3C:59:56:7E:98:38:3A:E5:CA:F6
X509v3 Authority Key Identifier:
keyid:50:F2:D6:B2:16:60:FA:D1:F6:0E:2D:F9:D0:BD:7C:6C:CF:95:C3:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UPLWshZg-tH2Di350L18bM-VwxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/ABZk4zmIv86pgjxZVn6YODrlyvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/UPLWshZg-tH2Di350L18bM-VwxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.80.0/20
178.249.68.0/22
178.250.152.0/22
185.53.20.0/22
185.73.212.0/24
185.147.80.0/22
185.162.92.0/22
185.174.165.0-185.174.167.255
IPv6:
2a03:21c0::/32
2a07:a500::-2a07:a502:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
49:2d:42:85:89:1f:5f:66:5e:eb:9c:87:da:d7:1d:ee:1d:7b:
34:8b:2e:f9:0e:f3:d2:6f:6a:56:45:45:f7:0a:a6:95:ef:2e:
67:6d:fb:0d:51:1b:26:ea:63:8d:dd:4b:9d:5c:55:38:44:01:
ed:b8:54:68:f9:63:ad:78:5d:4f:03:90:c6:4a:19:61:bb:f6:
00:96:72:a4:48:bf:9c:18:e8:6b:9e:fe:7c:52:dd:6e:20:59:
f3:78:4d:50:02:0f:b6:07:92:b7:af:d3:b4:2a:d5:c8:70:5e:
05:c4:48:21:e3:61:8f:2f:42:b0:21:85:75:2a:39:d4:e1:5c:
c4:46:a8:c6:69:03:01:e9:fb:09:24:e4:5f:64:1b:b6:e3:50:
0b:df:05:2d:73:55:9e:db:54:79:15:e3:90:2e:8c:23:fe:62:
db:da:c7:b3:01:7d:f6:75:c0:c3:17:38:8f:2a:04:87:c1:11:
29:2e:8c:23:0b:0b:ad:ab:e1:e7:99:00:74:8e:ef:52:4b:f8:
f6:87:83:bf:06:7b:4b:e8:ad:95:91:88:07:f9:67:0b:a9:09:
01:f2:6f:0d:00:0a:74:ef:55:39:e8:5d:7e:44:b8:e5:0b:61:
c7:54:d5:11:8c:77:55:52:76:e1:4b:a8:ce:1e:ab:6a:d1:ae:
43:58:84:12
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYx86X4hL4kqrvUKPjjtax+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZjJkNmIyMTY2MGZhZDFmNjBlMmRmOWQwYmQ3YzZjY2Y5
NWMzMTEwHhcNMjMxMjE4MTIzMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDE2NjRlMzM5ODhiZmNlYTk4MjNjNTk1NjdlOTgzODNhZTVjYWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwagzXGmyG/65BDO4wEHfFZFolia
v43ZBUaghOZUyPwnkDJYQgEV6Fp8BCvnDVDI0QJsMcEkaIouvL0mWYKPHwusk9ZR
ysZ7N6m2LkuVFHUOaoDMYqbmDBX25a+YHqOTW41qOYgN41FiCGisyXXTZ7hCOfwy
2Oj/9gBxPU4yy6PYpj8RlHV6YiwQiF15B3fMv1HpWHvMtkqI4hWJpPe2iUHhAJkY
QIad9VZ+FcQeOpZxjbWnPS9nlFWMkcoAiWV62WwittwPhANmM0/N4c3JK9M2NYn9
HtTDS01wYAq1HcucEW2OKNEvReU1nnCIQa+SuEtWrC1HaP7+k7sckNoKkQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFAAWZOM5iL/OqYI8WVZ+mDg65cr2MB8GA1UdIwQY
MBaAFFDy1rIWYPrR9g4t+dC9fGzPlcMRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVBMV3NoWmctdEgyRGkzNTBMMThiTS1Wd3hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kMGVkZDUtNjA4Ny00YmUxLWIzNmYt
YWIzZGQ1ZGM2NzA5LzEvQUJaazR6bUl2ODZwZ2p4WlZuNllPRHJseXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kMGVkZDUtNjA4Ny00YmUxLWIzNmYtYWIzZGQ1ZGM2NzA5
LzEvVVBMV3NoWmctdEgyRGkzNTBMMThiTS1Wd3hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjA+BAIAATA4AwQEW45QAwQC
svlEAwQCsvqYAwQCuTUUAwQAuUnUAwQCuZNQAwQCuaJcMAwDBAC5rqUDBAO5rqAw
HAQCAAIwFgMFACoDIcAwDQMEACoHpQMFACoHpQIwDQYJKoZIhvcNAQELBQADggEB
AEktQoWJH19mXuuch9rXHe4dezSLLvkO89JvalZFRfcKppXvLmdt+w1RGybqY43d
S51cVThEAe24VGj5Y614XU8DkMZKGWG79gCWcqRIv5wY6Gue/nxS3W4gWfN4TVAC
D7YHkrev07Qq1chwXgXESCHjYY8vQrAhhXUqOdThXMRGqMZpAwHp+wkk5F9kG7bj
UAvfBS1zVZ7bVHkV45AujCP+Ytvax7MBffZ1wMMXOI8qBIfBESkujCMLC62r4eeZ
AHSO71JL+PaHg78Ge0vorZWRiAf5ZwupCQHybw0ACnTvVTnoXX5EuOULYcdU1RGM
d1VSduFLqM4eq2rRrkNYhBI=
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:49:57 2025 by rpki-client