Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/_Hx6xvpSnze-J-360btX36eXy3Q.roa
File: _Hx6xvpSnze-J-360btX36eXy3Q.roa (raw, json)
Hash identifier: kJfSsh6P81N2bKRNBMg0TtvTzW3fni416mpgJcAL0zQ=
Subject key identifier: FC:7C:7A:C6:FA:52:9F:37:BE:27:ED:FA:D1:BB:57:DF:A7:97:CB:74
Certificate issuer: /CN=a2ed0ba8b46ef251e5a058a64a21b307d3650ddc
Certificate serial: 09BF9946
Authority key identifier: A2:ED:0B:A8:B4:6E:F2:51:E5:A0:58:A6:4A:21:B3:07:D3:65:0D:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ou0LqLRu8lHloFimSiGzB9NlDdw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/_Hx6xvpSnze-J-360btX36eXy3Q.roa
Signing time: Sat 01 Jan 2022 01:03:05 +0000
ROA not before: Sat 01 Jan 2022 01:03:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5466
IP address blocks: 194.125.192.0/19 maxlen: 19
95.44.0.0/15 maxlen: 15
82.141.192.0/18 maxlen: 18
217.183.0.0/16 maxlen: 16
83.174.160.0/19 maxlen: 19
195.7.32.0/19 maxlen: 19
194.106.128.0/19 maxlen: 19
194.125.128.0/18 maxlen: 18
51.171.0.0/16 maxlen: 16
159.134.0.0/16 maxlen: 16
185.57.112.0/22 maxlen: 22
83.70.0.0/15 maxlen: 15
62.77.160.0/19 maxlen: 19
213.94.128.0/17 maxlen: 17
213.190.128.0/19 maxlen: 19
86.40.0.0/13 maxlen: 13
2001:bb0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163551558 (0x9bf9946)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2ed0ba8b46ef251e5a058a64a21b307d3650ddc
Validity
Not Before: Jan 1 01:03:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc7c7ac6fa529f37be27edfad1bb57dfa797cb74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:8b:58:77:67:c1:3c:49:16:05:a3:03:94:f2:
c1:28:25:2c:5b:ba:0e:22:30:70:83:a4:03:b3:e4:
c9:10:79:48:fb:ea:ab:eb:b4:ca:e7:4f:72:c4:0c:
d8:72:ff:d5:52:28:30:aa:f6:ae:56:62:3d:8f:5c:
8a:06:1f:68:0f:03:3e:d5:d2:0c:a1:66:1e:fe:8a:
69:2d:0a:f5:e5:9c:55:4c:cf:1d:ac:6d:d4:61:e4:
fe:b4:a9:5f:ee:2e:97:82:2b:22:51:cb:03:46:03:
dd:7a:b7:4b:ef:fa:a2:87:bd:95:92:b5:c7:c8:64:
8c:33:16:a1:f2:59:74:5d:3a:84:d6:ba:1d:ba:cd:
d2:f1:7d:cb:c0:fb:b5:d0:2a:b3:e3:83:0f:6e:51:
8b:82:b7:7a:81:45:d6:8b:b3:cf:50:98:22:a7:49:
34:0b:18:67:90:70:0d:54:8b:db:43:68:38:bb:a5:
1c:6f:70:7f:2e:c2:f8:8c:00:d1:9d:90:7b:47:56:
9f:58:86:8d:7b:23:09:09:4b:fc:78:a9:9c:9b:89:
e4:85:04:74:d4:8e:3f:4a:bb:18:9e:a1:84:e3:d2:
f0:61:74:a1:98:81:14:88:70:c2:50:93:15:4a:0c:
9d:14:2e:65:aa:a5:1f:b8:47:66:91:49:4b:8f:f8:
77:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:7C:7A:C6:FA:52:9F:37:BE:27:ED:FA:D1:BB:57:DF:A7:97:CB:74
X509v3 Authority Key Identifier:
keyid:A2:ED:0B:A8:B4:6E:F2:51:E5:A0:58:A6:4A:21:B3:07:D3:65:0D:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ou0LqLRu8lHloFimSiGzB9NlDdw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/_Hx6xvpSnze-J-360btX36eXy3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/ou0LqLRu8lHloFimSiGzB9NlDdw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.171.0.0/16
62.77.160.0/19
82.141.192.0/18
83.70.0.0/15
83.174.160.0/19
86.40.0.0/13
95.44.0.0/15
159.134.0.0/16
185.57.112.0/22
194.106.128.0/19
194.125.128.0-194.125.223.255
195.7.32.0/19
213.94.128.0/17
213.190.128.0/19
217.183.0.0/16
IPv6:
2001:bb0::/29
Signature Algorithm: sha256WithRSAEncryption
82:e3:47:ba:24:ba:8b:6a:86:e1:67:0d:46:57:9d:a1:45:ef:
25:ef:8d:85:b0:a6:0f:55:c1:65:77:f7:94:a6:bf:6a:95:6b:
67:cc:c0:3a:52:f9:9a:9d:b4:aa:d6:03:6d:05:fb:52:ba:54:
3d:68:7d:bc:ab:76:22:f6:10:cf:1b:1c:3a:82:00:c1:a9:68:
c3:8a:7c:fc:60:1d:9c:e9:7d:e6:6f:48:f2:46:6a:8f:8a:15:
ef:d0:47:81:7c:76:21:c4:77:42:f3:70:b1:7f:3c:a1:b6:97:
4e:be:49:f8:74:5f:c7:a1:1d:25:7d:28:f0:46:ea:9b:72:ac:
a4:1a:75:61:87:71:f4:60:74:d6:23:7b:e5:c8:ba:88:f4:42:
e3:f9:7b:f2:11:87:cd:1a:79:85:62:70:c9:02:41:c9:a1:5d:
b0:a7:f8:0f:4f:b1:e2:9c:bc:a2:bb:c0:8c:4b:03:84:40:8f:
f3:d8:a7:41:b0:86:c0:2b:d7:09:7e:3d:a7:b6:02:f0:fe:2b:
fa:ab:09:73:f4:31:dc:7f:79:4a:c5:a0:13:8b:a9:7e:ee:79:
a5:79:1d:4d:3a:a4:7c:4a:91:e2:bb:a6:03:42:88:e7:b2:42:
b6:d5:4d:35:8c:10:17:49:19:08:0c:bf:89:16:d3:98:8d:d2:
be:7e:92:13
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIECb+ZRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MmVkMGJhOGI0NmVmMjUxZTVhMDU4YTY0YTIxYjMwN2QzNjUwZGRjMB4XDTIyMDEw
MTAxMDMwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmM3YzdhYzZmYTUy
OWYzN2JlMjdlZGZhZDFiYjU3ZGZhNzk3Y2I3NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANyLWHdnwTxJFgWjA5TywSglLFu6DiIwcIOkA7PkyRB5SPvq
q+u0yudPcsQM2HL/1VIoMKr2rlZiPY9cigYfaA8DPtXSDKFmHv6KaS0K9eWcVUzP
Haxt1GHk/rSpX+4ul4IrIlHLA0YD3Xq3S+/6ooe9lZK1x8hkjDMWofJZdF06hNa6
HbrN0vF9y8D7tdAqs+ODD25Ri4K3eoFF1ouzz1CYIqdJNAsYZ5BwDVSL20NoOLul
HG9wfy7C+IwA0Z2Qe0dWn1iGjXsjCQlL/HipnJuJ5IUEdNSOP0q7GJ6hhOPS8GF0
oZiBFIhwwlCTFUoMnRQuZaqlH7hHZpFJS4/4dwUCAwEAAaOCAm8wggJrMB0GA1Ud
DgQWBBT8fHrG+lKfN74n7frRu1ffp5fLdDAfBgNVHSMEGDAWgBSi7QuotG7yUeWg
WKZKIbMH02UN3DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L291MExxTFJ1OGxIbG9GaW1TaUd6QjlObERkdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTAvNWJlOGY3LTFhZDAtNDRiZi04YjNlLTc5MWM1YTg1MzkwZC8x
L19IeDZ4dnBTbnplLUotMzYwYnRYMzZlWHkzUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAv
NWJlOGY3LTFhZDAtNDRiZi04YjNlLTc5MWM1YTg1MzkwZC8xL291MExxTFJ1OGxI
bG9GaW1TaUd6QjlObERkdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hAYIKwYBBQUHAQcBAf8EdTBzMGIEAgABMFwDAwAzqwMEBT5NoAMEBlKNwAMDAVNG
AwQFU66gAwMDVigDAwFfLAMDAJ+GAwQCuTlwAwQFwmqAMAwDBAfCfYADBAXCfcAD
BAXDByADBAfVXoADBAXVvoADAwDZtzANBAIAAjAHAwUDIAELsDANBgkqhkiG9w0B
AQsFAAOCAQEAguNHuiS6i2qG4WcNRledoUXvJe+NhbCmD1XBZXf3lKa/apVrZ8zA
OlL5mp20qtYDbQX7UrpUPWh9vKt2IvYQzxscOoIAwalow4p8/GAdnOl95m9I8kZq
j4oV79BHgXx2IcR3QvNwsX88obaXTr5J+HRfx6EdJX0o8Ebqm3KspBp1YYdx9GB0
1iN75ci6iPRC4/l78hGHzRp5hWJwyQJByaFdsKf4D0+x4py8orvAjEsDhECP89in
QbCGwCvXCX49p7YC8P4r+qsJc/Qx3H95SsWgE4upfu55pXkdTTqkfEqR4rumA0KI
57JCttVNNYwQF0kZCAy/iRbTmI3Svn6SEw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:27:26 2025 by rpki-client