Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/r_Y7wsfLVG5wQNfGR5394iNmFWI.roa
File: r_Y7wsfLVG5wQNfGR5394iNmFWI.roa (raw, json)
Hash identifier: CLp23qq8eBjJ6Ne6/WIc2dF4/hMk1lva1KKaosvwm/k=
Subject key identifier: AF:F6:3B:C2:C7:CB:54:6E:70:40:D7:C6:47:9D:FD:E2:23:66:15:62
Certificate issuer: /CN=4866d4027de3c27e897d72adb2c86d87ab7e5ac2
Certificate serial: 0A2E269B
Authority key identifier: 48:66:D4:02:7D:E3:C2:7E:89:7D:72:AD:B2:C8:6D:87:AB:7E:5A:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SGbUAn3jwn6JfXKtsshth6t-WsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/r_Y7wsfLVG5wQNfGR5394iNmFWI.roa
Signing time: Sat 01 Jan 2022 09:04:28 +0000
ROA not before: Sat 01 Jan 2022 09:04:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208808
IP address blocks: 94.156.26.0/23 maxlen: 23
212.73.152.0/23 maxlen: 23
31.13.210.0/24 maxlen: 24
87.120.203.0/24 maxlen: 24
78.138.26.0/23 maxlen: 23
78.138.28.0/23 maxlen: 23
92.243.94.0/23 maxlen: 23
185.201.76.0/22 maxlen: 22
78.138.42.0/23 maxlen: 23
45.140.196.0/22 maxlen: 22
213.255.210.0/23 maxlen: 23
213.255.216.0/23 maxlen: 23
213.255.224.0/23 maxlen: 23
92.243.71.0/24 maxlen: 24
87.120.80.0/23 maxlen: 23
92.243.68.0/24 maxlen: 24
213.255.244.0/23 maxlen: 23
92.243.86.0/23 maxlen: 23
78.138.18.0/23 maxlen: 23
92.243.90.0/23 maxlen: 23
2a0a:bd40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 170796699 (0xa2e269b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4866d4027de3c27e897d72adb2c86d87ab7e5ac2
Validity
Not Before: Jan 1 09:04:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aff63bc2c7cb546e7040d7c6479dfde223661562
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6c:2d:31:47:de:13:cb:f3:be:81:00:c5:b2:
22:64:92:31:9d:02:c9:1b:9b:48:ba:b4:2b:3e:61:
86:3f:de:03:53:77:c6:40:39:97:56:48:f7:08:99:
8d:1e:e8:07:38:dd:51:7b:b7:22:d1:f1:04:e0:f2:
5d:51:a6:13:68:0a:2c:34:15:34:af:4a:e7:e7:cc:
e8:82:ef:7f:3a:af:e2:95:f7:83:20:28:50:17:86:
00:8c:5c:f8:ba:bd:11:be:24:5b:e4:2a:0f:7c:80:
3a:3b:03:05:29:95:a4:74:14:cd:ae:4c:3d:1b:66:
b4:8e:34:c3:46:21:d5:37:07:33:fa:ce:1c:3f:94:
f3:1a:dc:7c:91:a5:73:17:b2:b6:1d:88:a9:e6:84:
1f:e5:88:72:a0:56:e0:df:47:00:02:c1:61:b8:ed:
0a:db:41:f6:8e:28:9b:4e:68:d7:61:9c:b5:16:a8:
f7:15:86:17:f2:92:ba:cd:62:d4:f5:c2:88:2e:6b:
bc:21:e1:be:96:b2:6d:cb:62:55:38:71:5b:5c:6c:
6d:8c:00:88:b7:b5:60:d7:f4:15:12:5d:50:42:da:
4b:91:96:69:bc:d5:87:67:d4:e0:2b:ae:7a:d6:ad:
f7:ac:4e:d0:14:98:43:23:2e:af:8a:c2:b2:01:1f:
6d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:F6:3B:C2:C7:CB:54:6E:70:40:D7:C6:47:9D:FD:E2:23:66:15:62
X509v3 Authority Key Identifier:
keyid:48:66:D4:02:7D:E3:C2:7E:89:7D:72:AD:B2:C8:6D:87:AB:7E:5A:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SGbUAn3jwn6JfXKtsshth6t-WsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/r_Y7wsfLVG5wQNfGR5394iNmFWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/SGbUAn3jwn6JfXKtsshth6t-WsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.210.0/24
45.140.196.0/22
78.138.18.0/23
78.138.26.0-78.138.29.255
78.138.42.0/23
87.120.80.0/23
87.120.203.0/24
92.243.68.0/24
92.243.71.0/24
92.243.86.0/23
92.243.90.0/23
92.243.94.0/23
94.156.26.0/23
185.201.76.0/22
212.73.152.0/23
213.255.210.0/23
213.255.216.0/23
213.255.224.0/23
213.255.244.0/23
IPv6:
2a0a:bd40::/29
Signature Algorithm: sha256WithRSAEncryption
89:a6:8d:62:6e:1d:d6:1f:92:74:55:b9:2b:d6:58:7a:66:e4:
9e:4b:a6:ad:84:9c:51:ae:54:fb:35:b9:71:ae:27:66:52:a8:
2c:fd:6f:99:4e:ed:af:f6:b8:b2:a3:c0:64:fb:12:ec:4a:2a:
a9:f4:4e:b1:2b:3e:ab:3b:ea:cc:f2:d1:46:fa:5c:ec:a4:cb:
8d:57:44:9d:31:01:3a:7b:c4:12:a9:38:d0:58:09:3f:8e:f3:
05:2a:81:de:de:ce:bf:7c:61:71:63:fe:a6:05:6d:87:d6:9e:
cb:5e:51:93:e0:13:ad:6a:58:b2:a4:1c:bd:7d:8d:9c:59:29:
c3:93:43:b0:0f:13:60:75:47:4a:05:e2:83:3f:a5:10:95:19:
da:b9:88:3d:4e:7e:65:0f:a6:a8:06:08:c0:fa:26:77:6f:ec:
50:f9:34:d8:2a:b0:65:7b:f5:37:2b:d7:76:23:43:98:4d:e4:
44:34:1c:44:cf:c6:26:29:b2:a5:9a:98:5c:10:c3:3b:e5:82:
70:40:58:9f:ec:b2:90:c1:87:4c:dc:96:0d:51:67:d7:1f:09:
88:dd:76:53:17:6a:16:b4:f1:de:a1:06:a5:c5:6f:43:e3:78:
06:81:39:af:36:8e:1b:5d:ef:fb:3f:1c:b9:7a:98:a0:ef:eb:
92:6b:8d:72
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIECi4mmzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ODY2ZDQwMjdkZTNjMjdlODk3ZDcyYWRiMmM4NmQ4N2FiN2U1YWMyMB4XDTIyMDEw
MTA5MDQyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWZmNjNiYzJjN2Ni
NTQ2ZTcwNDBkN2M2NDc5ZGZkZTIyMzY2MTU2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpsLTFH3hPL876BAMWyImSSMZ0CyRubSLq0Kz5hhj/eA1N3
xkA5l1ZI9wiZjR7oBzjdUXu3ItHxBODyXVGmE2gKLDQVNK9K5+fM6ILvfzqv4pX3
gyAoUBeGAIxc+Lq9Eb4kW+QqD3yAOjsDBSmVpHQUza5MPRtmtI40w0Yh1TcHM/rO
HD+U8xrcfJGlcxeyth2IqeaEH+WIcqBW4N9HAALBYbjtCttB9o4om05o12GctRao
9xWGF/KSus1i1PXCiC5rvCHhvpaybctiVThxW1xsbYwAiLe1YNf0FRJdUELaS5GW
abzVh2fU4Cuuetat96xO0BSYQyMur4rCsgEfbUECAwEAAaOCApAwggKMMB0GA1Ud
DgQWBBSv9jvCx8tUbnBA18ZHnf3iI2YVYjAfBgNVHSMEGDAWgBRIZtQCfePCfol9
cq2yyG2Hq35awjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NHYlVBbjNqd242SmZYS3Rzc2h0aDZ0LVdzSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTYvNTU2YWQ1LTJlNmItNGQ1MS04NTZjLTYxYzljMjljMjc1ZC8x
L3JfWTd3c2ZMVkc1d1FOZkdSNTM5NGlObUZXSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTYv
NTU2YWQ1LTJlNmItNGQ1MS04NTZjLTYxYzljMjljMjc1ZC8xL1NHYlVBbjNqd242
SmZYS3Rzc2h0aDZ0LVdzSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
pQYIKwYBBQUHAQcBAf8EgZUwgZIwgYAEAgABMHoDBAAfDdIDBAItjMQDBAFOihIw
DAMEAU6KGgMEAU6KHAMEAU6KKgMEAVd4UAMEAFd4ywMEAFzzRAMEAFzzRwMEAVzz
VgMEAVzzWgMEAVzzXgMEAV6cGgMEArnJTAMEAdRJmAMEAdX/0gMEAdX/2AMEAdX/
4AMEAdX/9DANBAIAAjAHAwUDKgq9QDANBgkqhkiG9w0BAQsFAAOCAQEAiaaNYm4d
1h+SdFW5K9ZYembknkumrYScUa5U+zW5ca4nZlKoLP1vmU7tr/a4sqPAZPsS7Eoq
qfROsSs+qzvqzPLRRvpc7KTLjVdEnTEBOnvEEqk40FgJP47zBSqB3t7Ov3xhcWP+
pgVth9aey15Rk+ATrWpYsqQcvX2NnFkpw5NDsA8TYHVHSgXigz+lEJUZ2rmIPU5+
ZQ+mqAYIwPomd2/sUPk02CqwZXv1NyvXdiNDmE3kRDQcRM/GJimypZqYXBDDO+WC
cEBYn+yykMGHTNyWDVFn1x8JiN12UxdqFrTx3qEGpcVvQ+N4BoE5rzaOG13v+z8c
uXqYoO/rkmuNcg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:46 2025 by rpki-client