Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/m7gTLheH6aa5wT2bT7-MbtaeA5s.roa
File: m7gTLheH6aa5wT2bT7-MbtaeA5s.roa (raw, json)
Hash identifier: GTGwXLIBvzK1w74SVO7cpY8a/dsPIiLFJGKDNpxBOhM=
Subject key identifier: 9B:B8:13:2E:17:87:E9:A6:B9:C1:3D:9B:4F:BF:8C:6E:D6:9E:03:9B
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 018570B97CA9EEADC14C5916AD38B7E0168A
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/m7gTLheH6aa5wT2bT7-MbtaeA5s.roa
Signing time: Mon 02 Jan 2023 04:24:42 +0000
ROA not before: Mon 02 Jan 2023 04:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47232
IP address blocks: 5.39.200.0/22 maxlen: 32
185.15.108.0/22 maxlen: 32
78.111.114.0/23 maxlen: 32
78.111.116.0/23 maxlen: 32
78.111.112.0/20 maxlen: 32
46.29.224.0/21 maxlen: 32
213.108.162.0/23 maxlen: 32
217.75.208.0/20 maxlen: 32
185.64.220.0/22 maxlen: 32
185.125.128.0/22 maxlen: 32
93.91.150.0/23 maxlen: 32
93.91.152.0/24 maxlen: 32
93.91.149.0/24 maxlen: 32
93.91.153.0/24 maxlen: 32
93.91.154.0/24 maxlen: 32
46.29.228.0/23 maxlen: 32
185.52.172.0/24 maxlen: 32
93.91.144.0/20 maxlen: 32
2a02:17a0::/32 maxlen: 48
2a02:17a0::/29 maxlen: 48
2a03:2a82::/31 maxlen: 48
2a04:7bc0::/29 maxlen: 48
2a03:2a80::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:7c:a9:ee:ad:c1:4c:59:16:ad:38:b7:e0:16:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 2 04:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9bb8132e1787e9a6b9c13d9b4fbf8c6ed69e039b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b6:7c:e5:21:14:3e:7b:93:58:4e:43:b8:33:
a1:4b:6e:bc:e2:22:30:6f:ec:ab:2d:65:08:f6:e2:
3a:0b:50:0b:e3:3d:73:c4:ee:bf:da:b4:21:a0:4c:
03:15:33:3c:ed:89:24:e8:38:06:2c:6f:8d:e7:20:
bf:00:f8:eb:9b:a0:e7:3a:a7:69:13:a3:9c:2e:2f:
58:6a:df:5f:30:02:80:70:b5:d3:dc:0c:84:ff:04:
26:6b:1f:9a:a9:53:7a:72:77:6c:bc:28:b9:54:ff:
36:bd:90:48:2f:a9:24:a3:07:b2:50:56:73:e2:b1:
4a:a9:47:19:47:b6:36:31:8a:c5:89:cf:e5:df:0e:
2d:e8:88:7c:2f:1e:cb:45:05:7a:96:84:c3:9a:56:
a3:16:77:92:17:01:0e:cc:69:5c:56:fe:38:72:ab:
13:4f:ba:02:8d:87:d9:49:75:22:42:33:f4:77:e8:
19:61:ff:f6:e8:fa:6a:59:45:1c:17:3f:78:c4:68:
32:16:3c:99:28:b3:e9:15:91:9a:48:19:3d:43:04:
3e:e3:70:c5:e4:49:e7:b9:14:db:25:ed:58:9f:0f:
d7:f5:f2:9a:29:23:da:d1:f8:63:d5:f9:48:c2:2d:
7c:4d:d5:7b:ce:44:6e:6f:70:3e:99:1f:bb:08:4d:
67:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:B8:13:2E:17:87:E9:A6:B9:C1:3D:9B:4F:BF:8C:6E:D6:9E:03:9B
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/m7gTLheH6aa5wT2bT7-MbtaeA5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.200.0/22
46.29.224.0/21
78.111.112.0/20
93.91.144.0/20
185.15.108.0/22
185.52.172.0/24
185.64.220.0/22
185.125.128.0/22
213.108.162.0/23
217.75.208.0/20
IPv6:
2a02:17a0::/29
2a03:2a80::/29
2a04:7bc0::/29
Signature Algorithm: sha256WithRSAEncryption
a9:f6:f5:8a:c2:39:fa:40:24:41:cb:2e:44:c2:13:b8:f7:d7:
cd:40:1e:14:22:2f:db:94:6a:b0:8d:5f:07:3f:c0:62:73:4e:
07:15:9a:1d:d9:1d:50:d6:1e:25:d0:fd:b7:ab:75:da:82:12:
71:b7:5d:c7:5d:60:6c:46:35:5e:62:7d:b0:31:77:37:b2:14:
6d:7e:aa:b0:0e:ab:85:58:c4:5e:21:34:d5:13:e4:f8:bd:c5:
08:06:27:57:1c:29:2b:6f:d6:31:08:c7:47:56:80:03:f6:75:
b3:6f:94:31:fc:4c:12:3d:65:d7:aa:ec:5e:60:19:5a:96:a2:
90:ce:5e:24:ab:df:31:44:f9:39:55:58:fa:22:f9:53:e6:95:
7b:93:bc:58:79:68:ba:3e:e9:5a:5c:07:17:2b:48:34:ac:91:
93:38:55:77:73:c0:48:43:b7:06:88:39:93:81:18:3b:27:3c:
77:e8:65:83:f8:c3:a8:c2:84:7b:bf:e8:cc:12:f3:87:d2:e4:
1a:33:2d:0e:df:dc:d9:e2:2b:ac:4b:eb:ed:aa:b1:c4:51:bf:
3b:1b:c3:df:3b:71:e9:ca:4e:25:84:a9:94:c1:74:b0:7c:42:
6f:ba:00:70:b2:6c:16:d8:a2:4f:03:7e:07:85:40:23:b5:06:
df:57:72:3e
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAYVwuXyp7q3BTFkWrTi34BaKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjMwMTAyMDQyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmI4MTMyZTE3ODdlOWE2YjljMTNkOWI0ZmJmOGM2ZWQ2OWUwMzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7Z85SEUPnuTWE5DuDOhS2684iIw
b+yrLWUI9uI6C1AL4z1zxO6/2rQhoEwDFTM87Ykk6DgGLG+N5yC/APjrm6DnOqdp
E6OcLi9Yat9fMAKAcLXT3AyE/wQmax+aqVN6cndsvCi5VP82vZBIL6kkoweyUFZz
4rFKqUcZR7Y2MYrFic/l3w4t6Ih8Lx7LRQV6loTDmlajFneSFwEOzGlcVv44cqsT
T7oCjYfZSXUiQjP0d+gZYf/26PpqWUUcFz94xGgyFjyZKLPpFZGaSBk9QwQ+43DF
5EnnuRTbJe1Ynw/X9fKaKSPa0fhj1flIwi18TdV7zkRub3A+mR+7CE1nkwIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFJu4Ey4Xh+mmucE9m0+/jG7WngObMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvbTdnVExoZUg2YWE1d1QyYlQ3LU1idGFlQTVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBCBAIAATA8AwQCBSfIAwQD
Lh3gAwQETm9wAwQEXVuQAwQCuQ9sAwQAuTSsAwQCuUDcAwQCuX2AAwQB1WyiAwQE
2UvQMBsEAgACMBUDBQMqAhegAwUDKgMqgAMFAyoEe8AwDQYJKoZIhvcNAQELBQAD
ggEBAKn29YrCOfpAJEHLLkTCE7j3181AHhQiL9uUarCNXwc/wGJzTgcVmh3ZHVDW
HiXQ/berddqCEnG3XcddYGxGNV5ifbAxdzeyFG1+qrAOq4VYxF4hNNUT5Pi9xQgG
J1ccKStv1jEIx0dWgAP2dbNvlDH8TBI9Zdeq7F5gGVqWopDOXiSr3zFE+TlVWPoi
+VPmlXuTvFh5aLo+6VpcBxcrSDSskZM4VXdzwEhDtwaIOZOBGDsnPHfoZYP4w6jC
hHu/6MwS84fS5BozLQ7f3NniK6xL6+2qscRRvzsbw987cenKTiWEqZTBdLB8Qm+6
AHCybBbYok8DfgeFQCO1Bt9Xcj4=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:51:31 2025 by rpki-client