Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/h_cYumdM8GrsWcaO0KN8-Eh-KqE.roa
File: h_cYumdM8GrsWcaO0KN8-Eh-KqE.roa (raw, json)
Hash identifier: 8Ts0dzH2s7mFzM8TrivwMyx81+I3PPZAA7fgHphM3So=
Subject key identifier: 87:F7:18:BA:67:4C:F0:6A:EC:59:C6:8E:D0:A3:7C:F8:48:7E:2A:A1
Certificate issuer: /CN=c24d5bd3ceeaab0786ce151a3178dadc107bf280
Certificate serial: 018AD1A15A5B61955F5C73DFC80D1ABCA0FF
Authority key identifier: C2:4D:5B:D3:CE:EA:AB:07:86:CE:15:1A:31:78:DA:DC:10:7B:F2:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wk1b087qqweGzhUaMXja3BB78oA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/h_cYumdM8GrsWcaO0KN8-Eh-KqE.roa
Signing time: Tue 26 Sep 2023 13:15:27 +0000
ROA not before: Tue 26 Sep 2023 13:15:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34594
IP address blocks: 151.252.224.0/19 maxlen: 19
89.201.128.0/17 maxlen: 17
151.252.224.0/20 maxlen: 20
185.10.40.0/22 maxlen: 22
89.17.0.0/19 maxlen: 19
80.80.48.0/20 maxlen: 20
151.252.208.0/21 maxlen: 21
176.222.32.0/20 maxlen: 20
5.43.160.0/19 maxlen: 19
37.60.128.0/21 maxlen: 21
37.205.96.0/20 maxlen: 20
5.39.128.0/19 maxlen: 19
95.178.128.0/17 maxlen: 17
89.201.175.0/24 maxlen: 24
85.114.32.0/20 maxlen: 20
85.114.33.0/24 maxlen: 24
85.114.32.0/19 maxlen: 19
185.18.60.0/22 maxlen: 22
2a02:ac8::/32 maxlen: 32
2a03:6100::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d1:a1:5a:5b:61:95:5f:5c:73:df:c8:0d:1a:bc:a0:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c24d5bd3ceeaab0786ce151a3178dadc107bf280
Validity
Not Before: Sep 26 13:15:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87f718ba674cf06aec59c68ed0a37cf8487e2aa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e1:73:90:af:76:9b:75:84:74:db:7b:df:67:
f9:6e:70:5f:c4:28:16:ed:00:88:92:e5:0d:d7:9f:
d0:a0:5e:cf:5a:10:be:f5:9f:77:69:d4:3f:ca:51:
e1:8a:f7:49:90:1e:94:92:5c:a2:4e:44:d8:a5:ef:
78:03:ae:f8:54:46:d5:27:0d:41:6f:c4:01:73:f4:
39:63:3e:52:9e:67:b5:3d:34:cc:23:31:af:0e:b0:
8b:c5:31:24:66:ba:77:c7:ce:09:39:5f:20:a3:75:
7a:35:ca:a5:ca:b2:99:09:c3:00:96:f0:ab:d6:ef:
b4:1b:04:c9:d5:2f:d3:0c:76:8e:67:7c:2e:4f:fe:
46:70:2e:31:8c:3a:35:63:7b:fb:f6:07:f6:4c:15:
a5:be:b4:b4:3c:10:6c:aa:51:d3:ac:93:51:ca:e3:
d4:d8:f2:e2:31:98:a3:55:cc:1a:27:ae:fa:10:9e:
97:55:0e:9f:97:7e:55:c9:d2:23:5a:e5:7a:be:d3:
fb:59:79:8a:d8:ad:6e:e6:4d:46:2a:c5:a1:6a:fd:
30:24:67:4a:d5:a7:1a:90:15:ae:2e:22:66:67:df:
99:6f:85:e1:7c:e5:0a:4f:c4:aa:d8:fb:df:c0:d1:
e5:ce:52:ab:d8:29:8c:f8:27:21:4e:27:cf:88:bb:
c5:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F7:18:BA:67:4C:F0:6A:EC:59:C6:8E:D0:A3:7C:F8:48:7E:2A:A1
X509v3 Authority Key Identifier:
keyid:C2:4D:5B:D3:CE:EA:AB:07:86:CE:15:1A:31:78:DA:DC:10:7B:F2:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wk1b087qqweGzhUaMXja3BB78oA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/h_cYumdM8GrsWcaO0KN8-Eh-KqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/wk1b087qqweGzhUaMXja3BB78oA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.128.0/19
5.43.160.0/19
37.60.128.0/21
37.205.96.0/20
80.80.48.0/20
85.114.32.0/19
89.17.0.0/19
89.201.128.0/17
95.178.128.0/17
151.252.208.0/21
151.252.224.0/19
176.222.32.0/20
185.10.40.0/22
185.18.60.0/22
IPv6:
2a02:ac8::/32
2a03:6100::/32
Signature Algorithm: sha256WithRSAEncryption
8d:72:92:59:68:e9:8d:45:61:3b:40:dd:69:b0:73:56:87:1d:
1a:ca:cd:0c:5c:97:50:3f:3f:f3:53:cc:45:f0:14:6b:75:72:
8a:b1:43:ac:97:c5:c9:36:c8:4b:d7:6e:26:ea:04:5a:68:7c:
4b:94:d8:93:2a:06:36:bb:3c:8b:8e:e7:0c:03:78:b7:44:d8:
93:f0:52:16:7c:01:77:ff:2c:67:24:fe:b1:ac:5c:5a:07:44:
75:c8:25:c4:42:1c:8e:39:03:72:a0:2d:6e:03:fe:4e:89:2a:
9f:5f:fd:df:37:e6:20:ec:6f:f2:be:1b:4c:9e:95:4f:77:be:
01:20:8b:9e:59:79:17:a7:b4:92:e1:c7:da:73:07:2f:88:04:
b9:94:32:fe:35:11:a4:74:07:14:a2:2c:eb:52:52:ee:bf:79:
87:ea:c4:46:a4:58:37:12:b5:15:f7:0c:04:4d:55:50:96:54:
70:ee:d7:8a:43:26:d2:ac:f7:3a:46:29:b6:70:e3:9f:be:e5:
25:e4:ef:45:84:6a:bb:45:c1:b4:04:b8:1e:cb:79:b1:0e:b2:
e0:65:00:bf:07:af:95:6c:27:77:5b:28:c4:c7:54:4a:d5:c4:
2b:b1:4e:03:78:12:c7:1a:f9:08:bd:7b:d8:1c:04:e4:1d:95:
bb:98:a1:39
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYrRoVpbYZVfXHPfyA0avKD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNGQ1YmQzY2VlYWFiMDc4NmNlMTUxYTMxNzhkYWRjMTA3
YmYyODAwHhcNMjMwOTI2MTMxNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2Y3MThiYTY3NGNmMDZhZWM1OWM2OGVkMGEzN2NmODQ4N2UyYWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOFzkK92m3WEdNt732f5bnBfxCgW
7QCIkuUN15/QoF7PWhC+9Z93adQ/ylHhivdJkB6UklyiTkTYpe94A674VEbVJw1B
b8QBc/Q5Yz5Snme1PTTMIzGvDrCLxTEkZrp3x84JOV8go3V6NcqlyrKZCcMAlvCr
1u+0GwTJ1S/TDHaOZ3wuT/5GcC4xjDo1Y3v79gf2TBWlvrS0PBBsqlHTrJNRyuPU
2PLiMZijVcwaJ676EJ6XVQ6fl35VydIjWuV6vtP7WXmK2K1u5k1GKsWhav0wJGdK
1acakBWuLiJmZ9+Zb4XhfOUKT8Sq2PvfwNHlzlKr2CmM+CchTifPiLvFrQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFIf3GLpnTPBq7FnGjtCjfPhIfiqhMB8GA1UdIwQY
MBaAFMJNW9PO6qsHhs4VGjF42twQe/KAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2sxYjA4N3Fxd2VHemhVYU1YamEzQkI3OG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS85ZTE2YzEtMzEwZi00MTBjLWIzNDEt
NDFkODIzMjlmMjZkLzEvaF9jWXVtZE04R3JzV2NhTzBLTjgtRWgtS3FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS85ZTE2YzEtMzEwZi00MTBjLWIzNDEtNDFkODIzMjlmMjZk
LzEvd2sxYjA4N3Fxd2VHemhVYU1YamEzQkI3OG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwWgQCAAEwVAMEBQUngAME
BQUroAMEAyU8gAMEBCXNYAMEBFBQMAMEBVVyIAMEBVkRAAMEB1nJgAMEB1+ygAME
A5f80AMEBZf84AMEBLDeIAMEArkKKAMEArkSPDAUBAIAAjAOAwUAKgIKyAMFACoD
YQAwDQYJKoZIhvcNAQELBQADggEBAI1ykllo6Y1FYTtA3Wmwc1aHHRrKzQxcl1A/
P/NTzEXwFGt1coqxQ6yXxck2yEvXbibqBFpofEuU2JMqBja7PIuO5wwDeLdE2JPw
UhZ8AXf/LGck/rGsXFoHRHXIJcRCHI45A3KgLW4D/k6JKp9f/d835iDsb/K+G0ye
lU93vgEgi55ZeRentJLhx9pzBy+IBLmUMv41EaR0BxSiLOtSUu6/eYfqxEakWDcS
tRX3DARNVVCWVHDu14pDJtKs9zpGKbZw45++5SXk70WEartFwbQEuB7LebEOsuBl
AL8Hr5VsJ3dbKMTHVErVxCuxTgN4Esca+Qi9e9gcBOQdlbuYoTk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:09 2025 by rpki-client