Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/732a87-4db0-4ef1-bafb-ac4016120cb9/1/nuT2ffmPdb2mzptHPXI_b2_GwF4.roa
File: nuT2ffmPdb2mzptHPXI_b2_GwF4.roa (raw, json)
Hash identifier: 5KPtdir5VAWzXj5fKYGhYGP/azvH8f87bXlrtP8QaYU=
Subject key identifier: 9E:E4:F6:7D:F9:8F:75:BD:A6:CE:9B:47:3D:72:3F:6F:6F:C6:C0:5E
Certificate issuer: /CN=f7b50c7e81d8cf264d1209b6ad5a3ccb82c16fdd
Certificate serial: 018C6FCB56E8C145006AE69762320A3B93CF
Authority key identifier: F7:B5:0C:7E:81:D8:CF:26:4D:12:09:B6:AD:5A:3C:CB:82:C1:6F:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/97UMfoHYzyZNEgm2rVo8y4LBb90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/732a87-4db0-4ef1-bafb-ac4016120cb9/1/nuT2ffmPdb2mzptHPXI_b2_GwF4.roa
Signing time: Fri 15 Dec 2023 23:24:06 +0000
ROA not before: Fri 15 Dec 2023 23:24:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63473
IP address blocks: 188.244.117.0/24 maxlen: 24
194.29.186.0/24 maxlen: 24
194.29.187.0/24 maxlen: 24
91.190.155.0/24 maxlen: 24
188.93.140.0/24 maxlen: 24
45.132.74.0/24 maxlen: 24
45.132.75.0/24 maxlen: 24
83.138.53.0/24 maxlen: 24
212.52.0.0/24 maxlen: 24
185.223.207.0/24 maxlen: 24
194.29.100.0/24 maxlen: 24
194.29.101.0/24 maxlen: 24
45.91.95.0/24 maxlen: 24
45.91.92.0/24 maxlen: 24
45.91.93.0/24 maxlen: 24
45.91.94.0/24 maxlen: 24
109.205.61.0/24 maxlen: 24
2a0e:dc0:4::/48 maxlen: 48
2a0e:dc0:5::/48 maxlen: 48
2a0e:dc0:8::/48 maxlen: 48
2a0e:dc0:3::/48 maxlen: 48
2a0e:dc0:9::/48 maxlen: 48
2a0e:dc0:2::/48 maxlen: 48
2a0e:dc0:6::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6f:cb:56:e8:c1:45:00:6a:e6:97:62:32:0a:3b:93:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7b50c7e81d8cf264d1209b6ad5a3ccb82c16fdd
Validity
Not Before: Dec 15 23:24:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ee4f67df98f75bda6ce9b473d723f6f6fc6c05e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:30:c3:cc:4f:d8:83:6b:e5:67:e3:13:cb:8c:
0f:a3:c7:75:97:bc:d4:09:51:17:5b:8d:78:2a:c7:
47:e7:77:35:2a:f6:31:48:f8:be:34:81:af:97:48:
99:63:85:5e:bd:c8:85:16:06:2f:14:77:fb:70:04:
19:d8:11:3b:c5:62:c2:27:3a:49:69:e5:c6:31:d0:
45:5a:13:d3:b6:1c:e8:26:ff:f8:d7:3e:79:ac:9b:
62:a0:8a:0e:7a:66:96:6b:e9:6c:b0:91:ee:20:d6:
57:1b:37:a2:8e:0f:5b:36:52:09:b4:6a:76:08:f8:
ef:c0:5e:5b:1b:76:ac:7e:1f:c6:d0:9a:65:ef:3e:
7f:9c:ad:7d:bf:ab:cd:c5:76:b0:0f:33:98:54:26:
1f:69:f7:f5:eb:66:60:c0:bf:a6:5e:25:81:2b:c9:
8d:81:d2:f1:e7:1a:ea:6b:93:74:ce:29:15:d5:e1:
67:64:87:7a:76:52:cf:13:dc:d1:50:03:dc:6f:98:
45:33:7c:8b:d9:7e:03:29:4e:bf:dd:5a:4c:00:96:
fc:2c:8f:90:fd:cf:20:d2:1e:a9:b1:59:51:6e:f2:
1c:e3:91:ba:8a:92:fb:51:2c:80:f6:f7:eb:26:bd:
0d:69:2c:e9:b8:90:7d:df:ea:99:de:8d:e7:a8:fb:
5d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:E4:F6:7D:F9:8F:75:BD:A6:CE:9B:47:3D:72:3F:6F:6F:C6:C0:5E
X509v3 Authority Key Identifier:
keyid:F7:B5:0C:7E:81:D8:CF:26:4D:12:09:B6:AD:5A:3C:CB:82:C1:6F:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/97UMfoHYzyZNEgm2rVo8y4LBb90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/732a87-4db0-4ef1-bafb-ac4016120cb9/1/nuT2ffmPdb2mzptHPXI_b2_GwF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/732a87-4db0-4ef1-bafb-ac4016120cb9/1/97UMfoHYzyZNEgm2rVo8y4LBb90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.92.0/22
45.132.74.0/23
83.138.53.0/24
91.190.155.0/24
109.205.61.0/24
185.223.207.0/24
188.93.140.0/24
188.244.117.0/24
194.29.100.0/23
194.29.186.0/23
212.52.0.0/24
IPv6:
2a0e:dc0:2::-2a0e:dc0:6:ffff:ffff:ffff:ffff:ffff
2a0e:dc0:8::/47
Signature Algorithm: sha256WithRSAEncryption
70:83:4c:8e:d8:ea:fa:c1:0e:d5:67:bf:94:d9:ef:0a:e9:a8:
c0:a0:f6:de:26:50:ef:cd:2b:0a:68:0d:40:03:f0:9b:13:57:
69:0b:5e:51:1d:f7:9f:29:f3:17:41:9b:9d:b9:d6:af:ba:59:
07:6d:5e:44:ed:20:ae:e0:3f:46:a8:24:66:06:42:02:cc:0c:
bc:55:85:1a:e8:53:40:b3:36:7a:91:dc:46:0e:cd:39:12:90:
f1:be:6e:bb:9c:7f:0f:a5:80:f5:d7:05:af:cb:85:25:6d:9f:
f3:a8:5d:cf:31:6f:23:63:11:22:3a:a2:8f:33:9a:ab:d0:3e:
65:34:09:db:b2:bc:2c:36:c5:c0:ed:a5:21:6b:1e:e4:bd:79:
a2:a7:9a:70:01:8b:80:0e:67:8a:c1:e9:a5:5e:03:12:2e:b3:
e7:b4:9e:81:b7:75:0d:71:78:d0:09:c9:0b:63:76:cf:b7:1d:
51:12:2f:01:d9:14:36:c2:82:43:df:45:83:57:29:d4:a8:a1:
62:b0:67:d8:d0:6b:3a:ea:d2:63:6a:cf:d3:1f:4b:cf:a8:6b:
3e:e0:19:39:d1:36:eb:4d:3e:c9:3f:24:6c:b7:61:c4:88:88:
87:9d:9c:fa:53:af:80:6f:50:25:2b:69:29:c7:3f:21:7b:ae:
c4:c1:3b:48
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAYxvy1bowUUAauaXYjIKO5PPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YjUwYzdlODFkOGNmMjY0ZDEyMDliNmFkNWEzY2NiODJj
MTZmZGQwHhcNMjMxMjE1MjMyNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWU0ZjY3ZGY5OGY3NWJkYTZjZTliNDczZDcyM2Y2ZjZmYzZjMDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjDDzE/Yg2vlZ+MTy4wPo8d1l7zU
CVEXW414KsdH53c1KvYxSPi+NIGvl0iZY4VevciFFgYvFHf7cAQZ2BE7xWLCJzpJ
aeXGMdBFWhPTthzoJv/41z55rJtioIoOemaWa+lssJHuINZXGzeijg9bNlIJtGp2
CPjvwF5bG3asfh/G0Jpl7z5/nK19v6vNxXawDzOYVCYfaff162ZgwL+mXiWBK8mN
gdLx5xrqa5N0zikV1eFnZId6dlLPE9zRUAPcb5hFM3yL2X4DKU6/3VpMAJb8LI+Q
/c8g0h6psVlRbvIc45G6ipL7USyA9vfrJr0NaSzpuJB93+qZ3o3nqPtdbQIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFJ7k9n35j3W9ps6bRz1yP29vxsBeMB8GA1UdIwQY
MBaAFPe1DH6B2M8mTRIJtq1aPMuCwW/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTdVTWZvSFl6eVpORWdtMnJWbzh5NExCYjkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi83MzJhODctNGRiMC00ZWYxLWJhZmIt
YWM0MDE2MTIwY2I5LzEvbnVUMmZmbVBkYjJtenB0SFBYSV9iMl9Hd0Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi83MzJhODctNGRiMC00ZWYxLWJhZmItYWM0MDE2MTIwY2I5
LzEvOTdVTWZvSFl6eVpORWdtMnJWbzh5NExCYjkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wSAQCAAEwQgMEAi1bXAME
AS2ESgMEAFOKNQMEAFu+mwMEAG3NPQMEALnfzwMEALxdjAMEALz0dQMEAcIdZAME
AcIdugMEANQ0ADAjBAIAAjAdMBIDBwEqDg3AAAIDBwAqDg3AAAYDBwEqDg3AAAgw
DQYJKoZIhvcNAQELBQADggEBAHCDTI7Y6vrBDtVnv5TZ7wrpqMCg9t4mUO/NKwpo
DUAD8JsTV2kLXlEd958p8xdBm5251q+6WQdtXkTtIK7gP0aoJGYGQgLMDLxVhRro
U0CzNnqR3EYOzTkSkPG+brucfw+lgPXXBa/LhSVtn/OoXc8xbyNjESI6oo8zmqvQ
PmU0CduyvCw2xcDtpSFrHuS9eaKnmnABi4AOZ4rB6aVeAxIus+e0noG3dQ1xeNAJ
yQtjds+3HVESLwHZFDbCgkPfRYNXKdSooWKwZ9jQazrq0mNqz9MfS8+oaz7gGTnR
NutNPsk/JGy3YcSIiIednPpTr4BvUCUraSnHPyF7rsTBO0g=
-----END CERTIFICATE-----
Generated at Sat Apr 12 20:10:39 2025 by rpki-client