Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/T4qOJjnjXcUKNt1KGnwq49Zaymo.roa
File: T4qOJjnjXcUKNt1KGnwq49Zaymo.roa (raw, json)
Hash identifier: chhsnpDtkYojjUm9bEC3g1kYcFJTl/39sHZkWydERE4=
Subject key identifier: 4F:8A:8E:26:39:E3:5D:C5:0A:36:DD:4A:1A:7C:2A:E3:D6:5A:CA:6A
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 018C25CE3A94D64BCDF0CBF5EB22579FEFDE
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/T4qOJjnjXcUKNt1KGnwq49Zaymo.roa
Signing time: Fri 01 Dec 2023 14:35:21 +0000
ROA not before: Fri 01 Dec 2023 14:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31034
IP address blocks: 185.58.116.0/22 maxlen: 24
94.177.192.0/18 maxlen: 24
89.46.104.0/21 maxlen: 24
95.110.128.0/17 maxlen: 24
31.14.128.0/20 maxlen: 24
31.11.32.0/21 maxlen: 24
77.81.224.0/20 maxlen: 24
46.37.0.0/19 maxlen: 24
89.46.192.0/21 maxlen: 24
62.149.128.0/17 maxlen: 24
188.213.160.0/20 maxlen: 24
176.107.144.0/21 maxlen: 24
80.73.224.0/21 maxlen: 24
89.36.208.0/22 maxlen: 24
217.198.128.0/20 maxlen: 24
5.249.128.0/19 maxlen: 24
195.231.0.0/17 maxlen: 24
217.61.0.0/18 maxlen: 24
89.46.64.0/20 maxlen: 24
94.177.160.0/19 maxlen: 24
185.56.8.0/22 maxlen: 24
80.211.0.0/16 maxlen: 24
209.227.224.0/20 maxlen: 24
82.192.128.0/19 maxlen: 24
194.182.110.0/23 maxlen: 24
217.61.56.0/21 maxlen: 24
209.227.240.0/20 maxlen: 24
195.231.88.0/21 maxlen: 24
2a00:6d40::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:25:ce:3a:94:d6:4b:cd:f0:cb:f5:eb:22:57:9f:ef:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Dec 1 14:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f8a8e2639e35dc50a36dd4a1a7c2ae3d65aca6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ce:32:c1:85:9d:d9:f0:91:f7:03:4c:d4:4a:
11:f4:ca:23:61:3e:b8:b1:0d:84:bc:fb:96:06:a8:
6d:42:16:04:bd:75:15:58:0c:80:3b:eb:fd:dd:3d:
f8:05:1b:b0:7b:0f:ed:d4:ec:ee:81:29:b9:56:1b:
89:a9:f1:85:50:e1:2f:dd:df:d6:ba:2b:c7:b2:d4:
76:48:cf:f4:02:2c:26:bb:fb:d7:6a:1a:b1:d9:ef:
a5:52:7f:71:89:d3:4b:b5:be:f4:63:48:a9:9a:d0:
8f:13:86:df:56:ee:9e:3c:e8:ea:b3:40:12:18:89:
4b:9c:0e:e0:b7:c9:5c:aa:4d:3c:bf:84:f9:57:95:
bc:45:3a:61:f6:b5:16:f1:d2:82:44:72:16:7f:3a:
be:bb:20:c8:52:39:06:1b:b0:2d:03:e2:a5:43:eb:
5d:f4:f1:fc:86:4a:40:34:8f:62:ff:08:13:55:15:
38:68:5e:07:06:5b:69:9e:e2:25:56:11:de:dc:a1:
f9:52:ae:b1:7f:5c:6d:a9:76:28:bf:fc:8f:4a:38:
51:f9:c6:25:fe:98:63:03:81:16:ac:a9:1c:60:a2:
a8:19:af:f3:bb:12:3c:98:df:26:70:6e:a9:59:4d:
02:67:1e:40:46:f5:89:85:b4:d9:d2:18:54:c2:39:
d9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:8A:8E:26:39:E3:5D:C5:0A:36:DD:4A:1A:7C:2A:E3:D6:5A:CA:6A
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/T4qOJjnjXcUKNt1KGnwq49Zaymo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.128.0/19
31.11.32.0/21
31.14.128.0/20
46.37.0.0/19
62.149.128.0/17
77.81.224.0/20
80.73.224.0/21
80.211.0.0/16
82.192.128.0/19
89.36.208.0/22
89.46.64.0/20
89.46.104.0/21
89.46.192.0/21
94.177.160.0-94.177.255.255
95.110.128.0/17
176.107.144.0/21
185.56.8.0/22
185.58.116.0/22
188.213.160.0/20
194.182.110.0/23
195.231.0.0/17
209.227.224.0/19
217.61.0.0/18
217.198.128.0/20
IPv6:
2a00:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
67:b7:4e:d3:05:92:6d:d8:c4:f5:2f:5a:51:90:6a:49:b4:07:
85:96:88:f2:5a:a9:e9:22:92:9e:fb:2d:41:c4:0e:9f:d8:60:
c2:4c:2d:3a:8d:7e:7e:2a:64:d5:83:b8:8f:94:74:4e:f3:7d:
db:59:ab:b3:d5:11:ac:b7:f5:90:d9:43:75:30:68:c4:9e:47:
1a:43:d7:ad:d2:e4:da:26:8a:8a:57:d1:b1:08:aa:63:76:f3:
f9:d5:e0:3a:fc:d9:65:83:01:57:2e:5d:e8:3b:da:f3:1a:56:
53:a3:d8:3d:53:5b:91:39:a7:11:78:02:3e:67:51:eb:08:24:
27:f6:35:b1:d1:cc:54:77:5a:3a:c5:8d:0f:d2:35:e0:1a:69:
97:ca:82:53:61:b6:d8:ee:ad:40:f8:c2:6a:79:20:73:39:61:
f9:f7:30:81:89:2e:1c:eb:79:d4:ee:8f:88:88:5d:9f:2e:e0:
dd:63:5c:89:78:9d:b6:f1:54:8b:3f:cb:0e:4f:c8:4b:54:8d:
64:98:ff:9c:bd:a0:c5:72:c6:00:d6:04:28:97:e2:f8:4c:a8:
cb:40:82:60:c3:62:9e:80:51:f7:56:ab:b5:ad:48:e9:4d:de:
9d:2c:51:40:d0:33:76:5f:6f:0e:7b:38:22:a0:17:fa:1a:79:
76:ea:16:cc
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAYwlzjqU1kvN8Mv16yJXn+/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjMxMjAxMTQzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjhhOGUyNjM5ZTM1ZGM1MGEzNmRkNGExYTdjMmFlM2Q2NWFjYTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvc4ywYWd2fCR9wNM1EoR9MojYT64
sQ2EvPuWBqhtQhYEvXUVWAyAO+v93T34BRuwew/t1OzugSm5VhuJqfGFUOEv3d/W
uivHstR2SM/0Aiwmu/vXahqx2e+lUn9xidNLtb70Y0ipmtCPE4bfVu6ePOjqs0AS
GIlLnA7gt8lcqk08v4T5V5W8RTph9rUW8dKCRHIWfzq+uyDIUjkGG7AtA+KlQ+td
9PH8hkpANI9i/wgTVRU4aF4HBltpnuIlVhHe3KH5Uq6xf1xtqXYov/yPSjhR+cYl
/phjA4EWrKkcYKKoGa/zuxI8mN8mcG6pWU0CZx5ARvWJhbTZ0hhUwjnZjwIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFE+KjiY5413FCjbdShp8KuPWWspqMB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvVDRxT0pqbmpYY1VLTnQxS0dud3E0OVpheW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBnQQCAAEwgZYDBAUF
+YADBAMfCyADBAQfDoADBAUuJQADBAc+lYADBARNUeADBANQSeADAwBQ0wMEBVLA
gAMEAlkk0AMEBFkuQAMEA1kuaAMEA1kuwDALAwQFXrGgAwMBXrADBAdfboADBAOw
a5ADBAK5OAgDBAK5OnQDBAS81aADBAHCtm4DBAfD5wADBAXR4+ADBAbZPQADBATZ
xoAwDQQCAAIwBwMFAyoAbUAwDQYJKoZIhvcNAQELBQADggEBAGe3TtMFkm3YxPUv
WlGQakm0B4WWiPJaqekikp77LUHEDp/YYMJMLTqNfn4qZNWDuI+UdE7zfdtZq7PV
Eay39ZDZQ3UwaMSeRxpD163S5NomiopX0bEIqmN28/nV4Dr82WWDAVcuXeg72vMa
VlOj2D1TW5E5pxF4Aj5nUesIJCf2NbHRzFR3WjrFjQ/SNeAaaZfKglNhttjurUD4
wmp5IHM5Yfn3MIGJLhzredTuj4iIXZ8u4N1jXIl4nbbxVIs/yw5PyEtUjWSY/5y9
oMVyxgDWBCiX4vhMqMtAgmDDYp6AUfdWq7WtSOlN3p0sUUDQM3Zfbw57OCKgF/oa
eXbqFsw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:56 2025 by rpki-client