Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/7Fmd6Pm7aEHbaKjeR6IOq6XQJSE.roa
File: 7Fmd6Pm7aEHbaKjeR6IOq6XQJSE.roa (raw, json)
Hash identifier: VyfcHb02H9sU+8tdtVeITqbFynAU/u5lioKjHi6Bsoo=
Subject key identifier: EC:59:9D:E8:F9:BB:68:41:DB:68:A8:DE:47:A2:0E:AB:A5:D0:25:21
Certificate issuer: /CN=053d04e72bb249c79eb1168cf1d43a3ca548c206
Certificate serial: 01886644CC062F5E15F8B6BA82C68396DCB9
Authority key identifier: 05:3D:04:E7:2B:B2:49:C7:9E:B1:16:8C:F1:D4:3A:3C:A5:48:C2:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BT0E5yuySceesRaM8dQ6PKVIwgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/7Fmd6Pm7aEHbaKjeR6IOq6XQJSE.roa
Signing time: Mon 29 May 2023 06:49:24 +0000
ROA not before: Mon 29 May 2023 06:49:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29422
IP address blocks: 194.29.192.0/21 maxlen: 21
83.150.64.0/18 maxlen: 18
77.91.212.0/22 maxlen: 22
81.17.192.0/21 maxlen: 21
83.145.192.0/18 maxlen: 18
109.75.224.0/21 maxlen: 21
217.149.48.0/20 maxlen: 20
194.79.16.0/22 maxlen: 22
94.101.0.0/20 maxlen: 20
185.123.116.0/22 maxlen: 22
193.104.38.0/24 maxlen: 24
80.69.160.0/21 maxlen: 21
77.86.128.0/17 maxlen: 17
80.69.168.0/22 maxlen: 22
2a01:51c0::/29 maxlen: 29
2001:1bc8::/32 maxlen: 32
2a01:51c1::/32 maxlen: 32
2001:1bc8::/29 maxlen: 29
2a01:51c0::/32 maxlen: 32
2001:67c:70::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:66:44:cc:06:2f:5e:15:f8:b6:ba:82:c6:83:96:dc:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=053d04e72bb249c79eb1168cf1d43a3ca548c206
Validity
Not Before: May 29 06:49:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec599de8f9bb6841db68a8de47a20eaba5d02521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:85:93:3a:43:d1:ce:e8:32:b1:a0:35:c1:52:
9f:ca:bd:d8:10:74:11:4b:be:f0:ca:e1:e1:cf:c7:
bf:30:29:8d:91:7c:29:7a:31:2b:80:b1:23:86:9a:
8e:fd:21:00:69:e5:10:7f:fb:4e:74:70:2f:a0:53:
f7:a0:33:87:5a:a9:fc:fc:ac:d9:99:99:65:19:e8:
c0:b8:3f:0d:28:0b:de:62:f3:b8:b0:cb:c3:ed:c7:
5c:de:b2:69:bf:39:ed:44:4b:bd:5b:f7:e7:68:07:
98:73:bc:0e:6e:5e:c5:1f:b8:79:3e:f2:e4:63:3a:
82:0d:62:50:6e:28:d8:21:7d:f7:c6:59:58:12:8f:
d7:c1:b1:9b:3e:65:a1:86:40:e8:73:18:2f:dd:87:
1d:ff:c2:90:a6:b4:dd:70:c8:88:7a:4c:c2:32:bf:
0a:d6:71:36:4c:4b:3d:48:69:06:8b:cf:ae:28:7b:
6e:07:31:e0:97:9c:91:35:df:cf:02:89:4b:35:77:
00:5e:97:24:93:66:64:dd:70:c7:75:bb:2c:96:33:
a7:2b:6e:19:05:82:1e:8d:91:7c:3c:8f:4a:61:8a:
5e:55:00:04:c6:ca:83:b8:ee:9f:76:f9:97:01:13:
44:a9:3d:02:9e:bc:88:e1:87:9e:d5:0f:f8:42:14:
f8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:59:9D:E8:F9:BB:68:41:DB:68:A8:DE:47:A2:0E:AB:A5:D0:25:21
X509v3 Authority Key Identifier:
keyid:05:3D:04:E7:2B:B2:49:C7:9E:B1:16:8C:F1:D4:3A:3C:A5:48:C2:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BT0E5yuySceesRaM8dQ6PKVIwgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/7Fmd6Pm7aEHbaKjeR6IOq6XQJSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/BT0E5yuySceesRaM8dQ6PKVIwgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.86.128.0/17
77.91.212.0/22
80.69.160.0-80.69.171.255
81.17.192.0/21
83.145.192.0/18
83.150.64.0/18
94.101.0.0/20
109.75.224.0/21
185.123.116.0/22
193.104.38.0/24
194.29.192.0/21
194.79.16.0/22
217.149.48.0/20
IPv6:
2001:67c:70::/48
2001:1bc8::/29
2a01:51c0::/29
Signature Algorithm: sha256WithRSAEncryption
65:31:06:ca:51:da:6a:24:9b:94:dd:d2:b4:58:0f:2b:1c:5e:
ec:af:86:bb:1f:c4:51:78:3b:be:84:99:15:d3:a4:f0:ac:f4:
20:ca:83:c2:67:ef:18:38:00:12:da:f7:5f:b2:04:3a:83:62:
d7:67:9a:9e:10:d9:d1:07:e8:32:8a:3b:82:44:50:01:a8:67:
a9:2d:7d:3d:54:7a:da:d1:43:8b:ea:39:b7:5d:58:8d:ca:32:
d6:fc:44:bb:9c:2b:50:cd:32:93:88:94:ee:99:f3:e0:3e:ca:
16:ff:3a:84:fc:af:4f:09:91:6f:57:6c:31:74:cd:68:2c:f2:
0c:92:12:f0:4b:31:84:71:a3:73:cb:2a:9c:40:c1:99:86:58:
15:bd:e6:47:64:31:20:63:e2:4d:4d:d8:b0:6c:9f:75:27:b3:
73:ae:4e:ab:e2:bf:25:a3:2d:3e:94:23:64:5f:cb:ce:7a:9d:
0b:9c:e8:b6:2e:bd:e0:79:c9:44:37:b4:8c:fa:a8:ad:be:dc:
73:da:9e:f9:f6:d2:88:6e:dd:f2:89:4f:fa:43:08:9d:0e:fc:
d7:8b:66:e2:ed:2a:85:22:04:53:6c:12:60:b8:32:e7:fd:1c:
01:9d:d4:21:39:e9:c6:df:4e:3c:ea:d3:a0:af:ac:64:78:da:
3a:e4:70:ed
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYhmRMwGL14V+La6gsaDlty5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1M2QwNGU3MmJiMjQ5Yzc5ZWIxMTY4Y2YxZDQzYTNjYTU0
OGMyMDYwHhcNMjMwNTI5MDY0OTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzU5OWRlOGY5YmI2ODQxZGI2OGE4ZGU0N2EyMGVhYmE1ZDAyNTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIWTOkPRzugysaA1wVKfyr3YEHQR
S77wyuHhz8e/MCmNkXwpejErgLEjhpqO/SEAaeUQf/tOdHAvoFP3oDOHWqn8/KzZ
mZllGejAuD8NKAveYvO4sMvD7cdc3rJpvzntREu9W/fnaAeYc7wObl7FH7h5PvLk
YzqCDWJQbijYIX33xllYEo/XwbGbPmWhhkDocxgv3Ycd/8KQprTdcMiIekzCMr8K
1nE2TEs9SGkGi8+uKHtuBzHgl5yRNd/PAolLNXcAXpckk2Zk3XDHdbssljOnK24Z
BYIejZF8PI9KYYpeVQAExsqDuO6fdvmXARNEqT0CnryI4Yee1Q/4QhT4ywIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFOxZnej5u2hB22io3keiDqul0CUhMB8GA1UdIwQY
MBaAFAU9BOcrsknHnrEWjPHUOjylSMIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlQwRTV5dXlTY2Vlc1JhTThkUTZQS1ZJd2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zNTUwYjQtNTFiNS00NDhiLWFiNjIt
MmE4MTNkYmY0NTgyLzEvN0ZtZDZQbTdhRUhiYUtqZVI2SU9xNlhRSlNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8zNTUwYjQtNTFiNS00NDhiLWFiNjItMmE4MTNkYmY0NTgy
LzEvQlQwRTV5dXlTY2Vlc1JhTThkUTZQS1ZJd2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wXAQCAAEwVgMEB01WgAME
Ak1b1DAMAwQFUEWgAwQCUEWoAwQDURHAAwQGU5HAAwQGU5ZAAwQEXmUAAwQDbUvg
AwQCuXt0AwQAwWgmAwQDwh3AAwQCwk8QAwQE2ZUwMB0EAgACMBcDBwAgAQZ8AHAD
BQMgARvIAwUDKgFRwDANBgkqhkiG9w0BAQsFAAOCAQEAZTEGylHaaiSblN3StFgP
Kxxe7K+Gux/EUXg7voSZFdOk8Kz0IMqDwmfvGDgAEtr3X7IEOoNi12eanhDZ0Qfo
Moo7gkRQAahnqS19PVR62tFDi+o5t11Yjcoy1vxEu5wrUM0yk4iU7pnz4D7KFv86
hPyvTwmRb1dsMXTNaCzyDJIS8EsxhHGjc8sqnEDBmYZYFb3mR2QxIGPiTU3YsGyf
dSezc65Oq+K/JaMtPpQjZF/LznqdC5zoti694HnJRDe0jPqorb7cc9qe+fbSiG7d
8olP+kMInQ7814tm4u0qhSIEU2wSYLgy5/0cAZ3UITnpxt9OPOrToK+sZHjaOuRw
7Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:54 2025 by rpki-client