Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/4RMc7Vet8pghpZKOZH_3L2utzwk.roa
File: 4RMc7Vet8pghpZKOZH_3L2utzwk.roa (raw, json)
Hash identifier: TaOsaE9wH0SJL22A0j2aMAIKSSxypm9xOHJyWnEtQ/U=
Subject key identifier: E1:13:1C:ED:57:AD:F2:98:21:A5:92:8E:64:7F:F7:2F:6B:AD:CF:09
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01856CE65986C71A83880CF02F139C355977
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/4RMc7Vet8pghpZKOZH_3L2utzwk.roa
Signing time: Sun 01 Jan 2023 10:35:13 +0000
ROA not before: Sun 01 Jan 2023 10:35:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43561
IP address blocks: 95.87.209.0/24 maxlen: 24
37.157.191.0/24 maxlen: 24
95.87.223.0/24 maxlen: 24
95.87.228.0/24 maxlen: 24
84.40.116.0/24 maxlen: 24
95.87.199.0/24 maxlen: 24
37.157.169.0/24 maxlen: 24
95.43.250.0/24 maxlen: 24
84.40.65.0/24 maxlen: 24
84.40.73.0/24 maxlen: 24
84.40.74.0/24 maxlen: 24
84.40.89.0/24 maxlen: 24
84.40.93.0/24 maxlen: 24
95.87.255.0/24 maxlen: 24
185.60.66.0/24 maxlen: 24
185.60.67.0/24 maxlen: 24
2a02:1338::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:59:86:c7:1a:83:88:0c:f0:2f:13:9c:35:59:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 10:35:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1131ced57adf29821a5928e647ff72f6badcf09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ea:f7:15:ca:94:44:c0:0c:ac:4b:7a:31:5e:
51:1f:3c:b0:72:ec:c0:f7:1d:7e:41:48:eb:aa:fa:
f1:33:26:5b:19:a6:98:58:9a:5a:fd:3e:00:74:84:
5d:32:18:c8:cd:7c:51:c2:7f:71:2c:5e:d9:3f:2d:
b4:9e:55:88:bc:2d:a1:b9:f4:1e:0e:6e:0b:5f:4f:
83:5a:1d:38:a9:3a:f2:9b:ba:ad:b3:b6:4a:a0:14:
57:d1:4d:e6:46:eb:42:3d:6c:74:71:e8:88:01:ed:
7e:c8:4e:01:16:a8:57:42:73:d7:3a:3d:15:76:ed:
fb:0e:f5:55:e3:d6:6d:d3:0b:e9:97:63:f5:35:f7:
42:84:e2:dd:75:c4:b0:33:87:29:3a:18:e2:74:6c:
61:22:ca:aa:a3:0d:e2:f4:75:40:59:f5:cb:46:30:
be:84:4f:cf:90:df:86:82:52:ae:28:44:4d:f9:f7:
a1:85:fe:b1:06:f2:26:83:d7:19:e5:9f:8d:b7:95:
4d:37:6d:90:67:de:cf:5b:c3:ec:d4:61:dc:85:44:
97:08:08:6f:41:00:62:a7:45:6a:1c:13:b0:5a:75:
76:f5:27:fa:40:97:0c:5f:b1:6d:bf:3d:49:d8:30:
0a:e3:58:be:76:81:bb:5b:eb:ee:d1:11:ac:96:65:
56:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:13:1C:ED:57:AD:F2:98:21:A5:92:8E:64:7F:F7:2F:6B:AD:CF:09
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/4RMc7Vet8pghpZKOZH_3L2utzwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.169.0/24
37.157.191.0/24
84.40.65.0/24
84.40.73.0-84.40.74.255
84.40.89.0/24
84.40.93.0/24
84.40.116.0/24
95.43.250.0/24
95.87.199.0/24
95.87.209.0/24
95.87.223.0/24
95.87.228.0/24
95.87.255.0/24
185.60.66.0/23
IPv6:
2a02:1338::/32
Signature Algorithm: sha256WithRSAEncryption
50:1b:c3:74:ad:93:05:ad:a1:0f:19:5b:67:98:c0:10:61:b7:
4a:1a:ef:7b:97:9d:f2:94:f3:56:cc:2d:a6:1b:02:72:f8:02:
95:9c:0c:3e:c2:16:4f:3b:bd:40:50:60:d7:2d:bb:3a:31:65:
b0:16:13:99:4b:3d:2c:9a:d2:e3:b0:95:61:af:6e:86:97:92:
f9:30:ad:5f:e1:3e:be:55:44:2d:8a:ee:73:c9:24:e3:c1:53:
61:f0:23:87:01:49:99:31:7a:9e:b7:f5:dd:c1:5f:b3:3c:5e:
06:97:51:1d:b6:81:1c:73:c5:ae:0e:4c:11:74:73:09:85:c6:
df:f0:30:2e:d0:53:b8:b3:96:70:b3:48:70:ae:97:e4:99:fd:
28:22:da:7c:2f:c0:b9:14:ae:23:84:f9:35:8b:a2:65:b3:c3:
87:e5:c9:3e:8c:47:26:d7:3e:55:f4:45:96:ba:2d:c2:b9:44:
40:e3:60:0e:20:f5:c0:9c:db:b3:3e:18:9b:76:07:dc:a9:b2:
72:be:5f:46:1c:69:73:e1:85:81:a7:8b:16:0f:dc:57:bc:6e:
3a:aa:c1:88:ef:c8:03:9e:22:9a:c4:eb:88:28:9d:ad:ba:88:
21:92:5a:3d:6d:6e:2a:35:19:9e:d4:08:da:c9:d4:d9:95:7f:
f8:02:d5:25
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYVs5lmGxxqDiAzwLxOcNVl3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwMTAxMTAzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTEzMWNlZDU3YWRmMjk4MjFhNTkyOGU2NDdmZjcyZjZiYWRjZjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArer3FcqURMAMrEt6MV5RHzywcuzA
9x1+QUjrqvrxMyZbGaaYWJpa/T4AdIRdMhjIzXxRwn9xLF7ZPy20nlWIvC2hufQe
Dm4LX0+DWh04qTrym7qts7ZKoBRX0U3mRutCPWx0ceiIAe1+yE4BFqhXQnPXOj0V
du37DvVV49Zt0wvpl2P1NfdChOLddcSwM4cpOhjidGxhIsqqow3i9HVAWfXLRjC+
hE/PkN+GglKuKERN+fehhf6xBvImg9cZ5Z+Nt5VNN22QZ97PW8Ps1GHchUSXCAhv
QQBip0VqHBOwWnV29Sf6QJcMX7Ftvz1J2DAK41i+doG7W+vu0RGslmVWMwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFOETHO1XrfKYIaWSjmR/9y9rrc8JMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvNFJNYzdWZXQ4cGdocFpLT1pIXzNMMnV0endrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXAMEACWdqQME
ACWdvwMEAFQoQTAMAwQAVChJAwQAVChKAwQAVChZAwQAVChdAwQAVCh0AwQAXyv6
AwQAX1fHAwQAX1fRAwQAX1ffAwQAX1fkAwQAX1f/AwQBuTxCMA0EAgACMAcDBQAq
AhM4MA0GCSqGSIb3DQEBCwUAA4IBAQBQG8N0rZMFraEPGVtnmMAQYbdKGu97l53y
lPNWzC2mGwJy+AKVnAw+whZPO71AUGDXLbs6MWWwFhOZSz0smtLjsJVhr26Gl5L5
MK1f4T6+VUQtiu5zySTjwVNh8COHAUmZMXqet/XdwV+zPF4Gl1EdtoEcc8WuDkwR
dHMJhcbf8DAu0FO4s5Zws0hwrpfkmf0oItp8L8C5FK4jhPk1i6Jls8OH5ck+jEcm
1z5V9EWWui3CuURA42AOIPXAnNuzPhibdgfcqbJyvl9GHGlz4YWBp4sWD9xXvG46
qsGI78gDniKaxOuIKJ2tuoghklo9bW4qNRme1AjaydTZlX/4AtUl
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:36 2025 by rpki-client