Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/0LMTWsrO3N745EuUDaO4DMirHkA.roa
File: 0LMTWsrO3N745EuUDaO4DMirHkA.roa (raw, json)
Hash identifier: xC/luUq5/RhMnCpwNWf9ZUzf+TZPEHE/gyGzZ2Xh1+Y=
Subject key identifier: D0:B3:13:5A:CA:CE:DC:DE:F8:E4:4B:94:0D:A3:B8:0C:C8:AB:1E:40
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 01872C9F4A565D8CA515251780EEFBB09CD8
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/0LMTWsrO3N745EuUDaO4DMirHkA.roa
Signing time: Wed 29 Mar 2023 09:07:29 +0000
ROA not before: Wed 29 Mar 2023 09:07:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 83.229.76.0/22 maxlen: 32
185.125.192.0/22 maxlen: 32
119.13.192.0/20 maxlen: 32
83.229.104.0/22 maxlen: 32
93.114.10.0/23 maxlen: 32
93.114.12.0/22 maxlen: 32
92.43.84.0/22 maxlen: 32
95.215.36.0/22 maxlen: 32
185.90.243.0/24 maxlen: 32
45.142.92.0/22 maxlen: 32
89.19.42.0/23 maxlen: 32
203.166.152.0/22 maxlen: 32
103.204.124.0/22 maxlen: 32
203.166.148.0/22 maxlen: 32
89.249.51.0/24 maxlen: 32
94.176.112.0/20 maxlen: 32
209.20.176.0/21 maxlen: 32
185.38.102.0/24 maxlen: 32
185.131.220.0/24 maxlen: 32
93.180.192.0/20 maxlen: 32
93.115.12.0/23 maxlen: 32
43.240.140.0/22 maxlen: 32
89.34.78.0/23 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2c:9f:4a:56:5d:8c:a5:15:25:17:80:ee:fb:b0:9c:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: Mar 29 09:07:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0b3135acacedcdef8e44b940da3b80cc8ab1e40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c7:0b:d3:53:07:69:91:7e:be:49:25:a3:ed:
9e:0a:22:17:9a:83:ca:ec:0c:c2:e9:74:8e:13:0e:
e6:c4:aa:b5:38:8b:f4:8b:15:b0:83:b2:35:bb:25:
59:28:56:8e:df:1f:9a:91:6f:88:11:17:a2:7e:cc:
e1:d1:ec:53:b1:85:c2:7f:b3:ed:93:e9:de:df:13:
f3:09:d7:82:51:2c:28:bc:75:58:43:b7:c0:11:93:
82:98:08:60:d3:fc:08:4e:24:b7:3f:a3:9a:71:25:
b5:63:2b:aa:fd:06:2a:0b:ea:2d:00:97:1e:42:0f:
18:af:fe:28:f6:c0:6a:f4:b2:f2:a1:ad:7e:a2:f2:
b2:7a:ee:01:53:6c:57:92:10:70:57:df:62:53:7d:
cd:16:91:7a:17:f6:e6:b9:5d:a8:c2:55:d4:a2:45:
85:ec:43:56:67:07:c5:83:6c:d4:dd:db:33:ae:39:
77:65:79:6b:a9:62:cf:c6:2e:a8:03:b5:aa:30:78:
a0:61:75:12:bf:be:3c:2f:cb:ec:04:4c:84:43:7a:
88:11:de:6d:c4:5f:8e:5e:c6:02:57:93:8a:1d:fa:
1b:3d:1c:a4:ab:b7:f5:6c:76:95:b1:d2:7a:f4:45:
bf:76:37:9d:6d:38:8e:f5:91:eb:2c:f2:27:ec:63:
c5:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:B3:13:5A:CA:CE:DC:DE:F8:E4:4B:94:0D:A3:B8:0C:C8:AB:1E:40
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/0LMTWsrO3N745EuUDaO4DMirHkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.240.140.0/22
45.142.92.0/22
83.229.76.0/22
83.229.104.0/22
89.19.42.0/23
89.34.78.0/23
89.249.51.0/24
92.43.84.0/22
93.114.10.0-93.114.15.255
93.115.12.0/23
93.180.192.0/20
94.176.112.0/20
95.215.36.0/22
103.204.124.0/22
119.13.192.0/20
185.38.102.0/24
185.90.243.0/24
185.125.192.0/22
185.131.220.0/24
203.166.148.0-203.166.155.255
209.20.176.0/21
Signature Algorithm: sha256WithRSAEncryption
9c:42:e3:c8:5b:33:e8:9c:8c:14:7e:8f:e0:05:94:64:8e:6f:
ea:7f:37:7a:a4:2f:9b:74:7e:23:d4:59:b4:b9:82:37:d0:bc:
04:f6:46:a2:fc:e8:a0:cb:fc:ea:eb:25:06:6b:8a:ed:81:81:
14:e1:a6:5e:cf:8b:5a:14:2e:21:ea:4c:1b:4c:49:50:21:1c:
31:10:d6:9e:43:af:25:9f:d9:17:01:bc:6d:4e:ff:f4:5c:09:
b1:e0:19:49:d1:7e:4a:32:7f:8f:a2:80:e4:a7:de:c3:5b:94:
e6:28:c2:3f:a6:69:84:8c:35:c7:37:e9:da:09:91:35:a1:83:
6b:14:51:7e:b5:fe:cd:ad:18:7c:fc:9b:bb:9e:59:ef:83:00:
0d:82:78:b0:a5:89:be:35:ac:78:db:e2:1b:61:48:8b:af:3a:
2d:2f:d9:54:2f:10:cf:63:c0:ca:43:97:ff:4d:41:0f:f2:ab:
80:e3:13:21:89:ad:11:32:ab:5e:e0:ab:79:91:8f:c6:d4:c4:
6a:9a:ab:49:e9:d5:96:72:14:de:da:d8:da:c7:a9:9a:e8:3e:
62:05:59:22:d1:50:cf:55:62:cc:f0:33:0e:92:23:94:1c:ab:
0c:0c:73:0b:2a:c7:83:87:67:3c:9b:c5:c7:ac:8b:32:1a:b4:
36:96:87:a5
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYcsn0pWXYylFSUXgO77sJzYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxYTBiYzBmMGFmZWJiZjZkNWQ5MjdmZTFmOTgxNmY1
MjM1MmQwHhcNMjMwMzI5MDkwNzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGIzMTM1YWNhY2VkY2RlZjhlNDRiOTQwZGEzYjgwY2M4YWIxZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmccL01MHaZF+vkklo+2eCiIXmoPK
7AzC6XSOEw7mxKq1OIv0ixWwg7I1uyVZKFaO3x+akW+IEReifszh0exTsYXCf7Pt
k+ne3xPzCdeCUSwovHVYQ7fAEZOCmAhg0/wITiS3P6OacSW1Yyuq/QYqC+otAJce
Qg8Yr/4o9sBq9LLyoa1+ovKyeu4BU2xXkhBwV99iU33NFpF6F/bmuV2owlXUokWF
7ENWZwfFg2zU3dszrjl3ZXlrqWLPxi6oA7WqMHigYXUSv748L8vsBEyEQ3qIEd5t
xF+OXsYCV5OKHfobPRykq7f1bHaVsdJ69EW/djedbTiO9ZHrLPIn7GPFhwIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFNCzE1rKztze+ORLlA2juAzIqx5AMB8GA1UdIwQY
MBaAFBulGgvA8K/rv21dkn/h+YFvUjUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQt
ODcxZjllZDcwOGUwLzEvMExNVFdzck8zTjc0NUV1VURhTzRETWlySGtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQtODcxZjllZDcwOGUw
LzEvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBAIr
8IwDBAItjlwDBAJT5UwDBAJT5WgDBAFZEyoDBAFZIk4DBABZ+TMDBAJcK1QwDAME
AV1yCgMEBF1yAAMEAV1zDAMEBF20wAMEBF6wcAMEAl/XJAMEAmfMfAMEBHcNwAME
ALkmZgMEALla8wMEArl9wAMEALmD3DAMAwQCy6aUAwQCy6aYAwQD0RSwMA0GCSqG
SIb3DQEBCwUAA4IBAQCcQuPIWzPonIwUfo/gBZRkjm/qfzd6pC+bdH4j1Fm0uYI3
0LwE9kai/Oigy/zq6yUGa4rtgYEU4aZez4taFC4h6kwbTElQIRwxENaeQ68ln9kX
AbxtTv/0XAmx4BlJ0X5KMn+PooDkp97DW5TmKMI/pmmEjDXHN+naCZE1oYNrFFF+
tf7NrRh8/Ju7nlnvgwANgniwpYm+Nax42+IbYUiLrzotL9lULxDPY8DKQ5f/TUEP
8quA4xMhia0RMqte4Kt5kY/G1MRqmqtJ6dWWchTe2tjax6ma6D5iBVki0VDPVWLM
8DMOkiOUHKsMDHMLKseDh2c8m8XHrIsyGrQ2loel
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:29:11 2025 by rpki-client