Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/8My9kD81bV7yD0bRkEBdv7Sd5hs.roa
File: 8My9kD81bV7yD0bRkEBdv7Sd5hs.roa (raw, json)
Hash identifier: kqHsG0zg8u7nQe3MNddKXRhhz7+UFRp3hkEe2FL1o2c=
Subject key identifier: F0:CC:BD:90:3F:35:6D:5E:F2:0F:46:D1:90:40:5D:BF:B4:9D:E6:1B
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 0187504B25A162BD45849CFC963AD5496B03
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/8My9kD81bV7yD0bRkEBdv7Sd5hs.roa
Signing time: Wed 05 Apr 2023 07:21:54 +0000
ROA not before: Wed 05 Apr 2023 07:21:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 185.125.192.0/22 maxlen: 32
84.39.224.0/21 maxlen: 32
93.114.8.0/23 maxlen: 32
93.114.10.0/23 maxlen: 32
93.114.12.0/22 maxlen: 32
92.43.84.0/22 maxlen: 32
95.215.36.0/22 maxlen: 32
45.142.92.0/22 maxlen: 32
185.229.250.0/24 maxlen: 32
203.166.152.0/22 maxlen: 32
203.166.148.0/22 maxlen: 32
188.119.116.0/22 maxlen: 32
89.249.51.0/24 maxlen: 32
94.176.112.0/20 maxlen: 32
185.38.102.0/24 maxlen: 32
150.129.92.0/22 maxlen: 32
43.240.140.0/22 maxlen: 32
89.38.132.0/23 maxlen: 32
83.229.76.0/22 maxlen: 32
119.13.192.0/20 maxlen: 32
119.13.208.0/20 maxlen: 32
83.229.104.0/22 maxlen: 32
121.91.80.0/21 maxlen: 32
185.90.243.0/24 maxlen: 32
78.138.40.0/24 maxlen: 32
78.138.50.0/24 maxlen: 32
78.138.48.0/24 maxlen: 32
78.138.47.0/24 maxlen: 32
89.19.42.0/23 maxlen: 32
93.180.224.0/20 maxlen: 32
103.204.124.0/22 maxlen: 32
209.20.176.0/21 maxlen: 32
185.131.220.0/24 maxlen: 32
93.180.192.0/20 maxlen: 32
93.115.12.0/23 maxlen: 32
89.34.78.0/23 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:50:4b:25:a1:62:bd:45:84:9c:fc:96:3a:d5:49:6b:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: Apr 5 07:21:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0ccbd903f356d5ef20f46d190405dbfb49de61b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2d:57:6a:8e:40:5a:21:df:77:4b:a0:d2:bb:
77:e1:cf:66:0a:be:7e:6f:fa:64:77:fd:4b:0f:3d:
b3:ad:f1:11:7a:1e:84:26:19:3c:14:29:9e:66:3e:
44:43:e0:ac:a0:79:fb:39:a0:ad:a8:32:80:0c:94:
aa:4e:73:af:08:3e:45:9d:02:a2:e2:74:1b:d4:f6:
f9:8f:e8:1d:03:f6:d1:ea:0d:50:62:cd:13:83:cd:
af:9e:73:41:50:fb:2b:d6:9f:de:19:b0:b3:56:e9:
27:4e:12:99:9a:db:55:ef:fb:e0:fe:6f:64:ab:fc:
ae:05:b8:3e:61:6a:3e:65:49:8f:ea:14:0c:44:49:
2c:b0:72:31:b9:02:fb:4c:f7:b6:72:a2:26:1a:19:
cb:4b:0a:6f:42:f3:36:87:80:9d:d5:ad:59:43:b5:
d6:57:b0:ce:b1:aa:4a:4e:d0:2c:c2:66:54:1e:6d:
5e:e1:48:cb:b2:28:1a:3c:13:fd:99:a4:a9:8f:e7:
29:68:ca:0d:19:49:ae:f4:39:ad:25:1c:83:62:3c:
b6:3a:01:e3:f3:3f:48:48:6a:54:6d:ab:83:8c:01:
ce:5d:f0:b1:de:d7:07:a9:94:76:4b:e1:2a:64:9c:
15:54:c5:89:b2:fc:4b:6a:74:b1:d4:93:b4:54:59:
0f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:CC:BD:90:3F:35:6D:5E:F2:0F:46:D1:90:40:5D:BF:B4:9D:E6:1B
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/8My9kD81bV7yD0bRkEBdv7Sd5hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.240.140.0/22
45.142.92.0/22
78.138.40.0/24
78.138.47.0-78.138.48.255
78.138.50.0/24
83.229.76.0/22
83.229.104.0/22
84.39.224.0/21
89.19.42.0/23
89.34.78.0/23
89.38.132.0/23
89.249.51.0/24
92.43.84.0/22
93.114.8.0/21
93.115.12.0/23
93.180.192.0/20
93.180.224.0/20
94.176.112.0/20
95.215.36.0/22
103.204.124.0/22
119.13.192.0/19
121.91.80.0/21
150.129.92.0/22
185.38.102.0/24
185.90.243.0/24
185.125.192.0/22
185.131.220.0/24
185.229.250.0/24
188.119.116.0/22
203.166.148.0-203.166.155.255
209.20.176.0/21
Signature Algorithm: sha256WithRSAEncryption
61:55:f2:36:35:16:31:39:73:d4:74:1e:c4:4d:6b:f8:1d:83:
b5:da:b3:39:69:89:ee:f8:14:63:d0:63:2a:6f:20:07:9a:ed:
06:4b:d9:36:2e:3a:02:4a:8d:7c:42:4f:25:7b:70:1d:10:7b:
18:ad:8e:e5:f9:29:50:46:de:c7:e5:af:e2:dc:cc:32:17:0a:
ef:79:a7:eb:17:3b:9a:2e:d1:7b:2b:62:53:57:1c:ab:5f:df:
5e:28:89:d9:87:31:21:af:be:79:50:af:fd:45:09:7d:2b:2e:
ce:12:bd:17:3c:b6:6c:f9:d0:25:d2:58:1b:43:63:14:de:9a:
c7:dc:1e:14:32:59:d8:8e:bb:15:83:e0:6f:a6:5b:17:b8:1e:
c5:26:e1:2b:17:76:3e:7f:98:51:8a:fb:f1:d8:f6:90:91:5a:
76:1b:8f:51:c6:84:54:a1:39:c4:aa:7b:f0:da:f8:a7:a2:87:
5f:d6:b0:86:7c:96:33:2b:da:b7:a6:bf:d6:45:27:4a:67:5d:
7c:0b:d0:da:9d:22:dc:42:fd:97:1f:85:93:c9:8d:38:84:1f:
58:09:d3:38:a9:44:3f:41:b2:2b:49:5b:17:ea:f7:17:b1:93:
55:fa:81:28:4f:fd:51:32:0a:aa:ba:9b:cc:a0:22:60:d4:27:
7e:ba:c4:50
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAYdQSyWhYr1FhJz8ljrVSWsDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxYTBiYzBmMGFmZWJiZjZkNWQ5MjdmZTFmOTgxNmY1
MjM1MmQwHhcNMjMwNDA1MDcyMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGNjYmQ5MDNmMzU2ZDVlZjIwZjQ2ZDE5MDQwNWRiZmI0OWRlNjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiC1Xao5AWiHfd0ug0rt34c9mCr5+
b/pkd/1LDz2zrfEReh6EJhk8FCmeZj5EQ+CsoHn7OaCtqDKADJSqTnOvCD5FnQKi
4nQb1Pb5j+gdA/bR6g1QYs0Tg82vnnNBUPsr1p/eGbCzVuknThKZmttV7/vg/m9k
q/yuBbg+YWo+ZUmP6hQMREkssHIxuQL7TPe2cqImGhnLSwpvQvM2h4Cd1a1ZQ7XW
V7DOsapKTtAswmZUHm1e4UjLsigaPBP9maSpj+cpaMoNGUmu9DmtJRyDYjy2OgHj
8z9ISGpUbauDjAHOXfCx3tcHqZR2S+EqZJwVVMWJsvxLanSx1JO0VFkP5wIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFPDMvZA/NW1e8g9G0ZBAXb+0neYbMB8GA1UdIwQY
MBaAFBulGgvA8K/rv21dkn/h+YFvUjUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQt
ODcxZjllZDcwOGUwLzEvOE15OWtEODFiVjd5RDBiUmtFQmR2N1NkNWhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQtODcxZjllZDcwOGUw
LzEvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcoDBAIr
8IwDBAItjlwDBABOiigwDAMEAE6KLwMEAE6KMAMEAE6KMgMEAlPlTAMEAlPlaAME
A1Qn4AMEAVkTKgMEAVkiTgMEAVkmhAMEAFn5MwMEAlwrVAMEA11yCAMEAV1zDAME
BF20wAMEBF204AMEBF6wcAMEAl/XJAMEAmfMfAMEBXcNwAMEA3lbUAMEApaBXAME
ALkmZgMEALla8wMEArl9wAMEALmD3AMEALnl+gMEArx3dDAMAwQCy6aUAwQCy6aY
AwQD0RSwMA0GCSqGSIb3DQEBCwUAA4IBAQBhVfI2NRYxOXPUdB7ETWv4HYO12rM5
aYnu+BRj0GMqbyAHmu0GS9k2LjoCSo18Qk8le3AdEHsYrY7l+SlQRt7H5a/i3Mwy
FwrveafrFzuaLtF7K2JTVxyrX99eKInZhzEhr755UK/9RQl9Ky7OEr0XPLZs+dAl
0lgbQ2MU3prH3B4UMlnYjrsVg+BvplsXuB7FJuErF3Y+f5hRivvx2PaQkVp2G49R
xoRUoTnEqnvw2vinoodf1rCGfJYzK9q3pr/WRSdKZ118C9DanSLcQv2XH4WTyY04
hB9YCdM4qUQ/QbIrSVsX6vcXsZNV+oEoT/1RMgqqupvMoCJg1Cd+usRQ
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:27:02 2025 by rpki-client