Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/rA9XgxiJZnkdnF4Au8w7OSUtW5s.roa
File: rA9XgxiJZnkdnF4Au8w7OSUtW5s.roa (raw, json)
Hash identifier: yQI6IjoWxpYqo2MJ9rSOPpCbTMH10wKYiA9onDwll2U=
Subject key identifier: AC:0F:57:83:18:89:66:79:1D:9C:5E:00:BB:CC:3B:39:25:2D:5B:9B
Certificate issuer: /CN=89b5fad18dd9110413a31b4d8e18765a27d4c3f1
Certificate serial: 01856F0B5BAFCF17528318D4FAFB0848788B
Authority key identifier: 89:B5:FA:D1:8D:D9:11:04:13:A3:1B:4D:8E:18:76:5A:27:D4:C3:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ibX60Y3ZEQQToxtNjhh2WifUw_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/rA9XgxiJZnkdnF4Au8w7OSUtW5s.roa
Signing time: Sun 01 Jan 2023 20:34:53 +0000
ROA not before: Sun 01 Jan 2023 20:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8412
IP address blocks: 62.178.0.0/16 maxlen: 17
195.34.136.0/21 maxlen: 22
195.34.144.0/20 maxlen: 21
84.112.0.0/14 maxlen: 15
213.47.0.0/17 maxlen: 18
84.115.208.0/20 maxlen: 20
84.115.224.0/20 maxlen: 20
80.241.16.0/20 maxlen: 21
217.25.122.0/23 maxlen: 23
185.35.152.0/22 maxlen: 23
80.108.0.0/15 maxlen: 16
213.47.128.0/18 maxlen: 19
217.25.112.0/20 maxlen: 22
213.47.208.0/21 maxlen: 22
213.47.216.0/22 maxlen: 23
213.47.224.0/19 maxlen: 20
212.186.0.0/16 maxlen: 17
195.34.128.0/23 maxlen: 24
195.34.131.0/24 maxlen: 24
212.17.64.0/18 maxlen: 19
80.110.0.0/16 maxlen: 17
213.47.192.0/20 maxlen: 21
2a02:838c::/30 maxlen: 30
2a02:8380::/30 maxlen: 33
2a02:8380::/28 maxlen: 29
2a00:e360::/32 maxlen: 33
2a02:838a::/41 maxlen: 44
2a02:8384::/31 maxlen: 32
2a02:8388::/29 maxlen: 30
2a02:8388::/31 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:5b:af:cf:17:52:83:18:d4:fa:fb:08:48:78:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89b5fad18dd9110413a31b4d8e18765a27d4c3f1
Validity
Not Before: Jan 1 20:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac0f5783188966791d9c5e00bbcc3b39252d5b9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:38:1f:16:43:a4:e6:05:db:ff:70:14:71:2f:
b8:22:aa:14:a5:52:46:54:0f:00:42:ae:1d:0a:0b:
9e:4b:fd:b8:7a:90:5e:35:e1:50:ef:e9:2d:af:96:
62:2e:58:ca:cb:4f:80:a8:4b:0a:f3:ab:72:fd:c3:
d8:07:85:ba:8e:ce:03:a1:5c:5f:c9:2f:1e:32:a9:
08:8e:1a:d3:ed:7b:d6:7b:a4:bd:aa:e7:e6:09:bf:
16:23:4e:eb:5b:23:21:a9:ce:19:7e:c1:c9:ec:f7:
f6:34:b2:60:fc:b6:28:eb:ca:f7:90:03:ea:28:09:
45:52:0e:58:22:14:36:3f:80:62:ac:0c:2d:d6:1b:
be:a8:db:31:50:5e:29:45:01:9f:0d:a7:cb:73:06:
0f:7e:4b:a4:a0:e0:f4:2f:e7:da:ba:21:32:a3:93:
10:70:04:c0:19:34:ac:bb:53:68:03:1a:cd:e5:49:
a9:f0:6c:e1:5c:02:da:41:86:4c:33:a7:31:4a:7f:
fb:4c:b3:ee:f6:97:c7:44:8b:d9:9e:4f:75:e3:0b:
fa:ad:0e:bf:2b:85:18:5d:aa:72:cb:07:cc:75:48:
53:71:99:08:43:47:dc:b7:2b:07:ac:b7:03:93:4e:
4c:ed:0e:1b:b5:83:aa:50:bd:e7:3e:46:07:e6:6a:
e0:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:0F:57:83:18:89:66:79:1D:9C:5E:00:BB:CC:3B:39:25:2D:5B:9B
X509v3 Authority Key Identifier:
keyid:89:B5:FA:D1:8D:D9:11:04:13:A3:1B:4D:8E:18:76:5A:27:D4:C3:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibX60Y3ZEQQToxtNjhh2WifUw_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/rA9XgxiJZnkdnF4Au8w7OSUtW5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/ibX60Y3ZEQQToxtNjhh2WifUw_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.178.0.0/16
80.108.0.0-80.110.255.255
80.241.16.0/20
84.112.0.0/14
185.35.152.0/22
195.34.128.0/23
195.34.131.0/24
195.34.136.0-195.34.159.255
212.17.64.0/18
212.186.0.0/16
213.47.0.0-213.47.219.255
213.47.224.0/19
217.25.112.0/20
IPv6:
2a00:e360::/32
2a02:8380::/28
Signature Algorithm: sha256WithRSAEncryption
8b:bf:06:55:55:8b:e1:ef:8e:44:95:e4:11:b6:5f:d8:21:71:
3a:78:c1:b5:39:4d:4d:09:5c:fd:b5:ff:02:12:f2:1b:21:a9:
87:37:3f:35:fd:99:73:a8:c4:91:fe:64:d9:b8:56:da:59:94:
e4:73:fb:27:15:58:4e:7e:39:80:46:9f:24:c9:5d:02:41:88:
01:2b:e0:9d:6f:4b:2d:6e:8e:4f:bb:36:35:f3:dd:82:db:e7:
7a:af:d1:55:cc:6b:5b:4f:1a:47:7c:80:60:23:f2:2e:71:88:
fb:5d:d7:2e:24:18:3d:cb:b7:ed:c9:20:62:a2:ee:37:c8:1c:
5f:e5:f9:b2:f2:a6:e7:0d:ba:a9:a6:49:00:a1:f6:28:ac:ff:
4a:34:04:e5:21:12:8e:7b:8c:b6:d2:b3:92:05:eb:36:c7:de:
c3:2b:29:68:0d:e8:1f:ba:ed:05:46:0d:c8:0c:32:68:51:33:
90:7f:b7:49:2b:8a:a1:53:2b:30:30:bd:60:d9:08:67:49:ed:
67:bf:44:cc:9e:ce:08:f6:95:d0:c5:b2:c2:bb:d3:17:0d:19:
99:fb:e4:e6:c0:b5:5f:9c:0e:2b:81:ab:16:ee:a6:98:63:37:
d5:ab:a2:ac:39:ca:9d:c9:0b:fa:bf:d6:55:0c:89:a0:1b:be:
fb:92:9b:ea
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYVvC1uvzxdSgxjU+vsISHiLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YjVmYWQxOGRkOTExMDQxM2EzMWI0ZDhlMTg3NjVhMjdk
NGMzZjEwHhcNMjMwMTAxMjAzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzBmNTc4MzE4ODk2Njc5MWQ5YzVlMDBiYmNjM2IzOTI1MmQ1YjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzgfFkOk5gXb/3AUcS+4IqoUpVJG
VA8AQq4dCgueS/24epBeNeFQ7+ktr5ZiLljKy0+AqEsK86ty/cPYB4W6js4DoVxf
yS8eMqkIjhrT7XvWe6S9qufmCb8WI07rWyMhqc4ZfsHJ7Pf2NLJg/LYo68r3kAPq
KAlFUg5YIhQ2P4BirAwt1hu+qNsxUF4pRQGfDafLcwYPfkukoOD0L+fauiEyo5MQ
cATAGTSsu1NoAxrN5Ump8GzhXALaQYZMM6cxSn/7TLPu9pfHRIvZnk914wv6rQ6/
K4UYXapyywfMdUhTcZkIQ0fctysHrLcDk05M7Q4btYOqUL3nPkYH5mrg5wIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFKwPV4MYiWZ5HZxeALvMOzklLVubMB8GA1UdIwQY
MBaAFIm1+tGN2REEE6MbTY4Ydlon1MPxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWJYNjBZM1pFUVFUb3h0TmpoaDJXaWZVd19FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85MDFhZDItNmM2Yy00M2M2LWEyODAt
NDI1MGNlNTUxN2Q5LzEvckE5WGd4aUpabmtkbkY0QXU4dzdPU1V0VzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85MDFhZDItNmM2Yy00M2M2LWEyODAtNDI1MGNlNTUxN2Q5
LzEvaWJYNjBZM1pFUVFUb3h0TmpoaDJXaWZVd19FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MGYEAgABMGADAwA+sjAK
AwMCUGwDAwBQbgMEBFDxEAMDAlRwAwQCuSOYAwQBwyKAAwQAwyKDMAwDBAPDIogD
BAXDIoADBAbUEUADAwDUujALAwMA1S8DBALVL9gDBAXVL+ADBATZGXAwFAQCAAIw
DgMFACoA42ADBQQqAoOAMA0GCSqGSIb3DQEBCwUAA4IBAQCLvwZVVYvh745EleQR
tl/YIXE6eMG1OU1NCVz9tf8CEvIbIamHNz81/ZlzqMSR/mTZuFbaWZTkc/snFVhO
fjmARp8kyV0CQYgBK+Cdb0stbo5PuzY1892C2+d6r9FVzGtbTxpHfIBgI/IucYj7
XdcuJBg9y7ftySBiou43yBxf5fmy8qbnDbqppkkAofYorP9KNATlIRKOe4y20rOS
Bes2x97DKyloDegfuu0FRg3IDDJoUTOQf7dJK4qhUyswML1g2QhnSe1nv0TMns4I
9pXQxbLCu9MXDRmZ++TmwLVfnA4rgasW7qaYYzfVq6KsOcqdyQv6v9ZVDImgG777
kpvq
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:44:37 2025 by rpki-client