Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/sJEvy29F1Cs6_gB8833Jo_6e0yo.roa
File: sJEvy29F1Cs6_gB8833Jo_6e0yo.roa (raw, json)
Hash identifier: BfvV+iBFROaWvg4K90uygKHzbmLLU6/syXh6/sHnr5Y=
Subject key identifier: B0:91:2F:CB:6F:45:D4:2B:3A:FE:00:7C:F3:7D:C9:A3:FE:9E:D3:2A
Certificate issuer: /CN=89b5fad18dd9110413a31b4d8e18765a27d4c3f1
Certificate serial: 01881F6763F6721A7929F7704CBFDAE1A6C2
Authority key identifier: 89:B5:FA:D1:8D:D9:11:04:13:A3:1B:4D:8E:18:76:5A:27:D4:C3:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ibX60Y3ZEQQToxtNjhh2WifUw_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/sJEvy29F1Cs6_gB8833Jo_6e0yo.roa
Signing time: Mon 15 May 2023 12:34:09 +0000
ROA not before: Mon 15 May 2023 12:34:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8412
IP address blocks: 62.178.0.0/16 maxlen: 17
195.34.136.0/21 maxlen: 22
195.34.144.0/20 maxlen: 21
84.112.0.0/14 maxlen: 15
213.47.0.0/17 maxlen: 18
84.115.208.0/20 maxlen: 20
84.115.224.0/20 maxlen: 20
80.241.16.0/20 maxlen: 21
217.25.122.0/23 maxlen: 23
185.35.152.0/22 maxlen: 23
80.108.0.0/15 maxlen: 16
213.47.128.0/18 maxlen: 19
217.25.112.0/20 maxlen: 22
213.47.208.0/21 maxlen: 22
213.47.216.0/22 maxlen: 23
213.47.224.0/19 maxlen: 20
212.186.0.0/16 maxlen: 17
80.110.64.0/23 maxlen: 23
195.34.128.0/23 maxlen: 24
195.34.131.0/24 maxlen: 24
212.17.64.0/18 maxlen: 19
80.110.0.0/16 maxlen: 17
213.47.192.0/20 maxlen: 21
2a02:838c::/30 maxlen: 30
2a02:8380::/30 maxlen: 33
2a02:8389:c000::/36 maxlen: 36
2a02:8380::/28 maxlen: 29
2a00:e360::/32 maxlen: 33
2a02:838a::/41 maxlen: 44
2a02:8384::/31 maxlen: 32
2a02:8388::/29 maxlen: 30
2a02:8388::/31 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1f:67:63:f6:72:1a:79:29:f7:70:4c:bf:da:e1:a6:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89b5fad18dd9110413a31b4d8e18765a27d4c3f1
Validity
Not Before: May 15 12:34:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0912fcb6f45d42b3afe007cf37dc9a3fe9ed32a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e0:30:c0:ae:1a:34:18:96:cd:1f:05:4d:b5:
12:99:24:ac:a2:86:68:ac:3e:00:3f:a8:b8:d5:77:
4d:2e:c2:b4:de:1d:25:9c:f2:d3:d0:3d:ea:20:63:
79:c4:a1:30:5d:f8:21:d2:c2:f9:80:9b:50:4c:11:
18:2c:57:77:56:0e:30:95:c6:1c:1b:e3:8b:f8:8c:
c8:29:42:ed:71:c6:d4:a5:39:d4:01:ff:f6:ef:72:
2f:da:19:d8:45:bb:d7:40:0f:e3:be:28:51:b5:c8:
a5:e4:37:87:d6:7a:56:32:6a:5e:9d:ab:05:b7:95:
f2:8d:48:9e:11:bf:dd:b1:37:47:c4:4c:2a:82:9b:
c2:06:44:d7:3f:0d:e4:8a:82:c1:2a:4b:b0:27:d0:
ed:48:09:be:fa:e9:05:d1:4e:d7:3c:39:c2:eb:6e:
26:5b:42:de:ea:7b:76:2a:5e:8e:fb:37:c3:0c:5b:
8a:d9:c9:a7:8e:e1:44:15:28:6b:ce:25:0e:2b:c7:
76:45:7b:ca:bc:ac:f9:62:b4:a8:34:aa:07:86:44:
2a:9f:6a:51:e8:ce:a6:8f:61:af:a9:43:c2:14:3d:
7e:62:47:6a:b6:17:dd:5a:82:1f:2a:1f:3c:75:72:
b4:03:4e:ff:ae:fd:03:a6:72:6a:62:8f:8e:ec:ed:
c5:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:91:2F:CB:6F:45:D4:2B:3A:FE:00:7C:F3:7D:C9:A3:FE:9E:D3:2A
X509v3 Authority Key Identifier:
keyid:89:B5:FA:D1:8D:D9:11:04:13:A3:1B:4D:8E:18:76:5A:27:D4:C3:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibX60Y3ZEQQToxtNjhh2WifUw_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/sJEvy29F1Cs6_gB8833Jo_6e0yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/ibX60Y3ZEQQToxtNjhh2WifUw_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.178.0.0/16
80.108.0.0-80.110.255.255
80.241.16.0/20
84.112.0.0/14
185.35.152.0/22
195.34.128.0/23
195.34.131.0/24
195.34.136.0-195.34.159.255
212.17.64.0/18
212.186.0.0/16
213.47.0.0-213.47.219.255
213.47.224.0/19
217.25.112.0/20
IPv6:
2a00:e360::/32
2a02:8380::/28
Signature Algorithm: sha256WithRSAEncryption
45:24:9a:f6:a7:95:f5:22:71:a5:5f:af:54:da:af:48:96:a9:
48:3e:68:ab:9b:01:2c:39:25:3e:e5:1b:78:06:8b:04:86:fa:
36:11:45:c8:24:27:ee:7a:fb:31:e5:57:43:01:1c:1f:88:c1:
32:84:fd:83:97:18:98:e6:71:1a:e9:97:01:e3:a9:78:00:7f:
49:3f:d1:ee:f9:f2:53:34:b3:f4:1b:3d:4f:6e:cb:71:b6:b7:
27:92:30:1b:5a:f6:d3:1f:8c:72:06:1b:30:ed:81:3b:ac:59:
19:5e:c4:66:b1:bf:86:38:fe:c5:49:23:c3:18:98:bc:86:f6:
58:70:ac:e8:3e:98:3d:23:a7:c6:32:96:29:a2:00:54:e5:83:
88:dd:4b:29:f4:e4:c5:a2:90:c3:29:41:0f:aa:a7:b1:63:f7:
e9:fc:1b:dc:a3:22:22:e8:39:6b:a6:87:3e:cc:9f:5b:6d:6a:
ee:37:ca:1b:e0:c8:07:cb:d0:94:46:cd:45:6a:66:32:bf:12:
28:52:76:24:5d:64:ab:f6:e0:02:fc:1e:05:1a:a3:7f:ff:4e:
ee:70:28:a3:13:35:01:cb:75:84:35:98:db:94:a6:c6:b4:ef:
f4:2c:d8:f1:ae:d3:30:7f:c2:8a:e3:52:54:78:21:6d:dd:c4:
29:29:f8:fd
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYgfZ2P2chp5KfdwTL/a4abCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YjVmYWQxOGRkOTExMDQxM2EzMWI0ZDhlMTg3NjVhMjdk
NGMzZjEwHhcNMjMwNTE1MTIzNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDkxMmZjYjZmNDVkNDJiM2FmZTAwN2NmMzdkYzlhM2ZlOWVkMzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuAwwK4aNBiWzR8FTbUSmSSsooZo
rD4AP6i41XdNLsK03h0lnPLT0D3qIGN5xKEwXfgh0sL5gJtQTBEYLFd3Vg4wlcYc
G+OL+IzIKULtccbUpTnUAf/273Iv2hnYRbvXQA/jvihRtcil5DeH1npWMmpenasF
t5XyjUieEb/dsTdHxEwqgpvCBkTXPw3kioLBKkuwJ9DtSAm++ukF0U7XPDnC624m
W0Le6nt2Kl6O+zfDDFuK2cmnjuFEFShrziUOK8d2RXvKvKz5YrSoNKoHhkQqn2pR
6M6mj2GvqUPCFD1+YkdqthfdWoIfKh88dXK0A07/rv0DpnJqYo+O7O3FLwIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFLCRL8tvRdQrOv4AfPN9yaP+ntMqMB8GA1UdIwQY
MBaAFIm1+tGN2REEE6MbTY4Ydlon1MPxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWJYNjBZM1pFUVFUb3h0TmpoaDJXaWZVd19FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85MDFhZDItNmM2Yy00M2M2LWEyODAt
NDI1MGNlNTUxN2Q5LzEvc0pFdnkyOUYxQ3M2X2dCODgzM0pvXzZlMHlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85MDFhZDItNmM2Yy00M2M2LWEyODAtNDI1MGNlNTUxN2Q5
LzEvaWJYNjBZM1pFUVFUb3h0TmpoaDJXaWZVd19FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MGYEAgABMGADAwA+sjAK
AwMCUGwDAwBQbgMEBFDxEAMDAlRwAwQCuSOYAwQBwyKAAwQAwyKDMAwDBAPDIogD
BAXDIoADBAbUEUADAwDUujALAwMA1S8DBALVL9gDBAXVL+ADBATZGXAwFAQCAAIw
DgMFACoA42ADBQQqAoOAMA0GCSqGSIb3DQEBCwUAA4IBAQBFJJr2p5X1InGlX69U
2q9IlqlIPmirmwEsOSU+5Rt4BosEhvo2EUXIJCfuevsx5VdDARwfiMEyhP2DlxiY
5nEa6ZcB46l4AH9JP9Hu+fJTNLP0Gz1PbstxtrcnkjAbWvbTH4xyBhsw7YE7rFkZ
XsRmsb+GOP7FSSPDGJi8hvZYcKzoPpg9I6fGMpYpogBU5YOI3Usp9OTFopDDKUEP
qqexY/fp/BvcoyIi6Dlrpoc+zJ9bbWruN8ob4MgHy9CURs1FamYyvxIoUnYkXWSr
9uAC/B4FGqN//07ucCijEzUBy3WENZjblKbGtO/0LNjxrtMwf8KK41JUeCFt3cQp
Kfj9
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:12:28 2025 by rpki-client