Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/vS_3rmcGY6r790967S6JXqd4jeQ.roa
File: vS_3rmcGY6r790967S6JXqd4jeQ.roa (raw, json)
Hash identifier: 4up3Epx/kTjtwvrwMj6zcDQ59Szsy+VXZdU8SIUlpmE=
Subject key identifier: BD:2F:F7:AE:67:06:63:AA:FB:F7:4F:7A:ED:2E:89:5E:A7:78:8D:E4
Certificate issuer: /CN=89b5fad18dd9110413a31b4d8e18765a27d4c3f1
Certificate serial: 018225580BBF803DC82B32110BD432C3E6B9
Authority key identifier: 89:B5:FA:D1:8D:D9:11:04:13:A3:1B:4D:8E:18:76:5A:27:D4:C3:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ibX60Y3ZEQQToxtNjhh2WifUw_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/vS_3rmcGY6r790967S6JXqd4jeQ.roa
Signing time: Fri 22 Jul 2022 09:58:23 +0000
ROA not before: Fri 22 Jul 2022 09:58:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8412
IP address blocks: 62.178.0.0/16 maxlen: 17
195.34.136.0/21 maxlen: 22
195.34.144.0/20 maxlen: 21
84.112.0.0/14 maxlen: 15
213.47.0.0/17 maxlen: 18
84.115.208.0/20 maxlen: 20
84.115.224.0/20 maxlen: 20
80.241.16.0/20 maxlen: 21
217.25.122.0/23 maxlen: 23
185.35.152.0/22 maxlen: 23
80.108.0.0/15 maxlen: 16
213.47.128.0/18 maxlen: 19
217.25.112.0/20 maxlen: 22
213.47.208.0/21 maxlen: 22
213.47.216.0/22 maxlen: 23
213.47.224.0/19 maxlen: 20
212.186.0.0/16 maxlen: 17
195.34.128.0/23 maxlen: 24
195.34.131.0/24 maxlen: 24
212.17.64.0/18 maxlen: 19
80.110.0.0/16 maxlen: 17
213.47.192.0/20 maxlen: 21
2a02:838c::/30 maxlen: 30
2a02:8380::/30 maxlen: 33
2a02:8380::/28 maxlen: 29
2a00:e360::/32 maxlen: 33
2a02:838a::/41 maxlen: 44
2a02:8384::/31 maxlen: 32
2a02:8388::/29 maxlen: 30
2a02:8388::/31 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:25:58:0b:bf:80:3d:c8:2b:32:11:0b:d4:32:c3:e6:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89b5fad18dd9110413a31b4d8e18765a27d4c3f1
Validity
Not Before: Jul 22 09:58:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd2ff7ae670663aafbf74f7aed2e895ea7788de4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:73:4b:4f:e9:2b:f1:8c:c9:66:e9:63:03:9a:
c7:81:79:8d:20:ce:57:fe:53:a0:15:94:99:16:a7:
46:2d:15:c7:21:da:b6:ba:bb:15:cd:7a:74:0e:25:
84:3a:36:b7:b2:63:a5:d0:da:a8:7f:08:20:a0:4c:
22:d4:96:d4:bd:94:79:99:b6:ab:2e:ea:f4:1b:96:
83:40:71:a4:ba:a6:88:18:fd:d8:3a:ea:c5:4a:0e:
2b:9e:4a:1e:ba:0b:c5:ff:97:bb:53:dd:a2:6e:1a:
c6:47:11:10:55:d2:39:4e:55:69:1d:e1:7d:c3:6e:
7c:dc:b1:61:fd:e1:54:81:8f:f4:48:24:b3:c8:6b:
9b:d1:d8:43:6b:88:b1:c0:d0:3c:57:68:39:e1:f2:
32:83:00:48:24:9f:60:c9:a6:98:17:41:e9:68:16:
06:64:32:cc:85:86:ee:7f:44:5c:ee:f5:af:82:e1:
45:ed:1c:21:c0:85:be:fa:c7:3c:c1:99:6b:bb:d4:
f2:f3:f3:b8:15:87:c1:75:fa:87:2f:78:12:0d:e7:
64:35:ae:25:34:21:69:6d:ea:13:a7:c5:2f:1b:fd:
46:c6:ca:ff:36:8b:2b:15:bd:47:1b:d1:74:fe:02:
60:24:4d:9d:1c:b1:f1:0e:0f:17:30:62:16:c0:da:
50:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:2F:F7:AE:67:06:63:AA:FB:F7:4F:7A:ED:2E:89:5E:A7:78:8D:E4
X509v3 Authority Key Identifier:
keyid:89:B5:FA:D1:8D:D9:11:04:13:A3:1B:4D:8E:18:76:5A:27:D4:C3:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibX60Y3ZEQQToxtNjhh2WifUw_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/vS_3rmcGY6r790967S6JXqd4jeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/ibX60Y3ZEQQToxtNjhh2WifUw_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.178.0.0/16
80.108.0.0-80.110.255.255
80.241.16.0/20
84.112.0.0/14
185.35.152.0/22
195.34.128.0/23
195.34.131.0/24
195.34.136.0-195.34.159.255
212.17.64.0/18
212.186.0.0/16
213.47.0.0-213.47.219.255
213.47.224.0/19
217.25.112.0/20
IPv6:
2a00:e360::/32
2a02:8380::/28
Signature Algorithm: sha256WithRSAEncryption
7a:66:af:f6:3b:c0:80:b9:e6:c1:da:69:6a:d3:7c:dd:c8:11:
66:f8:bc:0e:a2:a5:fc:0d:9d:19:9b:f7:aa:2a:a6:16:ef:19:
d1:a6:5f:db:4b:a3:65:9a:2b:25:e1:90:f1:1b:92:f8:1e:a3:
cb:02:aa:31:d7:38:f7:d8:eb:6a:77:5b:57:7c:e7:cb:e5:7b:
21:21:29:95:21:fb:8f:ff:e6:d7:ce:52:bd:b2:4b:68:12:1f:
98:23:1b:09:fc:94:a8:7a:0f:5f:d4:fe:81:aa:8f:d0:9b:45:
ee:ea:06:30:09:bd:d1:1e:8d:af:f9:c1:81:9f:9c:fd:23:db:
73:11:66:8b:1a:98:2a:58:fc:99:a0:c5:4e:c5:3a:a3:a2:6c:
47:20:71:5f:f3:fa:20:96:aa:fb:f2:49:5d:c2:d0:69:82:9b:
8e:30:0a:1a:1c:cd:c2:84:d9:bc:c6:8f:51:45:14:57:52:ca:
3b:13:71:0b:4b:4a:7e:45:a0:66:85:ba:24:d8:5d:3f:4b:35:
0a:dc:40:14:4d:6d:fa:43:75:ed:16:0d:24:e8:9c:18:27:2e:
fb:d9:82:b3:02:38:9e:00:52:0b:29:9d:50:78:6f:c0:86:03:
7f:25:95:2f:7e:7c:0c:0e:cd:2d:d9:12:60:32:ca:35:45:3c:
f8:85:ca:79
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYIlWAu/gD3IKzIRC9Qyw+a5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YjVmYWQxOGRkOTExMDQxM2EzMWI0ZDhlMTg3NjVhMjdk
NGMzZjEwHhcNMjIwNzIyMDk1ODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDJmZjdhZTY3MDY2M2FhZmJmNzRmN2FlZDJlODk1ZWE3Nzg4ZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHNLT+kr8YzJZuljA5rHgXmNIM5X
/lOgFZSZFqdGLRXHIdq2ursVzXp0DiWEOja3smOl0NqofwggoEwi1JbUvZR5mbar
Lur0G5aDQHGkuqaIGP3YOurFSg4rnkoeugvF/5e7U92ibhrGRxEQVdI5TlVpHeF9
w2583LFh/eFUgY/0SCSzyGub0dhDa4ixwNA8V2g54fIygwBIJJ9gyaaYF0HpaBYG
ZDLMhYbuf0Rc7vWvguFF7RwhwIW++sc8wZlru9Ty8/O4FYfBdfqHL3gSDedkNa4l
NCFpbeoTp8UvG/1Gxsr/NosrFb1HG9F0/gJgJE2dHLHxDg8XMGIWwNpQGwIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFL0v965nBmOq+/dPeu0uiV6neI3kMB8GA1UdIwQY
MBaAFIm1+tGN2REEE6MbTY4Ydlon1MPxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWJYNjBZM1pFUVFUb3h0TmpoaDJXaWZVd19FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85MDFhZDItNmM2Yy00M2M2LWEyODAt
NDI1MGNlNTUxN2Q5LzEvdlNfM3JtY0dZNnI3OTA5NjdTNkpYcWQ0amVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85MDFhZDItNmM2Yy00M2M2LWEyODAtNDI1MGNlNTUxN2Q5
LzEvaWJYNjBZM1pFUVFUb3h0TmpoaDJXaWZVd19FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MGYEAgABMGADAwA+sjAK
AwMCUGwDAwBQbgMEBFDxEAMDAlRwAwQCuSOYAwQBwyKAAwQAwyKDMAwDBAPDIogD
BAXDIoADBAbUEUADAwDUujALAwMA1S8DBALVL9gDBAXVL+ADBATZGXAwFAQCAAIw
DgMFACoA42ADBQQqAoOAMA0GCSqGSIb3DQEBCwUAA4IBAQB6Zq/2O8CAuebB2mlq
03zdyBFm+LwOoqX8DZ0Zm/eqKqYW7xnRpl/bS6Nlmisl4ZDxG5L4HqPLAqox1zj3
2Otqd1tXfOfL5XshISmVIfuP/+bXzlK9sktoEh+YIxsJ/JSoeg9f1P6Bqo/Qm0Xu
6gYwCb3RHo2v+cGBn5z9I9tzEWaLGpgqWPyZoMVOxTqjomxHIHFf8/oglqr78kld
wtBpgpuOMAoaHM3ChNm8xo9RRRRXUso7E3ELS0p+RaBmhbok2F0/SzUK3EAUTW36
Q3XtFg0k6JwYJy772YKzAjieAFILKZ1QeG/AhgN/JZUvfnwMDs0t2RJgMso1RTz4
hcp5
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:44:33 2025 by rpki-client