Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/T6GRNGGbT3rhuy6lBt-0cu77FiQ.roa
File: T6GRNGGbT3rhuy6lBt-0cu77FiQ.roa (raw, json)
Hash identifier: Ad2qmxQya625PENJBlK8g5UfmUc8D0J3R10qLbu7o1I=
Subject key identifier: 4F:A1:91:34:61:9B:4F:7A:E1:BB:2E:A5:06:DF:B4:72:EE:FB:16:24
Certificate issuer: /CN=2bbc002a2b359b1aa8879e1c4d70455b3192efac
Certificate serial: 0D96FABA
Authority key identifier: 2B:BC:00:2A:2B:35:9B:1A:A8:87:9E:1C:4D:70:45:5B:31:92:EF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K7wAKis1mxqoh54cTXBFWzGS76w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/T6GRNGGbT3rhuy6lBt-0cu77FiQ.roa
Signing time: Sat 01 Jan 2022 06:54:29 +0000
ROA not before: Sat 01 Jan 2022 06:54:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29217
IP address blocks: 159.72.128.0/21 maxlen: 21
164.9.95.0/24 maxlen: 24
159.72.136.0/24 maxlen: 24
159.72.137.0/24 maxlen: 24
159.72.138.0/24 maxlen: 24
164.9.100.0/22 maxlen: 22
164.9.102.0/24 maxlen: 24
164.9.104.0/22 maxlen: 22
164.9.99.0/24 maxlen: 24
78.41.240.0/21 maxlen: 21
85.119.129.0/24 maxlen: 24
85.119.128.0/21 maxlen: 21
192.16.143.0/24 maxlen: 24
164.9.0.0/16 maxlen: 16
2a02:c58:7::/48 maxlen: 48
2a02:c58:6::/48 maxlen: 48
2a02:c58::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 227998394 (0xd96faba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bbc002a2b359b1aa8879e1c4d70455b3192efac
Validity
Not Before: Jan 1 06:54:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4fa19134619b4f7ae1bb2ea506dfb472eefb1624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c0:3d:d8:dc:43:6b:f5:3b:42:fe:e9:aa:db:
7f:a4:58:a9:05:af:ce:ef:93:ce:9e:7d:f3:cc:1e:
40:ab:6d:5b:86:c6:cc:55:60:36:10:63:d3:16:69:
34:cc:ed:1c:16:c0:95:26:27:a4:65:4c:23:21:77:
41:03:66:ed:f9:41:d7:6c:64:91:cd:b2:2d:8a:cb:
17:17:74:7f:27:1a:50:26:d3:2a:c9:f9:58:9a:5a:
be:11:81:78:f0:e1:36:ad:7c:3a:33:0e:b1:86:f8:
b4:46:12:7b:a6:33:c5:33:11:b3:d8:49:6e:f3:f3:
1c:40:5f:4b:4a:bd:66:75:65:b4:1f:b0:55:46:1f:
cd:4e:1a:61:4c:90:e3:b2:53:b9:d6:02:f8:c7:93:
35:87:a4:8e:3f:22:4b:80:4e:6f:32:ec:e2:4d:4f:
4b:90:d6:5f:05:22:1d:49:f0:58:00:cd:9e:6a:63:
33:86:27:47:73:7e:f4:f7:30:f5:0f:46:22:ea:64:
a6:30:08:59:ec:f6:cf:11:f9:0f:27:86:ef:a5:8b:
80:c5:e3:e2:9a:51:97:4b:b2:90:70:ff:48:dc:23:
11:4b:04:ea:a4:fb:3f:5c:7e:01:81:2f:2f:4d:fe:
ec:b8:66:fd:d8:53:c0:75:3a:97:10:04:d0:97:7d:
ee:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:A1:91:34:61:9B:4F:7A:E1:BB:2E:A5:06:DF:B4:72:EE:FB:16:24
X509v3 Authority Key Identifier:
keyid:2B:BC:00:2A:2B:35:9B:1A:A8:87:9E:1C:4D:70:45:5B:31:92:EF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K7wAKis1mxqoh54cTXBFWzGS76w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/T6GRNGGbT3rhuy6lBt-0cu77FiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/K7wAKis1mxqoh54cTXBFWzGS76w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.240.0/21
85.119.128.0/21
159.72.128.0-159.72.138.255
164.9.0.0/16
192.16.143.0/24
IPv6:
2a02:c58::/32
Signature Algorithm: sha256WithRSAEncryption
11:45:04:df:55:c7:dd:58:df:96:fd:84:ad:d2:14:03:93:4c:
5a:28:10:03:86:0f:e6:98:11:68:0a:0e:5f:09:b2:37:bd:ad:
a2:cf:ef:99:09:dc:d4:da:b6:e0:36:03:b9:72:62:48:c4:5e:
1c:96:8d:2a:d3:06:e7:3b:e2:8c:d5:62:f8:01:b2:0c:a4:8e:
e9:02:40:96:7b:30:d5:3c:4c:c0:9d:1c:e9:8b:2c:42:42:67:
9a:e6:74:87:fe:e8:8c:f1:6f:8d:05:0f:b9:b5:4c:3d:51:8d:
2b:41:71:01:7f:77:d5:c1:7c:00:e5:46:cc:cf:bc:04:a9:85:
e9:37:93:cc:66:15:9d:fe:54:54:51:15:27:7d:8d:7d:ae:38:
b9:7b:9f:17:bc:b0:f1:fc:cb:25:b0:b5:2f:b0:e4:f7:70:c4:
ee:70:f7:93:16:a8:9e:8a:da:bd:21:e0:21:ba:c9:eb:2b:47:
3c:33:7e:ca:b8:e3:b6:47:3e:e1:9d:30:9a:c2:af:67:fa:ff:
cc:2a:fb:4c:fd:fe:ae:a9:62:da:6a:8a:46:28:35:77:81:97:
cd:8d:00:11:0b:6d:78:07:6f:04:60:05:2c:26:60:dd:ba:cc:
da:e7:12:e9:ef:80:3c:fb:57:3e:89:b1:6c:db:f8:d7:c9:ab:
80:1b:97:df
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEDZb6ujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YmJjMDAyYTJiMzU5YjFhYTg4NzllMWM0ZDcwNDU1YjMxOTJlZmFjMB4XDTIyMDEw
MTA2NTQyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGZhMTkxMzQ2MTli
NGY3YWUxYmIyZWE1MDZkZmI0NzJlZWZiMTYyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANfAPdjcQ2v1O0L+6arbf6RYqQWvzu+Tzp5988weQKttW4bG
zFVgNhBj0xZpNMztHBbAlSYnpGVMIyF3QQNm7flB12xkkc2yLYrLFxd0fycaUCbT
Ksn5WJpavhGBePDhNq18OjMOsYb4tEYSe6YzxTMRs9hJbvPzHEBfS0q9ZnVltB+w
VUYfzU4aYUyQ47JTudYC+MeTNYekjj8iS4BObzLs4k1PS5DWXwUiHUnwWADNnmpj
M4YnR3N+9Pcw9Q9GIupkpjAIWez2zxH5DyeG76WLgMXj4ppRl0uykHD/SNwjEUsE
6qT7P1x+AYEvL03+7Lhm/dhTwHU6lxAE0Jd97qsCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBRPoZE0YZtPeuG7LqUG37Ry7vsWJDAfBgNVHSMEGDAWgBQrvAAqKzWbGqiH
nhxNcEVbMZLvrDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0s3d0FLaXMxbXhxb2g1NGNUWEJGV3pHUzc2dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjIvN2MzNzI2LTJkYmUtNDE3NC1iMTY0LWE4OTg4OWNlNWY4NC8x
L1Q2R1JOR0diVDNyaHV5NmxCdC0wY3U3N0ZpUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIv
N2MzNzI2LTJkYmUtNDE3NC1iMTY0LWE4OTg4OWNlNWY4NC8xL0s3d0FLaXMxbXhx
b2g1NGNUWEJGV3pHUzc2dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwKwQCAAEwJQMEA04p8AMEA1V3gDAMAwQHn0iAAwQA
n0iKAwMApAkDBADAEI8wDQQCAAIwBwMFACoCDFgwDQYJKoZIhvcNAQELBQADggEB
ABFFBN9Vx91Y35b9hK3SFAOTTFooEAOGD+aYEWgKDl8Jsje9raLP75kJ3NTatuA2
A7lyYkjEXhyWjSrTBuc74ozVYvgBsgykjukCQJZ7MNU8TMCdHOmLLEJCZ5rmdIf+
6Izxb40FD7m1TD1RjStBcQF/d9XBfADlRszPvASphek3k8xmFZ3+VFRRFSd9jX2u
OLl7nxe8sPH8yyWwtS+w5PdwxO5w95MWqJ6K2r0h4CG6yesrRzwzfsq447ZHPuGd
MJrCr2f6/8wq+0z9/q6pYtpqikYoNXeBl82NABELbXgHbwRgBSwmYN26zNrnEunv
gDz7Vz6JsWzb+NfJq4Abl98=
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:21:16 2025 by rpki-client