Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/48bHT5dcETMeyrOrQy7s2Dvwr8g.roa
File: 48bHT5dcETMeyrOrQy7s2Dvwr8g.roa (raw, json)
Hash identifier: v2lae8Bi1US1jbXiC+OQ445FzSb/9GchzDt3rbpWxkc=
Subject key identifier: E3:C6:C7:4F:97:5C:11:33:1E:CA:B3:AB:43:2E:EC:D8:3B:F0:AF:C8
Certificate issuer: /CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Certificate serial: 01859746D3735989A5F1385A63DF53FBAD85
Authority key identifier: 99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/48bHT5dcETMeyrOrQy7s2Dvwr8g.roa
Signing time: Mon 09 Jan 2023 16:04:39 +0000
ROA not before: Mon 09 Jan 2023 16:04:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44407
IP address blocks: 37.140.224.0/21 maxlen: 21
185.204.252.0/22 maxlen: 22
79.132.144.0/20 maxlen: 20
86.105.88.0/21 maxlen: 21
185.243.120.0/22 maxlen: 22
185.16.48.0/22 maxlen: 22
80.240.160.0/20 maxlen: 20
217.26.192.0/20 maxlen: 20
89.43.156.0/22 maxlen: 24
185.176.176.0/22 maxlen: 22
85.112.192.0/19 maxlen: 19
185.223.148.0/22 maxlen: 22
45.87.56.0/22 maxlen: 22
185.183.60.0/22 maxlen: 22
185.183.64.0/22 maxlen: 22
185.181.152.0/22 maxlen: 22
194.36.192.0/22 maxlen: 22
45.148.108.0/22 maxlen: 22
45.156.228.0/22 maxlen: 22
46.247.224.0/19 maxlen: 19
185.183.252.0/22 maxlen: 22
195.123.7.0/24 maxlen: 24
185.198.224.0/22 maxlen: 22
86.107.248.0/21 maxlen: 21
185.209.140.0/22 maxlen: 22
185.184.4.0/22 maxlen: 22
89.35.208.0/21 maxlen: 21
45.81.80.0/22 maxlen: 22
195.177.108.0/22 maxlen: 22
2a0a:1c80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:97:46:d3:73:59:89:a5:f1:38:5a:63:df:53:fb:ad:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Validity
Not Before: Jan 9 16:04:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3c6c74f975c11331ecab3ab432eecd83bf0afc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:41:af:69:fe:05:1f:0c:1a:ae:65:22:13:cd:
6f:c9:c6:a9:59:a2:b4:3e:13:0e:99:7c:4f:08:e5:
16:e1:b5:75:f1:24:b9:1a:af:b2:70:fc:75:29:52:
bc:65:1c:d4:1d:27:19:bc:77:1e:85:17:f5:e3:cd:
6a:b0:a3:ce:07:e7:60:64:ec:7c:47:56:5b:f4:9d:
bc:db:ff:b4:cd:2b:90:a3:2b:1c:e8:85:b7:53:11:
a8:79:cd:81:8e:44:cb:ba:a0:1b:1a:42:78:1a:aa:
67:80:27:47:9c:4d:d8:b9:08:96:c4:f5:96:f1:8d:
fe:f9:f3:1b:30:09:66:28:23:0b:75:49:a5:c8:79:
fa:fa:e2:3a:4a:42:fe:fd:13:8f:93:d2:1b:6f:3b:
c1:10:f6:1d:40:72:fa:e7:4e:a9:22:61:9b:9d:eb:
1f:66:4d:6e:5c:42:7b:ec:96:3f:44:28:6d:0d:59:
75:d9:e8:e6:26:28:27:7a:e7:b3:d0:4f:18:80:a9:
e6:20:4a:9b:be:c5:8d:37:c4:5c:62:be:5a:d1:0e:
ba:66:43:17:4f:57:07:d9:66:04:0d:21:ac:6f:73:
4f:9e:4f:6f:16:4b:c5:23:62:18:d9:6d:4c:90:f7:
cc:4d:7f:bc:e8:cb:95:f8:e9:cb:eb:15:66:68:22:
89:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:C6:C7:4F:97:5C:11:33:1E:CA:B3:AB:43:2E:EC:D8:3B:F0:AF:C8
X509v3 Authority Key Identifier:
keyid:99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/48bHT5dcETMeyrOrQy7s2Dvwr8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.224.0/21
45.81.80.0/22
45.87.56.0/22
45.148.108.0/22
45.156.228.0/22
46.247.224.0/19
79.132.144.0/20
80.240.160.0/20
85.112.192.0/19
86.105.88.0/21
86.107.248.0/21
89.35.208.0/21
89.43.156.0/22
185.16.48.0/22
185.176.176.0/22
185.181.152.0/22
185.183.60.0-185.183.67.255
185.183.252.0/22
185.184.4.0/22
185.198.224.0/22
185.204.252.0/22
185.209.140.0/22
185.223.148.0/22
185.243.120.0/22
194.36.192.0/22
195.123.7.0/24
195.177.108.0/22
217.26.192.0/20
IPv6:
2a0a:1c80::/29
Signature Algorithm: sha256WithRSAEncryption
08:80:f8:b5:60:6c:c9:62:4e:77:2d:1e:26:2b:a4:c1:84:68:
70:38:38:31:7a:56:aa:f0:e9:81:fd:5c:2f:a1:6c:ed:0d:47:
c7:e8:b7:c0:02:30:02:9c:93:8a:e7:ca:dc:11:e8:73:b5:44:
6e:bb:08:01:b6:0f:95:8f:1f:4f:ce:ee:24:75:fb:ac:dc:f0:
a1:c0:d1:7f:84:2b:ab:b6:01:87:cb:23:2f:47:49:6d:cb:bf:
d8:14:6b:28:6e:87:83:7c:37:33:6a:0c:a0:02:a8:da:4f:bf:
0e:6a:ca:80:a1:81:ca:0f:50:1b:80:86:3a:67:5e:41:d9:fc:
fa:9d:31:4a:cd:ce:36:c6:06:5a:93:8f:2c:f3:35:b7:cb:9f:
1c:0b:80:94:ac:57:b0:2e:0b:aa:8a:c4:fa:11:64:cb:b1:ac:
29:7d:b0:4f:64:f4:1b:de:fd:f0:75:15:2c:60:5f:93:23:04:
64:25:2f:6d:d1:60:83:9e:16:07:bb:0b:20:b0:c6:0f:42:5c:
d7:71:4f:c0:fd:49:69:46:ae:1d:43:48:bc:7d:f5:55:fb:c9:
24:2f:aa:9e:2f:f7:53:28:e1:9b:5e:24:a4:56:27:a9:22:f5:
2d:07:f6:77:9a:81:8a:03:2b:da:f8:1f:2a:f7:1a:97:9f:43:
25:e0:80:22
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYWXRtNzWYml8ThaY99T+62FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NjcyMTgzMWFmYjhiMzgzMDdiNDlmNWI5ZWU2MjkyYWQx
ZTU4NTAwHhcNMjMwMTA5MTYwNDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2M2Yzc0Zjk3NWMxMTMzMWVjYWIzYWI0MzJlZWNkODNiZjBhZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0Gvaf4FHwwarmUiE81vycapWaK0
PhMOmXxPCOUW4bV18SS5Gq+ycPx1KVK8ZRzUHScZvHcehRf1481qsKPOB+dgZOx8
R1Zb9J282/+0zSuQoysc6IW3UxGoec2BjkTLuqAbGkJ4GqpngCdHnE3YuQiWxPWW
8Y3++fMbMAlmKCMLdUmlyHn6+uI6SkL+/ROPk9IbbzvBEPYdQHL6506pImGbnesf
Zk1uXEJ77JY/RChtDVl12ejmJigneuez0E8YgKnmIEqbvsWNN8RcYr5a0Q66ZkMX
T1cH2WYEDSGsb3NPnk9vFkvFI2IY2W1MkPfMTX+86MuV+OnL6xVmaCKJhQIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFOPGx0+XXBEzHsqzq0Mu7Ng78K/IMB8GA1UdIwQY
MBaAFJlnIYMa+4s4MHtJ9bnuYpKtHlhQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzIt
YjRiZmU0NTZkZGUwLzEvNDhiSFQ1ZGNFVE1leXJPclF5N3MyRHZ3cjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzItYjRiZmU0NTZkZGUw
LzEvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBtwQCAAEwgbADBAMl
jOADBAItUVADBAItVzgDBAItlGwDBAItnOQDBAUu9+ADBARPhJADBARQ8KADBAVV
cMADBANWaVgDBANWa/gDBANZI9ADBAJZK5wDBAK5EDADBAK5sLADBAK5tZgwDAME
Arm3PAMEArm3QAMEArm3/AMEArm4BAMEArnG4AMEArnM/AMEArnRjAMEArnflAME
ArnzeAMEAsIkwAMEAMN7BwMEAsOxbAMEBNkawDANBAIAAjAHAwUDKgocgDANBgkq
hkiG9w0BAQsFAAOCAQEACID4tWBsyWJOdy0eJiukwYRocDg4MXpWqvDpgf1cL6Fs
7Q1Hx+i3wAIwApyTiufK3BHoc7VEbrsIAbYPlY8fT87uJHX7rNzwocDRf4Qrq7YB
h8sjL0dJbcu/2BRrKG6Hg3w3M2oMoAKo2k+/DmrKgKGByg9QG4CGOmdeQdn8+p0x
Ss3ONsYGWpOPLPM1t8ufHAuAlKxXsC4LqorE+hFky7GsKX2wT2T0G9798HUVLGBf
kyMEZCUvbdFgg54WB7sLILDGD0Jc13FPwP1JaUauHUNIvH31VfvJJC+qni/3Uyjh
m14kpFYnqSL1LQf2d5qBigMr2vgfKvcal59DJeCAIg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:07 2025 by rpki-client