Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/7JiOsyc6MlfbwAsaX36_5rO1eOw.roa
File: 7JiOsyc6MlfbwAsaX36_5rO1eOw.roa (raw, json)
Hash identifier: gcMj+sE1kSHxC9zEIV05rSEIRpDqeJOHnr+duJpHUeU=
Subject key identifier: EC:98:8E:B3:27:3A:32:57:DB:C0:0B:1A:5F:7E:BF:E6:B3:B5:78:EC
Certificate issuer: /CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Certificate serial: 01857169CA844DDFC2686D5A858935B03C9F
Authority key identifier: 99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/7JiOsyc6MlfbwAsaX36_5rO1eOw.roa
Signing time: Mon 02 Jan 2023 07:37:16 +0000
ROA not before: Mon 02 Jan 2023 07:37:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 86.107.255.0/24 maxlen: 24
79.132.145.0/24 maxlen: 24
46.247.245.0/24 maxlen: 24
79.132.153.0/24 maxlen: 24
79.132.154.0/24 maxlen: 24
85.112.211.0/24 maxlen: 24
185.223.148.0/24 maxlen: 24
185.183.63.0/24 maxlen: 24
86.107.248.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:ca:84:4d:df:c2:68:6d:5a:85:89:35:b0:3c:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Validity
Not Before: Jan 2 07:37:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec988eb3273a3257dbc00b1a5f7ebfe6b3b578ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c7:2c:13:24:c6:d1:7b:e1:25:f0:55:ab:a1:
03:27:0b:9f:88:5a:60:c1:ea:18:74:56:78:d9:ba:
f4:00:d5:81:73:d3:5b:df:89:a7:e6:5c:67:f1:c0:
79:b1:91:b6:f7:b2:6b:54:66:a7:bd:f2:b7:04:a6:
02:fb:1e:b5:e4:95:c2:54:87:a1:b6:03:06:22:9c:
fd:5b:a6:60:8e:fe:29:50:fe:50:a3:ff:6b:99:3f:
47:66:a1:b0:80:ca:66:25:11:d2:43:d1:84:8f:13:
17:53:6e:4a:25:80:96:1e:58:0a:0f:cb:1e:0b:06:
89:1b:97:5d:eb:56:4c:75:aa:a7:cf:63:8c:50:3a:
01:ef:9a:c9:1a:63:ce:93:65:4d:f5:a3:e0:4c:5f:
39:a7:0c:8d:eb:68:ad:2b:3b:1c:7c:a4:3e:38:96:
bb:fd:f8:65:57:4b:e7:16:8b:3a:6c:e6:e6:43:8a:
44:15:76:22:97:97:bd:73:d0:04:2e:96:cc:b8:df:
b6:f8:51:c3:47:f6:43:8f:52:25:75:1f:29:f0:0d:
66:79:7c:1c:25:86:c6:7e:a7:76:90:91:b4:5a:d9:
52:8c:8c:30:71:56:46:25:dc:83:75:62:b0:68:f2:
86:ae:0f:25:8a:57:db:8e:91:4d:ad:76:ee:a4:e7:
09:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:98:8E:B3:27:3A:32:57:DB:C0:0B:1A:5F:7E:BF:E6:B3:B5:78:EC
X509v3 Authority Key Identifier:
keyid:99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/7JiOsyc6MlfbwAsaX36_5rO1eOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.247.245.0/24
79.132.145.0/24
79.132.153.0-79.132.154.255
85.112.211.0/24
86.107.248.0/21
185.183.63.0/24
185.223.148.0/24
Signature Algorithm: sha256WithRSAEncryption
95:02:7d:e8:56:54:fa:84:49:f7:ed:29:bf:b5:98:f6:a2:10:
33:65:d4:bc:f2:b9:73:db:20:07:3f:76:91:08:a3:ac:ac:5a:
ac:e4:08:87:ef:93:9d:9e:93:3b:9c:1c:91:e9:a5:14:16:d0:
3f:b0:25:bc:84:5a:f2:2b:52:18:94:1c:31:35:f3:89:c2:75:
ab:4c:a4:5f:aa:05:94:21:8f:15:89:d6:cc:f3:8c:1f:1f:6c:
88:0f:fb:45:c7:4b:07:30:9d:07:30:64:c9:97:78:55:c5:d9:
15:ef:77:92:26:73:a8:bf:99:9b:25:41:ad:d3:ca:ed:10:24:
ab:af:14:4c:d4:23:57:8c:9b:e1:04:55:31:e0:52:71:45:88:
e6:bc:f4:24:70:0c:7b:bc:fb:65:bd:07:15:26:61:99:0f:63:
d4:2c:5f:04:c4:ac:b8:8e:05:b2:03:e2:95:5c:c1:b2:ad:1c:
cf:9c:f0:ba:d8:51:78:69:c7:23:13:3d:59:af:9e:b4:09:eb:
c9:8c:34:99:87:cf:db:40:5c:72:be:85:7e:4f:29:71:fb:0d:
6f:be:c9:e6:95:b1:4e:d0:05:b6:d0:86:1b:eb:6b:bd:27:fb:
63:74:0e:63:43:b1:74:80:05:e6:c1:0f:a3:e1:8f:5a:ac:9a:
25:fc:4c:51
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVxacqETd/CaG1ahYk1sDyfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NjcyMTgzMWFmYjhiMzgzMDdiNDlmNWI5ZWU2MjkyYWQx
ZTU4NTAwHhcNMjMwMTAyMDczNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzk4OGViMzI3M2EzMjU3ZGJjMDBiMWE1ZjdlYmZlNmIzYjU3OGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsscsEyTG0XvhJfBVq6EDJwufiFpg
weoYdFZ42br0ANWBc9Nb34mn5lxn8cB5sZG297JrVGanvfK3BKYC+x615JXCVIeh
tgMGIpz9W6Zgjv4pUP5Qo/9rmT9HZqGwgMpmJRHSQ9GEjxMXU25KJYCWHlgKD8se
CwaJG5dd61ZMdaqnz2OMUDoB75rJGmPOk2VN9aPgTF85pwyN62itKzscfKQ+OJa7
/fhlV0vnFos6bObmQ4pEFXYil5e9c9AELpbMuN+2+FHDR/ZDj1IldR8p8A1meXwc
JYbGfqd2kJG0WtlSjIwwcVZGJdyDdWKwaPKGrg8lilfbjpFNrXbupOcJOQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOyYjrMnOjJX28ALGl9+v+aztXjsMB8GA1UdIwQY
MBaAFJlnIYMa+4s4MHtJ9bnuYpKtHlhQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzIt
YjRiZmU0NTZkZGUwLzEvN0ppT3N5YzZNbGZid0FzYVgzNl81ck8xZU93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzItYjRiZmU0NTZkZGUw
LzEvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALvf1AwQA
T4SRMAwDBABPhJkDBABPhJoDBABVcNMDBANWa/gDBAC5tz8DBAC535QwDQYJKoZI
hvcNAQELBQADggEBAJUCfehWVPqESfftKb+1mPaiEDNl1LzyuXPbIAc/dpEIo6ys
WqzkCIfvk52ekzucHJHppRQW0D+wJbyEWvIrUhiUHDE184nCdatMpF+qBZQhjxWJ
1szzjB8fbIgP+0XHSwcwnQcwZMmXeFXF2RXvd5Imc6i/mZslQa3Tyu0QJKuvFEzU
I1eMm+EEVTHgUnFFiOa89CRwDHu8+2W9BxUmYZkPY9QsXwTErLiOBbID4pVcwbKt
HM+c8LrYUXhpxyMTPVmvnrQJ68mMNJmHz9tAXHK+hX5PKXH7DW++yeaVsU7QBbbQ
hhvra70n+2N0DmNDsXSABebBD6Phj1qsmiX8TFE=
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:22:07 2025 by rpki-client