Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/1c9dbb-052c-4eea-ade6-ec5b88d0138a/1/j8mUhc5RYZN6m1Xge2-qZkh73R4.roa
File: j8mUhc5RYZN6m1Xge2-qZkh73R4.roa (raw, json)
Hash identifier: +HIyv4CKXStuZkBJT3JsLjFA1M03mplDe+oG8VUIlyQ=
Subject key identifier: 8F:C9:94:85:CE:51:61:93:7A:9B:55:E0:7B:6F:AA:66:48:7B:DD:1E
Certificate issuer: /CN=e4a9308742e7eb66506219d829d86185899a1e34
Certificate serial: 0184614CA9E47AD81A883774773D896E1FF1
Authority key identifier: E4:A9:30:87:42:E7:EB:66:50:62:19:D8:29:D8:61:85:89:9A:1E:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Kkwh0Ln62ZQYhnYKdhhhYmaHjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/1c9dbb-052c-4eea-ade6-ec5b88d0138a/1/j8mUhc5RYZN6m1Xge2-qZkh73R4.roa
Signing time: Thu 10 Nov 2022 11:28:44 +0000
ROA not before: Thu 10 Nov 2022 11:28:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48728
IP address blocks: 80.76.165.0/24 maxlen: 24
80.76.164.0/24 maxlen: 24
80.76.160.0/24 maxlen: 24
80.76.160.0/21 maxlen: 21
80.76.162.0/24 maxlen: 24
80.76.160.0/20 maxlen: 20
80.76.161.0/24 maxlen: 24
80.76.163.0/24 maxlen: 24
80.76.172.0/24 maxlen: 24
80.76.171.0/24 maxlen: 24
80.76.169.0/24 maxlen: 24
80.76.168.0/21 maxlen: 21
80.76.170.0/24 maxlen: 24
80.76.174.0/24 maxlen: 24
80.76.173.0/24 maxlen: 24
80.76.175.0/24 maxlen: 24
103.23.124.0/24 maxlen: 24
103.23.124.0/22 maxlen: 22
103.23.125.0/24 maxlen: 24
103.23.126.0/24 maxlen: 24
103.23.127.0/24 maxlen: 24
212.70.96.0/24 maxlen: 24
212.70.96.0/19 maxlen: 19
212.70.98.0/24 maxlen: 24
212.70.97.0/24 maxlen: 24
212.70.102.0/24 maxlen: 24
212.70.104.0/24 maxlen: 24
212.70.99.0/24 maxlen: 24
212.70.109.0/24 maxlen: 24
212.70.108.0/24 maxlen: 24
212.70.110.0/24 maxlen: 24
212.70.112.0/24 maxlen: 24
212.70.111.0/24 maxlen: 24
212.70.107.0/24 maxlen: 24
212.70.106.0/24 maxlen: 24
212.70.114.0/24 maxlen: 24
212.70.113.0/24 maxlen: 24
212.70.116.0/24 maxlen: 24
212.70.115.0/24 maxlen: 24
212.70.117.0/24 maxlen: 24
212.70.118.0/24 maxlen: 24
212.70.122.0/24 maxlen: 24
212.70.125.0/24 maxlen: 24
212.70.119.0/24 maxlen: 24
212.70.121.0/24 maxlen: 24
212.70.126.0/24 maxlen: 24
212.70.127.0/24 maxlen: 24
31.11.48.0/21 maxlen: 21
37.186.37.0/24 maxlen: 24
37.186.38.0/24 maxlen: 24
37.186.32.0/24 maxlen: 24
37.186.34.0/24 maxlen: 24
37.186.32.0/19 maxlen: 19
37.186.33.0/24 maxlen: 24
37.186.36.0/24 maxlen: 24
37.186.35.0/24 maxlen: 24
37.186.44.0/24 maxlen: 24
37.186.39.0/24 maxlen: 24
37.186.41.0/24 maxlen: 24
37.186.40.0/24 maxlen: 24
37.186.43.0/24 maxlen: 24
37.186.42.0/24 maxlen: 24
37.186.51.0/24 maxlen: 24
37.186.50.0/24 maxlen: 24
37.186.46.0/24 maxlen: 24
37.186.45.0/24 maxlen: 24
37.186.48.0/24 maxlen: 24
37.186.47.0/24 maxlen: 24
37.186.49.0/24 maxlen: 24
37.186.58.0/24 maxlen: 24
37.186.57.0/24 maxlen: 24
37.186.53.0/24 maxlen: 24
37.186.52.0/24 maxlen: 24
37.186.55.0/24 maxlen: 24
37.186.54.0/24 maxlen: 24
37.186.56.0/24 maxlen: 24
37.186.60.0/24 maxlen: 24
37.186.59.0/24 maxlen: 24
37.186.62.0/24 maxlen: 24
37.186.61.0/24 maxlen: 24
37.186.63.0/24 maxlen: 24
185.247.88.0/22 maxlen: 22
103.17.1.0/24 maxlen: 24
103.17.0.0/22 maxlen: 22
103.17.0.0/24 maxlen: 24
103.17.3.0/24 maxlen: 24
103.17.2.0/24 maxlen: 24
2a04:7f80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:61:4c:a9:e4:7a:d8:1a:88:37:74:77:3d:89:6e:1f:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a9308742e7eb66506219d829d86185899a1e34
Validity
Not Before: Nov 10 11:28:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8fc99485ce5161937a9b55e07b6faa66487bdd1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:44:c4:4a:35:f8:cf:08:4f:8a:7e:12:cc:c7:
cf:45:0d:0d:54:da:a2:19:0e:bc:3f:06:31:cc:7e:
27:58:ca:01:d9:94:92:03:55:3c:3b:f2:16:22:5e:
0a:2e:c5:67:c8:ac:42:4c:40:50:1d:66:e8:a3:8d:
5d:57:c8:ef:62:47:a9:70:33:f3:16:71:9d:39:e8:
4b:b5:cb:02:ea:57:51:79:a8:15:a8:bf:32:59:4f:
af:4f:bf:d0:5a:6d:ea:4e:c0:e0:e9:6b:e0:7b:92:
04:58:cc:8c:a0:39:86:83:35:1c:ba:be:9a:13:58:
d3:5b:2d:79:66:20:02:f7:7d:cd:b9:50:7d:0b:6e:
b8:6e:cf:80:7b:3b:1f:8f:be:32:a4:ed:b3:99:18:
71:0d:74:dc:77:5d:cd:7b:c7:b6:4a:34:b8:8a:eb:
01:4c:ac:15:0c:57:c0:f0:17:e0:44:b4:26:82:d2:
2a:d1:80:d0:df:7f:78:6c:ef:9d:24:a3:34:3d:2c:
5f:fc:f4:0b:1f:15:2a:27:09:ec:73:d0:64:ca:f8:
76:d1:1c:cb:32:da:2f:91:e8:c6:33:6d:59:45:66:
c2:e5:8d:43:6b:45:fa:e0:9a:13:1a:1a:09:be:29:
54:4f:42:42:e1:e4:66:06:62:c4:28:ac:80:a1:d8:
05:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:C9:94:85:CE:51:61:93:7A:9B:55:E0:7B:6F:AA:66:48:7B:DD:1E
X509v3 Authority Key Identifier:
keyid:E4:A9:30:87:42:E7:EB:66:50:62:19:D8:29:D8:61:85:89:9A:1E:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Kkwh0Ln62ZQYhnYKdhhhYmaHjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/1c9dbb-052c-4eea-ade6-ec5b88d0138a/1/j8mUhc5RYZN6m1Xge2-qZkh73R4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/1c9dbb-052c-4eea-ade6-ec5b88d0138a/1/5Kkwh0Ln62ZQYhnYKdhhhYmaHjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.11.48.0/21
37.186.32.0/19
80.76.160.0/20
103.17.0.0/22
103.23.124.0/22
185.247.88.0/22
212.70.96.0/19
IPv6:
2a04:7f80::/29
Signature Algorithm: sha256WithRSAEncryption
c2:dd:30:93:3b:72:20:93:72:a6:c6:67:59:0b:45:30:37:1b:
2d:02:6c:1e:33:84:39:b9:0c:f5:63:eb:ba:44:a8:e6:c0:0b:
d2:f9:2b:6a:a9:18:37:73:12:89:96:f7:a9:fd:95:28:8d:c3:
63:c5:98:89:4b:93:31:6e:da:cd:80:55:66:0f:e1:26:b4:55:
f6:94:54:e4:b2:e0:24:f8:66:41:f4:ea:40:ff:21:d5:fe:5a:
b0:fa:3c:24:a5:2b:52:f6:cd:29:d8:27:2d:44:7d:7e:60:00:
ee:1c:58:34:5d:ed:3c:65:46:d4:fa:45:3d:25:c2:c6:58:ff:
a3:c8:1b:20:66:bb:02:3a:c2:a3:4b:34:59:9c:bf:a3:a9:58:
c9:79:dd:66:d3:41:4b:91:17:81:95:a2:b4:eb:ce:09:61:d7:
3e:8c:52:e9:9a:2b:1d:12:7f:fe:4f:d8:54:c7:39:7a:2c:d7:
1b:98:5c:11:88:43:61:b2:4f:37:67:0a:e0:ba:dd:4b:6b:49:
04:14:c0:dd:03:52:c7:75:be:01:5e:15:bf:82:ab:c4:9d:ef:
bf:5d:99:7c:d9:8b:55:b0:0c:68:d0:78:d1:6d:9a:fc:d9:e4:
53:9c:08:2e:16:5c:8f:83:b7:69:77:de:d7:ef:ce:d7:ec:d7:
bd:c9:c9:be
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYRhTKnketgaiDd0dz2Jbh/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTkzMDg3NDJlN2ViNjY1MDYyMTlkODI5ZDg2MTg1ODk5
YTFlMzQwHhcNMjIxMTEwMTEyODQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmM5OTQ4NWNlNTE2MTkzN2E5YjU1ZTA3YjZmYWE2NjQ4N2JkZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkTESjX4zwhPin4SzMfPRQ0NVNqi
GQ68PwYxzH4nWMoB2ZSSA1U8O/IWIl4KLsVnyKxCTEBQHWboo41dV8jvYkepcDPz
FnGdOehLtcsC6ldReagVqL8yWU+vT7/QWm3qTsDg6Wvge5IEWMyMoDmGgzUcur6a
E1jTWy15ZiAC933NuVB9C264bs+Aezsfj74ypO2zmRhxDXTcd13Ne8e2SjS4iusB
TKwVDFfA8BfgRLQmgtIq0YDQ3394bO+dJKM0PSxf/PQLHxUqJwnsc9Bkyvh20RzL
MtovkejGM21ZRWbC5Y1Da0X64JoTGhoJvilUT0JC4eRmBmLEKKyAodgFAQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFI/JlIXOUWGTeptV4HtvqmZIe90eMB8GA1UdIwQY
MBaAFOSpMIdC5+tmUGIZ2CnYYYWJmh40MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtrd2gwTG42MlpRWWhuWUtkaGhoWW1hSGpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8xYzlkYmItMDUyYy00ZWVhLWFkZTYt
ZWM1Yjg4ZDAxMzhhLzEvajhtVWhjNVJZWk42bTFYZ2UyLXFaa2g3M1I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8xYzlkYmItMDUyYy00ZWVhLWFkZTYtZWM1Yjg4ZDAxMzhh
LzEvNUtrd2gwTG42MlpRWWhuWUtkaGhoWW1hSGpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDHwswAwQF
JbogAwQEUEygAwQCZxEAAwQCZxd8AwQCufdYAwQF1EZgMA0EAgACMAcDBQMqBH+A
MA0GCSqGSIb3DQEBCwUAA4IBAQDC3TCTO3Igk3KmxmdZC0UwNxstAmweM4Q5uQz1
Y+u6RKjmwAvS+StqqRg3cxKJlvep/ZUojcNjxZiJS5MxbtrNgFVmD+EmtFX2lFTk
suAk+GZB9OpA/yHV/lqw+jwkpStS9s0p2CctRH1+YADuHFg0Xe08ZUbU+kU9JcLG
WP+jyBsgZrsCOsKjSzRZnL+jqVjJed1m00FLkReBlaK0684JYdc+jFLpmisdEn/+
T9hUxzl6LNcbmFwRiENhsk83Zwrgut1La0kEFMDdA1LHdb4BXhW/gqvEne+/XZl8
2YtVsAxo0HjRbZr82eRTnAguFlyPg7dpd97X787X7Ne9ycm+
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:03:44 2025 by rpki-client