Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/GIlNtI-CjVm-XO-daFx4wwLsgYs.roa
File: GIlNtI-CjVm-XO-daFx4wwLsgYs.roa (raw, json)
Hash identifier: kPvOFKxzkLCqHWJRDwqlfvXgbQE7bbDTjwBY7/DQyGM=
Subject key identifier: 18:89:4D:B4:8F:82:8D:59:BE:5C:EF:9D:68:5C:78:C3:02:EC:81:8B
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 018B435D8E5EB2CC8AD18955B32504CBD996
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/GIlNtI-CjVm-XO-daFx4wwLsgYs.roa
Signing time: Wed 18 Oct 2023 15:18:06 +0000
ROA not before: Wed 18 Oct 2023 15:18:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3352
IP address blocks: 83.60.0.0/16 maxlen: 16
88.13.0.0/16 maxlen: 16
88.16.0.0/16 maxlen: 16
79.144.0.0/16 maxlen: 16
83.33.0.0/16 maxlen: 16
195.53.193.0/24 maxlen: 24
83.47.0.0/16 maxlen: 16
88.10.0.0/16 maxlen: 16
2.138.0.0/16 maxlen: 16
195.53.218.0/23 maxlen: 23
81.37.0.0/16 maxlen: 16
83.37.0.0/16 maxlen: 16
81.40.0.0/16 maxlen: 16
80.30.0.0/16 maxlen: 16
83.57.0.0/16 maxlen: 16
81.39.0.0/16 maxlen: 16
83.39.0.0/16 maxlen: 16
83.32.0.0/16 maxlen: 16
81.32.0.0/16 maxlen: 16
83.59.0.0/16 maxlen: 16
81.36.0.0/16 maxlen: 16
83.63.0.0/16 maxlen: 16
195.53.0.0/16 maxlen: 16
83.53.0.0/16 maxlen: 16
79.147.0.0/16 maxlen: 16
2.137.0.0/16 maxlen: 16
88.9.0.0/16 maxlen: 16
83.55.0.0/16 maxlen: 16
79.146.0.0/16 maxlen: 16
194.179.112.0/24 maxlen: 24
88.11.0.0/16 maxlen: 16
83.38.0.0/16 maxlen: 16
81.38.0.0/16 maxlen: 16
88.1.0.0/16 maxlen: 16
213.99.44.0/24 maxlen: 24
83.52.0.0/16 maxlen: 16
195.55.110.0/24 maxlen: 24
213.99.59.0/24 maxlen: 24
88.15.0.0/16 maxlen: 16
88.8.0.0/16 maxlen: 16
83.35.0.0/16 maxlen: 16
81.35.0.0/16 maxlen: 16
88.25.0.0/16 maxlen: 16
81.34.0.0/16 maxlen: 16
83.34.0.0/16 maxlen: 16
88.0.0.0/16 maxlen: 16
83.54.0.0/16 maxlen: 16
79.145.0.0/16 maxlen: 16
80.31.0.0/16 maxlen: 16
83.58.0.0/16 maxlen: 16
88.24.0.0/16 maxlen: 16
88.14.0.0/16 maxlen: 16
81.41.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:43:5d:8e:5e:b2:cc:8a:d1:89:55:b3:25:04:cb:d9:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Oct 18 15:18:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=18894db48f828d59be5cef9d685c78c302ec818b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b8:39:d3:fb:30:e3:e3:50:f6:fe:10:f5:89:
17:ff:e8:da:f3:61:8f:b6:3a:29:5c:63:19:2b:e4:
fb:c1:74:8f:6a:9e:c3:fd:d9:fa:ce:75:5b:65:d8:
b3:46:47:b2:76:23:fc:a2:60:dd:57:5c:89:48:41:
44:fa:60:d9:98:14:9d:ec:a0:7d:5b:29:58:76:38:
00:c8:10:82:88:11:d4:2b:83:8b:05:a7:ca:ab:2e:
15:3d:a7:f2:ad:4d:2d:70:35:d6:64:aa:4d:ae:d8:
55:96:09:ea:b2:66:ca:a3:cd:17:f8:1c:0d:b8:ca:
b6:b1:ba:8c:96:5c:d5:3f:47:45:a7:49:07:4b:e1:
f6:81:49:63:f2:ba:79:eb:74:94:1a:dc:d5:0d:12:
22:1b:78:72:25:a1:60:4a:a2:66:11:d6:e0:80:6e:
71:f7:92:87:d2:a5:d5:88:5f:d7:7e:a7:a2:19:4a:
fd:ac:cb:c6:16:ba:1e:24:98:2c:6f:97:b9:e2:4a:
87:c9:e4:ad:97:73:75:eb:80:ea:58:44:fb:54:1a:
98:42:13:2f:5a:28:39:5d:b0:02:92:f5:24:f0:62:
c6:cc:72:0e:b8:2a:96:f9:1c:8c:9d:00:7c:4e:27:
8f:9c:93:70:cd:c7:b3:ca:2f:4f:89:1c:d8:41:2c:
51:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:89:4D:B4:8F:82:8D:59:BE:5C:EF:9D:68:5C:78:C3:02:EC:81:8B
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/GIlNtI-CjVm-XO-daFx4wwLsgYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.137.0.0-2.138.255.255
79.144.0.0/14
80.30.0.0/15
81.32.0.0/16
81.34.0.0-81.41.255.255
83.32.0.0/14
83.37.0.0-83.39.255.255
83.47.0.0/16
83.52.0.0/14
83.57.0.0-83.60.255.255
83.63.0.0/16
88.0.0.0/15
88.8.0.0/14
88.13.0.0-88.16.255.255
88.24.0.0/15
194.179.112.0/24
195.53.0.0/16
195.55.110.0/24
213.99.44.0/24
213.99.59.0/24
Signature Algorithm: sha256WithRSAEncryption
96:1e:1d:71:df:2b:5f:69:39:0f:e7:9b:b9:d6:0e:4e:d9:2d:
00:3c:96:95:18:42:6a:74:b4:d4:8e:da:44:64:ef:d4:8d:10:
bd:19:6d:c9:b2:7f:d4:1d:7a:9b:1c:5b:d3:c1:47:08:5c:c8:
21:67:46:20:1a:2a:a0:e9:ab:2d:a2:28:ee:80:82:61:c2:d2:
ec:fa:48:56:0d:52:0c:50:4d:32:e4:07:63:56:39:7f:b5:70:
f1:2d:27:b7:db:6f:70:4d:90:17:5b:ec:b6:ad:ca:d9:82:5f:
ee:c3:c5:f4:ec:4c:0a:6c:69:1d:77:5f:f9:64:f8:3e:9d:92:
5b:6d:c5:23:14:4b:82:a7:99:3a:94:1c:e6:18:e8:8b:83:42:
ff:de:b8:36:48:c0:f5:5d:d3:6b:12:3b:52:f6:0f:cc:34:6d:
c4:b3:7d:ea:37:e8:ff:45:e1:12:f7:13:32:33:3b:fd:7f:de:
75:3c:5f:fa:62:23:55:19:b9:77:2b:e3:ff:08:5d:86:37:fe:
2e:f5:25:c4:39:e7:7e:7f:a3:0e:b0:3a:1d:eb:4a:23:32:4e:
4d:0c:2d:88:48:15:ef:d2:07:02:9b:9f:9b:7e:7b:40:62:4e:
6e:f0:a2:5b:10:47:84:72:08:56:00:1b:72:9a:9e:37:3f:35:
3a:53:b2:28
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYtDXY5essyK0YlVsyUEy9mWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjMxMDE4MTUxODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODg5NGRiNDhmODI4ZDU5YmU1Y2VmOWQ2ODVjNzhjMzAyZWM4MThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrg50/sw4+NQ9v4Q9YkX/+ja82GP
tjopXGMZK+T7wXSPap7D/dn6znVbZdizRkeydiP8omDdV1yJSEFE+mDZmBSd7KB9
WylYdjgAyBCCiBHUK4OLBafKqy4VPafyrU0tcDXWZKpNrthVlgnqsmbKo80X+BwN
uMq2sbqMllzVP0dFp0kHS+H2gUlj8rp563SUGtzVDRIiG3hyJaFgSqJmEdbggG5x
95KH0qXViF/XfqeiGUr9rMvGFroeJJgsb5e54kqHyeStl3N164DqWET7VBqYQhMv
Wig5XbACkvUk8GLGzHIOuCqW+RyMnQB8TiePnJNwzcezyi9PiRzYQSxRHQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFBiJTbSPgo1ZvlzvnWhceMMC7IGLMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvR0lsTnRJLUNqVm0tWE8tZGFGeDR3d0xzZ1lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGoBggrBgEFBQcBBwEB/wSBmDCBlTCBkgQCAAEwgYswCgMD
AAKJAwMAAooDAwJPkAMDAVAeAwMAUSAwCgMDAVEiAwMBUSgDAwJTIDAKAwMAUyUD
AwNTIAMDAFMvAwMCUzQwCgMDAFM5AwMAUzwDAwBTPwMDAVgAAwMCWAgwCgMDAFgN
AwMAWBADAwFYGAMEAMKzcAMDAMM1AwQAwzduAwQA1WMsAwQA1WM7MA0GCSqGSIb3
DQEBCwUAA4IBAQCWHh1x3ytfaTkP55u51g5O2S0APJaVGEJqdLTUjtpEZO/UjRC9
GW3Jsn/UHXqbHFvTwUcIXMghZ0YgGiqg6astoijugIJhwtLs+khWDVIMUE0y5Adj
Vjl/tXDxLSe3229wTZAXW+y2rcrZgl/uw8X07EwKbGkdd1/5ZPg+nZJbbcUjFEuC
p5k6lBzmGOiLg0L/3rg2SMD1XdNrEjtS9g/MNG3Es33qN+j/ReES9xMyMzv9f951
PF/6YiNVGbl3K+P/CF2GN/4u9SXEOed+f6MOsDod60ojMk5NDC2ISBXv0gcCm5+b
fntAYk5u8KJbEEeEcghWABtymp43PzU6U7Io
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:04 2025 by rpki-client