Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/Y8g8PwhZEgev0_WmMLml5qWhgpE.roa
File: Y8g8PwhZEgev0_WmMLml5qWhgpE.roa (raw, json)
Hash identifier: 6oUk5gACAn6PV1Bjtp4Vn3bgrm4r/QP898Y3r3gpW1w=
Subject key identifier: 63:C8:3C:3F:08:59:12:07:AF:D3:F5:A6:30:B9:A5:E6:A5:A1:82:91
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 018D408542CFBFDDD053433BE1C0F66F620C
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/Y8g8PwhZEgev0_WmMLml5qWhgpE.roa
Signing time: Thu 25 Jan 2024 12:08:11 +0000
ROA not before: Thu 25 Jan 2024 12:08:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3352
IP address blocks: 2.136.0.0/16 maxlen: 16
2.137.0.0/16 maxlen: 16
2.138.0.0/16 maxlen: 16
79.144.0.0/16 maxlen: 16
79.145.0.0/16 maxlen: 16
79.146.0.0/16 maxlen: 16
79.147.0.0/16 maxlen: 16
80.30.0.0/16 maxlen: 16
80.31.0.0/16 maxlen: 16
81.32.0.0/16 maxlen: 16
81.34.0.0/16 maxlen: 16
81.35.0.0/16 maxlen: 16
81.36.0.0/16 maxlen: 16
81.37.0.0/16 maxlen: 16
81.38.0.0/16 maxlen: 16
81.39.0.0/16 maxlen: 16
81.40.0.0/16 maxlen: 16
81.41.0.0/16 maxlen: 16
81.42.0.0/16 maxlen: 16
81.43.0.0/16 maxlen: 16
83.32.0.0/16 maxlen: 16
83.33.0.0/16 maxlen: 16
83.34.0.0/16 maxlen: 16
83.35.0.0/16 maxlen: 16
83.37.0.0/16 maxlen: 16
83.38.0.0/16 maxlen: 16
83.39.0.0/16 maxlen: 16
83.47.0.0/16 maxlen: 16
83.52.0.0/16 maxlen: 16
83.53.0.0/16 maxlen: 16
83.54.0.0/16 maxlen: 16
83.55.0.0/16 maxlen: 16
83.57.0.0/16 maxlen: 16
83.58.0.0/16 maxlen: 16
83.59.0.0/16 maxlen: 16
83.60.0.0/16 maxlen: 16
83.63.0.0/16 maxlen: 16
88.0.0.0/16 maxlen: 16
88.1.0.0/16 maxlen: 16
88.8.0.0/16 maxlen: 16
88.9.0.0/16 maxlen: 16
88.10.0.0/16 maxlen: 16
88.11.0.0/16 maxlen: 16
88.13.0.0/16 maxlen: 16
88.14.0.0/16 maxlen: 16
88.15.0.0/16 maxlen: 16
88.16.0.0/16 maxlen: 16
88.24.0.0/16 maxlen: 16
88.25.0.0/16 maxlen: 16
88.30.0.0/16 maxlen: 16
192.101.1.0/24 maxlen: 24
194.69.225.0/24 maxlen: 24
194.179.34.0/24 maxlen: 24
194.179.112.0/24 maxlen: 24
195.53.0.0/16 maxlen: 16
195.53.193.0/24 maxlen: 24
195.53.218.0/23 maxlen: 23
195.55.110.0/24 maxlen: 24
213.99.44.0/24 maxlen: 24
213.99.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:40:85:42:cf:bf:dd:d0:53:43:3b:e1:c0:f6:6f:62:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Jan 25 12:08:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63c83c3f08591207afd3f5a630b9a5e6a5a18291
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:65:f9:07:36:61:59:c8:01:3a:dc:c9:80:ea:
cb:55:15:de:75:09:af:e6:07:de:78:22:fc:a6:50:
72:7d:bf:02:fa:c9:ec:72:c9:89:b6:9c:db:0b:07:
25:19:b0:db:08:6a:61:b1:01:79:8b:8b:9b:98:33:
cc:8f:95:13:7f:9a:b4:90:60:6b:93:f3:e5:f5:1b:
e0:ef:33:4d:06:00:b9:5f:2d:33:c4:fd:ea:b1:34:
13:02:e9:bf:51:35:13:6e:ca:7b:cb:2b:d5:61:e1:
45:13:72:b0:1c:b7:64:6f:9d:c5:83:8d:aa:ac:1c:
3a:e4:a5:a5:ea:05:da:4c:6a:1f:f2:70:b4:93:55:
85:6a:b6:38:49:ee:4a:e9:ac:6a:7d:98:09:1c:39:
23:29:2d:3d:8a:e4:d4:71:0f:a2:e1:f2:f1:aa:d3:
0f:70:37:4d:29:cb:e9:c5:5e:f7:1a:01:2d:8b:3f:
03:c0:29:ad:1d:67:46:3c:f7:29:8c:a9:c9:2e:fc:
7b:a2:cb:ce:63:eb:c6:30:45:3c:56:47:bd:ee:61:
19:0d:8d:e0:95:6a:8a:25:11:ce:0c:3c:aa:41:9c:
ea:2a:e0:2d:c7:cc:03:45:d9:56:8f:31:6e:74:27:
ee:d0:93:f4:d7:65:54:34:61:db:32:14:25:3b:a1:
ee:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:C8:3C:3F:08:59:12:07:AF:D3:F5:A6:30:B9:A5:E6:A5:A1:82:91
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/Y8g8PwhZEgev0_WmMLml5qWhgpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.136.0.0-2.138.255.255
79.144.0.0/14
80.30.0.0/15
81.32.0.0/16
81.34.0.0-81.43.255.255
83.32.0.0/14
83.37.0.0-83.39.255.255
83.47.0.0/16
83.52.0.0/14
83.57.0.0-83.60.255.255
83.63.0.0/16
88.0.0.0/15
88.8.0.0/14
88.13.0.0-88.16.255.255
88.24.0.0/15
88.30.0.0/16
192.101.1.0/24
194.69.225.0/24
194.179.34.0/24
194.179.112.0/24
195.53.0.0/16
195.55.110.0/24
213.99.44.0/24
213.99.59.0/24
Signature Algorithm: sha256WithRSAEncryption
27:76:bd:dc:41:2c:f3:e8:55:07:7e:b6:3e:31:d4:66:a5:00:
16:2e:1b:fa:5c:1a:db:de:11:7d:62:f9:a0:30:9c:21:bd:3d:
ff:49:e3:34:b1:3a:5c:93:45:19:67:96:6b:ac:26:e0:9e:ca:
2e:58:92:6f:6d:9f:4e:5b:b0:2e:35:d4:d1:97:23:b3:2d:d9:
97:c2:3b:18:07:64:c9:df:b1:25:9a:ee:08:07:08:a4:8a:8c:
f1:f1:d0:37:43:18:16:cc:c5:d4:03:2a:86:59:3c:7d:3b:7b:
5f:0e:4e:bb:bc:d4:8d:9d:48:59:73:d9:96:d1:26:9c:08:7c:
53:c2:14:e0:68:43:8c:99:8d:f2:dd:e9:dd:88:76:af:49:87:
73:27:bc:1b:a7:7e:c9:2f:9d:4a:73:28:eb:a4:d3:60:74:ce:
fc:34:db:06:4c:c4:a2:63:4b:28:f1:cb:ea:4c:3c:f6:77:bf:
4e:47:d8:02:8f:2b:15:d7:75:9d:81:dc:3b:60:83:9f:e0:a2:
d7:7a:92:2c:84:53:25:1d:9c:61:9d:3a:37:ef:11:75:20:8f:
ab:26:8f:36:fd:54:b9:99:35:f7:f3:70:5e:74:f6:02:7e:39:
c2:33:f5:9a:fa:74:66:bc:b0:8b:71:de:81:44:77:ff:2a:dd:
7e:39:3f:ed
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAY1AhULPv93QU0M74cD2b2IMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjQwMTI1MTIwODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2M4M2MzZjA4NTkxMjA3YWZkM2Y1YTYzMGI5YTVlNmE1YTE4MjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWX5BzZhWcgBOtzJgOrLVRXedQmv
5gfeeCL8plByfb8C+snscsmJtpzbCwclGbDbCGphsQF5i4ubmDPMj5UTf5q0kGBr
k/Pl9Rvg7zNNBgC5Xy0zxP3qsTQTAum/UTUTbsp7yyvVYeFFE3KwHLdkb53Fg42q
rBw65KWl6gXaTGof8nC0k1WFarY4Se5K6axqfZgJHDkjKS09iuTUcQ+i4fLxqtMP
cDdNKcvpxV73GgEtiz8DwCmtHWdGPPcpjKnJLvx7osvOY+vGMEU8Vke97mEZDY3g
lWqKJRHODDyqQZzqKuAtx8wDRdlWjzFudCfu0JP012VUNGHbMhQlO6HunwIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFGPIPD8IWRIHr9P1pjC5pealoYKRMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvWThnOFB3aFpFZ2V2MF9XbU1MbWw1cVdoZ3BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIwCgMD
AwKIAwMAAooDAwJPkAMDAVAeAwMAUSAwCgMDAVEiAwMCUSgDAwJTIDAKAwMAUyUD
AwNTIAMDAFMvAwMCUzQwCgMDAFM5AwMAUzwDAwBTPwMDAVgAAwMCWAgwCgMDAFgN
AwMAWBADAwFYGAMDAFgeAwQAwGUBAwQAwkXhAwQAwrMiAwQAwrNwAwMAwzUDBADD
N24DBADVYywDBADVYzswDQYJKoZIhvcNAQELBQADggEBACd2vdxBLPPoVQd+tj4x
1GalABYuG/pcGtveEX1i+aAwnCG9Pf9J4zSxOlyTRRlnlmusJuCeyi5Ykm9tn05b
sC411NGXI7Mt2ZfCOxgHZMnfsSWa7ggHCKSKjPHx0DdDGBbMxdQDKoZZPH07e18O
Tru81I2dSFlz2ZbRJpwIfFPCFOBoQ4yZjfLd6d2Idq9Jh3MnvBunfskvnUpzKOuk
02B0zvw02wZMxKJjSyjxy+pMPPZ3v05H2AKPKxXXdZ2B3Dtgg5/gotd6kiyEUyUd
nGGdOjfvEXUgj6smjzb9VLmZNffzcF509gJ+OcIz9Zr6dGa8sItx3oFEd/8q3X45
P+0=
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:30:08 2025 by rpki-client