Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/6b9ee8-924b-4a31-a464-9f99c1477fbe/1/2NIOQVDB8Ivzkl3I7qdlTBx0XlQ.roa
File: 2NIOQVDB8Ivzkl3I7qdlTBx0XlQ.roa (raw, json)
Hash identifier: IR6DDY49p9QyxROxFmxK7YtDoSVt779oJjIeeakp48s=
Subject key identifier: D8:D2:0E:41:50:C1:F0:8B:F3:92:5D:C8:EE:A7:65:4C:1C:74:5E:54
Certificate issuer: /CN=681ce4d99ba8ebb91a794abfcbdd15bde09c99f8
Certificate serial: 01857230DAD392E6C1CF6820BC908EC2E270
Authority key identifier: 68:1C:E4:D9:9B:A8:EB:B9:1A:79:4A:BF:CB:DD:15:BD:E0:9C:99:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aBzk2Zuo67kaeUq_y90VveCcmfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/6b9ee8-924b-4a31-a464-9f99c1477fbe/1/2NIOQVDB8Ivzkl3I7qdlTBx0XlQ.roa
Signing time: Mon 02 Jan 2023 11:14:42 +0000
ROA not before: Mon 02 Jan 2023 11:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6752
IP address blocks: 80.80.85.0/24 maxlen: 24
80.80.84.0/22 maxlen: 22
80.80.84.0/24 maxlen: 24
80.80.92.0/22 maxlen: 22
185.87.36.0/22 maxlen: 22
185.33.0.0/22 maxlen: 22
194.158.64.0/22 maxlen: 22
194.158.64.0/24 maxlen: 24
194.158.64.0/19 maxlen: 19
194.158.68.0/22 maxlen: 22
194.158.78.0/24 maxlen: 24
194.158.72.0/23 maxlen: 23
194.158.72.0/22 maxlen: 22
194.158.76.0/22 maxlen: 22
185.87.40.0/22 maxlen: 22
185.87.44.0/22 maxlen: 22
188.241.26.0/23 maxlen: 23
91.187.64.0/19 maxlen: 19
91.187.64.0/22 maxlen: 22
91.187.68.0/22 maxlen: 22
91.187.76.0/22 maxlen: 22
91.187.72.0/22 maxlen: 22
91.187.84.0/22 maxlen: 22
91.187.83.0/24 maxlen: 24
91.187.80.0/22 maxlen: 22
91.187.88.0/22 maxlen: 22
89.150.4.0/22 maxlen: 22
89.150.2.0/23 maxlen: 23
89.150.8.0/22 maxlen: 22
89.150.12.0/22 maxlen: 22
91.187.93.0/24 maxlen: 24
91.187.92.0/22 maxlen: 22
185.194.56.0/22 maxlen: 22
46.172.224.0/19 maxlen: 19
46.172.232.0/22 maxlen: 22
185.4.52.0/22 maxlen: 22
94.125.138.0/23 maxlen: 23
94.125.140.0/23 maxlen: 23
185.132.200.0/22 maxlen: 22
109.111.96.0/24 maxlen: 24
109.111.96.0/22 maxlen: 22
109.111.96.0/19 maxlen: 19
109.111.100.0/22 maxlen: 22
109.111.104.0/22 maxlen: 22
109.111.108.0/22 maxlen: 22
109.111.112.0/22 maxlen: 22
109.111.111.0/24 maxlen: 24
109.111.116.0/22 maxlen: 22
85.94.164.0/22 maxlen: 22
109.111.124.0/22 maxlen: 22
109.111.120.0/22 maxlen: 22
85.94.160.0/19 maxlen: 19
85.94.160.0/22 maxlen: 22
85.94.168.0/22 maxlen: 22
85.94.172.0/22 maxlen: 22
85.94.176.0/22 maxlen: 22
85.94.184.0/22 maxlen: 22
85.94.180.0/22 maxlen: 22
194.158.80.0/22 maxlen: 22
194.158.84.0/22 maxlen: 22
194.158.84.0/24 maxlen: 24
194.158.85.0/24 maxlen: 24
194.158.88.0/22 maxlen: 22
194.158.95.0/24 maxlen: 24
194.158.92.0/22 maxlen: 22
85.94.188.0/22 maxlen: 22
46.175.158.0/24 maxlen: 24
46.175.157.0/24 maxlen: 24
46.175.156.0/24 maxlen: 24
46.175.156.0/22 maxlen: 22
46.175.159.0/24 maxlen: 24
2a02:8060::/31 maxlen: 31
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:30:da:d3:92:e6:c1:cf:68:20:bc:90:8e:c2:e2:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=681ce4d99ba8ebb91a794abfcbdd15bde09c99f8
Validity
Not Before: Jan 2 11:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8d20e4150c1f08bf3925dc8eea7654c1c745e54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c6:8b:c4:2a:5d:93:3c:90:f7:0f:d9:c7:cd:
c3:82:8c:a8:e3:17:5a:34:3b:ea:ce:fd:49:12:cf:
d9:a4:62:11:11:b6:ff:64:91:fe:bc:3d:19:8f:5d:
ea:65:67:10:5d:07:44:10:9d:df:35:b2:40:74:ea:
cc:c3:e0:55:88:bb:13:61:3c:11:58:8d:87:4d:a3:
4b:a0:69:9d:29:89:4d:f2:1e:24:29:20:63:4d:2e:
02:3a:3e:e7:5d:ec:f3:b2:7a:11:a3:7b:bf:06:24:
16:93:c5:31:7a:5a:4f:60:e1:b9:50:75:60:93:36:
ff:6b:c2:f5:5b:3e:3e:e2:65:77:1b:02:99:81:7a:
91:94:d0:b4:6a:37:c9:12:db:e7:4c:92:b4:25:6b:
25:34:1d:3c:e0:50:cb:ca:ca:24:8c:a4:60:4b:cf:
72:f7:67:37:1f:0d:97:c5:8a:79:2e:72:12:0b:e8:
9d:60:02:93:7b:46:39:a1:41:f8:40:8c:fc:8a:00:
cb:04:11:5b:5c:80:5f:de:c8:c6:f8:ee:97:b9:a5:
55:f5:64:4f:66:c2:5d:b3:e6:3e:39:d8:1c:97:a4:
4a:07:ab:47:db:98:ce:ab:a5:2a:2d:d7:05:45:2d:
49:ec:0a:f1:65:d0:e3:a8:05:89:b8:80:27:29:7d:
01:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:D2:0E:41:50:C1:F0:8B:F3:92:5D:C8:EE:A7:65:4C:1C:74:5E:54
X509v3 Authority Key Identifier:
keyid:68:1C:E4:D9:9B:A8:EB:B9:1A:79:4A:BF:CB:DD:15:BD:E0:9C:99:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBzk2Zuo67kaeUq_y90VveCcmfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/6b9ee8-924b-4a31-a464-9f99c1477fbe/1/2NIOQVDB8Ivzkl3I7qdlTBx0XlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/6b9ee8-924b-4a31-a464-9f99c1477fbe/1/aBzk2Zuo67kaeUq_y90VveCcmfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.172.224.0/19
46.175.156.0/22
80.80.84.0/22
80.80.92.0/22
85.94.160.0/19
89.150.2.0-89.150.15.255
91.187.64.0/19
94.125.138.0-94.125.141.255
109.111.96.0/19
185.4.52.0/22
185.33.0.0/22
185.87.36.0-185.87.47.255
185.132.200.0/22
185.194.56.0/22
188.241.26.0/23
194.158.64.0/19
IPv6:
2a02:8060::/31
Signature Algorithm: sha256WithRSAEncryption
9a:38:b0:0f:e1:5d:45:86:be:43:24:36:5e:9f:4e:e4:e4:98:
8b:39:3e:59:d8:ee:ae:d6:8f:38:b5:ab:90:21:89:90:34:dc:
5f:5b:f3:6b:98:c5:55:b6:4c:55:e7:7e:aa:b6:d5:84:99:bb:
4c:c7:54:20:ac:38:60:0e:57:6c:d4:69:5b:3b:12:e6:0a:f9:
cf:a2:c0:9a:b4:cd:28:de:6f:45:9e:fd:df:e1:61:8b:a8:8a:
72:ac:a1:63:ba:dc:5e:0d:ee:39:24:d7:96:70:59:11:3d:26:
e4:f5:c9:e8:f8:ba:46:91:b8:ca:79:48:b5:8d:ff:5a:79:12:
c0:52:03:e6:49:e0:a2:31:00:2c:35:39:0b:bd:c4:23:48:39:
97:ff:03:52:c9:83:ad:75:b8:c7:b2:87:2b:e9:d5:2e:98:e4:
55:98:f1:74:c9:02:29:09:b2:87:03:72:c3:c4:b8:f6:a2:a6:
ee:a2:ed:be:a1:38:f3:29:01:e5:18:c9:1c:e5:6d:e1:ed:b1:
54:00:7d:79:32:68:2b:6d:40:d7:ce:f7:5d:55:51:e8:ff:95:
a0:38:d4:3d:05:d0:ee:34:ed:cd:a7:d4:7d:07:c2:da:26:f5:
e0:75:f8:ac:f3:34:be:8f:16:d4:56:7b:ec:7b:c1:e6:7a:05:
97:fd:de:be
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAYVyMNrTkubBz2ggvJCOwuJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MWNlNGQ5OWJhOGViYjkxYTc5NGFiZmNiZGQxNWJkZTA5
Yzk5ZjgwHhcNMjMwMTAyMTExNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGQyMGU0MTUwYzFmMDhiZjM5MjVkYzhlZWE3NjU0YzFjNzQ1ZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0saLxCpdkzyQ9w/Zx83Dgoyo4xda
NDvqzv1JEs/ZpGIREbb/ZJH+vD0Zj13qZWcQXQdEEJ3fNbJAdOrMw+BViLsTYTwR
WI2HTaNLoGmdKYlN8h4kKSBjTS4COj7nXezzsnoRo3u/BiQWk8UxelpPYOG5UHVg
kzb/a8L1Wz4+4mV3GwKZgXqRlNC0ajfJEtvnTJK0JWslNB084FDLysokjKRgS89y
92c3Hw2XxYp5LnISC+idYAKTe0Y5oUH4QIz8igDLBBFbXIBf3sjG+O6XuaVV9WRP
ZsJds+Y+Odgcl6RKB6tH25jOq6UqLdcFRS1J7ArxZdDjqAWJuIAnKX0BtQIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFNjSDkFQwfCL85JdyO6nZUwcdF5UMB8GA1UdIwQY
MBaAFGgc5NmbqOu5GnlKv8vdFb3gnJn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJ6azJadW82N2thZVVxX3k5MFZ2ZUNjbWZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi82YjllZTgtOTI0Yi00YTMxLWE0NjQt
OWY5OWMxNDc3ZmJlLzEvMk5JT1FWREI4SXZ6a2wzSTdxZGxUQngwWGxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi82YjllZTgtOTI0Yi00YTMxLWE0NjQtOWY5OWMxNDc3ZmJl
LzEvYUJ6azJadW82N2thZVVxX3k5MFZ2ZUNjbWZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzB+BAIAATB4AwQFLqzg
AwQCLq+cAwQCUFBUAwQCUFBcAwQFVV6gMAwDBAFZlgIDBARZlgADBAVbu0AwDAME
AV59igMEAV59jAMEBW1vYAMEArkENAMEArkhADAMAwQCuVckAwQEuVcgAwQCuYTI
AwQCucI4AwQBvPEaAwQFwp5AMA0EAgACMAcDBQEqAoBgMA0GCSqGSIb3DQEBCwUA
A4IBAQCaOLAP4V1Fhr5DJDZen07k5JiLOT5Z2O6u1o84tauQIYmQNNxfW/NrmMVV
tkxV536qttWEmbtMx1QgrDhgDlds1GlbOxLmCvnPosCatM0o3m9Fnv3f4WGLqIpy
rKFjutxeDe45JNeWcFkRPSbk9cno+LpGkbjKeUi1jf9aeRLAUgPmSeCiMQAsNTkL
vcQjSDmX/wNSyYOtdbjHsocr6dUumORVmPF0yQIpCbKHA3LDxLj2oqbuou2+oTjz
KQHlGMkc5W3h7bFUAH15MmgrbUDXzvddVVHo/5WgONQ9BdDuNO3Np9R9B8LaJvXg
dfis8zS+jxbUVnvse8HmegWX/d6+
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:12:40 2025 by rpki-client