Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/XI6CbkjuSl8tK33Gwb2VAlvHbfU.roa
File: XI6CbkjuSl8tK33Gwb2VAlvHbfU.roa (raw, json)
Hash identifier: RQarX1vLavb6jB91k2uXqgc//rlvo8mnhISyC3v8B7M=
Subject key identifier: 5C:8E:82:6E:48:EE:4A:5F:2D:2B:7D:C6:C1:BD:95:02:5B:C7:6D:F5
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01856E41D6B37B81F50AB6917F763C98CEFC
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/XI6CbkjuSl8tK33Gwb2VAlvHbfU.roa
Signing time: Sun 01 Jan 2023 16:54:46 +0000
ROA not before: Sun 01 Jan 2023 16:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41571
IP address blocks: 89.34.5.0/24 maxlen: 24
89.42.35.0/24 maxlen: 24
86.104.124.0/24 maxlen: 24
89.35.116.0/24 maxlen: 24
89.33.196.0/24 maxlen: 24
89.36.92.0/24 maxlen: 24
89.35.55.0/24 maxlen: 24
89.34.93.0/24 maxlen: 24
89.36.19.0/24 maxlen: 24
89.42.214.0/24 maxlen: 24
89.42.14.0/24 maxlen: 24
89.41.63.0/24 maxlen: 24
89.44.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:d6:b3:7b:81:f5:0a:b6:91:7f:76:3c:98:ce:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c8e826e48ee4a5f2d2b7dc6c1bd95025bc76df5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:01:0f:42:03:6d:77:87:05:08:e2:85:55:6b:
a3:f3:55:77:a6:7e:68:61:5d:68:16:70:b1:80:aa:
26:98:64:6d:14:3e:20:e7:67:68:85:8f:aa:94:34:
c3:0b:a2:05:88:48:fe:c1:c7:98:d4:29:0f:6a:97:
bc:16:9e:ee:77:48:a7:05:d5:e4:7b:63:b9:2c:2b:
8e:6f:d9:59:69:b0:8d:29:3c:3d:24:b0:35:25:4f:
81:e7:d9:6a:c9:b2:45:07:78:bf:ed:8a:ac:4c:bd:
e3:a8:24:c6:81:09:f8:18:5a:88:19:68:6d:9d:36:
ca:9b:80:26:93:79:c1:ed:91:12:33:0e:87:2e:55:
36:f9:ab:22:20:40:7e:9f:29:68:26:d2:0c:61:34:
17:db:01:dd:53:44:90:ed:ac:0b:3c:19:f9:8e:32:
01:bf:6c:0b:a5:3c:0e:80:eb:4c:c8:67:59:29:0e:
ff:b0:05:a6:82:f2:99:c6:0c:64:a9:d1:56:99:fe:
11:76:59:64:6a:7b:ef:3a:5c:18:bb:8a:4f:b8:09:
d4:b2:c8:3f:e9:4f:8a:f5:4c:e5:e5:f2:22:83:18:
74:53:15:88:d5:dd:57:a2:ff:03:6b:0b:f9:cf:9c:
e4:41:74:03:29:07:13:59:4f:36:43:11:b0:f5:61:
98:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:8E:82:6E:48:EE:4A:5F:2D:2B:7D:C6:C1:BD:95:02:5B:C7:6D:F5
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/XI6CbkjuSl8tK33Gwb2VAlvHbfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.124.0/24
89.33.196.0/24
89.34.5.0/24
89.34.93.0/24
89.35.55.0/24
89.35.116.0/24
89.36.19.0/24
89.36.92.0/24
89.41.63.0/24
89.42.14.0/24
89.42.35.0/24
89.42.214.0/24
89.44.104.0/24
Signature Algorithm: sha256WithRSAEncryption
34:7a:66:b0:d4:30:3f:d0:31:08:69:2a:d0:53:f2:ff:b9:92:
03:c4:00:48:fe:01:cf:7b:3b:bb:88:8e:0a:9b:8d:42:df:b2:
3d:3a:1a:23:4d:03:bd:ca:e3:07:fb:b1:8b:20:95:8b:d4:e3:
c5:03:5c:d8:44:77:00:3a:65:c4:cb:2a:8b:a0:fd:ab:88:07:
7f:db:00:5a:10:df:47:d8:e9:19:3f:9c:c5:fe:83:cc:d7:df:
dd:8d:0d:15:e7:5c:80:09:db:80:40:bd:d2:eb:f6:a8:ff:0a:
1f:16:58:9d:c7:cc:e4:72:dc:b1:cb:b9:34:1d:22:77:35:4b:
99:b4:0f:1f:4e:bc:95:63:e1:98:5a:33:87:a9:cb:40:b5:1e:
72:79:2c:72:3b:2c:eb:47:b3:dd:12:9c:57:87:93:b3:2e:e9:
24:3e:6a:72:c6:8c:d5:de:2d:1e:22:b4:1d:e7:ed:fa:8d:c6:
ad:a2:a8:cb:28:fa:4f:3e:2c:f1:a8:7d:a3:a4:7c:2f:d0:68:
ba:28:67:82:90:7d:4d:f4:e8:f7:dd:d8:30:57:a6:6b:1d:8e:
8b:4f:f0:b4:ae:1f:0d:57:16:b6:63:9b:1c:38:ef:75:ae:d0:
bf:f7:28:d6:12:2b:9e:2a:86:91:cc:d1:b0:89:07:74:7b:0f:
bf:69:eb:9b
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYVuQdaze4H1CraRf3Y8mM78MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMTAxMTY1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzhlODI2ZTQ4ZWU0YTVmMmQyYjdkYzZjMWJkOTUwMjViYzc2ZGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwEPQgNtd4cFCOKFVWuj81V3pn5o
YV1oFnCxgKommGRtFD4g52dohY+qlDTDC6IFiEj+wceY1CkPape8Fp7ud0inBdXk
e2O5LCuOb9lZabCNKTw9JLA1JU+B59lqybJFB3i/7YqsTL3jqCTGgQn4GFqIGWht
nTbKm4Amk3nB7ZESMw6HLlU2+asiIEB+nyloJtIMYTQX2wHdU0SQ7awLPBn5jjIB
v2wLpTwOgOtMyGdZKQ7/sAWmgvKZxgxkqdFWmf4RdllkanvvOlwYu4pPuAnUssg/
6U+K9Uzl5fIigxh0UxWI1d1Xov8Dawv5z5zkQXQDKQcTWU82QxGw9WGY5QIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFFyOgm5I7kpfLSt9xsG9lQJbx231MB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvWEk2Q2JranVTbDh0SzMzR3diMlZBbHZIYmZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAVmh8AwQA
WSHEAwQAWSIFAwQAWSJdAwQAWSM3AwQAWSN0AwQAWSQTAwQAWSRcAwQAWSk/AwQA
WSoOAwQAWSojAwQAWSrWAwQAWSxoMA0GCSqGSIb3DQEBCwUAA4IBAQA0emaw1DA/
0DEIaSrQU/L/uZIDxABI/gHPezu7iI4Km41C37I9OhojTQO9yuMH+7GLIJWL1OPF
A1zYRHcAOmXEyyqLoP2riAd/2wBaEN9H2OkZP5zF/oPM19/djQ0V51yACduAQL3S
6/ao/wofFlidx8zkctyxy7k0HSJ3NUuZtA8fTryVY+GYWjOHqctAtR5yeSxyOyzr
R7PdEpxXh5OzLukkPmpyxozV3i0eIrQd5+36jcatoqjLKPpPPizxqH2jpHwv0Gi6
KGeCkH1N9Oj33dgwV6ZrHY6LT/C0rh8NVxa2Y5scOO91rtC/9yjWEiueKoaRzNGw
iQd0ew+/aeub
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:58:50 2025 by rpki-client