Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/X_bXRqOQs8mHkPwDtk6yNsygask.roa
File: X_bXRqOQs8mHkPwDtk6yNsygask.roa (raw, json)
Hash identifier: o9tbnAiOHkWdXR/4+Xs1bWp9yroP2lJWxISLTAK5H8g=
Subject key identifier: 5F:F6:D7:46:A3:90:B3:C9:87:90:FC:03:B6:4E:B2:36:CC:A0:6A:C9
Certificate issuer: /CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Certificate serial: 01869C0D376CF5F8F6B02886493A702D27B7
Authority key identifier: 43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/X_bXRqOQs8mHkPwDtk6yNsygask.roa
Signing time: Wed 01 Mar 2023 07:22:37 +0000
ROA not before: Wed 01 Mar 2023 07:22:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48359
IP address blocks: 185.221.192.0/24 maxlen: 24
185.221.192.0/22 maxlen: 22
185.221.194.0/24 maxlen: 24
185.221.193.0/24 maxlen: 24
185.221.195.0/24 maxlen: 24
195.191.44.0/24 maxlen: 24
195.191.45.0/24 maxlen: 24
185.121.58.0/24 maxlen: 24
185.121.57.0/24 maxlen: 24
185.121.56.0/22 maxlen: 22
185.121.56.0/24 maxlen: 24
185.121.59.0/24 maxlen: 24
195.8.112.0/24 maxlen: 24
195.8.110.0/24 maxlen: 24
195.8.114.0/24 maxlen: 24
185.238.44.0/24 maxlen: 24
185.238.47.0/24 maxlen: 24
185.238.46.0/24 maxlen: 24
185.238.45.0/24 maxlen: 24
195.191.23.0/24 maxlen: 24
195.191.22.0/24 maxlen: 24
185.137.60.0/22 maxlen: 24
185.142.95.0/24 maxlen: 24
185.142.92.0/22 maxlen: 22
185.142.92.0/24 maxlen: 24
193.246.200.0/24 maxlen: 24
185.142.94.0/24 maxlen: 24
185.142.93.0/24 maxlen: 24
193.246.201.0/24 maxlen: 24
185.142.124.0/24 maxlen: 24
185.142.124.0/22 maxlen: 22
185.142.125.0/24 maxlen: 24
185.142.127.0/24 maxlen: 24
185.142.126.0/24 maxlen: 24
195.8.102.0/24 maxlen: 24
195.230.97.0/24 maxlen: 24
195.230.105.0/24 maxlen: 24
91.213.151.0/24 maxlen: 24
195.230.107.0/24 maxlen: 24
91.213.157.0/24 maxlen: 24
185.82.64.0/24 maxlen: 24
185.82.64.0/22 maxlen: 22
195.230.124.0/24 maxlen: 24
185.82.66.0/24 maxlen: 24
185.82.67.0/24 maxlen: 24
185.82.65.0/24 maxlen: 24
91.213.172.0/24 maxlen: 24
91.213.167.0/24 maxlen: 24
185.47.48.0/23 maxlen: 23
185.47.50.0/23 maxlen: 23
45.155.192.0/24 maxlen: 24
193.246.175.0/24 maxlen: 24
193.246.174.0/24 maxlen: 24
45.155.195.0/24 maxlen: 24
45.155.193.0/24 maxlen: 24
45.155.194.0/24 maxlen: 24
185.125.22.0/24 maxlen: 24
185.125.21.0/24 maxlen: 24
185.125.23.0/24 maxlen: 24
185.125.20.0/22 maxlen: 22
185.212.192.0/24 maxlen: 24
185.212.193.0/24 maxlen: 24
185.212.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9c:0d:37:6c:f5:f8:f6:b0:28:86:49:3a:70:2d:27:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Validity
Not Before: Mar 1 07:22:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ff6d746a390b3c98790fc03b64eb236cca06ac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c4:0b:09:02:dc:f4:1e:ec:f5:94:1e:b3:34:
6c:0f:3e:69:d3:37:cb:7c:c9:18:b0:04:5e:a5:8f:
84:fc:fd:c6:9b:d4:d1:2c:c1:b3:9c:67:40:bb:d5:
74:1f:7c:a2:cb:1c:21:8f:fd:98:42:4f:8e:73:21:
47:af:3f:c3:2c:25:ea:eb:b7:b9:f4:3b:8b:ee:e2:
b6:8d:97:71:47:be:fb:94:56:64:95:2c:97:10:10:
e2:f0:a1:b7:33:2e:26:4c:9e:61:1a:14:44:df:5b:
20:55:00:5e:43:7d:7f:d2:28:9e:f8:24:e4:44:9c:
46:59:72:d6:a8:7a:db:4d:85:81:1f:cc:1c:16:5c:
3f:b4:82:c2:aa:f2:46:37:c5:21:31:5a:fb:63:b8:
35:08:9f:f7:1b:f7:fb:32:e2:8c:4d:2d:03:65:46:
76:e9:cb:6d:84:fb:17:c8:29:10:69:02:35:88:44:
d9:c0:c8:95:e2:e5:16:5b:d1:e1:69:1a:a4:e1:48:
f8:91:89:8d:7e:26:55:d0:04:92:0e:b7:cc:62:a7:
d7:df:f5:f4:ce:96:a6:26:aa:0d:a4:af:f7:eb:5f:
5d:d3:01:a2:d9:56:4c:4c:48:bf:5b:b7:b2:65:3e:
0b:d1:0d:44:bc:e6:ae:bc:85:19:86:92:c4:ea:c0:
a9:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F6:D7:46:A3:90:B3:C9:87:90:FC:03:B6:4E:B2:36:CC:A0:6A:C9
X509v3 Authority Key Identifier:
keyid:43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/X_bXRqOQs8mHkPwDtk6yNsygask.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.192.0/22
91.213.151.0/24
91.213.157.0/24
91.213.167.0/24
91.213.172.0/24
185.47.48.0/22
185.82.64.0/22
185.121.56.0/22
185.125.20.0/22
185.137.60.0/22
185.142.92.0/22
185.142.124.0/22
185.212.192.0/23
185.212.195.0/24
185.221.192.0/22
185.238.44.0/22
193.246.174.0/23
193.246.200.0/23
195.8.102.0/24
195.8.110.0/24
195.8.112.0/24
195.8.114.0/24
195.191.22.0/23
195.191.44.0/23
195.230.97.0/24
195.230.105.0/24
195.230.107.0/24
195.230.124.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:0c:0b:67:57:e8:4c:d8:14:ae:03:8a:ef:ee:4e:f2:84:e4:
1b:9b:82:a9:fd:04:2f:12:d3:5b:61:a2:0e:93:e2:43:04:a7:
b1:58:dd:9c:80:99:d4:f6:ec:f1:4e:c6:53:b2:d0:71:24:33:
99:10:b0:91:b6:85:37:84:7c:1f:0a:f2:e9:02:21:7e:04:d3:
1c:a5:9e:52:01:1e:6f:07:c8:d6:5f:49:9d:3c:26:3f:66:cd:
07:58:65:a0:5d:37:5c:5b:1b:18:fe:dc:d7:e2:4e:c9:14:84:
c3:be:cc:10:d2:42:5a:20:35:12:e7:2c:81:0b:30:61:c0:53:
7d:57:ac:c1:0c:cd:45:7f:4e:e4:3d:c1:73:f9:35:dd:f9:3e:
09:a8:a0:82:17:27:cb:11:7f:62:7d:ff:b4:7e:f1:8e:6f:c0:
ba:89:64:db:0a:62:4c:26:c7:c6:5b:d0:25:cc:8d:18:18:3a:
42:32:ce:b4:f7:0a:62:69:ac:60:cc:05:9b:97:e2:76:fc:f7:
29:6e:9b:a6:c6:f2:6f:c4:3b:46:46:62:c4:71:18:c8:d8:2c:
be:d4:11:f3:32:17:63:0a:a1:30:c3:d8:2b:b5:d6:fc:6c:65:
42:f0:d1:61:73:12:ce:1d:c0:2e:45:e4:f8:eb:1c:52:2c:6b:
fc:c1:72:3a
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYacDTds9fj2sCiGSTpwLSe3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOTY1ZGQxZjZmMjRhNDZkN2NjNGJjY2ZlY2Q0MTUxYzZk
ZDFiZmIwHhcNMjMwMzAxMDcyMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmY2ZDc0NmEzOTBiM2M5ODc5MGZjMDNiNjRlYjIzNmNjYTA2YWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMQLCQLc9B7s9ZQeszRsDz5p0zfL
fMkYsARepY+E/P3Gm9TRLMGznGdAu9V0H3yiyxwhj/2YQk+OcyFHrz/DLCXq67e5
9DuL7uK2jZdxR777lFZklSyXEBDi8KG3My4mTJ5hGhRE31sgVQBeQ31/0iie+CTk
RJxGWXLWqHrbTYWBH8wcFlw/tILCqvJGN8UhMVr7Y7g1CJ/3G/f7MuKMTS0DZUZ2
6ctthPsXyCkQaQI1iETZwMiV4uUWW9HhaRqk4Uj4kYmNfiZV0ASSDrfMYqfX3/X0
zpamJqoNpK/3619d0wGi2VZMTEi/W7eyZT4L0Q1EvOauvIUZhpLE6sCpbwIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFF/210ajkLPJh5D8A7ZOsjbMoGrJMB8GA1UdIwQY
MBaAFEOWXdH28kpG18xLzP7NQVHG3Rv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEt
MzM5ODBjMDNmMDhlLzEvWF9iWFJxT1FzOG1Ia1B3RHRrNnlOc3lnYXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEtMzM5ODBjMDNmMDhl
LzEvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagDBAIt
m8ADBABb1ZcDBABb1Z0DBABb1acDBABb1awDBAK5LzADBAK5UkADBAK5eTgDBAK5
fRQDBAK5iTwDBAK5jlwDBAK5jnwDBAG51MADBAC51MMDBAK53cADBAK57iwDBAHB
9q4DBAHB9sgDBADDCGYDBADDCG4DBADDCHADBADDCHIDBAHDvxYDBAHDvywDBADD
5mEDBADD5mkDBADD5msDBADD5nwwDQYJKoZIhvcNAQELBQADggEBAGoMC2dX6EzY
FK4Diu/uTvKE5Bubgqn9BC8S01thog6T4kMEp7FY3ZyAmdT27PFOxlOy0HEkM5kQ
sJG2hTeEfB8K8ukCIX4E0xylnlIBHm8HyNZfSZ08Jj9mzQdYZaBdN1xbGxj+3Nfi
TskUhMO+zBDSQlogNRLnLIELMGHAU31XrMEMzUV/TuQ9wXP5Nd35PgmooIIXJ8sR
f2J9/7R+8Y5vwLqJZNsKYkwmx8Zb0CXMjRgYOkIyzrT3CmJprGDMBZuX4nb89ylu
m6bG8m/EO0ZGYsRxGMjYLL7UEfMyF2MKoTDD2Cu11vxsZULw0WFzEs4dwC5F5Pjr
HFIsa/zBcjo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:38 2025 by rpki-client