Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/h61SatwHPuMVRKqxDeHPIja1PFc.roa
File: h61SatwHPuMVRKqxDeHPIja1PFc.roa (raw, json)
Hash identifier: gdH1rrbn59f3l/S9FfS3t0cQ8ZnCZ4weIcc6MkmWwk8=
Subject key identifier: 87:AD:52:6A:DC:07:3E:E3:15:44:AA:B1:0D:E1:CF:22:36:B5:3C:57
Certificate issuer: /CN=c755702467770ed69b367b77bbe640bc6db4153e
Certificate serial: 0185C199
Authority key identifier: C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/h61SatwHPuMVRKqxDeHPIja1PFc.roa
Signing time: Wed 16 Mar 2022 09:37:03 +0000
ROA not before: Wed 16 Mar 2022 09:37:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201935
IP address blocks: 84.254.137.0/24 maxlen: 24
84.254.145.0/24 maxlen: 24
84.254.144.0/24 maxlen: 24
84.254.144.0/23 maxlen: 24
95.210.111.0/24 maxlen: 24
95.210.132.0/24 maxlen: 24
95.210.132.0/23 maxlen: 24
95.210.133.0/24 maxlen: 24
84.254.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25543065 (0x185c199)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c755702467770ed69b367b77bbe640bc6db4153e
Validity
Not Before: Mar 16 09:37:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87ad526adc073ee31544aab10de1cf2236b53c57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:af:fe:d5:08:c6:41:98:68:26:16:1c:34:8d:
d0:37:93:62:24:70:e0:33:7c:b2:c9:a2:0b:f1:85:
93:51:1b:ba:72:ac:52:a4:ad:34:e0:9b:47:ec:c4:
0a:fd:2b:1b:c3:61:02:68:3c:c0:bf:98:2e:ae:45:
97:62:30:a1:af:36:d3:8d:8c:a1:1a:7d:ca:d5:7b:
86:ea:2f:d1:3f:20:e8:cf:c8:3d:38:b3:cd:3f:2a:
44:2b:9e:fe:50:e1:21:2c:6c:f2:12:25:26:64:3f:
1a:b2:e6:ac:90:16:3e:bd:e4:f0:b7:31:a5:12:19:
44:ff:a3:a5:74:5a:91:da:b3:98:37:c8:93:9e:8e:
71:ba:a2:fa:74:4b:3e:11:4b:96:58:7b:f2:6e:7b:
55:a7:fd:94:08:dd:3b:29:a3:a1:d8:16:ba:20:ac:
87:1d:98:45:37:a8:2b:36:44:b7:d7:ac:88:7a:6f:
88:14:b1:1e:eb:41:2b:f9:8e:36:75:be:03:12:4b:
18:c4:39:84:91:fd:a7:c2:b3:4d:68:c8:86:d6:03:
97:ca:da:29:13:81:cc:ff:e8:c6:36:14:89:0a:4c:
e2:8b:fc:c2:b4:de:89:28:26:a9:d2:87:b9:53:1b:
8f:1f:57:3f:a7:e0:aa:4d:27:c5:ad:63:24:fa:4c:
f5:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:AD:52:6A:DC:07:3E:E3:15:44:AA:B1:0D:E1:CF:22:36:B5:3C:57
X509v3 Authority Key Identifier:
keyid:C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/h61SatwHPuMVRKqxDeHPIja1PFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.254.130.0/24
84.254.137.0/24
84.254.144.0/23
95.210.111.0/24
95.210.132.0/23
Signature Algorithm: sha256WithRSAEncryption
83:f0:69:14:43:c7:da:d0:63:a9:1b:9c:5a:69:47:5f:46:27:
17:93:be:bf:c1:b3:9b:ce:47:20:74:d1:58:8b:61:10:05:68:
bc:1c:c1:3a:b1:29:39:d0:23:87:64:fd:a0:4b:9e:f5:df:72:
83:d2:5a:a2:b8:f5:03:55:85:fa:bc:e1:66:32:c1:68:6d:e2:
b8:60:d3:f8:9b:a7:01:75:ec:a7:6d:13:12:28:93:b7:e0:99:
0f:f6:89:e0:53:ef:b7:3c:c6:1f:1b:f0:c4:4f:80:a0:9d:20:
a3:25:5f:5c:80:7c:95:29:14:49:ee:64:b9:1f:46:6f:0e:ee:
d9:ff:fc:33:b8:90:0c:82:de:e9:9e:98:a2:68:f3:2a:82:1c:
cb:51:ce:50:b4:88:7e:f9:d1:cc:57:b3:45:94:fa:e7:95:e7:
a3:28:10:40:66:ce:84:a7:d6:98:d2:f4:a4:c3:b0:1c:26:6c:
3c:00:be:5e:5f:48:8c:a3:b0:98:d0:7f:69:bd:d6:fb:88:c2:
d9:1c:19:38:fa:d3:15:94:b6:0d:42:2e:31:32:8f:84:0a:27:
c8:09:d3:3a:c6:5c:36:af:ba:e0:3c:26:d1:46:9a:0b:3a:71:
8b:e4:ce:09:91:03:10:29:1f:65:c4:bc:bb:ae:a1:14:d1:d7:
09:6f:77:7b
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEAYXBmTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NzU1NzAyNDY3NzcwZWQ2OWIzNjdiNzdiYmU2NDBiYzZkYjQxNTNlMB4XDTIyMDMx
NjA5MzcwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODdhZDUyNmFkYzA3
M2VlMzE1NDRhYWIxMGRlMWNmMjIzNmI1M2M1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKiv/tUIxkGYaCYWHDSN0DeTYiRw4DN8ssmiC/GFk1EbunKs
UqStNOCbR+zECv0rG8NhAmg8wL+YLq5Fl2Iwoa82042MoRp9ytV7huov0T8g6M/I
PTizzT8qRCue/lDhISxs8hIlJmQ/GrLmrJAWPr3k8LcxpRIZRP+jpXRakdqzmDfI
k56Ocbqi+nRLPhFLllh78m57Vaf9lAjdOymjodgWuiCshx2YRTeoKzZEt9esiHpv
iBSxHutBK/mONnW+AxJLGMQ5hJH9p8KzTWjIhtYDl8raKROBzP/oxjYUiQpM4ov8
wrTeiSgmqdKHuVMbjx9XP6fgqk0nxa1jJPpM9dMCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSHrVJq3Ac+4xVEqrEN4c8iNrU8VzAfBgNVHSMEGDAWgBTHVXAkZ3cO1ps2
e3e75kC8bbQVPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3gxVndKR2QzRHRhYk5udDN1LVpBdkcyMEZUNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvMjQzZjkxLTg3NDctNDk4MS05Y2JmLTFkMzczNDk5OTI0ZS8x
L2g2MVNhdHdIUHVNVlJLcXhEZUhQSWphMVBGYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
MjQzZjkxLTg3NDctNDk4MS05Y2JmLTFkMzczNDk5OTI0ZS8xL3gxVndKR2QzRHRh
Yk5udDN1LVpBdkcyMEZUNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFT+ggMEAFT+iQMEAVT+kAMEAF/S
bwMEAV/ShDANBgkqhkiG9w0BAQsFAAOCAQEAg/BpFEPH2tBjqRucWmlHX0YnF5O+
v8Gzm85HIHTRWIthEAVovBzBOrEpOdAjh2T9oEue9d9yg9Jaorj1A1WF+rzhZjLB
aG3iuGDT+JunAXXsp20TEiiTt+CZD/aJ4FPvtzzGHxvwxE+AoJ0goyVfXIB8lSkU
Se5kuR9Gbw7u2f/8M7iQDILe6Z6YomjzKoIcy1HOULSIfvnRzFezRZT655XnoygQ
QGbOhKfWmNL0pMOwHCZsPAC+Xl9IjKOwmNB/ab3W+4jC2RwZOPrTFZS2DUIuMTKP
hAonyAnTOsZcNq+64Dwm0UaaCzpxi+TOCZEDECkfZcS8u66hFNHXCW93ew==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:02 2025 by rpki-client