Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/4k8fMbZLzGKQfv3g2ps85N3rI8Q.roa
File: 4k8fMbZLzGKQfv3g2ps85N3rI8Q.roa (raw, json)
Hash identifier: Uks2gCaDjpuSuQ4soa7OOEnHz57ecOOfZqJUeLY2EfE=
Subject key identifier: E2:4F:1F:31:B6:4B:CC:62:90:7E:FD:E0:DA:9B:3C:E4:DD:EB:23:C4
Certificate issuer: /CN=de2e917315f0a878b21fc139d49a821aaddc3c97
Certificate serial: 01874341223B97FAAC33D13719FC649182D9
Authority key identifier: DE:2E:91:73:15:F0:A8:78:B2:1F:C1:39:D4:9A:82:1A:AD:DC:3C:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3i6RcxXwqHiyH8E51JqCGq3cPJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/4k8fMbZLzGKQfv3g2ps85N3rI8Q.roa
Signing time: Sun 02 Apr 2023 18:35:54 +0000
ROA not before: Sun 02 Apr 2023 18:35:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39351
IP address blocks: 45.129.57.0/24 maxlen: 24
45.129.56.0/24 maxlen: 24
45.129.58.0/24 maxlen: 24
185.209.196.0/24 maxlen: 24
185.209.197.0/24 maxlen: 24
193.32.249.0/24 maxlen: 24
193.32.248.0/24 maxlen: 24
185.65.132.0/24 maxlen: 24
185.65.134.0/24 maxlen: 24
185.65.133.0/24 maxlen: 24
185.65.135.0/24 maxlen: 24
141.98.252.0/24 maxlen: 24
141.98.255.0/24 maxlen: 24
141.98.254.0/24 maxlen: 24
45.83.220.0/24 maxlen: 24
45.83.221.0/24 maxlen: 24
45.83.223.0/24 maxlen: 24
45.83.222.0/24 maxlen: 24
45.83.222.0/23 maxlen: 24
185.213.152.0/24 maxlen: 24
185.213.153.0/24 maxlen: 24
185.213.155.0/24 maxlen: 24
185.213.154.0/24 maxlen: 24
193.138.216.0/22 maxlen: 22
193.32.127.0/24 maxlen: 24
193.32.126.0/24 maxlen: 24
185.195.232.0/24 maxlen: 24
185.195.233.0/24 maxlen: 24
2a03:1b20:beed::/48 maxlen: 48
2a03:1b20:8::/48 maxlen: 48
2a03:1b20:3::/48 maxlen: 48
2a03:1b20:6::/48 maxlen: 48
2a03:1b20:1::/48 maxlen: 48
2a03:1b20:a::/48 maxlen: 48
2a03:1b20:5::/48 maxlen: 48
2a03:1b20:beef::/48 maxlen: 48
2a03:1b20:2::/48 maxlen: 48
2a03:1b20:7::/48 maxlen: 48
2a03:1b20:b::/48 maxlen: 48
2a03:1b20:beee::/48 maxlen: 48
2a03:1b20:9::/48 maxlen: 48
2a03:1b20:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:43:41:22:3b:97:fa:ac:33:d1:37:19:fc:64:91:82:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2e917315f0a878b21fc139d49a821aaddc3c97
Validity
Not Before: Apr 2 18:35:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e24f1f31b64bcc62907efde0da9b3ce4ddeb23c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:4e:33:cb:d2:a1:97:c6:21:d4:58:b1:3e:a1:
66:34:cc:32:22:5b:38:49:92:7c:a1:b4:0d:91:b3:
e5:3a:2e:e4:6e:9b:12:61:00:0a:48:83:85:f4:e2:
ed:9d:d4:a0:3a:84:aa:bf:da:81:7d:75:d5:0c:b6:
7f:9e:13:e0:b2:ee:93:aa:d0:bf:ee:4c:ed:c4:c9:
3f:46:85:2d:1d:d3:d0:08:f7:06:84:44:0f:35:64:
9c:c6:4f:ba:28:0c:15:1a:57:e3:18:d2:17:84:55:
70:23:88:db:a2:51:31:ae:a7:bf:96:44:89:4d:2a:
c6:58:5a:08:c7:05:af:03:6d:39:be:05:b2:a1:a8:
15:b8:41:6e:8c:58:b5:ab:94:bd:93:a7:01:13:e4:
50:8d:c4:5e:df:cd:14:57:a9:4c:be:da:9f:4a:b1:
a4:c3:76:41:87:65:59:67:07:fa:a0:e8:a0:81:9b:
3c:b1:53:88:b1:c5:97:6f:e1:8f:b4:63:26:4a:3c:
40:33:d0:76:e9:33:b3:92:76:15:bc:cc:9e:bb:bc:
bf:28:93:68:f8:8b:aa:bb:f6:61:51:4c:5f:9a:cf:
d6:4c:90:9c:40:6e:61:89:05:85:b3:0b:73:48:8f:
17:f2:2a:24:cb:fd:86:9e:f9:b1:cb:10:d5:26:7e:
23:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:4F:1F:31:B6:4B:CC:62:90:7E:FD:E0:DA:9B:3C:E4:DD:EB:23:C4
X509v3 Authority Key Identifier:
keyid:DE:2E:91:73:15:F0:A8:78:B2:1F:C1:39:D4:9A:82:1A:AD:DC:3C:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3i6RcxXwqHiyH8E51JqCGq3cPJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/4k8fMbZLzGKQfv3g2ps85N3rI8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/3i6RcxXwqHiyH8E51JqCGq3cPJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.220.0/22
45.129.56.0-45.129.58.255
141.98.252.0/24
141.98.254.0/23
185.65.132.0/22
185.195.232.0/23
185.209.196.0/23
185.213.152.0/22
193.32.126.0/23
193.32.248.0/23
193.138.216.0/22
IPv6:
2a03:1b20:1::-2a03:1b20:b:ffff:ffff:ffff:ffff:ffff
2a03:1b20:beed::-2a03:1b20:beef:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
16:0e:1c:8b:eb:e1:48:42:05:5d:89:74:d9:ad:cc:b4:15:15:
71:29:df:2c:73:0d:39:af:78:ff:09:b3:dd:1c:c6:3e:bb:e1:
e3:cc:37:74:9c:0c:b3:5e:b0:11:e0:6f:c0:49:a4:6e:54:84:
54:02:e4:89:ec:56:5b:46:2e:03:08:8d:90:61:a4:ef:1d:16:
10:56:54:6d:a3:3c:71:6a:61:b4:07:69:6f:d1:dc:b1:a1:91:
57:91:06:1f:f4:35:59:a5:3e:ed:ed:25:13:3e:44:61:11:1d:
38:7d:1c:40:d3:2a:31:25:03:c5:b9:37:34:f0:07:3a:14:58:
21:71:c9:de:f2:de:2f:41:8a:c3:ee:34:7b:4d:82:24:a3:d8:
ed:86:03:1c:72:6c:38:48:c9:09:c0:3b:01:34:78:ed:b4:99:
de:6a:38:0e:7f:69:fc:d0:d7:d5:81:42:cb:b3:b0:08:d7:6e:
5b:c9:84:b8:70:bf:38:1c:11:81:34:57:86:2a:71:a7:bc:6e:
bd:07:f6:d0:48:80:17:ef:ea:7a:d6:4c:8b:4e:18:e1:ab:e7:
ea:83:cc:02:f0:7c:dd:0f:63:96:0a:ed:0f:2f:c3:a6:f4:ab:
93:7d:cc:e3:c0:87:68:c4:c4:e0:ff:a0:2a:43:67:55:33:32:
ac:85:25:eb
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAYdDQSI7l/qsM9E3GfxkkYLZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMmU5MTczMTVmMGE4NzhiMjFmYzEzOWQ0OWE4MjFhYWRk
YzNjOTcwHhcNMjMwNDAyMTgzNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjRmMWYzMWI2NGJjYzYyOTA3ZWZkZTBkYTliM2NlNGRkZWIyM2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhk4zy9Khl8Yh1FixPqFmNMwyIls4
SZJ8obQNkbPlOi7kbpsSYQAKSIOF9OLtndSgOoSqv9qBfXXVDLZ/nhPgsu6TqtC/
7kztxMk/RoUtHdPQCPcGhEQPNWScxk+6KAwVGlfjGNIXhFVwI4jbolExrqe/lkSJ
TSrGWFoIxwWvA205vgWyoagVuEFujFi1q5S9k6cBE+RQjcRe380UV6lMvtqfSrGk
w3ZBh2VZZwf6oOiggZs8sVOIscWXb+GPtGMmSjxAM9B26TOzknYVvMyeu7y/KJNo
+Iuqu/ZhUUxfms/WTJCcQG5hiQWFswtzSI8X8ioky/2GnvmxyxDVJn4jIwIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFOJPHzG2S8xikH794NqbPOTd6yPEMB8GA1UdIwQY
MBaAFN4ukXMV8Kh4sh/BOdSaghqt3DyXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2k2UmN4WHdxSGl5SDhFNTFKcUNHcTNjUEpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yZDViYzgtNWQ5My00YjBhLWE4YjYt
ZjhkNjVjOTgzNzQ0LzEvNGs4Zk1iWkx6R0tRZnYzZzJwczg1TjNySThRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yZDViYzgtNWQ5My00YjBhLWE4YjYtZjhkNjVjOTgzNzQ0
LzEvM2k2UmN4WHdxSGl5SDhFNTFKcUNHcTNjUEpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjBQBAIAATBKAwQCLVPc
MAwDBAMtgTgDBAAtgToDBACNYvwDBAGNYv4DBAK5QYQDBAG5w+gDBAG50cQDBAK5
1ZgDBAHBIH4DBAHBIPgDBALBitgwLgQCAAIwKDASAwcAKgMbIAABAwcCKgMbIAAI
MBIDBwAqAxsgvu0DBwQqAxsgvuAwDQYJKoZIhvcNAQELBQADggEBABYOHIvr4UhC
BV2JdNmtzLQVFXEp3yxzDTmveP8Js90cxj674ePMN3ScDLNesBHgb8BJpG5UhFQC
5InsVltGLgMIjZBhpO8dFhBWVG2jPHFqYbQHaW/R3LGhkVeRBh/0NVmlPu3tJRM+
RGERHTh9HEDTKjElA8W5NzTwBzoUWCFxyd7y3i9BisPuNHtNgiSj2O2GAxxybDhI
yQnAOwE0eO20md5qOA5/afzQ19WBQsuzsAjXblvJhLhwvzgcEYE0V4Yqcae8br0H
9tBIgBfv6nrWTItOGOGr5+qDzALwfN0PY5YK7Q8vw6b0q5N9zOPAh2jExOD/oCpD
Z1UzMqyFJes=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:26:30 2025 by rpki-client