Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/4330fe-dbfc-481f-8fd9-1e4fcb1c60cb/1/AfjhybRyCETEnr9Aekc6f12k32Y.roa
File: AfjhybRyCETEnr9Aekc6f12k32Y.roa (raw, json)
Hash identifier: 21iNAIqx+vdLx1eg2+ryTCZ+hVgvF9fyX9iPaa0qws4=
Subject key identifier: 01:F8:E1:C9:B4:72:08:44:C4:9E:BF:40:7A:47:3A:7F:5D:A4:DF:66
Certificate issuer: /CN=056ad2f4ffc5872e35a429e53ef179925ff4215e
Certificate serial: 01856E5D6B225670CAD64F197D7607E91489
Authority key identifier: 05:6A:D2:F4:FF:C5:87:2E:35:A4:29:E5:3E:F1:79:92:5F:F4:21:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWrS9P_Fhy41pCnlPvF5kl_0IV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/4330fe-dbfc-481f-8fd9-1e4fcb1c60cb/1/AfjhybRyCETEnr9Aekc6f12k32Y.roa
Signing time: Sun 01 Jan 2023 17:24:54 +0000
ROA not before: Sun 01 Jan 2023 17:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5605
IP address blocks: 193.101.58.0/24 maxlen: 24
193.102.227.0/24 maxlen: 24
195.244.226.0/24 maxlen: 24
195.244.225.0/24 maxlen: 24
195.244.224.0/24 maxlen: 24
195.244.228.0/24 maxlen: 24
195.244.227.0/24 maxlen: 24
195.244.233.0/24 maxlen: 24
195.244.232.0/24 maxlen: 24
195.244.229.0/24 maxlen: 24
195.244.231.0/24 maxlen: 24
195.244.230.0/24 maxlen: 24
195.244.240.0/24 maxlen: 24
195.244.236.0/24 maxlen: 24
195.244.238.0/24 maxlen: 24
195.244.237.0/24 maxlen: 24
195.244.235.0/24 maxlen: 24
195.244.234.0/24 maxlen: 24
195.244.242.0/24 maxlen: 24
195.244.241.0/24 maxlen: 24
195.244.246.0/24 maxlen: 24
195.244.243.0/24 maxlen: 24
195.244.245.0/24 maxlen: 24
195.244.244.0/24 maxlen: 24
193.98.110.0/24 maxlen: 24
195.244.253.0/24 maxlen: 24
195.244.250.0/24 maxlen: 24
195.244.252.0/24 maxlen: 24
195.244.251.0/24 maxlen: 24
195.244.247.0/24 maxlen: 24
195.244.249.0/24 maxlen: 24
195.244.248.0/24 maxlen: 24
195.244.254.0/24 maxlen: 24
195.244.255.0/24 maxlen: 24
2a00:fa8::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:6b:22:56:70:ca:d6:4f:19:7d:76:07:e9:14:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=056ad2f4ffc5872e35a429e53ef179925ff4215e
Validity
Not Before: Jan 1 17:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01f8e1c9b4720844c49ebf407a473a7f5da4df66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f9:fd:29:28:c9:c5:3e:b9:63:eb:30:5b:46:
ed:09:78:bb:9c:b4:d2:8f:64:60:f3:0a:ae:90:9e:
cd:50:c0:62:d5:21:bb:8a:57:c3:a8:61:7d:8e:ed:
86:ec:ce:b3:a9:04:fb:ae:bd:d0:7e:79:4e:d6:b6:
e0:0c:24:4d:ed:83:b0:09:79:b7:9b:22:e2:94:f5:
39:d7:1b:15:3c:32:4a:6f:09:19:f3:fb:34:e5:f3:
42:dd:bf:a7:30:ef:a6:ba:ae:b8:b8:8a:52:ab:ce:
3d:5d:a7:fd:68:9b:fe:14:7e:a8:35:3f:53:c1:cf:
17:65:55:7e:8e:72:70:61:6b:00:0b:77:82:45:ea:
e1:82:59:cb:ef:44:78:d8:bb:77:36:a9:1e:d0:cc:
68:48:e1:43:ba:06:8c:69:0d:30:91:25:93:8b:1d:
d5:32:5b:3f:7a:0f:94:8b:8a:49:8a:d9:6d:06:3f:
03:a0:d5:bb:b6:4b:df:12:f4:19:54:27:54:0a:69:
c4:11:92:67:75:73:7c:4d:67:bb:7a:cd:de:f5:ad:
60:30:cd:4e:ac:8b:eb:77:32:27:b9:40:db:59:34:
20:47:89:f9:33:29:c2:6b:3a:86:d5:6f:bc:49:6f:
be:c5:8e:3e:50:49:a9:2a:7b:d4:0c:bc:f7:72:f1:
04:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:F8:E1:C9:B4:72:08:44:C4:9E:BF:40:7A:47:3A:7F:5D:A4:DF:66
X509v3 Authority Key Identifier:
keyid:05:6A:D2:F4:FF:C5:87:2E:35:A4:29:E5:3E:F1:79:92:5F:F4:21:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWrS9P_Fhy41pCnlPvF5kl_0IV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/4330fe-dbfc-481f-8fd9-1e4fcb1c60cb/1/AfjhybRyCETEnr9Aekc6f12k32Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/4330fe-dbfc-481f-8fd9-1e4fcb1c60cb/1/BWrS9P_Fhy41pCnlPvF5kl_0IV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.98.110.0/24
193.101.58.0/24
193.102.227.0/24
195.244.224.0-195.244.238.255
195.244.240.0/20
IPv6:
2a00:fa8::/32
Signature Algorithm: sha256WithRSAEncryption
09:e4:ee:8f:ab:b9:e3:10:97:2f:40:e4:a8:10:9c:6c:15:75:
c3:4d:6e:95:a5:dd:b1:b1:d1:14:69:d2:0c:c2:1e:88:0f:f1:
d4:b0:a7:d0:57:b3:ac:2b:33:54:89:14:ed:82:6f:2d:d1:f4:
91:9a:1c:42:f4:f5:22:62:69:00:7b:4f:d6:2d:28:82:c1:02:
ac:d6:62:cc:a6:46:b4:07:6d:a9:e2:bb:3d:34:2a:29:0d:d3:
0b:44:51:32:41:5a:3c:05:b5:98:03:aa:9d:d8:eb:2c:04:6a:
2c:a9:56:86:bb:cc:67:08:91:58:90:d5:c0:66:d2:a8:cd:f7:
3a:a6:fb:60:1e:d6:5f:51:5b:c1:bf:e1:d7:52:6c:47:38:46:
62:0e:35:5f:bf:50:9e:0c:37:7c:a1:c0:56:50:16:56:8e:5b:
79:99:83:f8:31:f2:42:4e:dc:33:fc:85:84:70:de:c2:1b:51:
da:de:b8:a3:fc:3e:00:4e:42:77:f5:dc:ed:ad:d8:6a:01:02:
1f:43:a4:f7:15:86:4e:8d:e9:1b:b2:d9:f0:5a:65:ce:7d:50:
d5:86:ee:21:fc:f1:5c:31:88:11:24:7f:46:b2:e0:4a:c0:c7:
4c:26:9d:da:62:01:e7:9d:a8:0c:e7:a1:1a:b8:74:c6:b3:94:
2c:62:6b:fd
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVuXWsiVnDK1k8ZfXYH6RSJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NmFkMmY0ZmZjNTg3MmUzNWE0MjllNTNlZjE3OTkyNWZm
NDIxNWUwHhcNMjMwMTAxMTcyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWY4ZTFjOWI0NzIwODQ0YzQ5ZWJmNDA3YTQ3M2E3ZjVkYTRkZjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPn9KSjJxT65Y+swW0btCXi7nLTS
j2Rg8wqukJ7NUMBi1SG7ilfDqGF9ju2G7M6zqQT7rr3QfnlO1rbgDCRN7YOwCXm3
myLilPU51xsVPDJKbwkZ8/s05fNC3b+nMO+muq64uIpSq849Xaf9aJv+FH6oNT9T
wc8XZVV+jnJwYWsAC3eCRerhglnL70R42Lt3Nqke0MxoSOFDugaMaQ0wkSWTix3V
Mls/eg+Ui4pJitltBj8DoNW7tkvfEvQZVCdUCmnEEZJndXN8TWe7es3e9a1gMM1O
rIvrdzInuUDbWTQgR4n5MynCazqG1W+8SW++xY4+UEmpKnvUDLz3cvEE8wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFAH44cm0cghExJ6/QHpHOn9dpN9mMB8GA1UdIwQY
MBaAFAVq0vT/xYcuNaQp5T7xeZJf9CFeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldyUzlQX0ZoeTQxcENubFB2RjVrbF8wSVY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC80MzMwZmUtZGJmYy00ODFmLThmZDkt
MWU0ZmNiMWM2MGNiLzEvQWZqaHliUnlDRVRFbnI5QWVrYzZmMTJrMzJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC80MzMwZmUtZGJmYy00ODFmLThmZDktMWU0ZmNiMWM2MGNi
LzEvQldyUzlQX0ZoeTQxcENubFB2RjVrbF8wSVY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQAwWJuAwQA
wWU6AwQAwWbjMAwDBAXD9OADBADD9O4DBATD9PAwDQQCAAIwBwMFACoAD6gwDQYJ
KoZIhvcNAQELBQADggEBAAnk7o+rueMQly9A5KgQnGwVdcNNbpWl3bGx0RRp0gzC
HogP8dSwp9BXs6wrM1SJFO2Cby3R9JGaHEL09SJiaQB7T9YtKILBAqzWYsymRrQH
baniuz00KikN0wtEUTJBWjwFtZgDqp3Y6ywEaiypVoa7zGcIkViQ1cBm0qjN9zqm
+2Ae1l9RW8G/4ddSbEc4RmIONV+/UJ4MN3yhwFZQFlaOW3mZg/gx8kJO3DP8hYRw
3sIbUdreuKP8PgBOQnf13O2t2GoBAh9DpPcVhk6N6Ruy2fBaZc59UNWG7iH88Vwx
iBEkf0ay4ErAx0wmndpiAeedqAznoRq4dMazlCxia/0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:33:32 2025 by rpki-client