Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/1-3An1fdXbSP17nTTpPfY_wlDi-8.roa
File: 1-3An1fdXbSP17nTTpPfY_wlDi-8.roa (raw, json)
Hash identifier: +tyhMUzOhzOw9OAlQn6s9tuQHq6YedtmZLp9UFskzAA=
Subject key identifier: FB:70:27:D5:F7:57:6D:23:F5:EE:74:D3:A4:F7:D8:FF:09:43:8B:EF
Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial: 018571F9FCF6DC6A2974F0A48B37FBADE603
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/1-3An1fdXbSP17nTTpPfY_wlDi-8.roa
Signing time: Mon 02 Jan 2023 10:14:46 +0000
ROA not before: Mon 02 Jan 2023 10:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16347
IP address blocks: 212.51.160.0/19 maxlen: 24
91.103.232.0/21 maxlen: 24
128.127.128.0/20 maxlen: 24
149.255.136.0/22 maxlen: 24
149.255.136.0/21 maxlen: 24
37.58.128.0/17 maxlen: 24
193.108.197.0/24 maxlen: 24
185.67.88.0/22 maxlen: 24
178.249.160.0/21 maxlen: 24
185.42.132.0/22 maxlen: 24
213.151.166.0/24 maxlen: 24
213.151.172.0/23 maxlen: 24
213.151.171.0/24 maxlen: 24
213.151.168.0/23 maxlen: 24
37.18.160.0/20 maxlen: 24
213.151.174.0/24 maxlen: 24
213.151.175.0/24 maxlen: 24
91.217.94.0/23 maxlen: 24
62.102.224.0/19 maxlen: 24
185.65.224.0/22 maxlen: 24
94.127.8.0/21 maxlen: 24
46.20.160.0/20 maxlen: 24
213.108.64.0/21 maxlen: 24
109.237.240.0/20 maxlen: 24
2a03:4c00::/29 maxlen: 48
2a01:728::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f9:fc:f6:dc:6a:29:74:f0:a4:8b:37:fb:ad:e6:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
Validity
Not Before: Jan 2 10:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb7027d5f7576d23f5ee74d3a4f7d8ff09438bef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:76:4e:26:1b:d5:42:00:f4:8b:a8:e6:11:94:
02:5c:5d:ae:f7:56:e9:7f:b7:05:3f:77:2e:f0:bf:
2b:cb:25:73:50:f9:b2:98:d4:90:78:e2:e1:fe:d9:
42:e8:89:b2:48:c3:8d:5c:31:10:21:21:00:d8:71:
32:eb:49:b8:bf:1c:94:52:0d:d9:6d:3f:70:8f:2c:
6e:e2:3d:4f:20:a6:c2:74:c5:31:52:ff:4c:f3:43:
9e:50:e8:e6:07:7a:8c:b9:77:0f:fb:dc:19:b0:d6:
6f:95:97:57:09:32:f3:48:04:d6:7f:47:80:b5:69:
16:88:ac:4b:f5:65:84:4c:01:8d:09:7f:ae:6a:f1:
72:68:e2:0e:1e:d6:40:36:00:44:d6:20:6d:4b:49:
bf:74:87:59:dd:d9:98:8f:cd:a0:57:4c:d7:1f:fc:
0f:a7:36:2c:f3:b1:1d:f8:c9:e2:16:36:54:85:27:
d6:20:38:d8:03:87:29:c1:50:d6:75:f8:4a:df:d6:
ee:1c:fc:6a:3b:55:cb:96:fc:0b:66:26:b7:03:70:
d7:a1:45:2f:fa:dc:37:1f:04:c8:9a:cc:fe:02:77:
74:5e:c0:d8:8c:cf:83:e8:9a:53:75:cd:68:3a:16:
cf:bb:40:6f:7c:4d:ad:3d:bd:5c:3c:44:29:ff:68:
99:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:70:27:D5:F7:57:6D:23:F5:EE:74:D3:A4:F7:D8:FF:09:43:8B:EF
X509v3 Authority Key Identifier:
keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/1-3An1fdXbSP17nTTpPfY_wlDi-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.160.0/20
37.58.128.0/17
46.20.160.0/20
62.102.224.0/19
91.103.232.0/21
91.217.94.0/23
94.127.8.0/21
109.237.240.0/20
128.127.128.0/20
149.255.136.0/21
178.249.160.0/21
185.42.132.0/22
185.65.224.0/22
185.67.88.0/22
193.108.197.0/24
212.51.160.0/19
213.108.64.0/21
213.151.166.0/24
213.151.168.0/23
213.151.171.0-213.151.175.255
IPv6:
2a01:728::/29
2a03:4c00::/29
Signature Algorithm: sha256WithRSAEncryption
08:87:94:41:95:31:e3:fe:1a:d5:1f:d0:32:ef:86:5f:71:1c:
97:0a:59:f7:30:89:30:45:6c:83:f9:fe:ba:db:ee:76:d5:ba:
86:19:aa:8f:b6:81:44:16:e0:d1:06:7e:35:36:cc:4e:0e:c9:
64:c9:c3:47:5b:d9:49:30:2a:37:e0:bb:51:96:46:58:6c:23:
53:46:d1:24:55:9c:20:6d:ba:9b:bf:c6:ed:2a:36:9e:1b:2e:
bc:93:99:c6:5b:f5:b4:86:b5:65:1d:e5:e1:7f:8c:72:4a:cb:
06:35:ca:c9:f4:e1:5a:ae:a7:fc:75:68:f4:88:c0:ec:20:87:
20:b5:c3:32:52:57:4b:43:88:03:5d:e3:58:c9:8b:7e:98:ef:
95:30:0b:74:7c:62:7a:20:cd:15:0e:00:9e:19:bb:3c:56:9f:
7f:08:91:8f:3e:b1:54:d4:54:70:96:53:69:bd:20:17:50:8e:
5e:29:48:c3:57:9e:b2:13:05:cd:da:95:4f:b5:e0:8d:82:82:
ec:e6:ee:11:c5:74:7a:37:b4:8e:9e:e0:88:36:69:35:28:e0:
17:05:b8:96:57:7b:3f:f6:2c:84:d0:97:3a:95:54:73:fe:3c:
ec:37:a1:e3:58:5d:5e:db:24:1c:95:14:09:42:06:37:52:ec:
89:ce:01:3c
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYVx+fz23GopdPCkizf7reYDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3
ODZlZjUwHhcNMjMwMTAyMTAxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjcwMjdkNWY3NTc2ZDIzZjVlZTc0ZDNhNGY3ZDhmZjA5NDM4YmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3ZOJhvVQgD0i6jmEZQCXF2u91bp
f7cFP3cu8L8ryyVzUPmymNSQeOLh/tlC6ImySMONXDEQISEA2HEy60m4vxyUUg3Z
bT9wjyxu4j1PIKbCdMUxUv9M80OeUOjmB3qMuXcP+9wZsNZvlZdXCTLzSATWf0eA
tWkWiKxL9WWETAGNCX+uavFyaOIOHtZANgBE1iBtS0m/dIdZ3dmYj82gV0zXH/wP
pzYs87Ed+MniFjZUhSfWIDjYA4cpwVDWdfhK39buHPxqO1XLlvwLZia3A3DXoUUv
+tw3HwTImsz+And0XsDYjM+D6JpTdc1oOhbPu0BvfE2tPb1cPEQp/2iZaQIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFPtwJ9X3V20j9e5006T32P8JQ4vvMB8GA1UdIwQY
MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It
NjFlN2Y0MGQ1ZGQ2LzEvMS0zQW4xZmRYYlNQMTduVFRwUGZZX3dsRGktOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzkvNDA0OThlLWQxYzAtNDg0Yy1hYmNiLTYxZTdmNDBkNWRk
Ni8xL3JyODVUaThiSlJ5STJZaW9jV0VJUllCNGJ2VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBswYIKwYBBQUHAQcBAf8EgaMwgaAwgYcEAgABMIGAAwQE
JRKgAwQHJTqAAwQELhSgAwQFPmbgAwQDW2foAwQBW9leAwQDXn8IAwQEbe3wAwQE
gH+AAwQDlf+IAwQDsvmgAwQCuSqEAwQCuUHgAwQCuUNYAwQAwWzFAwQF1DOgAwQD
1WxAAwQA1ZemAwQB1ZeoMAwDBADVl6sDBATVl6AwFAQCAAIwDgMFAyoBBygDBQMq
A0wAMA0GCSqGSIb3DQEBCwUAA4IBAQAIh5RBlTHj/hrVH9Ay74ZfcRyXCln3MIkw
RWyD+f662+521bqGGaqPtoFEFuDRBn41NsxODslkycNHW9lJMCo34LtRlkZYbCNT
RtEkVZwgbbqbv8btKjaeGy68k5nGW/W0hrVlHeXhf4xySssGNcrJ9OFarqf8dWj0
iMDsIIcgtcMyUldLQ4gDXeNYyYt+mO+VMAt0fGJ6IM0VDgCeGbs8Vp9/CJGPPrFU
1FRwllNpvSAXUI5eKUjDV56yEwXN2pVPteCNgoLs5u4RxXR6N7SOnuCINmk1KOAX
BbiWV3s/9iyE0Jc6lVRz/jzsN6HjWF1e2yQclRQJQgY3UuyJzgE8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:44 2025 by rpki-client