Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/FoLIX7qlGAEPNoV4qHiNfGpKsQ8.roa
File: FoLIX7qlGAEPNoV4qHiNfGpKsQ8.roa (raw, json)
Hash identifier: mQjXW8bgp5awufG9w6WtxB+gU6MSscu//+YBLzRo1lQ=
Subject key identifier: 16:82:C8:5F:BA:A5:18:01:0F:36:85:78:A8:78:8D:7C:6A:4A:B1:0F
Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial: 018C6E29DD241BD38452DE0F50E4F1BCDC85
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/FoLIX7qlGAEPNoV4qHiNfGpKsQ8.roa
Signing time: Fri 15 Dec 2023 15:48:06 +0000
ROA not before: Fri 15 Dec 2023 15:48:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16347
IP address blocks: 212.51.160.0/19 maxlen: 24
91.103.232.0/21 maxlen: 24
128.127.128.0/20 maxlen: 24
149.255.136.0/21 maxlen: 24
149.255.136.0/22 maxlen: 24
37.58.128.0/17 maxlen: 24
81.22.216.0/21 maxlen: 24
193.108.197.0/24 maxlen: 24
185.67.88.0/22 maxlen: 24
103.77.32.0/22 maxlen: 24
103.232.172.0/22 maxlen: 24
178.249.160.0/21 maxlen: 24
185.42.132.0/22 maxlen: 24
213.151.166.0/24 maxlen: 24
213.151.172.0/23 maxlen: 24
103.229.36.0/23 maxlen: 24
213.151.171.0/24 maxlen: 24
213.151.168.0/23 maxlen: 24
213.151.174.0/24 maxlen: 24
37.18.160.0/20 maxlen: 24
213.151.175.0/24 maxlen: 24
91.217.94.0/23 maxlen: 24
62.102.224.0/19 maxlen: 24
185.208.248.0/22 maxlen: 24
185.65.224.0/22 maxlen: 24
92.61.72.0/21 maxlen: 24
94.127.8.0/21 maxlen: 24
185.204.140.0/22 maxlen: 24
46.20.160.0/20 maxlen: 24
213.108.64.0/21 maxlen: 24
109.237.240.0/20 maxlen: 24
188.66.56.0/22 maxlen: 24
2a03:4c00::/29 maxlen: 48
2a01:728::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6e:29:dd:24:1b:d3:84:52:de:0f:50:e4:f1:bc:dc:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
Validity
Not Before: Dec 15 15:48:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1682c85fbaa518010f368578a8788d7c6a4ab10f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f2:b5:93:bd:69:bb:9b:bf:d4:6f:8e:a0:3b:
77:8c:c5:f2:da:c8:36:fa:43:1b:41:92:23:40:3e:
8e:59:61:a7:ba:90:6c:77:ba:54:52:13:d0:c2:48:
f5:f0:8c:fb:11:3b:7f:a2:2b:47:dd:e9:d5:e5:4f:
04:3a:d5:72:96:28:aa:49:46:ce:ef:a5:9a:66:1a:
85:b1:ea:5c:85:db:7c:3b:77:43:be:d5:d1:00:44:
ca:dc:ed:62:df:ab:24:82:f3:ad:95:7e:4b:31:ed:
45:ff:d3:5f:38:b5:67:9f:e8:1a:1e:75:d6:59:73:
52:12:eb:23:29:ec:00:4d:81:cb:83:8d:13:72:31:
d4:e5:ca:0c:a9:b2:93:d2:4e:70:a2:8e:f8:6f:6c:
6e:83:11:de:5d:d1:cd:54:6c:2f:1c:2f:77:44:35:
fa:24:70:36:f5:0a:e1:25:b2:ec:76:8b:9e:07:a2:
6d:94:3f:6f:3a:eb:aa:f8:97:a2:e3:a4:c5:56:98:
a0:71:6a:e1:87:46:a6:66:e5:76:3f:b6:3a:c3:82:
b4:5b:53:da:ed:ee:8d:c9:cd:f5:dc:db:43:f4:b3:
7c:6b:c3:f4:85:c5:88:66:6d:35:89:a3:24:b7:4a:
74:83:27:b0:1a:82:f9:ff:ff:50:d7:74:71:20:cf:
2c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:82:C8:5F:BA:A5:18:01:0F:36:85:78:A8:78:8D:7C:6A:4A:B1:0F
X509v3 Authority Key Identifier:
keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/FoLIX7qlGAEPNoV4qHiNfGpKsQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.160.0/20
37.58.128.0/17
46.20.160.0/20
62.102.224.0/19
81.22.216.0/21
91.103.232.0/21
91.217.94.0/23
92.61.72.0/21
94.127.8.0/21
103.77.32.0/22
103.229.36.0/23
103.232.172.0/22
109.237.240.0/20
128.127.128.0/20
149.255.136.0/21
178.249.160.0/21
185.42.132.0/22
185.65.224.0/22
185.67.88.0/22
185.204.140.0/22
185.208.248.0/22
188.66.56.0/22
193.108.197.0/24
212.51.160.0/19
213.108.64.0/21
213.151.166.0/24
213.151.168.0/23
213.151.171.0-213.151.175.255
IPv6:
2a01:728::/29
2a03:4c00::/29
Signature Algorithm: sha256WithRSAEncryption
73:09:91:b8:9f:df:19:2e:49:02:37:0e:78:72:51:27:3e:7b:
5d:7a:61:b9:5b:31:a2:c8:41:03:19:96:96:34:42:2d:ef:78:
3e:0e:7e:ca:a7:a5:5d:da:d5:35:94:4b:5c:3e:b1:cb:16:c5:
66:d1:d0:d5:ba:f8:bf:a8:9f:f4:9a:aa:48:49:45:de:bf:02:
4b:86:52:52:e8:e8:a7:81:ee:94:a0:70:c6:5e:3f:d2:c1:26:
22:d3:c0:71:8c:ba:b2:60:9c:cb:c9:78:8a:a1:8d:8f:ff:2d:
c9:eb:fb:e0:af:6d:dd:82:72:34:5e:db:c2:c8:a2:df:5a:38:
c7:8a:fd:29:80:0b:24:02:c7:ae:7c:8e:eb:5b:ae:28:7a:cc:
80:47:89:b7:a9:7e:e1:2c:9c:67:e7:2c:7f:8b:cf:c8:44:fa:
de:55:10:e8:32:e8:9c:e6:7f:28:b6:45:64:5b:0d:a3:88:7e:
dc:93:ae:01:c4:be:4a:be:68:24:7d:18:26:8d:9c:c3:9e:aa:
9d:5d:51:fe:88:d5:48:2b:74:15:a1:da:8d:b2:ec:50:54:db:
85:d9:f8:c4:0f:0b:f8:fb:77:48:80:82:ad:b5:0e:e8:22:4b:
b5:3d:2c:a4:ff:90:6f:2f:0a:bf:b1:32:c5:4c:7a:d6:3b:bf:
8e:00:93:3d
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAYxuKd0kG9OEUt4PUOTxvNyFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3
ODZlZjUwHhcNMjMxMjE1MTU0ODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjgyYzg1ZmJhYTUxODAxMGYzNjg1NzhhODc4OGQ3YzZhNGFiMTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvK1k71pu5u/1G+OoDt3jMXy2sg2
+kMbQZIjQD6OWWGnupBsd7pUUhPQwkj18Iz7ETt/oitH3enV5U8EOtVyliiqSUbO
76WaZhqFsepchdt8O3dDvtXRAETK3O1i36skgvOtlX5LMe1F/9NfOLVnn+gaHnXW
WXNSEusjKewATYHLg40TcjHU5coMqbKT0k5woo74b2xugxHeXdHNVGwvHC93RDX6
JHA29QrhJbLsdoueB6JtlD9vOuuq+Jei46TFVpigcWrhh0amZuV2P7Y6w4K0W1Pa
7e6Nyc313NtD9LN8a8P0hcWIZm01iaMkt0p0gyewGoL5//9Q13RxIM8sKwIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFBaCyF+6pRgBDzaFeKh4jXxqSrEPMB8GA1UdIwQY
MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It
NjFlN2Y0MGQ1ZGQ2LzEvRm9MSVg3cWxHQUVQTm9WNHFIaU5mR3BLc1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2ItNjFlN2Y0MGQ1ZGQ2
LzEvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DCBtwQCAAEwgbADBAQl
EqADBAclOoADBAQuFKADBAU+ZuADBANRFtgDBANbZ+gDBAFb2V4DBANcPUgDBANe
fwgDBAJnTSADBAFn5SQDBAJn6KwDBARt7fADBASAf4ADBAOV/4gDBAOy+aADBAK5
KoQDBAK5QeADBAK5Q1gDBAK5zIwDBAK50PgDBAK8QjgDBADBbMUDBAXUM6ADBAPV
bEADBADVl6YDBAHVl6gwDAMEANWXqwMEBNWXoDAUBAIAAjAOAwUDKgEHKAMFAyoD
TAAwDQYJKoZIhvcNAQELBQADggEBAHMJkbif3xkuSQI3DnhyUSc+e116YblbMaLI
QQMZlpY0Qi3veD4OfsqnpV3a1TWUS1w+scsWxWbR0NW6+L+on/SaqkhJRd6/AkuG
UlLo6KeB7pSgcMZeP9LBJiLTwHGMurJgnMvJeIqhjY//Lcnr++Cvbd2CcjRe28LI
ot9aOMeK/SmACyQCx658jutbrih6zIBHibepfuEsnGfnLH+Lz8hE+t5VEOgy6Jzm
fyi2RWRbDaOIftyTrgHEvkq+aCR9GCaNnMOeqp1dUf6I1UgrdBWh2o2y7FBU24XZ
+MQPC/j7d0iAgq21DugiS7U9LKT/kG8vCr+xMsVMetY7v44Akz0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:04 2025 by rpki-client