Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/lCG7xFaqKv9ZCUO8meuD63wN1yU.roa
File: lCG7xFaqKv9ZCUO8meuD63wN1yU.roa (raw, json)
Hash identifier: UHnJpTV29e7GZM54ZUIgc036EOu2kXhKlS8aJYXOfZQ=
Subject key identifier: 94:21:BB:C4:56:AA:2A:FF:59:09:43:BC:99:EB:83:EB:7C:0D:D7:25
Certificate issuer: /CN=0ab36668893a8244d553efca4688d0f1019e4e25
Certificate serial: 05BB58EA
Authority key identifier: 0A:B3:66:68:89:3A:82:44:D5:53:EF:CA:46:88:D0:F1:01:9E:4E:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CrNmaIk6gkTVU-_KRojQ8QGeTiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/lCG7xFaqKv9ZCUO8meuD63wN1yU.roa
Signing time: Sat 01 Jan 2022 16:01:07 +0000
ROA not before: Sat 01 Jan 2022 16:01:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24921
IP address blocks: 212.93.120.0/23 maxlen: 23
212.93.122.0/23 maxlen: 23
212.93.127.0/24 maxlen: 24
185.65.160.0/23 maxlen: 23
185.65.162.0/23 maxlen: 23
193.108.29.0/24 maxlen: 24
212.3.192.0/23 maxlen: 23
212.3.192.0/19 maxlen: 19
212.3.192.0/21 maxlen: 21
212.3.194.0/23 maxlen: 23
212.3.196.0/23 maxlen: 23
212.3.198.0/23 maxlen: 23
80.89.76.0/22 maxlen: 22
80.89.72.0/22 maxlen: 22
80.89.72.0/21 maxlen: 21
185.147.56.0/24 maxlen: 24
185.147.57.0/24 maxlen: 24
185.147.56.0/22 maxlen: 22
185.147.58.0/24 maxlen: 24
185.147.59.0/24 maxlen: 24
212.93.97.0/24 maxlen: 24
212.93.100.0/22 maxlen: 22
212.93.104.0/23 maxlen: 23
212.93.110.0/23 maxlen: 23
212.93.112.0/24 maxlen: 24
212.93.106.0/24 maxlen: 24
212.93.108.0/23 maxlen: 23
212.93.107.0/24 maxlen: 24
212.93.116.0/23 maxlen: 23
212.93.118.0/23 maxlen: 23
212.93.115.0/24 maxlen: 24
212.93.113.0/24 maxlen: 24
212.93.114.0/24 maxlen: 24
212.3.201.0/24 maxlen: 24
212.3.204.0/22 maxlen: 22
212.3.208.0/23 maxlen: 23
212.3.210.0/23 maxlen: 23
212.3.221.0/24 maxlen: 24
2a03:ec00:b008::/48 maxlen: 48
2a03:ec00:b180::/42 maxlen: 42
2a03:ec00:b140::/42 maxlen: 42
2a03:ec00:b100::/42 maxlen: 42
2a03:ec00:b100::/40 maxlen: 40
2a03:ec00:b300::/40 maxlen: 40
2a03:ec00:b900::/40 maxlen: 40
2a03:ec00:b400::/40 maxlen: 40
2a03:ec00:b000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96164074 (0x5bb58ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ab36668893a8244d553efca4688d0f1019e4e25
Validity
Not Before: Jan 1 16:01:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9421bbc456aa2aff590943bc99eb83eb7c0dd725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:49:f4:fd:75:df:e1:9f:35:85:e8:b7:6c:4d:
23:79:b8:be:d9:1b:d5:d8:d3:c3:28:54:ff:a8:aa:
32:74:bf:c7:b3:69:7f:96:6d:1d:ff:81:9d:04:93:
57:d9:de:95:8b:4e:5c:cf:6c:a3:50:71:c0:91:6d:
0b:2b:53:fd:f6:f8:40:e3:72:c2:58:35:7d:ce:47:
5d:22:0e:df:c0:8b:84:9e:48:cc:a9:02:44:7b:b9:
0a:3b:f0:b5:21:27:67:c6:63:43:ef:1c:00:f1:f1:
00:36:75:1c:74:e3:ff:af:95:b9:f5:3b:44:26:17:
4b:76:12:f9:aa:f5:f2:f7:83:4c:31:b3:9c:b2:bc:
40:ef:be:71:88:7a:6a:96:7d:2d:fa:96:03:e7:57:
bc:20:d7:44:9e:f6:ac:e8:83:73:e7:41:72:c8:38:
ce:f2:7a:82:64:9f:7a:29:2b:0f:ed:9a:19:a9:d3:
da:40:23:89:ba:6a:8d:06:00:0c:c6:d8:f4:72:45:
f7:ea:b9:da:2d:98:ac:ff:0f:b6:87:ad:43:e8:de:
dc:26:fd:03:e7:d6:ef:02:6c:cf:f9:f4:92:d7:31:
40:6b:84:4b:cf:7a:2b:09:3a:d4:7e:0c:b5:ca:e5:
99:ad:83:2a:91:d3:bb:de:93:4f:14:77:0a:bf:23:
99:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:21:BB:C4:56:AA:2A:FF:59:09:43:BC:99:EB:83:EB:7C:0D:D7:25
X509v3 Authority Key Identifier:
keyid:0A:B3:66:68:89:3A:82:44:D5:53:EF:CA:46:88:D0:F1:01:9E:4E:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CrNmaIk6gkTVU-_KRojQ8QGeTiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/lCG7xFaqKv9ZCUO8meuD63wN1yU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/CrNmaIk6gkTVU-_KRojQ8QGeTiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.89.72.0/21
185.65.160.0/22
185.147.56.0/22
193.108.29.0/24
212.3.192.0/19
212.93.97.0/24
212.93.100.0-212.93.123.255
212.93.127.0/24
IPv6:
2a03:ec00:b000::/48
2a03:ec00:b008::/48
2a03:ec00:b100::/40
2a03:ec00:b300::-2a03:ec00:b4ff:ffff:ffff:ffff:ffff:ffff
2a03:ec00:b900::/40
Signature Algorithm: sha256WithRSAEncryption
d9:85:64:af:71:e1:23:65:df:a1:b7:f0:18:4d:3c:ea:93:13:
95:89:5d:50:3d:f1:a6:71:ca:a9:d6:cb:5a:0d:f2:c5:3d:25:
c3:37:b3:da:73:23:6a:c3:18:51:a8:8e:0e:a9:05:23:52:c7:
e3:1e:a2:f2:7d:dd:e4:43:8e:57:e5:5d:a1:9b:69:c1:d2:d0:
37:f3:8b:0f:a5:36:e6:23:34:be:06:05:83:7c:93:aa:63:40:
f8:96:51:06:20:22:74:ef:c3:e0:b3:fa:c3:2f:d6:d1:56:f0:
7f:63:10:ef:97:27:b3:97:c2:6f:86:ca:ee:34:e5:b2:59:bd:
84:40:a4:98:ec:70:5d:8f:40:31:37:a9:11:33:89:db:28:e7:
bb:cb:68:e5:71:ce:10:be:6e:a0:c3:85:0b:29:1f:89:f7:9a:
bb:86:ea:48:e4:3d:56:17:d9:ec:d6:85:74:7c:f9:3b:a2:80:
31:1d:0a:f0:b2:51:b3:a9:30:ba:a6:4c:3c:6e:a3:f0:3b:d8:
cc:88:9e:42:50:62:f9:6c:d1:d1:df:f1:2e:ac:1d:a9:98:48:
29:35:aa:c7:58:94:29:8d:6c:f3:e0:25:0f:b3:9c:6f:d2:ed:
eb:b2:00:be:e1:c4:91:fe:af:66:5c:0b:cb:c8:f3:38:57:f3:
38:21:70:b0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIEBbtY6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YWIzNjY2ODg5M2E4MjQ0ZDU1M2VmY2E0Njg4ZDBmMTAxOWU0ZTI1MB4XDTIyMDEw
MTE2MDEwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQyMWJiYzQ1NmFh
MmFmZjU5MDk0M2JjOTllYjgzZWI3YzBkZDcyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANlJ9P113+GfNYXot2xNI3m4vtkb1djTwyhU/6iqMnS/x7Np
f5ZtHf+BnQSTV9nelYtOXM9so1BxwJFtCytT/fb4QONywlg1fc5HXSIO38CLhJ5I
zKkCRHu5CjvwtSEnZ8ZjQ+8cAPHxADZ1HHTj/6+VufU7RCYXS3YS+ar18veDTDGz
nLK8QO++cYh6apZ9LfqWA+dXvCDXRJ72rOiDc+dBcsg4zvJ6gmSfeikrD+2aGanT
2kAjibpqjQYADMbY9HJF9+q52i2YrP8PtoetQ+je3Cb9A+fW7wJsz/n0ktcxQGuE
S896Kwk61H4Mtcrlma2DKpHTu96TTxR3Cr8jmbMCAwEAAaOCAngwggJ0MB0GA1Ud
DgQWBBSUIbvEVqoq/1kJQ7yZ64PrfA3XJTAfBgNVHSMEGDAWgBQKs2ZoiTqCRNVT
78pGiNDxAZ5OJTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NyTm1hSWs2Z2tUVlUtX0tSb2pROFFHZVRpVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzkvZTU3NTAzLWY2NTgtNDNlMi05M2E5LTJhZjA2N2ExMzBhYS8x
L2xDRzd4RmFxS3Y5WkNVTzhtZXVENjN3TjF5VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzkv
ZTU3NTAzLWY2NTgtNDNlMi05M2E5LTJhZjA2N2ExMzBhYS8xL0NyTm1hSWs2Z2tU
VlUtX0tSb2pROFFHZVRpVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
jQYIKwYBBQUHAQcBAf8EfjB8MD4EAgABMDgDBANQWUgDBAK5QaADBAK5kzgDBADB
bB0DBAXUA8ADBADUXWEwDAMEAtRdZAMEAtRdeAMEANRdfzA6BAIAAjA0AwcAKgPs
ALAAAwcAKgPsALAIAwYAKgPsALEwEAMGACoD7ACzAwYAKgPsALQDBgAqA+wAuTAN
BgkqhkiG9w0BAQsFAAOCAQEA2YVkr3HhI2XfobfwGE086pMTlYldUD3xpnHKqdbL
Wg3yxT0lwzez2nMjasMYUaiODqkFI1LH4x6i8n3d5EOOV+VdoZtpwdLQN/OLD6U2
5iM0vgYFg3yTqmNA+JZRBiAidO/D4LP6wy/W0Vbwf2MQ75cns5fCb4bK7jTlslm9
hECkmOxwXY9AMTepETOJ2yjnu8to5XHOEL5uoMOFCykfifeau4bqSOQ9VhfZ7NaF
dHz5O6KAMR0K8LJRs6kwuqZMPG6j8DvYzIieQlBi+WzR0d/xLqwdqZhIKTWqx1iU
KY1s8+AlD7Ocb9Lt67IAvuHEkf6vZlwLy8jzOFfzOCFwsA==
-----END CERTIFICATE-----
Generated at Wed Apr 16 09:04:42 2025 by rpki-client