Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/RhgOhzAVIkeWmVQK89r2s7N3obc.roa
File: RhgOhzAVIkeWmVQK89r2s7N3obc.roa (raw, json)
Hash identifier: yL6oqBkPsTYwXJMEBIWjPWuyo98n5hWqYJv9ceKeQCI=
Subject key identifier: 46:18:0E:87:30:15:22:47:96:99:54:0A:F3:DA:F6:B3:B3:77:A1:B7
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 01864C3E35E7D21F2192EBA5408266705DF9
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/RhgOhzAVIkeWmVQK89r2s7N3obc.roa
Signing time: Mon 13 Feb 2023 19:26:30 +0000
ROA not before: Mon 13 Feb 2023 19:26:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31287
IP address blocks: 77.78.152.0/21 maxlen: 21
77.78.154.0/24 maxlen: 24
77.78.153.0/24 maxlen: 24
77.78.159.0/24 maxlen: 24
185.46.163.0/24 maxlen: 24
185.46.160.0/22 maxlen: 22
85.187.205.0/24 maxlen: 24
85.187.206.0/24 maxlen: 24
85.187.204.0/24 maxlen: 24
85.187.207.0/24 maxlen: 24
85.187.222.0/24 maxlen: 24
85.187.232.0/24 maxlen: 24
85.187.235.0/24 maxlen: 24
85.187.234.0/24 maxlen: 24
85.187.248.0/24 maxlen: 24
85.187.250.0/24 maxlen: 24
185.72.58.0/24 maxlen: 24
80.72.64.0/24 maxlen: 24
151.237.91.0/24 maxlen: 24
80.72.72.0/24 maxlen: 24
151.237.92.0/24 maxlen: 24
151.237.93.0/24 maxlen: 24
195.85.215.0/24 maxlen: 24
151.237.29.0/24 maxlen: 24
185.200.40.0/22 maxlen: 22
85.187.42.0/24 maxlen: 24
85.187.50.0/24 maxlen: 24
85.187.63.0/24 maxlen: 24
85.187.62.0/24 maxlen: 24
46.55.252.0/22 maxlen: 22
46.55.252.0/24 maxlen: 24
46.55.253.0/24 maxlen: 24
151.237.128.0/24 maxlen: 24
85.187.4.0/24 maxlen: 24
85.187.3.0/24 maxlen: 24
85.187.6.0/24 maxlen: 24
85.187.8.0/24 maxlen: 24
85.187.10.0/23 maxlen: 23
85.187.15.0/24 maxlen: 24
85.187.18.0/24 maxlen: 24
85.187.20.0/24 maxlen: 24
85.187.184.0/23 maxlen: 23
46.55.254.0/24 maxlen: 24
2a01:9e40::/32 maxlen: 32
2a03:b540::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4c:3e:35:e7:d2:1f:21:92:eb:a5:40:82:66:70:5d:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Feb 13 19:26:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46180e87301522479699540af3daf6b3b377a1b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f1:02:52:fe:b9:e8:ea:75:8c:23:62:90:1a:
60:ec:15:ac:86:70:a3:78:ca:76:c4:27:cc:b3:47:
3e:3a:f1:0f:d3:d6:9a:50:28:99:9f:42:42:a3:a6:
e4:12:46:2a:5f:cb:f2:78:55:6c:67:f5:98:30:6d:
23:02:99:88:e8:b3:f8:4d:64:88:73:b4:7b:0e:a4:
9a:56:6a:82:83:32:a5:66:11:26:1b:a3:a7:1b:63:
c6:c0:2d:7d:98:8e:4c:68:f2:ce:78:6c:a4:fa:b2:
b5:19:01:42:f4:84:aa:6c:24:7c:ab:d4:18:51:07:
6c:bb:c0:81:03:f8:97:3d:4d:e9:dd:db:ae:ec:18:
ff:23:76:13:9e:90:f2:be:85:54:76:4e:83:37:aa:
6e:51:e7:3e:98:55:72:a5:a6:eb:78:9c:f4:7c:8e:
81:67:d8:02:d0:9a:be:9e:e9:fb:9b:e5:99:c7:c2:
69:9e:3d:50:2e:94:f1:eb:02:cc:16:a9:d9:7c:cf:
68:8c:29:8e:63:2d:6d:ef:b3:6c:e9:b4:11:d5:bc:
47:e3:fe:82:17:3a:fe:20:45:85:6e:f1:36:52:8a:
29:b4:da:f4:96:1b:8a:5d:1d:ad:74:34:3c:ff:96:
aa:e6:9d:8d:ae:cf:02:03:55:42:9d:7d:9e:1a:6e:
5a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:18:0E:87:30:15:22:47:96:99:54:0A:F3:DA:F6:B3:B3:77:A1:B7
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/RhgOhzAVIkeWmVQK89r2s7N3obc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.55.252.0/22
77.78.152.0/21
80.72.64.0/24
80.72.72.0/24
85.187.3.0-85.187.4.255
85.187.6.0/24
85.187.8.0/24
85.187.10.0/23
85.187.15.0/24
85.187.18.0/24
85.187.20.0/24
85.187.42.0/24
85.187.50.0/24
85.187.62.0/23
85.187.184.0/23
85.187.204.0/22
85.187.222.0/24
85.187.232.0/24
85.187.234.0/23
85.187.248.0/24
85.187.250.0/24
151.237.29.0/24
151.237.91.0-151.237.93.255
151.237.128.0/24
185.46.160.0/22
185.72.58.0/24
185.200.40.0/22
195.85.215.0/24
IPv6:
2a01:9e40::/32
2a03:b540::/32
Signature Algorithm: sha256WithRSAEncryption
36:06:82:b4:f8:66:64:72:19:b3:ba:42:f0:94:d3:09:6d:86:
00:2e:16:61:0f:c9:bc:77:d3:51:6a:f5:18:d0:68:eb:73:90:
98:e8:b3:38:f4:1e:9f:ef:2c:d6:40:46:37:dd:33:3c:4d:82:
fb:26:63:2e:5c:97:40:72:e3:0b:fd:f8:03:31:1c:94:50:aa:
c2:21:de:92:2e:f8:9a:9e:ae:e5:f4:f6:7a:23:54:5b:2c:6d:
b4:66:0b:62:e7:62:3b:bc:c2:0f:35:d2:bb:96:e6:29:68:ac:
cd:1a:08:16:58:28:91:82:a1:6b:06:ba:a0:cd:bf:11:6a:d2:
9c:57:6f:6b:76:19:c6:8f:77:a6:18:ca:f1:8f:2c:86:bb:93:
e1:38:90:52:8f:60:e2:14:29:bb:86:07:dd:4f:d5:eb:09:c5:
b8:31:28:07:3a:68:1a:8f:69:d8:8e:ad:07:ff:ce:e2:56:cd:
6d:f9:e3:0c:bd:cd:68:64:07:46:96:e3:f5:1f:00:a0:84:fb:
a9:4c:ed:c6:a6:f4:c9:1e:25:04:f1:09:83:0f:3b:3d:1a:c2:
1b:60:33:e1:0f:08:aa:81:f7:00:41:e8:0d:c7:18:2b:0f:09:
8a:3f:40:2d:4b:4c:53:aa:6e:78:8c:31:f8:16:ac:c4:ec:c2:
e1:a3:1b:4b
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAYZMPjXn0h8hkuulQIJmcF35MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjMwMjEzMTkyNjMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjE4MGU4NzMwMTUyMjQ3OTY5OTU0MGFmM2RhZjZiM2IzNzdhMWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvECUv656Op1jCNikBpg7BWshnCj
eMp2xCfMs0c+OvEP09aaUCiZn0JCo6bkEkYqX8vyeFVsZ/WYMG0jApmI6LP4TWSI
c7R7DqSaVmqCgzKlZhEmG6OnG2PGwC19mI5MaPLOeGyk+rK1GQFC9ISqbCR8q9QY
UQdsu8CBA/iXPU3p3duu7Bj/I3YTnpDyvoVUdk6DN6puUec+mFVypabreJz0fI6B
Z9gC0Jq+nun7m+WZx8Jpnj1QLpTx6wLMFqnZfM9ojCmOYy1t77Ns6bQR1bxH4/6C
Fzr+IEWFbvE2UooptNr0lhuKXR2tdDQ8/5aq5p2Nrs8CA1VCnX2eGm5aMwIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFEYYDocwFSJHlplUCvPa9rOzd6G3MB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvUmhnT2h6QVZJa2VXbVZRSzg5cjJzN04zb2JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DCBvwQCAAEwgbgDBAIu
N/wDBANNTpgDBABQSEADBABQSEgwDAMEAFW7AwMEAFW7BAMEAFW7BgMEAFW7CAME
AVW7CgMEAFW7DwMEAFW7EgMEAFW7FAMEAFW7KgMEAFW7MgMEAVW7PgMEAVW7uAME
AlW7zAMEAFW73gMEAFW76AMEAVW76gMEAFW7+AMEAFW7+gMEAJftHTAMAwQAl+1b
AwQBl+1cAwQAl+2AAwQCuS6gAwQAuUg6AwQCucgoAwQAw1XXMBQEAgACMA4DBQAq
AZ5AAwUAKgO1QDANBgkqhkiG9w0BAQsFAAOCAQEANgaCtPhmZHIZs7pC8JTTCW2G
AC4WYQ/JvHfTUWr1GNBo63OQmOizOPQen+8s1kBGN90zPE2C+yZjLlyXQHLjC/34
AzEclFCqwiHeki74mp6u5fT2eiNUWyxttGYLYudiO7zCDzXSu5bmKWiszRoIFlgo
kYKhawa6oM2/EWrSnFdva3YZxo93phjK8Y8shruT4TiQUo9g4hQpu4YH3U/V6wnF
uDEoBzpoGo9p2I6tB//O4lbNbfnjDL3NaGQHRpbj9R8AoIT7qUztxqb0yR4lBPEJ
gw87PRrCG2Az4Q8IqoH3AEHoDccYKw8Jij9ALUtMU6pueIwx+BasxOzC4aMbSw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:28:58 2025 by rpki-client