Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/8XtH2Pd-3FEmMElT5GmDt65ombQ.roa
File: 8XtH2Pd-3FEmMElT5GmDt65ombQ.roa (raw, json)
Hash identifier: CiBtPKugsbyk99KtTlZSNbIAeQVFAWmx+JK/e2lCB1M=
Subject key identifier: F1:7B:47:D8:F7:7E:DC:51:26:30:49:53:E4:69:83:B7:AE:68:99:B4
Certificate issuer: /CN=bdd244214d76468d3fb72abad1892ef23dede978
Certificate serial: 018ADFF74A65EE2C01985D7BE5F3683F30C0
Authority key identifier: BD:D2:44:21:4D:76:46:8D:3F:B7:2A:BA:D1:89:2E:F2:3D:ED:E9:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/8XtH2Pd-3FEmMElT5GmDt65ombQ.roa
Signing time: Fri 29 Sep 2023 08:04:00 +0000
ROA not before: Fri 29 Sep 2023 08:04:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6730
IP address blocks: 84.20.32.0/21 maxlen: 21
84.20.32.0/20 maxlen: 20
84.74.0.0/15 maxlen: 15
84.20.40.0/21 maxlen: 21
84.20.48.0/22 maxlen: 22
84.20.48.0/21 maxlen: 21
217.168.32.0/19 maxlen: 19
217.168.32.0/20 maxlen: 20
217.168.48.0/20 maxlen: 20
46.140.0.0/17 maxlen: 17
46.140.0.0/16 maxlen: 16
62.2.0.0/17 maxlen: 17
62.2.0.0/16 maxlen: 16
194.29.0.0/19 maxlen: 19
194.29.0.0/20 maxlen: 20
46.140.128.0/17 maxlen: 17
46.127.0.0/16 maxlen: 16
80.218.0.0/16 maxlen: 16
80.218.0.0/15 maxlen: 15
62.2.128.0/17 maxlen: 17
194.29.16.0/20 maxlen: 20
77.56.0.0/15 maxlen: 15
178.83.0.0/16 maxlen: 16
77.56.0.0/14 maxlen: 14
81.7.224.0/20 maxlen: 20
81.7.224.0/19 maxlen: 19
178.82.0.0/16 maxlen: 16
178.82.0.0/15 maxlen: 15
81.7.240.0/20 maxlen: 20
213.193.64.0/19 maxlen: 19
213.193.64.0/18 maxlen: 18
84.72.0.0/15 maxlen: 15
213.193.96.0/19 maxlen: 19
84.72.0.0/14 maxlen: 14
46.126.0.0/16 maxlen: 16
46.126.0.0/15 maxlen: 15
217.162.0.0/17 maxlen: 17
217.162.0.0/16 maxlen: 16
31.10.128.0/18 maxlen: 18
31.10.128.0/17 maxlen: 17
84.20.52.0/22 maxlen: 22
80.219.0.0/16 maxlen: 16
195.202.192.0/19 maxlen: 19
195.202.192.0/18 maxlen: 18
31.10.192.0/18 maxlen: 18
195.202.224.0/19 maxlen: 19
77.58.0.0/15 maxlen: 15
217.162.128.0/17 maxlen: 17
212.47.160.0/20 maxlen: 20
212.47.160.0/19 maxlen: 19
212.47.176.0/20 maxlen: 20
2a02:aa00::/27 maxlen: 27
2a00:e2c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:df:f7:4a:65:ee:2c:01:98:5d:7b:e5:f3:68:3f:30:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdd244214d76468d3fb72abad1892ef23dede978
Validity
Not Before: Sep 29 08:04:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f17b47d8f77edc5126304953e46983b7ae6899b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:10:fc:e2:c7:0b:19:fe:f1:87:02:89:7f:57:
e9:4a:b0:7f:e0:f5:f2:1b:6e:18:9c:0c:56:bf:c7:
c9:95:0a:07:29:84:fa:7f:3d:98:c1:80:19:3e:59:
3a:aa:b6:44:13:1a:1c:4f:4a:ce:92:ce:aa:5c:1e:
59:96:a3:0b:5a:cb:dd:00:e4:88:57:1b:e5:66:51:
70:cb:7e:59:9b:60:d1:59:ae:fe:c9:03:c6:9e:86:
20:0f:00:d8:d9:23:7d:9f:d8:1f:b3:25:ff:15:ff:
34:f1:c9:9c:ae:6e:f1:b3:0d:6b:75:e5:0b:52:3d:
c9:c0:e0:07:ff:79:cb:7c:65:04:7c:2e:1a:82:50:
5c:d4:3d:55:cf:c6:37:d4:00:f2:45:bd:b2:ae:70:
c7:9d:73:45:aa:e0:1d:21:c7:21:32:52:1a:a6:84:
62:4b:69:8a:74:35:4e:e1:47:a7:78:f8:e8:45:14:
33:78:ef:e8:5c:93:83:18:fa:12:77:2a:d6:db:7f:
ae:df:ed:36:23:a0:d9:7f:ca:2b:fe:9b:f1:8b:8d:
4d:9f:3b:38:98:17:9a:77:17:f9:56:e2:0a:33:64:
c3:00:95:ea:86:37:96:b5:97:61:e5:9b:6d:be:eb:
b5:97:35:bf:b3:34:49:f6:62:48:85:e6:8c:af:03:
09:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:7B:47:D8:F7:7E:DC:51:26:30:49:53:E4:69:83:B7:AE:68:99:B4
X509v3 Authority Key Identifier:
keyid:BD:D2:44:21:4D:76:46:8D:3F:B7:2A:BA:D1:89:2E:F2:3D:ED:E9:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/8XtH2Pd-3FEmMElT5GmDt65ombQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/vdJEIU12Ro0_tyq60Yku8j3t6Xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.10.128.0/17
46.126.0.0/15
46.140.0.0/16
62.2.0.0/16
77.56.0.0/14
80.218.0.0/15
81.7.224.0/19
84.20.32.0-84.20.55.255
84.72.0.0/14
178.82.0.0/15
194.29.0.0/19
195.202.192.0/18
212.47.160.0/19
213.193.64.0/18
217.162.0.0/16
217.168.32.0/19
IPv6:
2a00:e2c0::/32
2a02:aa00::/27
Signature Algorithm: sha256WithRSAEncryption
2d:ca:90:2b:55:cb:04:a8:69:20:b8:52:25:6b:3b:ed:4f:a0:
c1:9c:8d:5c:ce:7f:c6:39:8f:cf:0e:47:d1:85:a2:a4:5d:04:
68:82:ad:ee:f1:6f:60:da:cf:ab:ba:1a:8a:59:05:15:74:ef:
f7:74:dd:9e:f6:02:6a:a8:49:2c:75:a3:4a:b2:7b:23:d9:3f:
72:3c:df:35:96:3f:37:9b:91:c5:d1:bd:3c:fa:e1:b1:ee:38:
f8:93:0d:4a:7e:1f:1c:27:50:61:c7:b5:f6:3a:90:13:35:06:
eb:5c:bb:b9:a4:f5:7f:2f:c2:07:fb:af:f7:57:bd:f0:25:81:
55:35:94:02:e7:5b:b1:14:e6:01:34:60:c0:bd:ef:5e:ff:f6:
e7:1c:3b:75:5a:6b:e3:a6:49:50:18:5a:33:46:54:ff:af:1f:
50:e3:e5:62:6b:76:2e:63:37:95:b7:49:0e:c1:d1:6b:bf:29:
12:6a:1a:cf:d7:ee:64:02:26:ab:09:06:13:10:91:0e:db:30:
26:d2:9b:ed:86:d2:52:4e:b8:c5:49:f5:fd:25:e2:c3:ff:7f:
05:27:af:92:2f:2e:4b:19:4d:59:02:83:ba:1c:a7:3e:af:df:
71:c0:a7:43:5e:e5:23:0a:0f:48:2e:6f:b2:26:0e:c7:92:dc:
7d:6e:7b:d2
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYrf90pl7iwBmF175fNoPzDAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZDI0NDIxNGQ3NjQ2OGQzZmI3MmFiYWQxODkyZWYyM2Rl
ZGU5NzgwHhcNMjMwOTI5MDgwNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTdiNDdkOGY3N2VkYzUxMjYzMDQ5NTNlNDY5ODNiN2FlNjg5OWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBD84scLGf7xhwKJf1fpSrB/4PXy
G24YnAxWv8fJlQoHKYT6fz2YwYAZPlk6qrZEExocT0rOks6qXB5ZlqMLWsvdAOSI
VxvlZlFwy35Zm2DRWa7+yQPGnoYgDwDY2SN9n9gfsyX/Ff808cmcrm7xsw1rdeUL
Uj3JwOAH/3nLfGUEfC4aglBc1D1Vz8Y31ADyRb2yrnDHnXNFquAdIcchMlIapoRi
S2mKdDVO4UenePjoRRQzeO/oXJODGPoSdyrW23+u3+02I6DZf8or/pvxi41Nnzs4
mBeadxf5VuIKM2TDAJXqhjeWtZdh5Zttvuu1lzW/szRJ9mJIheaMrwMJNQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFPF7R9j3ftxRJjBJU+Rpg7euaJm0MB8GA1UdIwQY
MBaAFL3SRCFNdkaNP7cqutGJLvI97el4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmRKRUlVMTJSbzBfdHlxNjBZa3U4ajN0NlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC83NTZlZWYtNjYyOS00NjNhLTk5ZmYt
NDZhNDNlZjAyMjFiLzEvOFh0SDJQZC0zRkVtTUVsVDVHbUR0NjVvbWJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC83NTZlZWYtNjYyOS00NjNhLTk5ZmYtNDZhNDNlZjAyMjFi
LzEvdmRKRUlVMTJSbzBfdHlxNjBZa3U4ajN0NlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MGYEAgABMGADBAcfCoAD
AwEufgMDAC6MAwMAPgIDAwJNOAMDAVDaAwQFUQfgMAwDBAVUFCADBANUFDADAwJU
SAMDAbJSAwQFwh0AAwQGw8rAAwQF1C+gAwQG1cFAAwMA2aIDBAXZqCAwFAQCAAIw
DgMFACoA4sADBQUqAqoAMA0GCSqGSIb3DQEBCwUAA4IBAQAtypArVcsEqGkguFIl
azvtT6DBnI1czn/GOY/PDkfRhaKkXQRogq3u8W9g2s+ruhqKWQUVdO/3dN2e9gJq
qEksdaNKsnsj2T9yPN81lj83m5HF0b08+uGx7jj4kw1Kfh8cJ1Bhx7X2OpATNQbr
XLu5pPV/L8IH+6/3V73wJYFVNZQC51uxFOYBNGDAve9e//bnHDt1WmvjpklQGFoz
RlT/rx9Q4+Via3YuYzeVt0kOwdFrvykSahrP1+5kAiarCQYTEJEO2zAm0pvthtJS
TrjFSfX9JeLD/38FJ6+SLy5LGU1ZAoO6HKc+r99xwKdDXuUjCg9ILm+yJg7Hktx9
bnvS
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:43:37 2025 by rpki-client