Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/sJOESvIe74RRpPg83mLv8mFX_nc.roa
File: sJOESvIe74RRpPg83mLv8mFX_nc.roa (raw, json)
Hash identifier: fFXvO0ETY5ZlumlExBe/TH9G8Kksp6BNdKiyze/98/M=
Subject key identifier: B0:93:84:4A:F2:1E:EF:84:51:A4:F8:3C:DE:62:EF:F2:61:57:FE:77
Certificate issuer: /CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Certificate serial: 01856BAEE18B4592A1F83B220A323F66F1AF
Authority key identifier: A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/sJOESvIe74RRpPg83mLv8mFX_nc.roa
Signing time: Sun 01 Jan 2023 04:55:01 +0000
ROA not before: Sun 01 Jan 2023 04:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41704
IP address blocks: 95.105.120.0/22 maxlen: 22
95.105.124.0/22 maxlen: 22
94.41.128.0/20 maxlen: 20
94.41.128.0/22 maxlen: 22
94.41.132.0/22 maxlen: 22
94.41.136.0/22 maxlen: 22
94.41.140.0/22 maxlen: 22
94.41.160.0/19 maxlen: 19
94.41.160.0/22 maxlen: 22
94.41.160.0/21 maxlen: 21
94.41.164.0/22 maxlen: 22
84.39.252.0/22 maxlen: 22
94.41.168.0/22 maxlen: 22
84.39.248.0/22 maxlen: 22
94.41.172.0/22 maxlen: 22
95.105.96.0/19 maxlen: 19
95.105.96.0/22 maxlen: 22
95.105.104.0/22 maxlen: 22
95.105.100.0/22 maxlen: 22
95.105.112.0/22 maxlen: 22
95.105.108.0/22 maxlen: 22
95.105.116.0/22 maxlen: 22
136.169.240.0/22 maxlen: 22
136.169.244.0/22 maxlen: 22
136.169.240.0/20 maxlen: 20
136.169.252.0/22 maxlen: 22
136.169.248.0/22 maxlen: 22
46.191.240.0/22 maxlen: 22
46.191.244.0/22 maxlen: 22
46.191.240.0/20 maxlen: 20
46.191.252.0/22 maxlen: 22
46.191.248.0/22 maxlen: 22
94.41.176.0/22 maxlen: 22
94.41.184.0/22 maxlen: 22
94.41.180.0/22 maxlen: 22
94.41.188.0/22 maxlen: 22
79.140.16.0/20 maxlen: 20
79.140.16.0/22 maxlen: 22
79.140.24.0/22 maxlen: 22
79.140.20.0/22 maxlen: 22
79.140.28.0/22 maxlen: 22
145.255.16.0/21 maxlen: 21
145.255.16.0/22 maxlen: 22
145.255.20.0/22 maxlen: 22
2a02:1c8:7::/48 maxlen: 48
2a02:1c8:700::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ae:e1:8b:45:92:a1:f8:3b:22:0a:32:3f:66:f1:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Validity
Not Before: Jan 1 04:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b093844af21eef8451a4f83cde62eff26157fe77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a5:5f:2b:aa:b7:19:d1:f4:6d:8c:e6:4b:9c:
05:af:eb:0b:09:f9:65:a4:c1:59:88:7b:f4:76:ff:
cd:0a:6d:c0:25:76:28:d4:b3:6d:dc:31:b2:93:74:
18:39:7d:b7:a3:e8:fb:57:a2:08:61:33:6b:63:df:
d1:fa:b7:82:b1:27:78:1b:0a:30:09:ed:1a:ef:30:
3c:50:54:57:a5:fc:08:ca:5f:0a:de:f3:a1:8c:02:
56:d7:83:3b:c4:a3:0d:90:89:28:c8:a9:f4:18:0c:
90:85:a0:3f:c4:d3:07:16:a7:e7:c6:6d:b4:46:dd:
e9:e4:3c:3d:6a:95:02:a5:78:76:30:84:bc:75:63:
8f:90:99:07:6e:99:e1:0f:f2:fe:2c:dc:55:01:cb:
be:d1:da:c6:48:9e:a5:71:31:14:48:7d:27:25:98:
3c:e7:db:b7:c8:e3:46:0c:34:18:38:7f:96:8b:2f:
09:74:98:b4:38:17:95:7e:df:a1:b2:e5:cd:b7:ca:
bd:8d:93:14:a3:fc:db:e9:01:57:ec:85:b0:21:94:
39:89:2b:bf:0c:c4:c9:0d:61:19:e8:e2:bc:df:71:
2f:56:b2:1f:cc:34:59:bd:65:4a:32:7d:d0:56:89:
47:bb:74:70:de:ba:ac:d8:8d:61:5e:39:78:cb:64:
52:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:93:84:4A:F2:1E:EF:84:51:A4:F8:3C:DE:62:EF:F2:61:57:FE:77
X509v3 Authority Key Identifier:
keyid:A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/sJOESvIe74RRpPg83mLv8mFX_nc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.191.240.0/20
79.140.16.0/20
84.39.248.0/21
94.41.128.0/20
94.41.160.0/19
95.105.96.0/19
136.169.240.0/20
145.255.16.0/21
IPv6:
2a02:1c8:7::/48
2a02:1c8:700::/40
Signature Algorithm: sha256WithRSAEncryption
08:80:2f:89:21:5d:42:49:e6:d9:29:cc:32:12:84:63:07:6b:
91:c3:14:0f:ac:a2:06:1d:1e:d4:1f:e8:cf:22:5a:db:ec:51:
b6:86:3f:97:00:3f:41:1d:ad:d5:c9:ce:7d:12:e8:df:40:dd:
a8:91:f2:d6:d7:db:7f:0d:f7:bc:92:a6:a9:c2:1b:3a:1b:b3:
3c:ec:e3:ea:bb:26:a8:8f:d3:34:2a:c0:10:b6:d4:33:39:8e:
13:dc:1a:f1:41:fa:b3:51:f7:5b:42:12:a0:29:4b:f9:ff:32:
d7:31:c3:38:23:52:ed:88:20:d4:8d:ad:8a:1e:47:89:81:5d:
fe:f7:48:a0:91:ce:4d:a1:9b:5c:f8:4a:9d:29:8a:c1:3b:43:
45:ef:c3:cc:c0:dc:69:31:d8:84:26:b6:b7:35:0a:de:27:dc:
89:ad:f2:cb:7e:91:5e:3b:6b:13:14:80:47:2e:ea:e8:4f:f5:
ac:eb:fc:68:bf:1a:a8:08:10:14:88:a1:63:8e:ad:63:0d:86:
e1:27:88:6b:d1:da:52:bf:92:cf:35:77:a4:b7:5d:d8:be:ff:
57:17:46:37:01:17:5a:0e:d7:cb:78:f2:0d:7f:de:6a:2f:fd:
53:54:b0:9b:f7:b3:c5:0f:c5:68:94:2e:54:e6:7b:95:0c:cb:
7e:cc:a7:59
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYVrruGLRZKh+DsiCjI/ZvGvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNmQwYWU1ZTJmYmZmY2NlMDg3NzBlYmMyMGMyMTZiOWZi
Zjk0ODUwHhcNMjMwMTAxMDQ1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDkzODQ0YWYyMWVlZjg0NTFhNGY4M2NkZTYyZWZmMjYxNTdmZTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqVfK6q3GdH0bYzmS5wFr+sLCfll
pMFZiHv0dv/NCm3AJXYo1LNt3DGyk3QYOX23o+j7V6IIYTNrY9/R+reCsSd4Gwow
Ce0a7zA8UFRXpfwIyl8K3vOhjAJW14M7xKMNkIkoyKn0GAyQhaA/xNMHFqfnxm20
Rt3p5Dw9apUCpXh2MIS8dWOPkJkHbpnhD/L+LNxVAcu+0drGSJ6lcTEUSH0nJZg8
59u3yONGDDQYOH+Wiy8JdJi0OBeVft+hsuXNt8q9jZMUo/zb6QFX7IWwIZQ5iSu/
DMTJDWEZ6OK833EvVrIfzDRZvWVKMn3QVolHu3Rw3rqs2I1hXjl4y2RS+QIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFLCThEryHu+EUaT4PN5i7/JhV/53MB8GA1UdIwQY
MBaAFKNtCuXi+//M4Idw68IMIWufv5SFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAt
Y2JiOTUxODNiMjdhLzEvc0pPRVN2SWU3NFJScFBnODNtTHY4bUZYX25jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAtY2JiOTUxODNiMjdh
LzEvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTA2BAIAATAwAwQELr/wAwQE
T4wQAwQDVCf4AwQEXimAAwQFXimgAwQFX2lgAwQEiKnwAwQDkf8QMBcEAgACMBED
BwAqAgHIAAcDBgAqAgHIBzANBgkqhkiG9w0BAQsFAAOCAQEACIAviSFdQknm2SnM
MhKEYwdrkcMUD6yiBh0e1B/ozyJa2+xRtoY/lwA/QR2t1cnOfRLo30DdqJHy1tfb
fw33vJKmqcIbOhuzPOzj6rsmqI/TNCrAELbUMzmOE9wa8UH6s1H3W0ISoClL+f8y
1zHDOCNS7Ygg1I2tih5HiYFd/vdIoJHOTaGbXPhKnSmKwTtDRe/DzMDcaTHYhCa2
tzUK3ifcia3yy36RXjtrExSARy7q6E/1rOv8aL8aqAgQFIihY46tYw2G4SeIa9Ha
Ur+SzzV3pLdd2L7/VxdGNwEXWg7Xy3jyDX/eai/9U1Swm/ezxQ/FaJQuVOZ7lQzL
fsynWQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:23 2025 by rpki-client