Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/8e2067-283b-4e4e-b67e-69f33fe1b530/1/eYHaxa6XIkBjLbGKErsbxiq-bLQ.roa
File: eYHaxa6XIkBjLbGKErsbxiq-bLQ.roa (raw, json)
Hash identifier: QbZ0cG5jOtMbLDGMANZk+Cs4GTfjpsWoZw6s6ucwvhQ=
Subject key identifier: 79:81:DA:C5:AE:97:22:40:63:2D:B1:8A:12:BB:1B:C6:2A:BE:6C:B4
Certificate issuer: /CN=162e48329c8be8ef209e9958da66ab0240145e19
Certificate serial: 018B14C98FF96DEA73572D50A1544CCEB255
Authority key identifier: 16:2E:48:32:9C:8B:E8:EF:20:9E:99:58:DA:66:AB:02:40:14:5E:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fi5IMpyL6O8gnplY2marAkAUXhk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/8e2067-283b-4e4e-b67e-69f33fe1b530/1/eYHaxa6XIkBjLbGKErsbxiq-bLQ.roa
Signing time: Mon 09 Oct 2023 14:13:55 +0000
ROA not before: Mon 09 Oct 2023 14:13:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57795
IP address blocks: 93.92.24.0/21 maxlen: 21
185.43.212.0/22 maxlen: 22
185.6.204.0/22 maxlen: 22
185.144.20.0/22 maxlen: 22
185.221.156.0/22 maxlen: 22
185.34.176.0/22 maxlen: 22
185.37.64.0/23 maxlen: 23
185.37.64.0/22 maxlen: 22
83.174.128.0/20 maxlen: 20
23.249.232.0/21 maxlen: 21
37.114.88.0/21 maxlen: 21
149.143.0.0/19 maxlen: 19
185.254.41.0/24 maxlen: 24
185.254.42.0/23 maxlen: 23
2a00:9340::/29 maxlen: 29
2a07:36c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:14:c9:8f:f9:6d:ea:73:57:2d:50:a1:54:4c:ce:b2:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=162e48329c8be8ef209e9958da66ab0240145e19
Validity
Not Before: Oct 9 14:13:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7981dac5ae972240632db18a12bb1bc62abe6cb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:03:43:fc:0c:14:bc:24:dc:d8:7b:6d:ee:b0:
67:63:fe:a5:45:0a:af:d5:61:4b:eb:a3:9c:fb:07:
f7:db:bd:db:ea:fc:72:41:d9:2c:78:ca:aa:ed:a9:
44:14:e1:d7:27:0d:f6:fd:f0:a4:50:14:5c:f9:a6:
2d:84:35:28:e1:90:cb:a1:4d:49:6f:64:9a:14:43:
90:39:90:fe:14:a8:9a:21:82:e0:64:f0:8d:d8:38:
21:c8:b9:e4:f0:96:e8:47:1a:66:7a:cb:63:5f:29:
fc:38:d9:61:c5:c2:6e:eb:50:ad:70:b2:be:79:d5:
6b:0c:2b:dd:ef:21:98:57:af:77:18:7c:67:cd:c5:
dd:9b:40:db:db:9d:44:bd:7b:41:b8:33:2e:57:ca:
20:0d:ce:83:18:ff:69:00:ab:04:4f:ad:8c:c4:97:
33:76:52:0a:bd:89:c8:c5:37:e8:15:79:ee:00:09:
3c:35:83:c7:6f:1a:3c:d9:ef:df:bd:06:a3:74:f8:
a8:8c:bd:aa:9c:45:a9:21:2d:37:37:22:2d:5a:d4:
91:72:4c:43:40:79:84:24:cc:c6:24:ad:7b:77:1d:
cb:f9:8f:45:c8:ba:78:ee:b5:29:bb:d1:45:c0:b5:
df:95:f3:b3:1e:a3:94:e7:a3:80:0f:81:a3:d8:43:
88:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:81:DA:C5:AE:97:22:40:63:2D:B1:8A:12:BB:1B:C6:2A:BE:6C:B4
X509v3 Authority Key Identifier:
keyid:16:2E:48:32:9C:8B:E8:EF:20:9E:99:58:DA:66:AB:02:40:14:5E:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fi5IMpyL6O8gnplY2marAkAUXhk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/8e2067-283b-4e4e-b67e-69f33fe1b530/1/eYHaxa6XIkBjLbGKErsbxiq-bLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/8e2067-283b-4e4e-b67e-69f33fe1b530/1/Fi5IMpyL6O8gnplY2marAkAUXhk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.249.232.0/21
37.114.88.0/21
83.174.128.0/20
93.92.24.0/21
149.143.0.0/19
185.6.204.0/22
185.34.176.0/22
185.37.64.0/22
185.43.212.0/22
185.144.20.0/22
185.221.156.0/22
185.254.41.0-185.254.43.255
IPv6:
2a00:9340::/29
2a07:36c0::/29
Signature Algorithm: sha256WithRSAEncryption
c5:ef:af:d5:9c:85:25:43:5a:95:d7:26:40:ad:86:34:3f:07:
95:97:de:3c:19:d5:75:15:2e:0c:50:ba:5d:8c:05:d0:48:6b:
26:eb:b4:eb:f9:56:60:76:4d:11:84:8a:22:9f:88:d1:c2:86:
90:a9:31:a2:83:aa:79:32:00:d9:a1:dc:ac:73:0b:5b:94:ef:
36:16:23:e2:59:31:0f:4c:f9:6f:e9:92:38:c5:b7:db:ce:75:
f4:92:6e:0a:60:80:33:d9:e4:51:8f:07:48:1a:0d:19:3e:a9:
04:1c:b6:96:34:22:ba:cb:ac:f8:80:57:e4:07:81:df:15:96:
68:cf:a0:58:80:c3:74:7c:56:34:b6:a4:b3:62:e8:25:95:5c:
e9:8f:71:74:ef:6b:0b:e8:87:11:16:09:66:89:fa:19:03:fb:
05:8d:d1:3d:c7:3c:e5:0e:42:ee:3f:ca:16:d7:1f:03:3c:6e:
aa:58:47:3c:7d:14:99:e9:b0:bb:a9:e8:f4:66:df:f5:c5:21:
c1:5e:a4:12:d1:40:3e:c0:2e:7a:34:de:e0:ef:e7:5a:d7:0e:
ef:cd:7f:c6:50:da:d6:44:78:6b:78:0e:d6:9c:c5:f2:f1:cf:
ad:b3:58:09:1b:5c:28:09:75:f2:12:42:33:31:0f:bd:7c:ac:
8d:70:ef:e5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYsUyY/5bepzVy1QoVRMzrJVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MmU0ODMyOWM4YmU4ZWYyMDllOTk1OGRhNjZhYjAyNDAx
NDVlMTkwHhcNMjMxMDA5MTQxMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTgxZGFjNWFlOTcyMjQwNjMyZGIxOGExMmJiMWJjNjJhYmU2Y2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgND/AwUvCTc2Htt7rBnY/6lRQqv
1WFL66Oc+wf3273b6vxyQdkseMqq7alEFOHXJw32/fCkUBRc+aYthDUo4ZDLoU1J
b2SaFEOQOZD+FKiaIYLgZPCN2DghyLnk8JboRxpmestjXyn8ONlhxcJu61CtcLK+
edVrDCvd7yGYV693GHxnzcXdm0Db251EvXtBuDMuV8ogDc6DGP9pAKsET62MxJcz
dlIKvYnIxTfoFXnuAAk8NYPHbxo82e/fvQajdPiojL2qnEWpIS03NyItWtSRckxD
QHmEJMzGJK17dx3L+Y9FyLp47rUpu9FFwLXflfOzHqOU56OAD4Gj2EOIUwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFHmB2sWulyJAYy2xihK7G8Yqvmy0MB8GA1UdIwQY
MBaAFBYuSDKci+jvIJ6ZWNpmqwJAFF4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmk1SU1weUw2TzhnbnBsWTJtYXJBa0FVWGhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi84ZTIwNjctMjgzYi00ZTRlLWI2N2Ut
NjlmMzNmZTFiNTMwLzEvZVlIYXhhNlhJa0JqTGJHS0Vyc2J4aXEtYkxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi84ZTIwNjctMjgzYi00ZTRlLWI2N2UtNjlmMzNmZTFiNTMw
LzEvRmk1SU1weUw2TzhnbnBsWTJtYXJBa0FVWGhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQAwQDF/noAwQD
JXJYAwQEU66AAwQDXVwYAwQFlY8AAwQCuQbMAwQCuSKwAwQCuSVAAwQCuSvUAwQC
uZAUAwQCud2cMAwDBAC5/ikDBAK5/igwFAQCAAIwDgMFAyoAk0ADBQMqBzbAMA0G
CSqGSIb3DQEBCwUAA4IBAQDF76/VnIUlQ1qV1yZArYY0PweVl948GdV1FS4MULpd
jAXQSGsm67Tr+VZgdk0RhIoin4jRwoaQqTGig6p5MgDZodyscwtblO82FiPiWTEP
TPlv6ZI4xbfbznX0km4KYIAz2eRRjwdIGg0ZPqkEHLaWNCK6y6z4gFfkB4HfFZZo
z6BYgMN0fFY0tqSzYugllVzpj3F072sL6IcRFglmifoZA/sFjdE9xzzlDkLuP8oW
1x8DPG6qWEc8fRSZ6bC7qej0Zt/1xSHBXqQS0UA+wC56NN7g7+da1w7vzX/GUNrW
RHhreA7WnMXy8c+ts1gJG1woCXXyEkIzMQ+9fKyNcO/l
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:22:15 2025 by rpki-client