Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/9w-7iFpXrAKO8sG9-fUBe7AUlb0.roa
File: 9w-7iFpXrAKO8sG9-fUBe7AUlb0.roa (raw, json)
Hash identifier: wxyi/akXyOL4VcQNijJ7FJIThL/6VrnabEWJTMUlgaw=
Subject key identifier: F7:0F:BB:88:5A:57:AC:02:8E:F2:C1:BD:F9:F5:01:7B:B0:14:95:BD
Certificate issuer: /CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Certificate serial: 0183B1F8340FF5F6284380A8B2900FDBBD83
Authority key identifier: BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/9w-7iFpXrAKO8sG9-fUBe7AUlb0.roa
Signing time: Fri 07 Oct 2022 10:22:56 +0000
ROA not before: Fri 07 Oct 2022 10:22:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12824
IP address blocks: 46.41.128.0/18 maxlen: 18
62.129.245.0/24 maxlen: 24
62.129.250.0/24 maxlen: 24
89.161.253.0/24 maxlen: 24
212.85.96.0/24 maxlen: 24
212.85.96.0/19 maxlen: 19
89.161.254.0/24 maxlen: 24
46.41.159.0/24 maxlen: 24
46.242.144.0/24 maxlen: 24
79.96.0.0/16 maxlen: 16
46.242.150.0/24 maxlen: 24
62.129.192.0/18 maxlen: 18
188.128.244.0/24 maxlen: 24
188.128.255.0/24 maxlen: 24
89.161.128.0/17 maxlen: 17
46.242.128.0/17 maxlen: 17
188.128.128.0/17 maxlen: 17
188.128.128.0/24 maxlen: 24
188.128.130.0/24 maxlen: 24
188.128.129.0/24 maxlen: 24
2a02:25a8:dead::/48 maxlen: 48
2a02:25ad:1a:d1::/64 maxlen: 64
2a02:25a8::/32 maxlen: 32
2a02:25a8::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b1:f8:34:0f:f5:f6:28:43:80:a8:b2:90:0f:db:bd:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Validity
Not Before: Oct 7 10:22:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f70fbb885a57ac028ef2c1bdf9f5017bb01495bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ba:ce:b7:33:d1:35:7a:77:3c:65:8f:ab:a3:
c9:18:d5:3e:85:3e:02:d8:69:63:d5:61:6d:5b:df:
ce:6c:fd:e2:c8:28:ba:d7:cc:e9:43:41:19:4c:8f:
b6:e3:7e:a6:3f:6b:a7:ae:56:19:c2:b8:71:9b:05:
96:35:bd:29:3c:31:4a:1f:1a:db:20:32:f0:e2:21:
59:0e:bd:ed:5e:cb:37:61:86:08:64:63:c2:24:96:
6f:67:58:aa:ce:6e:e1:54:81:ed:fc:4e:90:3c:e6:
cb:23:d3:bd:5e:d5:68:c0:80:e0:f9:e1:e1:ef:d9:
d6:25:86:fa:e1:05:8d:e1:0f:68:68:7f:3e:fa:e2:
ca:40:5a:dc:86:91:6f:f8:b8:f8:87:32:17:cd:43:
1b:f0:ab:c4:cc:ce:60:27:76:39:f3:01:8a:c7:3b:
d5:8f:dc:a7:40:3e:bf:f5:ce:1e:9c:5b:1f:53:15:
cb:45:6c:54:ad:c0:47:29:ea:2b:31:de:48:6e:b3:
7a:80:bf:2d:dc:f0:b1:30:c3:39:22:4b:78:ff:aa:
f9:18:d4:c1:1a:4a:31:1d:6a:6e:48:bb:ee:91:a9:
8f:c9:b5:c6:42:32:4e:fe:77:55:44:67:ca:1a:0a:
64:a2:19:7f:c1:83:a1:b5:9d:d6:9a:92:bf:23:1b:
5f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:0F:BB:88:5A:57:AC:02:8E:F2:C1:BD:F9:F5:01:7B:B0:14:95:BD
X509v3 Authority Key Identifier:
keyid:BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/9w-7iFpXrAKO8sG9-fUBe7AUlb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/uytI9kNYARx4QtPOxcstRwaLg20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.41.128.0/18
46.242.128.0/17
62.129.192.0/18
79.96.0.0/16
89.161.128.0/17
188.128.128.0/17
212.85.96.0/19
IPv6:
2a02:25a8::/29
Signature Algorithm: sha256WithRSAEncryption
6c:5b:8b:de:62:1a:25:68:3f:e7:9b:0f:42:a5:3d:27:52:b8:
2b:e5:f1:41:60:d2:c8:e5:33:f3:10:d1:97:4d:d0:7f:87:05:
7a:04:1d:24:3b:c9:18:d9:ef:cf:e7:05:fd:8a:77:62:4f:e5:
59:dd:9c:46:20:a5:db:45:6e:73:a5:06:2d:a0:fc:e4:c8:04:
50:86:36:de:f3:92:68:86:56:96:78:7a:b2:ee:37:9a:7e:ce:
53:81:88:de:9b:20:1f:d2:4d:44:73:59:73:4a:14:26:64:a4:
26:dc:22:2c:15:ff:cb:5f:80:99:f6:d9:f2:e8:91:9a:f2:8b:
e7:58:c7:19:c6:16:be:40:0d:c7:62:2e:dc:7b:b0:ef:01:5a:
ee:bd:ea:d7:8b:04:86:1a:71:4b:00:a6:3c:7c:b6:f5:84:ce:
3b:9b:95:be:c9:0a:78:bf:b8:a9:12:e1:a8:c1:f5:39:5d:a9:
c3:72:71:c7:36:db:0b:5f:fd:1d:62:50:8a:d2:52:5c:1d:92:
8e:79:e3:ba:d7:c0:ca:e9:52:7c:bb:0a:cc:21:6b:bc:03:83:
07:03:d9:8d:75:10:c2:02:58:42:65:ee:d0:95:ac:9f:a2:3c:
42:15:6d:44:04:e8:eb:ae:66:86:b4:74:b7:3b:03:65:46:e9:
63:ea:8d:3d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYOx+DQP9fYoQ4CospAP272DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMmI0OGY2NDM1ODAxMWM3ODQyZDNjZWM1Y2IyZDQ3MDY4
YjgzNmQwHhcNMjIxMDA3MTAyMjU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzBmYmI4ODVhNTdhYzAyOGVmMmMxYmRmOWY1MDE3YmIwMTQ5NWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLrOtzPRNXp3PGWPq6PJGNU+hT4C
2Glj1WFtW9/ObP3iyCi618zpQ0EZTI+2436mP2unrlYZwrhxmwWWNb0pPDFKHxrb
IDLw4iFZDr3tXss3YYYIZGPCJJZvZ1iqzm7hVIHt/E6QPObLI9O9XtVowIDg+eHh
79nWJYb64QWN4Q9oaH8++uLKQFrchpFv+Lj4hzIXzUMb8KvEzM5gJ3Y58wGKxzvV
j9ynQD6/9c4enFsfUxXLRWxUrcBHKeorMd5IbrN6gL8t3PCxMMM5Ikt4/6r5GNTB
GkoxHWpuSLvukamPybXGQjJO/ndVRGfKGgpkohl/wYOhtZ3WmpK/Ixtf2QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFPcPu4haV6wCjvLBvfn1AXuwFJW9MB8GA1UdIwQY
MBaAFLsrSPZDWAEceELTzsXLLUcGi4NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODIt
YzUyMjk4NjNhZWJhLzEvOXctN2lGcFhyQUtPOHNHOS1mVUJlN0FVbGIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODItYzUyMjk4NjNhZWJh
LzEvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAvBAIAATApAwQGLimAAwQH
LvKAAwQGPoHAAwMAT2ADBAdZoYADBAe8gIADBAXUVWAwDQQCAAIwBwMFAyoCJagw
DQYJKoZIhvcNAQELBQADggEBAGxbi95iGiVoP+ebD0KlPSdSuCvl8UFg0sjlM/MQ
0ZdN0H+HBXoEHSQ7yRjZ78/nBf2Kd2JP5VndnEYgpdtFbnOlBi2g/OTIBFCGNt7z
kmiGVpZ4erLuN5p+zlOBiN6bIB/STURzWXNKFCZkpCbcIiwV/8tfgJn22fLokZry
i+dYxxnGFr5ADcdiLtx7sO8BWu696teLBIYacUsApjx8tvWEzjublb7JCni/uKkS
4ajB9TldqcNyccc22wtf/R1iUIrSUlwdko5547rXwMrpUny7Cswha7wDgwcD2Y11
EMICWEJl7tCVrJ+iPEIVbUQE6OuuZoa0dLc7A2VG6WPqjT0=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:21:46 2025 by rpki-client