Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/hQhtx8tk1XJ1GO5XuA2J2qw3rf0.roa
File: hQhtx8tk1XJ1GO5XuA2J2qw3rf0.roa (raw, json)
Hash identifier: yxa8TPZ2vdVJqKR6G3aehBZZlRpAwGwPEoTaM8XqUIY=
Subject key identifier: 85:08:6D:C7:CB:64:D5:72:75:18:EE:57:B8:0D:89:DA:AC:37:AD:FD
Certificate issuer: /CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Certificate serial: 018721F91DA9C32CC9FF2C279D3D1DC415FF
Authority key identifier: D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/hQhtx8tk1XJ1GO5XuA2J2qw3rf0.roa
Signing time: Mon 27 Mar 2023 07:29:46 +0000
ROA not before: Mon 27 Mar 2023 07:29:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15580
IP address blocks: 194.127.64.0/24 maxlen: 24
194.127.67.0/24 maxlen: 24
194.127.65.0/24 maxlen: 24
194.127.66.0/24 maxlen: 24
194.127.74.0/24 maxlen: 24
194.127.75.0/24 maxlen: 24
194.127.72.0/24 maxlen: 24
194.127.73.0/24 maxlen: 24
194.127.76.0/24 maxlen: 24
194.127.80.0/20 maxlen: 20
194.127.81.0/24 maxlen: 24
194.127.88.0/24 maxlen: 24
194.127.89.0/24 maxlen: 24
194.127.9.224/27 maxlen: 27
193.194.10.0/23 maxlen: 23
193.194.10.0/24 maxlen: 24
193.194.11.0/24 maxlen: 24
193.194.6.0/23 maxlen: 23
193.194.12.0/22 maxlen: 22
194.127.4.0/24 maxlen: 24
194.127.3.0/24 maxlen: 24
194.127.1.0/24 maxlen: 24
194.127.2.0/24 maxlen: 24
194.127.0.0/18 maxlen: 18
194.127.0.0/24 maxlen: 24
194.127.5.0/24 maxlen: 24
194.127.9.0/24 maxlen: 24
194.127.11.0/24 maxlen: 24
194.127.10.0/24 maxlen: 24
194.127.17.0/24 maxlen: 24
194.127.12.0/24 maxlen: 24
194.127.15.0/24 maxlen: 24
194.127.13.0/24 maxlen: 24
194.127.14.0/24 maxlen: 24
194.127.24.0/23 maxlen: 23
194.127.19.0/24 maxlen: 24
194.127.22.0/24 maxlen: 24
194.127.23.0/24 maxlen: 24
194.127.20.0/24 maxlen: 24
194.127.21.0/24 maxlen: 24
194.127.31.0/24 maxlen: 24
194.127.26.0/24 maxlen: 24
194.127.26.0/23 maxlen: 23
194.127.29.0/24 maxlen: 24
194.127.27.0/24 maxlen: 24
194.127.28.0/24 maxlen: 24
194.127.32.0/22 maxlen: 24
91.206.86.0/24 maxlen: 24
194.127.9.64/27 maxlen: 27
193.58.216.0/24 maxlen: 24
193.58.222.0/24 maxlen: 24
193.58.222.0/23 maxlen: 23
193.58.223.0/24 maxlen: 24
2a01:6f8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:21:f9:1d:a9:c3:2c:c9:ff:2c:27:9d:3d:1d:c4:15:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Validity
Not Before: Mar 27 07:29:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85086dc7cb64d5727518ee57b80d89daac37adfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:42:60:a4:10:e2:cb:9e:8c:0c:dd:4a:f2:84:
2a:b6:40:bd:dd:5a:ee:e7:09:09:a0:a6:77:e9:d0:
bc:ed:e6:b3:e3:68:38:e0:25:86:11:1e:ba:78:ec:
4a:f8:1a:c7:36:0e:4f:e5:a6:10:57:e5:0b:07:14:
9a:81:c3:91:96:41:bb:38:ba:c0:4f:ca:30:93:78:
92:9a:c8:6d:dd:95:4f:54:cb:04:36:fc:4a:4b:f4:
49:c1:4e:12:a5:f7:c8:a4:4c:9a:5a:c5:92:74:60:
8a:37:f0:0a:96:6e:00:7c:98:8e:9d:b7:81:ea:1a:
84:52:be:ca:82:a0:c2:fe:b4:5c:3e:b1:7a:b9:27:
d5:dd:72:26:26:07:a5:fc:11:02:f1:42:40:29:51:
33:84:64:43:1a:41:b5:6e:f3:61:35:57:5c:e7:8d:
bb:55:d2:48:97:09:fa:68:f5:a9:1d:b2:86:2c:84:
df:8e:ed:d8:fe:69:9c:e2:a8:69:3f:dd:cb:d4:6e:
12:fc:e4:90:b2:7e:b7:ff:99:26:86:10:50:db:6f:
83:27:53:fd:20:86:af:e9:25:fe:bb:e0:ef:ce:7f:
4e:7b:32:5d:16:04:90:ce:a0:ea:94:d0:a1:e0:2c:
69:7f:d1:8a:2a:dc:a4:11:48:11:77:fc:2c:e6:de:
b3:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:08:6D:C7:CB:64:D5:72:75:18:EE:57:B8:0D:89:DA:AC:37:AD:FD
X509v3 Authority Key Identifier:
keyid:D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/hQhtx8tk1XJ1GO5XuA2J2qw3rf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.86.0/24
193.58.216.0/24
193.58.222.0/23
193.194.6.0/23
193.194.10.0-193.194.15.255
194.127.0.0-194.127.67.255
194.127.72.0-194.127.76.255
194.127.80.0/20
IPv6:
2a01:6f8::/32
Signature Algorithm: sha256WithRSAEncryption
bc:9d:c0:47:2d:72:2e:01:56:e7:f8:00:a3:77:be:a0:32:54:
42:3c:d6:0d:9b:0f:10:50:c7:4d:82:c0:09:ad:5d:4c:f9:70:
76:72:e3:97:58:2a:b0:d3:b5:bc:be:88:4c:b4:b2:10:6a:eb:
c7:64:63:1e:08:0f:72:22:1d:c4:a3:62:75:e7:7a:d9:77:3a:
3e:a0:f3:95:c2:95:65:c8:07:df:8c:40:36:89:73:bf:7e:91:
57:b3:fb:e3:05:bc:5c:51:97:96:61:7e:0d:4e:50:da:57:9e:
a9:84:6a:f7:8d:aa:0c:06:82:0c:a0:d3:8c:64:5b:1a:30:cb:
1f:ff:59:0e:75:0d:3e:ed:ee:13:a2:02:7e:b9:0a:67:7a:73:
66:b3:16:b2:ae:f5:35:ba:41:78:6b:d2:65:12:41:b0:05:5e:
a7:bb:05:44:ff:9c:3c:a2:03:86:fa:92:b6:e2:8d:d3:d8:95:
ff:50:ab:7d:4d:ff:57:25:83:7e:66:dc:ca:f7:a3:4e:6a:6c:
bc:00:f3:fd:6b:43:1f:6e:e0:77:17:40:2c:54:32:56:a8:2f:
fb:45:bb:ac:ef:a6:25:be:ea:1b:ca:be:f2:52:13:fd:38:51:
25:c1:d6:8f:50:f0:2a:99:f4:30:e1:7e:8b:93:d5:5e:c0:46:
75:82:7f:ca
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYch+R2pwyzJ/ywnnT0dxBX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMWRkMWE1MTRkM2E3ZTNkZmRiOGJmYjc1ZDdkMjRlZDk4
ZDQ3OWYwHhcNMjMwMzI3MDcyOTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTA4NmRjN2NiNjRkNTcyNzUxOGVlNTdiODBkODlkYWFjMzdhZGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUJgpBDiy56MDN1K8oQqtkC93Vru
5wkJoKZ36dC87eaz42g44CWGER66eOxK+BrHNg5P5aYQV+ULBxSagcORlkG7OLrA
T8owk3iSmsht3ZVPVMsENvxKS/RJwU4SpffIpEyaWsWSdGCKN/AKlm4AfJiOnbeB
6hqEUr7KgqDC/rRcPrF6uSfV3XImJgel/BEC8UJAKVEzhGRDGkG1bvNhNVdc5427
VdJIlwn6aPWpHbKGLITfju3Y/mmc4qhpP93L1G4S/OSQsn63/5kmhhBQ22+DJ1P9
IIav6SX+u+Dvzn9OezJdFgSQzqDqlNCh4Cxpf9GKKtykEUgRd/ws5t6ziwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFIUIbcfLZNVydRjuV7gNidqsN639MB8GA1UdIwQY
MBaAFNMd0aUU06fj39uL+3XX0k7ZjUefMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjIt
YjE2NmFlMmVmMjg3LzEvaFFodHg4dGsxWEoxR081WHVBMkoycXczcmYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjItYjE2NmFlMmVmMjg3
LzEvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBNBAIAATBHAwQAW85WAwQA
wTrYAwQBwTreAwQBwcIGMAwDBAHBwgoDBATBwgAwCwMDAMJ/AwQCwn9AMAwDBAPC
f0gDBADCf0wDBATCf1AwDQQCAAIwBwMFACoBBvgwDQYJKoZIhvcNAQELBQADggEB
ALydwEctci4BVuf4AKN3vqAyVEI81g2bDxBQx02CwAmtXUz5cHZy45dYKrDTtby+
iEy0shBq68dkYx4ID3IiHcSjYnXnetl3Oj6g85XClWXIB9+MQDaJc79+kVez++MF
vFxRl5Zhfg1OUNpXnqmEaveNqgwGggyg04xkWxowyx//WQ51DT7t7hOiAn65Cmd6
c2azFrKu9TW6QXhr0mUSQbAFXqe7BUT/nDyiA4b6krbijdPYlf9Qq31N/1clg35m
3Mr3o05qbLwA8/1rQx9u4HcXQCxUMlaoL/tFu6zvpiW+6hvKvvJSE/04USXB1o9Q
8CqZ9DDhfouT1V7ARnWCf8o=
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:50:19 2025 by rpki-client