Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/AfWPrkoVjZ9lXk2fWpDZAo5n-h0.roa
File: AfWPrkoVjZ9lXk2fWpDZAo5n-h0.roa (raw, json)
Hash identifier: OG8wiYicY4kCgq4FCviJiOfs9emC31YaDN1/LsdkhUY=
Subject key identifier: 01:F5:8F:AE:4A:15:8D:9F:65:5E:4D:9F:5A:90:D9:02:8E:67:FA:1D
Certificate issuer: /CN=7d61b8378e8f368ae4998d51c3a9ace64148d6cd
Certificate serial: 01856DDD6FBAB851D8B76B4F737F8F81D7B1
Authority key identifier: 7D:61:B8:37:8E:8F:36:8A:E4:99:8D:51:C3:A9:AC:E6:41:48:D6:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fWG4N46PNorkmY1Rw6ms5kFI1s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/AfWPrkoVjZ9lXk2fWpDZAo5n-h0.roa
Signing time: Sun 01 Jan 2023 15:05:06 +0000
ROA not before: Sun 01 Jan 2023 15:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35790
IP address blocks: 213.204.218.0/24 maxlen: 24
213.204.216.0/23 maxlen: 23
213.204.215.0/24 maxlen: 24
213.204.219.0/24 maxlen: 24
213.204.224.0/20 maxlen: 20
213.204.222.0/24 maxlen: 24
213.204.221.0/24 maxlen: 24
213.204.232.0/24 maxlen: 24
213.204.237.0/24 maxlen: 24
213.204.244.0/24 maxlen: 24
213.204.240.0/21 maxlen: 21
213.204.252.0/22 maxlen: 22
213.204.248.0/22 maxlen: 23
213.204.247.0/24 maxlen: 24
185.31.140.0/22 maxlen: 22
185.57.84.0/22 maxlen: 22
213.204.192.0/23 maxlen: 23
213.204.192.0/20 maxlen: 20
213.204.198.0/24 maxlen: 24
213.204.208.0/20 maxlen: 20
185.105.244.0/22 maxlen: 22
185.217.224.0/22 maxlen: 22
2a0b:cdc0::/29 maxlen: 29
2a0b:cdc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:6f:ba:b8:51:d8:b7:6b:4f:73:7f:8f:81:d7:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d61b8378e8f368ae4998d51c3a9ace64148d6cd
Validity
Not Before: Jan 1 15:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01f58fae4a158d9f655e4d9f5a90d9028e67fa1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:84:42:ac:7d:f1:65:c7:31:7a:1f:de:56:49:
4a:af:b4:63:84:c6:f9:7a:60:90:aa:f0:4f:e0:92:
4f:ab:20:20:ba:4d:03:bb:9a:ec:21:6f:5e:ac:2e:
37:6c:9b:ea:28:53:af:31:64:1b:24:ba:aa:c3:5e:
c6:d9:89:ff:7c:c4:3b:a1:cf:11:b4:6f:2d:ba:92:
88:3c:fb:cd:a0:b7:62:9a:89:44:81:29:99:28:e4:
db:55:f2:86:c2:09:c6:5f:20:05:d0:08:29:97:87:
9a:69:29:df:5d:af:7d:c0:76:63:2c:5d:45:c6:ae:
79:93:b4:23:51:b0:7a:fe:27:53:75:76:1d:38:dc:
05:dc:13:0b:e1:70:fb:6d:84:fb:42:78:1e:69:b1:
bc:9f:cf:0e:a8:cf:a1:f9:ee:a6:c8:fe:45:4a:cc:
99:d4:e2:78:9b:00:ef:c7:8b:3b:dc:f4:9a:4c:a2:
b3:b4:62:ff:f6:93:32:69:3f:46:dc:70:47:b9:7a:
b4:51:30:00:32:13:ba:1a:99:8b:c2:9d:06:cd:80:
ef:76:69:c2:47:6b:bf:16:d5:27:18:35:a1:a2:a6:
c2:1c:7f:25:ac:0c:29:6a:19:18:98:ca:f7:7d:c5:
51:a4:6f:c2:01:57:86:d8:05:9b:43:14:42:16:6a:
b8:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:F5:8F:AE:4A:15:8D:9F:65:5E:4D:9F:5A:90:D9:02:8E:67:FA:1D
X509v3 Authority Key Identifier:
keyid:7D:61:B8:37:8E:8F:36:8A:E4:99:8D:51:C3:A9:AC:E6:41:48:D6:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fWG4N46PNorkmY1Rw6ms5kFI1s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/AfWPrkoVjZ9lXk2fWpDZAo5n-h0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/fWG4N46PNorkmY1Rw6ms5kFI1s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.140.0/22
185.57.84.0/22
185.105.244.0/22
185.217.224.0/22
213.204.192.0/18
IPv6:
2a0b:cdc0::/29
Signature Algorithm: sha256WithRSAEncryption
45:ec:89:a2:a9:9a:ae:63:a8:7f:29:8e:a5:c2:1c:a5:ba:8c:
46:cc:ec:24:5d:1b:7d:9f:cb:73:c3:de:e6:cf:62:50:13:d8:
8f:8a:a4:82:10:12:21:39:44:97:c1:c0:88:07:4b:5c:ef:b7:
dc:0a:58:6f:55:f0:7d:ed:22:4e:8e:7a:03:64:e1:20:4d:ea:
b9:33:f6:d2:77:5c:2c:89:de:ff:3c:1c:f7:19:f4:e2:90:54:
af:bf:b2:ce:76:c0:44:b9:e5:24:6b:ca:c7:7b:b0:d2:4d:1b:
ae:c8:d8:ae:54:99:a9:c2:b6:d6:fd:b5:70:b5:32:8d:dc:6c:
1a:0f:b7:dd:5c:97:6f:4c:b2:be:e2:21:59:3d:30:21:24:53:
11:87:c8:62:cd:60:50:b4:42:49:52:cb:8c:e5:11:22:9a:a6:
18:c9:cb:9b:0c:8d:35:cc:33:7e:80:38:87:cd:fb:9d:5b:45:
09:fc:98:ae:9c:f3:20:48:b8:bc:f1:3a:db:9e:d0:b2:06:6d:
60:98:a0:c2:f8:c3:f3:98:1a:96:5a:7a:e6:b1:42:d7:8c:86:
59:b0:27:cc:29:84:26:30:15:55:ac:33:7f:eb:47:74:a2:b1:
45:37:9a:11:39:9a:85:db:c9:66:b6:c6:46:ca:cb:74:cf:56:
21:e8:3c:aa
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVt3W+6uFHYt2tPc3+PgdexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNjFiODM3OGU4ZjM2OGFlNDk5OGQ1MWMzYTlhY2U2NDE0
OGQ2Y2QwHhcNMjMwMTAxMTUwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWY1OGZhZTRhMTU4ZDlmNjU1ZTRkOWY1YTkwZDkwMjhlNjdmYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIRCrH3xZccxeh/eVklKr7RjhMb5
emCQqvBP4JJPqyAguk0Du5rsIW9erC43bJvqKFOvMWQbJLqqw17G2Yn/fMQ7oc8R
tG8tupKIPPvNoLdimolEgSmZKOTbVfKGwgnGXyAF0Agpl4eaaSnfXa99wHZjLF1F
xq55k7QjUbB6/idTdXYdONwF3BML4XD7bYT7QngeabG8n88OqM+h+e6myP5FSsyZ
1OJ4mwDvx4s73PSaTKKztGL/9pMyaT9G3HBHuXq0UTAAMhO6GpmLwp0GzYDvdmnC
R2u/FtUnGDWhoqbCHH8lrAwpahkYmMr3fcVRpG/CAVeG2AWbQxRCFmq4dQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFAH1j65KFY2fZV5Nn1qQ2QKOZ/odMB8GA1UdIwQY
MBaAFH1huDeOjzaK5JmNUcOprOZBSNbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZldHNE40NlBOb3JrbVkxUnc2bXM1a0ZJMXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZDgyMWItMzQ1Mi00MjdhLThlNDQt
ZDE2ZTRhZTYxZjgwLzEvQWZXUHJrb1ZqWjlsWGsyZldwRFpBbzVuLWgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZDgyMWItMzQ1Mi00MjdhLThlNDQtZDE2ZTRhZTYxZjgw
LzEvZldHNE40NlBOb3JrbVkxUnc2bXM1a0ZJMXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCuR+MAwQC
uTlUAwQCuWn0AwQCudngAwQG1czAMA0EAgACMAcDBQMqC83AMA0GCSqGSIb3DQEB
CwUAA4IBAQBF7ImiqZquY6h/KY6lwhyluoxGzOwkXRt9n8tzw97mz2JQE9iPiqSC
EBIhOUSXwcCIB0tc77fcClhvVfB97SJOjnoDZOEgTeq5M/bSd1wsid7/PBz3GfTi
kFSvv7LOdsBEueUka8rHe7DSTRuuyNiuVJmpwrbW/bVwtTKN3GwaD7fdXJdvTLK+
4iFZPTAhJFMRh8hizWBQtEJJUsuM5REimqYYycubDI01zDN+gDiHzfudW0UJ/Jiu
nPMgSLi88TrbntCyBm1gmKDC+MPzmBqWWnrmsULXjIZZsCfMKYQmMBVVrDN/60d0
orFFN5oROZqF28lmtsZGyst0z1Yh6Dyq
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:01 2025 by rpki-client