Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/orb2oy_S73_UeIhQ6WLQBQYYY-M.roa
File: orb2oy_S73_UeIhQ6WLQBQYYY-M.roa (raw, json)
Hash identifier: xGrWVYrwTQqvDDF2uDvMIwScPckDWNmbJAIiuTyhgtc=
Subject key identifier: A2:B6:F6:A3:2F:D2:EF:7F:D4:78:88:50:E9:62:D0:05:06:18:63:E3
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 01856C4A707CA16C4E43C67C96693D46B6AC
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/orb2oy_S73_UeIhQ6WLQBQYYY-M.roa
Signing time: Sun 01 Jan 2023 07:44:55 +0000
ROA not before: Sun 01 Jan 2023 07:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 45.144.88.0/22 maxlen: 24
87.239.254.0/24 maxlen: 32
45.149.28.0/22 maxlen: 24
89.44.205.0/24 maxlen: 32
91.228.216.0/24 maxlen: 24
185.36.254.0/24 maxlen: 32
185.217.64.0/22 maxlen: 22
185.166.84.0/24 maxlen: 32
86.105.183.0/24 maxlen: 32
185.188.61.0/24 maxlen: 24
185.188.62.0/24 maxlen: 24
185.188.63.0/24 maxlen: 24
94.46.206.0/24 maxlen: 32
89.40.24.0/24 maxlen: 32
185.152.248.0/22 maxlen: 32
5.154.174.0/24 maxlen: 24
80.246.30.0/24 maxlen: 32
45.156.224.0/22 maxlen: 32
185.153.151.0/24 maxlen: 32
188.119.154.0/24 maxlen: 32
185.160.44.0/22 maxlen: 32
185.96.162.0/24 maxlen: 32
77.246.152.0/22 maxlen: 22
45.95.24.0/22 maxlen: 32
185.152.36.0/22 maxlen: 32
195.47.194.0/24 maxlen: 32
89.35.249.0/24 maxlen: 32
185.108.104.0/24 maxlen: 32
185.108.105.0/24 maxlen: 32
2a06:4a00::/29 maxlen: 32
2a05:28c0::/29 maxlen: 32
2a06:5700::/29 maxlen: 32
2a01:4740::/32 maxlen: 32
2a06:46c0::/29 maxlen: 32
2a06:5000::/29 maxlen: 32
2a05:f4c0::/29 maxlen: 29
2a06:3040::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:70:7c:a1:6c:4e:43:c6:7c:96:69:3d:46:b6:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Jan 1 07:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2b6f6a32fd2ef7fd4788850e962d005061863e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:56:48:d0:3e:a0:77:fd:c0:27:3d:c6:65:f7:
6b:20:c6:67:63:23:7b:3c:5a:a1:c1:c2:66:e1:b7:
f6:84:d3:c0:48:b1:d7:b6:b2:37:02:97:4c:fa:10:
35:c5:67:c9:63:c7:ac:52:b4:33:9c:19:60:63:e4:
a6:22:b2:cb:0b:22:f7:ef:c5:db:52:ac:05:66:69:
e2:9b:8d:2b:26:aa:4d:5a:b7:2c:e4:98:c0:bf:9d:
83:a1:a5:27:ef:29:6e:f7:7c:20:d1:1a:1a:80:e4:
4b:82:75:eb:51:3a:1d:63:6d:5e:d9:d0:d1:60:f5:
b5:16:b8:4e:8a:6d:59:a4:17:ff:b3:aa:bf:7a:c7:
12:ab:a4:8b:64:26:0c:6c:81:01:92:bf:84:41:65:
90:06:19:55:60:07:aa:7e:e6:3c:37:1c:52:3f:1c:
94:be:79:79:9d:de:ce:0d:80:48:6d:9e:27:4c:ef:
e6:b5:b0:8a:0b:c6:fb:2a:5e:f3:3a:fe:b1:ec:36:
8e:dc:7d:21:0c:6d:fc:d2:03:83:d7:d5:53:4d:35:
cd:40:40:1d:89:c5:11:b7:97:10:f1:b8:e7:21:db:
e9:6e:ac:74:c9:77:a8:94:9c:2d:67:30:cf:e7:0e:
07:b6:5f:34:83:5b:a3:d0:da:8a:19:a3:bf:eb:9c:
1f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:B6:F6:A3:2F:D2:EF:7F:D4:78:88:50:E9:62:D0:05:06:18:63:E3
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/orb2oy_S73_UeIhQ6WLQBQYYY-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.174.0/24
45.95.24.0/22
45.144.88.0/22
45.149.28.0/22
45.156.224.0/22
77.246.152.0/22
80.246.30.0/24
86.105.183.0/24
87.239.254.0/24
89.35.249.0/24
89.40.24.0/24
89.44.205.0/24
91.228.216.0/24
94.46.206.0/24
185.36.254.0/24
185.96.162.0/24
185.108.104.0/23
185.152.36.0/22
185.152.248.0/22
185.153.151.0/24
185.160.44.0/22
185.166.84.0/24
185.188.61.0-185.188.63.255
185.217.64.0/22
188.119.154.0/24
195.47.194.0/24
IPv6:
2a01:4740::/32
2a05:28c0::/29
2a05:f4c0::/29
2a06:3040::/29
2a06:46c0::/29
2a06:4a00::/29
2a06:5000::/29
2a06:5700::/29
Signature Algorithm: sha256WithRSAEncryption
8b:9c:96:3c:f5:8f:58:7d:48:bb:83:84:cb:d4:9a:c4:8e:be:
6e:89:2b:bb:a4:a8:10:bc:6f:5a:24:81:47:29:02:a5:2d:23:
bb:5a:03:9d:ac:95:d6:02:e2:5e:95:de:7c:20:56:0c:8c:f8:
6c:be:36:cd:dc:f7:6b:1e:69:21:1c:5c:40:86:c7:d6:54:71:
e1:4b:20:17:66:c6:24:ed:30:29:97:29:51:72:bf:1a:aa:3b:
e4:6c:cf:ae:41:e3:d6:88:df:18:6a:6b:e1:a5:fc:dd:70:8f:
ed:c4:dc:9e:ce:ae:95:c8:bc:11:13:ca:c7:d8:e6:11:99:d7:
93:27:f3:0f:be:68:73:fb:12:cd:fc:de:62:6b:b2:ac:5e:e8:
c5:34:c8:f4:a4:26:85:96:73:7b:33:35:7c:30:ad:05:be:a9:
b1:e8:1e:86:f1:0d:e0:26:cd:57:f6:4c:0a:be:2a:91:c8:e9:
11:57:aa:7b:02:cf:2b:d5:bb:70:f6:08:b8:e3:b7:61:f9:0b:
21:43:46:62:8c:6d:3e:62:eb:3e:e6:c5:5c:ad:5d:fd:46:b3:
05:04:7e:5e:cb:55:fd:6b:bd:39:08:8d:d4:2f:25:91:c1:e9:
67:d3:2c:76:fb:0d:59:55:5b:86:81:26:40:d5:6b:1d:a1:90:
bf:c5:ed:6e
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAYVsSnB8oWxOQ8Z8lmk9RrasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjMwMTAxMDc0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmI2ZjZhMzJmZDJlZjdmZDQ3ODg4NTBlOTYyZDAwNTA2MTg2M2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglZI0D6gd/3AJz3GZfdrIMZnYyN7
PFqhwcJm4bf2hNPASLHXtrI3ApdM+hA1xWfJY8esUrQznBlgY+SmIrLLCyL378Xb
UqwFZmnim40rJqpNWrcs5JjAv52DoaUn7ylu93wg0RoagORLgnXrUTodY21e2dDR
YPW1FrhOim1ZpBf/s6q/escSq6SLZCYMbIEBkr+EQWWQBhlVYAeqfuY8NxxSPxyU
vnl5nd7ODYBIbZ4nTO/mtbCKC8b7Kl7zOv6x7DaO3H0hDG380gOD19VTTTXNQEAd
icURt5cQ8bjnIdvpbqx0yXeolJwtZzDP5w4Htl80g1uj0NqKGaO/65wfrQIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFKK29qMv0u9/1HiIUOli0AUGGGPjMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvb3JiMm95X1M3M19VZUloUTZXTFFCUVlZWS1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgasEAgABMIGkAwQA
BZquAwQCLV8YAwQCLZBYAwQCLZUcAwQCLZzgAwQCTfaYAwQAUPYeAwQAVmm3AwQA
V+/+AwQAWSP5AwQAWSgYAwQAWSzNAwQAW+TYAwQAXi7OAwQAuST+AwQAuWCiAwQB
uWxoAwQCuZgkAwQCuZj4AwQAuZmXAwQCuaAsAwQAuaZUMAwDBAC5vD0DBAa5vAAD
BAK52UADBAC8d5oDBADDL8IwPgQCAAIwOAMFACoBR0ADBQMqBSjAAwUDKgX0wAMF
AyoGMEADBQMqBkbAAwUDKgZKAAMFAyoGUAADBQMqBlcAMA0GCSqGSIb3DQEBCwUA
A4IBAQCLnJY89Y9YfUi7g4TL1JrEjr5uiSu7pKgQvG9aJIFHKQKlLSO7WgOdrJXW
AuJeld58IFYMjPhsvjbN3PdrHmkhHFxAhsfWVHHhSyAXZsYk7TAplylRcr8aqjvk
bM+uQePWiN8YamvhpfzdcI/txNyezq6VyLwRE8rH2OYRmdeTJ/MPvmhz+xLN/N5i
a7KsXujFNMj0pCaFlnN7MzV8MK0Fvqmx6B6G8Q3gJs1X9kwKviqRyOkRV6p7As8r
1btw9gi447dh+QshQ0ZijG0+Yus+5sVcrV39RrMFBH5ey1X9a705CI3ULyWRweln
0yx2+w1ZVVuGgSZA1WsdoZC/xe1u
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:36 2025 by rpki-client