Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/232-tTl8z84bg5MMXqAxfOZrlzo.roa
File: 232-tTl8z84bg5MMXqAxfOZrlzo.roa (raw, json)
Hash identifier: KiSYqRLEDvhkeNNsLBOQqPG68L3G3L+eIv+EcUg4OD4=
Subject key identifier: DB:7D:BE:B5:39:7C:CF:CE:1B:83:93:0C:5E:A0:31:7C:E6:6B:97:3A
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 01856F949AB08F425053E4F14EC1F8FB422F
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/232-tTl8z84bg5MMXqAxfOZrlzo.roa
Signing time: Sun 01 Jan 2023 23:04:47 +0000
ROA not before: Sun 01 Jan 2023 23:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48452
IP address blocks: 94.26.83.0/24 maxlen: 24
94.26.80.0/22 maxlen: 22
94.26.81.0/24 maxlen: 24
94.26.82.0/24 maxlen: 24
94.26.91.0/24 maxlen: 24
94.26.88.0/24 maxlen: 24
94.26.92.0/24 maxlen: 24
94.26.104.0/22 maxlen: 22
94.26.105.0/24 maxlen: 24
94.26.106.0/24 maxlen: 24
94.26.107.0/24 maxlen: 24
94.26.34.0/24 maxlen: 24
94.26.35.0/24 maxlen: 24
94.26.36.0/24 maxlen: 24
94.26.32.0/21 maxlen: 21
94.26.32.0/24 maxlen: 24
94.26.33.0/24 maxlen: 24
94.26.37.0/24 maxlen: 24
94.26.41.0/24 maxlen: 24
94.26.42.0/24 maxlen: 24
94.26.43.0/24 maxlen: 24
94.26.39.0/24 maxlen: 24
94.26.48.0/24 maxlen: 24
94.26.49.0/24 maxlen: 24
94.26.50.0/24 maxlen: 24
94.26.48.0/20 maxlen: 20
94.26.51.0/24 maxlen: 24
94.26.55.0/24 maxlen: 24
94.26.56.0/24 maxlen: 24
94.26.57.0/24 maxlen: 24
94.26.52.0/24 maxlen: 24
94.26.53.0/24 maxlen: 24
94.26.54.0/24 maxlen: 24
94.26.58.0/24 maxlen: 24
94.26.62.0/24 maxlen: 24
94.26.63.0/24 maxlen: 24
94.26.59.0/24 maxlen: 24
94.26.60.0/24 maxlen: 24
94.26.61.0/24 maxlen: 24
94.26.69.0/24 maxlen: 24
94.26.70.0/24 maxlen: 24
94.26.71.0/24 maxlen: 24
94.26.68.0/24 maxlen: 24
94.26.0.0/24 maxlen: 24
94.26.0.0/22 maxlen: 22
94.26.1.0/24 maxlen: 24
94.26.3.0/24 maxlen: 24
2a00:6f40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:9a:b0:8f:42:50:53:e4:f1:4e:c1:f8:fb:42:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Jan 1 23:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db7dbeb5397ccfce1b83930c5ea0317ce66b973a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:70:3e:b6:ce:39:9b:57:4e:ed:8f:4a:eb:b1:
42:5c:7f:aa:07:ec:06:61:18:33:65:80:47:a1:a1:
95:99:91:a0:59:27:0d:4d:7c:1b:24:ed:a5:f7:84:
2b:71:06:cc:af:5c:72:92:53:38:2d:58:84:80:16:
06:c1:c8:19:86:a1:42:22:fa:19:e5:b8:5b:b2:b5:
d9:9c:2f:05:54:d7:10:20:ac:85:c7:26:b8:72:ac:
84:d0:e3:7d:99:bd:95:30:95:28:ab:6e:40:f7:f5:
45:2e:0a:68:80:fa:95:2f:ce:bd:0a:60:8e:47:c8:
5a:f5:49:3c:b2:6b:cf:8b:d1:0f:e4:10:a7:c8:dc:
93:51:6e:ea:70:23:01:40:1e:ec:c3:d6:16:b0:3d:
40:61:ee:5e:4e:67:52:e4:3e:4a:33:9b:a4:f4:83:
94:f5:68:8f:fe:ff:97:41:cc:e0:51:c2:22:77:6f:
18:38:f4:02:ad:69:dc:7a:95:82:f8:34:b9:f7:a7:
3f:52:8b:db:11:fa:aa:2c:bd:58:c4:4d:96:a5:1f:
59:e2:4f:52:51:89:1e:d7:b7:6b:05:d3:05:ec:45:
59:c6:2c:b5:65:34:c5:d2:06:50:fb:da:10:0a:f9:
72:3d:41:1d:5e:fb:b7:9e:ca:14:95:90:9f:f4:fe:
c2:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:7D:BE:B5:39:7C:CF:CE:1B:83:93:0C:5E:A0:31:7C:E6:6B:97:3A
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/232-tTl8z84bg5MMXqAxfOZrlzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.26.0.0/22
94.26.32.0/21
94.26.41.0-94.26.43.255
94.26.48.0/20
94.26.68.0/22
94.26.80.0/22
94.26.88.0/24
94.26.91.0-94.26.92.255
94.26.104.0/22
IPv6:
2a00:6f40::/32
Signature Algorithm: sha256WithRSAEncryption
b2:16:4a:84:9f:fb:96:88:ce:b6:4b:d6:e6:cb:4c:08:b5:48:
34:b6:03:a4:bd:f5:ab:ee:83:c6:47:80:be:1f:c7:34:26:dc:
6d:ea:63:79:42:78:34:88:71:7b:3c:b6:b2:0b:d9:57:bf:d7:
4b:75:2a:61:6d:9d:1d:4d:57:f7:a5:40:d1:85:1c:0e:a0:19:
80:a9:55:e9:e8:f3:c3:dd:4b:4a:7b:2f:22:70:17:9e:c3:73:
fb:0a:a9:9d:44:72:ec:51:07:26:70:4b:bf:3c:ad:09:b2:3d:
45:fe:46:66:83:76:cb:ce:75:80:87:44:09:52:f0:dd:ca:fc:
ef:f4:3e:63:3b:a5:8e:d4:d1:0a:a4:55:18:3d:fe:f0:02:01:
08:e6:d0:bf:d4:b1:5a:e5:d6:43:a8:16:6e:f8:6e:e3:4a:38:
c5:f2:47:74:33:31:1a:6f:a0:f1:11:c8:d2:e5:45:14:fc:29:
91:f5:fe:f5:50:c4:a6:3a:ea:d1:b5:d5:f0:99:3d:ac:70:38:
59:30:40:8f:8c:92:43:94:0d:32:fe:0a:1d:f9:b6:9e:cf:16:
5b:13:47:90:f5:a8:d7:b9:c8:dd:9b:68:89:b8:6f:d2:31:a6:
f1:02:47:79:14:65:19:3d:3c:09:5d:73:63:34:d8:34:22:75:
ef:d9:a0:06
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYVvlJqwj0JQU+TxTsH4+0IvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjMwMTAxMjMwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjdkYmViNTM5N2NjZmNlMWI4MzkzMGM1ZWEwMzE3Y2U2NmI5NzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknA+ts45m1dO7Y9K67FCXH+qB+wG
YRgzZYBHoaGVmZGgWScNTXwbJO2l94QrcQbMr1xyklM4LViEgBYGwcgZhqFCIvoZ
5bhbsrXZnC8FVNcQIKyFxya4cqyE0ON9mb2VMJUoq25A9/VFLgpogPqVL869CmCO
R8ha9Uk8smvPi9EP5BCnyNyTUW7qcCMBQB7sw9YWsD1AYe5eTmdS5D5KM5uk9IOU
9WiP/v+XQczgUcIid28YOPQCrWncepWC+DS596c/UovbEfqqLL1YxE2WpR9Z4k9S
UYke17drBdMF7EVZxiy1ZTTF0gZQ+9oQCvlyPUEdXvu3nsoUlZCf9P7CiwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFNt9vrU5fM/OG4OTDF6gMXzma5c6MB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEvMjMyLXRUbDh6ODRiZzVNTVhxQXhmT1pybHpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGAwQCXhoAAwQD
XhogMAwDBABeGikDBAJeGigDBAReGjADBAJeGkQDBAJeGlADBABeGlgwDAMEAF4a
WwMEAF4aXAMEAl4aaDANBAIAAjAHAwUAKgBvQDANBgkqhkiG9w0BAQsFAAOCAQEA
shZKhJ/7lojOtkvW5stMCLVINLYDpL31q+6DxkeAvh/HNCbcbepjeUJ4NIhxezy2
sgvZV7/XS3UqYW2dHU1X96VA0YUcDqAZgKlV6ejzw91LSnsvInAXnsNz+wqpnURy
7FEHJnBLvzytCbI9Rf5GZoN2y851gIdECVLw3cr87/Q+YzuljtTRCqRVGD3+8AIB
CObQv9SxWuXWQ6gWbvhu40o4xfJHdDMxGm+g8RHI0uVFFPwpkfX+9VDEpjrq0bXV
8Jk9rHA4WTBAj4ySQ5QNMv4KHfm2ns8WWxNHkPWo17nI3Ztoibhv0jGm8QJHeRRl
GT08CV1zYzTYNCJ179mgBg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:55:11 2025 by rpki-client