Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/19511d-537e-4241-a0d8-2d91cfd7aaf4/1/C78gUDdnho_fO5A0Zuny0IL6USM.roa
File: C78gUDdnho_fO5A0Zuny0IL6USM.roa (raw, json)
Hash identifier: gYUoRdNIV7RN+NML7VrtLtkwog99d2VTncf+LNTfCPQ=
Subject key identifier: 0B:BF:20:50:37:67:86:8F:DF:3B:90:34:66:E9:F2:D0:82:FA:51:23
Certificate issuer: /CN=2ac943517f5e3b747e7530320789a03444b43912
Certificate serial: 018570674FB83D7ECA3E9DCA3990FA288F21
Authority key identifier: 2A:C9:43:51:7F:5E:3B:74:7E:75:30:32:07:89:A0:34:44:B4:39:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KslDUX9eO3R-dTAyB4mgNES0ORI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/19511d-537e-4241-a0d8-2d91cfd7aaf4/1/C78gUDdnho_fO5A0Zuny0IL6USM.roa
Signing time: Mon 02 Jan 2023 02:54:56 +0000
ROA not before: Mon 02 Jan 2023 02:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49033
IP address blocks: 185.232.160.0/22 maxlen: 24
185.171.48.0/22 maxlen: 24
185.116.144.0/22 maxlen: 24
185.238.108.0/22 maxlen: 24
185.91.92.0/22 maxlen: 24
185.166.91.0/24 maxlen: 24
185.166.89.0/24 maxlen: 24
185.166.90.0/24 maxlen: 24
185.166.90.0/23 maxlen: 24
185.166.88.0/24 maxlen: 24
185.166.88.0/22 maxlen: 22
94.46.218.0/23 maxlen: 23
94.46.216.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:4f:b8:3d:7e:ca:3e:9d:ca:39:90:fa:28:8f:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac943517f5e3b747e7530320789a03444b43912
Validity
Not Before: Jan 2 02:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0bbf20503767868fdf3b903466e9f2d082fa5123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:89:2f:0d:02:57:4d:37:01:8d:37:16:d1:a2:
71:63:7f:da:98:dc:63:78:81:87:7c:73:96:d9:57:
51:4e:dc:68:ae:4f:8f:6a:03:93:c1:c7:02:86:5f:
c9:54:07:99:c4:a2:e0:11:af:0a:31:e7:c5:57:26:
91:3b:a4:09:3a:d0:4a:84:1e:60:53:38:23:7c:9c:
10:be:41:06:12:de:b0:ae:46:9a:f7:6e:1f:ab:70:
7a:76:bc:17:45:f9:ec:ea:3f:d8:5f:39:33:ba:c3:
25:24:3e:9e:2a:c1:b1:9a:93:58:ea:75:9e:20:d4:
62:93:17:5d:4d:ac:d4:b4:52:a7:e7:05:40:f8:42:
76:e7:37:62:4e:8b:2e:2a:69:41:71:33:61:6e:3b:
34:d5:67:c3:e7:d5:cf:0b:4c:65:7c:b2:66:fe:80:
95:58:02:7c:12:0f:b3:d5:a8:3c:50:19:58:78:9e:
40:1d:84:31:f2:4f:8c:7d:68:53:98:4b:7a:1e:5c:
36:10:63:ac:17:22:d7:17:e6:cc:0c:47:0a:09:4b:
53:33:31:b4:34:eb:18:96:d6:f3:79:d4:60:03:fd:
48:7b:83:2e:7b:de:28:e8:c0:8f:a6:a7:60:3e:e3:
b4:95:6c:cf:e1:bd:d1:b0:9c:dd:f4:99:5a:de:b2:
c3:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:BF:20:50:37:67:86:8F:DF:3B:90:34:66:E9:F2:D0:82:FA:51:23
X509v3 Authority Key Identifier:
keyid:2A:C9:43:51:7F:5E:3B:74:7E:75:30:32:07:89:A0:34:44:B4:39:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KslDUX9eO3R-dTAyB4mgNES0ORI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/19511d-537e-4241-a0d8-2d91cfd7aaf4/1/C78gUDdnho_fO5A0Zuny0IL6USM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/19511d-537e-4241-a0d8-2d91cfd7aaf4/1/KslDUX9eO3R-dTAyB4mgNES0ORI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.46.216.0/22
185.91.92.0/22
185.116.144.0/22
185.166.88.0/22
185.171.48.0/22
185.232.160.0/22
185.238.108.0/22
Signature Algorithm: sha256WithRSAEncryption
18:75:53:dd:3a:0f:d0:36:ec:1a:a3:a9:b3:32:61:04:76:2f:
86:ac:4f:a2:88:14:5c:c9:d7:fd:5b:74:54:a2:8e:f9:68:24:
a2:2b:93:87:21:cb:ab:50:db:62:8b:dd:24:02:16:cb:b5:95:
57:0d:60:65:a7:d3:29:be:8b:17:6f:0d:e6:23:da:0c:0f:aa:
64:e6:84:d9:d4:87:84:ef:54:66:82:e7:e0:64:3b:c3:bd:1b:
00:45:aa:ad:79:38:52:dd:74:97:6c:bd:11:8d:b3:1b:8f:fe:
45:cd:f8:f7:40:3d:9d:23:93:70:d0:d5:94:16:41:51:db:52:
31:d0:9b:eb:ee:02:ff:c7:61:68:69:b9:2a:1c:22:1e:c5:d9:
51:1a:01:66:32:d1:54:50:51:37:8b:1e:1b:f1:ab:a5:d9:d1:
32:58:2f:6a:27:1d:1b:f1:b7:b2:78:6c:c3:24:b6:54:57:39:
c0:be:9c:8c:13:ff:5e:5f:25:eb:14:f6:cb:11:4d:a7:b4:7e:
02:ce:1a:e9:7f:64:f4:d0:58:62:c4:48:82:4b:c1:fe:2a:ab:
79:e2:21:28:f0:c3:6a:fc:b6:4e:b1:41:f2:b7:b8:37:29:35:
95:41:a2:b4:1c:1e:38:e7:5c:72:66:c2:62:54:17:c4:35:6f:
07:da:59:fa
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVwZ0+4PX7KPp3KOZD6KI8hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzk0MzUxN2Y1ZTNiNzQ3ZTc1MzAzMjA3ODlhMDM0NDRi
NDM5MTIwHhcNMjMwMTAyMDI1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmJmMjA1MDM3Njc4NjhmZGYzYjkwMzQ2NmU5ZjJkMDgyZmE1MTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIkvDQJXTTcBjTcW0aJxY3/amNxj
eIGHfHOW2VdRTtxork+PagOTwccChl/JVAeZxKLgEa8KMefFVyaRO6QJOtBKhB5g
UzgjfJwQvkEGEt6wrkaa924fq3B6drwXRfns6j/YXzkzusMlJD6eKsGxmpNY6nWe
INRikxddTazUtFKn5wVA+EJ25zdiTosuKmlBcTNhbjs01WfD59XPC0xlfLJm/oCV
WAJ8Eg+z1ag8UBlYeJ5AHYQx8k+MfWhTmEt6Hlw2EGOsFyLXF+bMDEcKCUtTMzG0
NOsYltbzedRgA/1Ie4Mue94o6MCPpqdgPuO0lWzP4b3RsJzd9Jla3rLDJQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAu/IFA3Z4aP3zuQNGbp8tCC+lEjMB8GA1UdIwQY
MBaAFCrJQ1F/Xjt0fnUwMgeJoDREtDkSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NsRFVYOWVPM1ItZFRBeUI0bWdORVMwT1JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xOTUxMWQtNTM3ZS00MjQxLWEwZDgt
MmQ5MWNmZDdhYWY0LzEvQzc4Z1VEZG5ob19mTzVBMFp1bnkwSUw2VVNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xOTUxMWQtNTM3ZS00MjQxLWEwZDgtMmQ5MWNmZDdhYWY0
LzEvS3NsRFVYOWVPM1ItZFRBeUI0bWdORVMwT1JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCXi7YAwQC
uVtcAwQCuXSQAwQCuaZYAwQCuaswAwQCueigAwQCue5sMA0GCSqGSIb3DQEBCwUA
A4IBAQAYdVPdOg/QNuwao6mzMmEEdi+GrE+iiBRcydf9W3RUoo75aCSiK5OHIcur
UNtii90kAhbLtZVXDWBlp9MpvosXbw3mI9oMD6pk5oTZ1IeE71RmgufgZDvDvRsA
RaqteThS3XSXbL0RjbMbj/5Fzfj3QD2dI5Nw0NWUFkFR21Ix0Jvr7gL/x2Foabkq
HCIexdlRGgFmMtFUUFE3ix4b8aul2dEyWC9qJx0b8beyeGzDJLZUVznAvpyME/9e
XyXrFPbLEU2ntH4Czhrpf2T00FhixEiCS8H+Kqt54iEo8MNq/LZOsUHyt7g3KTWV
QaK0HB4451xyZsJiVBfENW8H2ln6
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:19:01 2025 by rpki-client