Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/7e18f0-af1d-47c1-8db5-5a5233dc0ce0/1/C7HWnZwcgQx1OnuLmo-d7_9RwSc.roa
File: C7HWnZwcgQx1OnuLmo-d7_9RwSc.roa (raw, json)
Hash identifier: uzRRuXUCCdH+ag+leHDFRfkpEIHmO1kpStZgrB1SB2U=
Subject key identifier: 0B:B1:D6:9D:9C:1C:81:0C:75:3A:7B:8B:9A:8F:9D:EF:FF:51:C1:27
Certificate issuer: /CN=893afc6efe62990a26932f40e150b27eed539c4b
Certificate serial: 28B1A70F
Authority key identifier: 89:3A:FC:6E:FE:62:99:0A:26:93:2F:40:E1:50:B2:7E:ED:53:9C:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iTr8bv5imQomky9A4VCyfu1TnEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/7e18f0-af1d-47c1-8db5-5a5233dc0ce0/1/C7HWnZwcgQx1OnuLmo-d7_9RwSc.roa
Signing time: Sat 01 Jan 2022 06:02:36 +0000
ROA not before: Sat 01 Jan 2022 06:02:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34263
IP address blocks: 188.65.136.0/23 maxlen: 23
178.16.176.0/20 maxlen: 20
188.65.138.0/23 maxlen: 23
188.65.140.0/22 maxlen: 22
82.197.0.0/19 maxlen: 19
185.146.12.0/22 maxlen: 22
95.130.24.0/21 maxlen: 21
88.85.128.0/19 maxlen: 19
79.141.144.0/20 maxlen: 20
2a00:ae00::/29 maxlen: 29
2a00:ae00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 682731279 (0x28b1a70f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=893afc6efe62990a26932f40e150b27eed539c4b
Validity
Not Before: Jan 1 06:02:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0bb1d69d9c1c810c753a7b8b9a8f9defff51c127
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:12:e2:d3:f3:7d:c6:84:7c:52:14:aa:5b:53:
c4:74:85:e9:55:ee:54:5d:e3:49:ad:44:09:20:07:
ad:eb:4d:56:c2:8b:d8:6d:82:90:2f:09:93:46:e7:
10:91:06:ec:70:56:73:c4:dc:ec:9d:8b:de:1a:a4:
a7:68:7b:54:4d:ae:2d:d8:4c:0c:36:4c:ed:4a:88:
21:55:78:bc:f7:e1:b8:1f:7d:f9:b3:64:7f:33:c0:
ce:09:52:3c:ff:c3:db:f9:9d:78:ad:5b:ef:80:3b:
d1:9a:c0:d7:41:6f:c2:26:2c:6c:60:0c:1e:87:5d:
ed:d9:22:1f:77:04:f5:b5:a4:51:e1:c3:0e:fc:a2:
d2:5e:e6:54:b8:83:4f:93:60:aa:32:14:6e:ab:bd:
13:2b:bc:56:69:cf:4f:cd:00:86:34:52:1c:a8:76:
ed:5b:4a:8a:1f:d4:dd:de:71:9e:95:8c:df:8b:3a:
bc:a3:02:0b:bc:9f:8a:69:d1:0e:d1:c3:31:91:50:
ec:f3:c1:ec:0a:04:6c:64:19:50:bd:ef:0e:e6:28:
a3:a4:a3:c7:ae:21:fb:05:62:8b:4f:c8:f2:9b:56:
64:90:45:32:bf:0f:cc:40:73:ba:ce:05:7f:23:ad:
61:88:67:16:82:f1:11:d8:9b:a8:14:11:52:4a:ff:
d5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:B1:D6:9D:9C:1C:81:0C:75:3A:7B:8B:9A:8F:9D:EF:FF:51:C1:27
X509v3 Authority Key Identifier:
keyid:89:3A:FC:6E:FE:62:99:0A:26:93:2F:40:E1:50:B2:7E:ED:53:9C:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iTr8bv5imQomky9A4VCyfu1TnEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7e18f0-af1d-47c1-8db5-5a5233dc0ce0/1/C7HWnZwcgQx1OnuLmo-d7_9RwSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7e18f0-af1d-47c1-8db5-5a5233dc0ce0/1/iTr8bv5imQomky9A4VCyfu1TnEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.141.144.0/20
82.197.0.0/19
88.85.128.0/19
95.130.24.0/21
178.16.176.0/20
185.146.12.0/22
188.65.136.0/21
IPv6:
2a00:ae00::/29
Signature Algorithm: sha256WithRSAEncryption
be:71:e5:fe:43:61:dc:06:43:45:dc:4e:64:4b:8f:7e:e9:73:
e5:39:6b:5e:3a:cd:80:44:5a:7b:ed:69:6e:47:1a:c2:b6:08:
c5:16:88:1c:3c:ba:e4:fc:87:08:b5:6d:c2:55:ed:01:73:d2:
20:22:25:00:f3:36:87:cf:12:fb:63:90:62:a3:b3:78:87:0f:
a1:52:66:79:11:65:2b:25:52:7e:81:c8:19:5a:d8:f7:83:b0:
f9:c0:84:b9:ce:6e:4d:c9:d8:19:1b:2c:70:2e:fc:95:90:ad:
c3:6d:73:38:82:6c:5f:b7:bc:0b:2c:f5:36:51:61:f8:d7:a6:
8e:e8:91:44:d1:de:dc:50:88:84:ed:a9:fe:b9:a9:09:be:d0:
be:ee:e6:50:ab:b9:72:fe:61:d7:89:b4:65:29:f8:e0:37:5c:
a1:0c:e1:af:cd:c8:01:75:cb:7f:38:55:95:a4:f0:13:3d:97:
61:2a:2c:09:0c:69:d3:4e:ef:8e:4f:61:57:43:c7:60:1e:c7:
74:b9:89:5f:7c:6d:89:d3:a5:7c:9f:7c:aa:e9:1c:2d:87:a7:
5f:29:de:60:15:05:3e:8a:36:59:8b:69:40:6c:b7:ff:99:10:
0a:af:be:45:12:d6:66:8d:c5:fe:67:40:2d:60:23:a2:29:02:
49:81:91:bb
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEKLGnDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OTNhZmM2ZWZlNjI5OTBhMjY5MzJmNDBlMTUwYjI3ZWVkNTM5YzRiMB4XDTIyMDEw
MTA2MDIzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGJiMWQ2OWQ5YzFj
ODEwYzc1M2E3YjhiOWE4ZjlkZWZmZjUxYzEyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJMS4tPzfcaEfFIUqltTxHSF6VXuVF3jSa1ECSAHretNVsKL
2G2CkC8Jk0bnEJEG7HBWc8Tc7J2L3hqkp2h7VE2uLdhMDDZM7UqIIVV4vPfhuB99
+bNkfzPAzglSPP/D2/mdeK1b74A70ZrA10FvwiYsbGAMHodd7dkiH3cE9bWkUeHD
Dvyi0l7mVLiDT5NgqjIUbqu9Eyu8VmnPT80AhjRSHKh27VtKih/U3d5xnpWM34s6
vKMCC7yfimnRDtHDMZFQ7PPB7AoEbGQZUL3vDuYoo6Sjx64h+wVii0/I8ptWZJBF
Mr8PzEBzus4FfyOtYYhnFoLxEdibqBQRUkr/1TECAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBQLsdadnByBDHU6e4uaj53v/1HBJzAfBgNVHSMEGDAWgBSJOvxu/mKZCiaT
L0DhULJ+7VOcSzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lUcjhidjVpbVFvbWt5OUE0VkN5ZnUxVG5Fcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvN2UxOGYwLWFmMWQtNDdjMS04ZGI1LTVhNTIzM2RjMGNlMC8x
L0M3SFduWndjZ1F4MU9udUxtby1kN185UndTYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
N2UxOGYwLWFmMWQtNDdjMS04ZGI1LTVhNTIzM2RjMGNlMC8xL2lUcjhidjVpbVFv
bWt5OUE0VkN5ZnUxVG5Fcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEBE+NkAMEBVLFAAMEBVhVgAMEA1+C
GAMEBLIQsAMEArmSDAMEA7xBiDANBAIAAjAHAwUDKgCuADANBgkqhkiG9w0BAQsF
AAOCAQEAvnHl/kNh3AZDRdxOZEuPfulz5TlrXjrNgERae+1pbkcawrYIxRaIHDy6
5PyHCLVtwlXtAXPSICIlAPM2h88S+2OQYqOzeIcPoVJmeRFlKyVSfoHIGVrY94Ow
+cCEuc5uTcnYGRsscC78lZCtw21zOIJsX7e8Cyz1NlFh+NemjuiRRNHe3FCIhO2p
/rmpCb7Qvu7mUKu5cv5h14m0ZSn44DdcoQzhr83IAXXLfzhVlaTwEz2XYSosCQxp
007vjk9hV0PHYB7HdLmJX3xtidOlfJ98qukcLYenXyneYBUFPoo2WYtpQGy3/5kQ
Cq++RRLWZo3F/mdALWAjoikCSYGRuw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:13 2025 by rpki-client