Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/SDJB8-lNqa6LzLjKArmRKYNlW5M.roa
File: SDJB8-lNqa6LzLjKArmRKYNlW5M.roa (raw, json)
Hash identifier: nYRnqDOYcWHXoZKWLvcxA7U6lUY+V+WUlXleusPHIHo=
Subject key identifier: 48:32:41:F3:E9:4D:A9:AE:8B:CC:B8:CA:02:B9:91:29:83:65:5B:93
Certificate issuer: /CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Certificate serial: 0186C068D2EAB704B80DE9FC8DE24486000B
Authority key identifier: 63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/SDJB8-lNqa6LzLjKArmRKYNlW5M.roa
Signing time: Wed 08 Mar 2023 08:49:00 +0000
ROA not before: Wed 08 Mar 2023 08:49:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29405
IP address blocks: 185.176.72.0/22 maxlen: 22
46.229.230.0/24 maxlen: 24
81.89.48.0/20 maxlen: 24
86.110.224.0/19 maxlen: 24
176.109.56.0/21 maxlen: 21
86.110.229.0/24 maxlen: 24
92.240.230.0/24 maxlen: 24
92.240.229.0/24 maxlen: 24
92.240.228.0/24 maxlen: 24
92.240.231.0/24 maxlen: 24
92.240.234.0/24 maxlen: 24
92.240.237.0/24 maxlen: 24
92.240.236.0/24 maxlen: 24
92.240.235.0/24 maxlen: 24
92.240.241.0/24 maxlen: 24
92.240.244.0/24 maxlen: 24
92.240.242.0/24 maxlen: 24
92.240.245.0/24 maxlen: 24
92.240.253.0/24 maxlen: 24
92.240.249.0/24 maxlen: 24
92.240.254.0/24 maxlen: 24
217.73.16.0/24 maxlen: 24
217.73.16.0/20 maxlen: 24
217.73.17.0/24 maxlen: 24
93.184.64.0/20 maxlen: 24
46.229.224.0/20 maxlen: 24
109.74.144.0/20 maxlen: 24
2a01:390::/32 maxlen: 64
2a00:10d8::/32 maxlen: 64
2a00:10d8:10::/48 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c0:68:d2:ea:b7:04:b8:0d:e9:fc:8d:e2:44:86:00:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Validity
Not Before: Mar 8 08:49:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=483241f3e94da9ae8bccb8ca02b9912983655b93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:05:97:a8:30:89:48:a2:b1:39:17:ab:17:02:
52:15:ad:79:ec:d9:95:cf:63:f5:b4:4a:c7:d9:b2:
c0:b2:71:29:0d:c1:29:98:5f:88:31:3c:63:0b:16:
d4:94:c4:d6:83:96:c7:04:c8:74:df:f4:17:f2:8c:
e3:c4:de:51:42:b8:55:fa:bf:34:25:78:49:b1:fa:
dc:d7:43:11:12:3c:57:7a:31:b4:3c:67:66:96:56:
0e:33:23:d4:82:2b:92:87:78:cc:08:c8:d9:b1:fc:
c9:58:e7:2a:71:e4:18:02:1f:ef:2b:b7:33:1f:9e:
04:3e:08:fd:f2:22:81:09:ea:3e:e0:ac:8f:2b:4b:
8b:ec:98:89:2b:0e:ad:69:d3:98:ad:7d:be:09:7d:
13:7a:8f:72:23:32:92:f5:8f:b9:c4:1d:a2:ca:72:
91:b4:31:cc:a5:49:9b:f2:35:bc:b4:db:aa:60:24:
32:a6:3b:a2:69:be:10:45:35:8d:af:63:06:b1:f4:
73:25:85:90:56:bc:01:03:a7:90:56:78:e8:1a:b0:
61:cf:6f:91:61:b3:f1:c7:0e:d7:24:83:79:40:1a:
3b:7e:51:ab:20:f1:77:52:86:df:e6:61:50:87:a4:
8f:10:19:00:d7:31:35:36:1d:67:38:21:1f:b0:dc:
73:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:32:41:F3:E9:4D:A9:AE:8B:CC:B8:CA:02:B9:91:29:83:65:5B:93
X509v3 Authority Key Identifier:
keyid:63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/SDJB8-lNqa6LzLjKArmRKYNlW5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/Y9nR2VwetxbugZUEWnfLohgdeew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.224.0/20
81.89.48.0/20
86.110.224.0/19
92.240.228.0/22
92.240.234.0-92.240.237.255
92.240.241.0-92.240.242.255
92.240.244.0/23
92.240.249.0/24
92.240.253.0-92.240.254.255
93.184.64.0/20
109.74.144.0/20
176.109.56.0/21
185.176.72.0/22
217.73.16.0/20
IPv6:
2a00:10d8::/32
2a01:390::/32
Signature Algorithm: sha256WithRSAEncryption
0a:52:ff:e2:55:d5:93:d8:b1:30:aa:c0:dd:1d:06:f2:f8:23:
7f:77:4e:3a:1a:dd:ad:57:5d:35:e1:f6:99:a1:ff:02:f0:6c:
39:8d:dd:92:d5:85:e0:9c:3a:ec:56:96:b4:eb:fe:0d:d0:57:
a0:14:00:f1:ab:e5:3e:9e:c2:b6:41:2a:3b:99:4d:5c:d2:d4:
68:2f:85:cd:b2:db:96:01:cd:31:b9:b8:e4:e1:6c:1b:55:0e:
9f:8c:49:98:0f:f7:67:01:a2:20:a2:dc:59:49:f0:f9:2a:aa:
59:7b:f2:ff:ba:fc:eb:0f:79:51:64:eb:35:ca:b7:e0:c7:f8:
85:45:ee:b6:36:ea:5e:3d:9c:6a:d0:ae:51:be:f8:f9:88:72:
d1:d4:7f:e2:2f:b3:d0:a2:6d:65:41:23:30:c3:ad:8b:09:db:
6d:8b:65:d7:68:f0:2c:5c:b4:bb:8e:49:f1:7d:c8:27:85:6c:
2a:a9:00:05:bf:c1:f7:fd:4f:01:99:8f:f2:bc:42:63:12:d9:
69:23:d9:a6:d4:c2:18:6e:ea:57:f8:81:6d:3a:89:d2:fa:20:
8e:95:2f:90:e7:60:7f:f3:af:ac:87:a6:c3:83:21:3e:76:9a:
c1:e5:f4:4b:18:2c:b4:d7:99:4c:a0:e7:7c:56:47:53:8f:f5:
0f:5c:43:91
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYbAaNLqtwS4Den8jeJEhgALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZDlkMWQ5NWMxZWI3MTZlZTgxOTUwNDVhNzdjYmEyMTgx
ZDc5ZWMwHhcNMjMwMzA4MDg0OTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODMyNDFmM2U5NGRhOWFlOGJjY2I4Y2EwMmI5OTEyOTgzNjU1YjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwWXqDCJSKKxORerFwJSFa157NmV
z2P1tErH2bLAsnEpDcEpmF+IMTxjCxbUlMTWg5bHBMh03/QX8ozjxN5RQrhV+r80
JXhJsfrc10MREjxXejG0PGdmllYOMyPUgiuSh3jMCMjZsfzJWOcqceQYAh/vK7cz
H54EPgj98iKBCeo+4KyPK0uL7JiJKw6tadOYrX2+CX0Teo9yIzKS9Y+5xB2iynKR
tDHMpUmb8jW8tNuqYCQypjuiab4QRTWNr2MGsfRzJYWQVrwBA6eQVnjoGrBhz2+R
YbPxxw7XJIN5QBo7flGrIPF3Uobf5mFQh6SPEBkA1zE1Nh1nOCEfsNxzzwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFEgyQfPpTamui8y4ygK5kSmDZVuTMB8GA1UdIwQY
MBaAFGPZ0dlcHrcW7oGVBFp3y6IYHXnsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDIt
ZDgwYzZiODVjZGE0LzEvU0RKQjgtbE5xYTZMekxqS0FybVJLWU5sVzVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDItZDgwYzZiODVjZGE0
LzEvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijByBAIAATBsAwQELuXg
AwQEUVkwAwQFVm7gAwQCXPDkMAwDBAFc8OoDBAFc8OwwDAMEAFzw8QMEAFzw8gME
AVzw9AMEAFzw+TAMAwQAXPD9AwQAXPD+AwQEXbhAAwQEbUqQAwQDsG04AwQCubBI
AwQE2UkQMBQEAgACMA4DBQAqABDYAwUAKgEDkDANBgkqhkiG9w0BAQsFAAOCAQEA
ClL/4lXVk9ixMKrA3R0G8vgjf3dOOhrdrVddNeH2maH/AvBsOY3dktWF4Jw67FaW
tOv+DdBXoBQA8avlPp7CtkEqO5lNXNLUaC+FzbLblgHNMbm45OFsG1UOn4xJmA/3
ZwGiIKLcWUnw+SqqWXvy/7r86w95UWTrNcq34Mf4hUXutjbqXj2catCuUb74+Yhy
0dR/4i+z0KJtZUEjMMOtiwnbbYtl12jwLFy0u45J8X3IJ4VsKqkABb/B9/1PAZmP
8rxCYxLZaSPZptTCGG7qV/iBbTqJ0vogjpUvkOdgf/OvrIemw4MhPnaaweX0Sxgs
tNeZTKDnfFZHU4/1D1xDkQ==
-----END CERTIFICATE-----
Generated at Sun Jun 15 07:26:34 2025 by rpki-client