Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/pq8EchlP2ZDzLkm2uuSkvzQioks.roa
File: pq8EchlP2ZDzLkm2uuSkvzQioks.roa (raw, json)
Hash identifier: IxtCTQ1WanlFTjfx1F2emEAMXZ0fFdzsFDPtiNYHzks=
Subject key identifier: A6:AF:04:72:19:4F:D9:90:F3:2E:49:B6:BA:E4:A4:BF:34:22:A2:4B
Certificate issuer: /CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Certificate serial: 0186B67E120A039E7D2A4CE68714E02F4E2B
Authority key identifier: 63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/pq8EchlP2ZDzLkm2uuSkvzQioks.roa
Signing time: Mon 06 Mar 2023 10:36:00 +0000
ROA not before: Mon 06 Mar 2023 10:36:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29405
IP address blocks: 185.176.72.0/22 maxlen: 22
46.229.230.0/24 maxlen: 24
81.89.48.0/20 maxlen: 20
86.110.224.0/19 maxlen: 19
176.109.56.0/21 maxlen: 21
86.110.229.0/24 maxlen: 24
92.240.230.0/24 maxlen: 24
92.240.229.0/24 maxlen: 24
92.240.228.0/24 maxlen: 24
92.240.231.0/24 maxlen: 24
92.240.234.0/24 maxlen: 24
92.240.237.0/24 maxlen: 24
92.240.236.0/24 maxlen: 24
92.240.235.0/24 maxlen: 24
92.240.241.0/24 maxlen: 24
92.240.244.0/24 maxlen: 24
92.240.242.0/24 maxlen: 24
92.240.245.0/24 maxlen: 24
92.240.253.0/24 maxlen: 24
92.240.249.0/24 maxlen: 24
92.240.254.0/24 maxlen: 24
217.73.16.0/24 maxlen: 24
217.73.16.0/20 maxlen: 20
217.73.17.0/24 maxlen: 24
93.184.64.0/20 maxlen: 24
93.184.77.0/24 maxlen: 24
46.229.224.0/20 maxlen: 20
109.74.144.0/20 maxlen: 20
2a01:390::/32 maxlen: 32
2a00:10d8::/32 maxlen: 32
2a00:10d8:10::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b6:7e:12:0a:03:9e:7d:2a:4c:e6:87:14:e0:2f:4e:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Validity
Not Before: Mar 6 10:36:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6af0472194fd990f32e49b6bae4a4bf3422a24b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:09:5b:87:e8:f4:89:0b:ea:87:9a:6d:30:e4:
20:de:f2:f3:9a:ff:76:7c:c4:c6:ec:c6:c1:02:60:
94:ed:64:f8:ab:03:02:14:d0:7e:da:99:a0:40:30:
0c:b0:b4:8f:81:6e:b2:c1:d5:0a:35:5c:ab:d5:d5:
a1:2a:1a:6d:33:79:d4:8f:e4:9b:2e:88:b2:d6:af:
a9:4e:4b:da:11:bd:21:76:5b:b0:b5:56:6f:5b:fe:
06:c6:6f:43:6c:05:c4:f3:72:b3:c3:ea:6f:f4:5d:
e6:d7:0c:63:9d:86:3a:8c:d9:e0:b9:5f:73:87:e4:
27:eb:0f:0b:cf:99:3c:d4:60:26:5f:70:63:ce:fa:
de:9b:60:67:30:c4:1c:06:91:03:3a:37:7b:d5:f6:
c2:c9:98:a1:3f:44:7d:2f:f1:2b:5b:50:28:8f:49:
17:1b:f8:72:36:5b:e2:47:6f:68:2f:34:05:72:ae:
ea:60:67:16:26:78:06:47:7b:72:71:1b:8d:ac:e0:
8c:ca:1e:5c:ed:c2:0e:20:40:10:8d:a9:0d:70:74:
60:72:1b:19:ce:ed:ed:e3:01:f8:6d:88:2c:e8:6b:
c0:83:7c:d6:fd:6f:9c:7a:84:05:5b:45:54:12:52:
ff:9d:d2:98:d0:3c:35:d7:6d:5d:33:12:ea:98:a5:
e3:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:AF:04:72:19:4F:D9:90:F3:2E:49:B6:BA:E4:A4:BF:34:22:A2:4B
X509v3 Authority Key Identifier:
keyid:63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/pq8EchlP2ZDzLkm2uuSkvzQioks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/Y9nR2VwetxbugZUEWnfLohgdeew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.224.0/20
81.89.48.0/20
86.110.224.0/19
92.240.228.0/22
92.240.234.0-92.240.237.255
92.240.241.0-92.240.242.255
92.240.244.0/23
92.240.249.0/24
92.240.253.0-92.240.254.255
93.184.64.0/20
109.74.144.0/20
176.109.56.0/21
185.176.72.0/22
217.73.16.0/20
IPv6:
2a00:10d8::/32
2a01:390::/32
Signature Algorithm: sha256WithRSAEncryption
89:54:c2:0f:73:51:4d:db:e2:be:1f:a7:54:c4:80:dc:44:6b:
35:e0:24:cb:d0:92:c5:81:95:18:a9:0b:e3:69:cd:8a:8e:f2:
ad:de:eb:ba:a4:15:0c:19:d4:46:3d:69:47:bf:2e:15:18:ec:
4a:a1:88:df:ad:14:87:86:9a:76:aa:5e:3c:5c:da:91:09:9e:
bc:e4:27:3a:2f:39:3b:59:8b:4d:29:f5:75:bd:6d:97:ef:77:
8c:62:2e:f4:3d:9b:2a:1f:88:b3:0e:c5:7d:5f:70:dd:8c:7b:
5e:ad:08:92:00:56:bf:77:f1:1d:ae:93:10:22:05:20:0a:f0:
90:0f:d3:3a:a2:33:b2:fc:19:b4:bd:c2:ea:58:6a:ba:dc:a0:
9f:f2:f0:35:9d:b2:a9:f6:66:17:e9:b7:90:37:23:aa:dc:f9:
03:cd:e1:fb:8c:2c:b1:cf:bb:fd:d2:98:9a:50:00:6f:50:97:
64:7c:8d:51:a7:4a:03:b1:37:86:c1:f4:45:30:bf:5f:49:45:
44:b9:05:ee:00:62:36:92:7f:78:a1:8c:69:16:ed:1f:54:a3:
09:f2:1d:66:cb:e9:ec:d2:f6:31:f5:d6:8e:d5:56:6c:4f:af:
be:78:0f:dd:f6:3c:24:bd:7c:44:41:f1:ef:c0:92:5c:d1:3c:
86:df:19:67
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYa2fhIKA559KkzmhxTgL04rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZDlkMWQ5NWMxZWI3MTZlZTgxOTUwNDVhNzdjYmEyMTgx
ZDc5ZWMwHhcNMjMwMzA2MTAzNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmFmMDQ3MjE5NGZkOTkwZjMyZTQ5YjZiYWU0YTRiZjM0MjJhMjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8glbh+j0iQvqh5ptMOQg3vLzmv92
fMTG7MbBAmCU7WT4qwMCFNB+2pmgQDAMsLSPgW6ywdUKNVyr1dWhKhptM3nUj+Sb
Loiy1q+pTkvaEb0hdluwtVZvW/4Gxm9DbAXE83Kzw+pv9F3m1wxjnYY6jNnguV9z
h+Qn6w8Lz5k81GAmX3Bjzvrem2BnMMQcBpEDOjd71fbCyZihP0R9L/ErW1Aoj0kX
G/hyNlviR29oLzQFcq7qYGcWJngGR3tycRuNrOCMyh5c7cIOIEAQjakNcHRgchsZ
zu3t4wH4bYgs6GvAg3zW/W+ceoQFW0VUElL/ndKY0Dw1121dMxLqmKXjiwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFKavBHIZT9mQ8y5JtrrkpL80IqJLMB8GA1UdIwQY
MBaAFGPZ0dlcHrcW7oGVBFp3y6IYHXnsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDIt
ZDgwYzZiODVjZGE0LzEvcHE4RWNobFAyWkR6TGttMnV1U2t2elFpb2tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDItZDgwYzZiODVjZGE0
LzEvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijByBAIAATBsAwQELuXg
AwQEUVkwAwQFVm7gAwQCXPDkMAwDBAFc8OoDBAFc8OwwDAMEAFzw8QMEAFzw8gME
AVzw9AMEAFzw+TAMAwQAXPD9AwQAXPD+AwQEXbhAAwQEbUqQAwQDsG04AwQCubBI
AwQE2UkQMBQEAgACMA4DBQAqABDYAwUAKgEDkDANBgkqhkiG9w0BAQsFAAOCAQEA
iVTCD3NRTdvivh+nVMSA3ERrNeAky9CSxYGVGKkL42nNio7yrd7ruqQVDBnURj1p
R78uFRjsSqGI360Uh4aadqpePFzakQmevOQnOi85O1mLTSn1db1tl+93jGIu9D2b
Kh+Isw7FfV9w3Yx7Xq0IkgBWv3fxHa6TECIFIArwkA/TOqIzsvwZtL3C6lhqutyg
n/LwNZ2yqfZmF+m3kDcjqtz5A83h+4wssc+7/dKYmlAAb1CXZHyNUadKA7E3hsH0
RTC/X0lFRLkF7gBiNpJ/eKGMaRbtH1SjCfIdZsvp7NL2MfXWjtVWbE+vvngP3fY8
JL18REHx78CSXNE8ht8ZZw==
-----END CERTIFICATE-----
Generated at Sun Jun 15 07:41:09 2025 by rpki-client