Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/0Sp-q3b284OEov74B8gxO_6XIb4.roa
File: 0Sp-q3b284OEov74B8gxO_6XIb4.roa (raw, json)
Hash identifier: qj5S5MF8ej5ejPhZoutz+NKF8/I0NMC7iKEeRt2zTck=
Subject key identifier: D1:2A:7E:AB:76:F6:F3:83:84:A2:FE:F8:07:C8:31:3B:FE:97:21:BE
Certificate issuer: /CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Certificate serial: 018BD0E9FC76FA2E032F7865509019D792C6
Authority key identifier: 01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/0Sp-q3b284OEov74B8gxO_6XIb4.roa
Signing time: Wed 15 Nov 2023 02:57:57 +0000
ROA not before: Wed 15 Nov 2023 02:57:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23764
IP address blocks: 5.10.136.112/29 maxlen: 29
95.130.192.0/24 maxlen: 24
95.130.199.0/24 maxlen: 24
95.130.194.0/24 maxlen: 24
5.154.128.0/24 maxlen: 24
5.154.129.0/24 maxlen: 24
5.10.141.8/30 maxlen: 30
5.10.141.136/30 maxlen: 30
5.154.144.0/24 maxlen: 24
5.154.145.0/24 maxlen: 24
5.154.146.0/24 maxlen: 24
5.154.147.0/24 maxlen: 24
5.154.158.0/24 maxlen: 24
5.154.159.0/24 maxlen: 24
5.154.154.0/24 maxlen: 24
5.154.155.0/24 maxlen: 24
5.154.156.0/24 maxlen: 24
5.154.157.0/24 maxlen: 24
87.120.16.0/24 maxlen: 24
87.120.17.0/24 maxlen: 24
87.120.23.0/24 maxlen: 24
87.120.24.0/24 maxlen: 24
87.120.18.0/24 maxlen: 24
87.120.19.0/24 maxlen: 24
87.120.20.0/24 maxlen: 24
87.120.21.0/24 maxlen: 24
87.120.22.0/24 maxlen: 24
87.120.25.0/24 maxlen: 24
87.120.26.0/24 maxlen: 24
87.120.27.0/24 maxlen: 24
145.14.80.0/24 maxlen: 24
145.14.83.0/24 maxlen: 24
145.14.85.0/24 maxlen: 24
145.14.87.0/24 maxlen: 24
145.14.89.0/24 maxlen: 24
145.14.91.0/24 maxlen: 24
145.14.92.0/24 maxlen: 24
145.14.93.0/24 maxlen: 24
79.139.0.0/24 maxlen: 24
79.139.1.0/24 maxlen: 24
79.139.2.0/24 maxlen: 24
79.139.3.0/24 maxlen: 24
79.139.4.0/24 maxlen: 24
79.139.6.0/24 maxlen: 24
79.139.7.0/24 maxlen: 24
79.139.8.0/24 maxlen: 24
79.139.9.0/24 maxlen: 24
79.139.10.0/24 maxlen: 24
79.139.11.0/24 maxlen: 24
79.139.5.0/24 maxlen: 24
79.139.13.0/24 maxlen: 24
79.139.14.0/24 maxlen: 24
79.139.12.0/24 maxlen: 24
5.10.136.208/30 maxlen: 30
145.14.66.0/24 maxlen: 24
145.14.68.0/24 maxlen: 24
145.14.70.0/24 maxlen: 24
145.14.73.0/24 maxlen: 24
145.14.76.0/24 maxlen: 24
145.14.77.0/24 maxlen: 24
145.14.78.0/24 maxlen: 24
2a04:f581:a00e:a004::/64 maxlen: 64
2a04:f581:a00f::/48 maxlen: 48
2a04:f581:a00e:a003::/64 maxlen: 64
2a04:f581:110b::/48 maxlen: 48
2a04:f581:81b0::/48 maxlen: 48
2a04:f581:80b0::/48 maxlen: 48
2a04:f581:82b0::/48 maxlen: 48
2a04:f581:8170::/48 maxlen: 48
2a04:f581:8270::/48 maxlen: 48
2a04:f581:8070::/48 maxlen: 48
2a04:f580:9210::/48 maxlen: 48
2a04:f581:110a::/48 maxlen: 48
2a04:f581:8240::/48 maxlen: 48
2a04:f581:8040::/48 maxlen: 48
2a04:f581:8140::/48 maxlen: 48
2a04:f580:9030:100::/56 maxlen: 56
2a04:f581:a00e:a002::/64 maxlen: 64
2a04:f581:a00e:a001::/64 maxlen: 64
2a04:f581:8190::/48 maxlen: 48
2a04:f581:8290::/48 maxlen: 48
2a04:f581:8090::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d0:e9:fc:76:fa:2e:03:2f:78:65:50:90:19:d7:92:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Validity
Not Before: Nov 15 02:57:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d12a7eab76f6f38384a2fef807c8313bfe9721be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:18:62:50:c3:f9:90:93:7b:be:fe:ea:ce:23:
49:89:99:76:a0:e7:1d:99:6e:f6:20:7c:b1:56:80:
af:2e:56:66:cc:d9:8c:26:07:d0:33:6e:c8:88:c5:
22:f6:e7:1d:8c:fd:91:08:cf:25:ec:5a:90:a2:12:
73:da:25:9d:4d:22:50:ea:b6:92:3b:5c:aa:3a:73:
e5:32:f0:42:2c:67:fb:19:5a:0a:f8:f9:e1:26:e6:
b8:44:ca:d5:6e:cc:83:a6:fe:61:df:22:61:c5:de:
ac:c4:b6:2c:dc:e5:1b:86:f9:8f:9b:22:fa:48:90:
30:7c:d9:80:5e:ce:c5:0e:6a:c5:35:37:78:85:c0:
3b:5c:57:71:e2:68:da:b7:8b:b3:30:46:bd:c7:78:
f5:d8:a9:a0:f0:1b:de:34:fa:c2:5e:f2:1c:87:7c:
4e:e9:5f:7d:a3:3b:d4:0b:c8:bf:3a:a0:42:c5:e6:
ef:0d:9f:46:24:85:e4:9f:b4:e7:60:e0:5d:2e:0b:
7d:1b:ac:de:0e:04:2b:05:f4:11:b3:fd:b6:e5:70:
5b:96:ae:76:db:3b:fc:27:8c:d5:e9:0c:22:c3:3f:
8d:57:ef:41:35:d7:1c:9f:5f:03:f5:c1:b1:35:29:
4f:a2:0c:09:e1:13:5f:f2:34:1e:a0:15:95:98:3e:
4c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:2A:7E:AB:76:F6:F3:83:84:A2:FE:F8:07:C8:31:3B:FE:97:21:BE
X509v3 Authority Key Identifier:
keyid:01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/0Sp-q3b284OEov74B8gxO_6XIb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.136.112/29
5.10.136.208/30
5.10.141.8/30
5.10.141.136/30
5.154.128.0/23
5.154.144.0/22
5.154.154.0-5.154.159.255
79.139.0.0-79.139.14.255
87.120.16.0-87.120.27.255
95.130.192.0/24
95.130.194.0/24
95.130.199.0/24
145.14.66.0/24
145.14.68.0/24
145.14.70.0/24
145.14.73.0/24
145.14.76.0-145.14.78.255
145.14.80.0/24
145.14.83.0/24
145.14.85.0/24
145.14.87.0/24
145.14.89.0/24
145.14.91.0-145.14.93.255
IPv6:
2a04:f580:9030:100::/56
2a04:f580:9210::/48
2a04:f581:110a::/47
2a04:f581:8040::/48
2a04:f581:8070::/48
2a04:f581:8090::/48
2a04:f581:80b0::/48
2a04:f581:8140::/48
2a04:f581:8170::/48
2a04:f581:8190::/48
2a04:f581:81b0::/48
2a04:f581:8240::/48
2a04:f581:8270::/48
2a04:f581:8290::/48
2a04:f581:82b0::/48
2a04:f581:a00e:a001::-2a04:f581:a00e:a004:ffff:ffff:ffff:ffff
2a04:f581:a00f::/48
Signature Algorithm: sha256WithRSAEncryption
61:24:da:48:df:27:3c:7c:4c:04:e4:63:56:fd:6d:ad:00:ca:
a5:10:61:c5:fe:c5:da:f1:e4:4f:a3:da:b4:fe:75:77:f5:4d:
83:79:b2:1b:75:de:cf:25:72:a3:08:a8:64:3a:04:67:56:db:
8f:b8:a0:2f:a5:4d:ff:fe:f1:02:ee:b5:d4:27:99:77:b6:82:
8d:61:90:77:f2:e9:cf:79:84:f0:78:98:2b:3a:7c:1c:20:33:
b2:da:e5:c9:04:b3:00:97:c9:9a:01:f5:59:4d:38:04:98:6c:
7c:00:9d:ce:d5:8b:09:0f:93:ba:91:99:c1:63:0b:80:9f:f1:
f3:21:4f:2c:f0:8e:2d:11:c7:48:31:4c:4c:ba:75:8e:b7:30:
bd:af:fa:99:f6:e3:cd:9e:4c:ac:00:8a:1c:13:b6:21:36:cd:
eb:1f:4c:cd:87:cf:52:b8:14:ff:1e:fc:64:b6:2e:eb:10:82:
7c:1a:c5:0e:86:e8:5f:66:c3:07:21:d8:9a:4f:06:d0:4f:e9:
a6:57:01:89:ee:02:bd:49:96:f7:7a:36:dc:04:9d:04:65:b5:
ef:2d:fe:81:3c:ab:64:c4:dc:88:99:ee:1e:85:88:9b:10:8d:
ff:c6:f5:1c:23:1f:dd:a8:6a:0a:05:04:b4:a8:9b:e0:13:74:
6b:29:d2:b3
-----BEGIN CERTIFICATE-----
MIIGZzCCBU+gAwIBAgISAYvQ6fx2+i4DL3hlUJAZ15LGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZjNlZjNlMGVhOTVhOTc1NTM3ZDVjMjVkOTNjYjc2YWY2
ODcyMzQwHhcNMjMxMTE1MDI1NzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTJhN2VhYjc2ZjZmMzgzODRhMmZlZjgwN2M4MzEzYmZlOTcyMWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihhiUMP5kJN7vv7qziNJiZl2oOcd
mW72IHyxVoCvLlZmzNmMJgfQM27IiMUi9ucdjP2RCM8l7FqQohJz2iWdTSJQ6raS
O1yqOnPlMvBCLGf7GVoK+PnhJua4RMrVbsyDpv5h3yJhxd6sxLYs3OUbhvmPmyL6
SJAwfNmAXs7FDmrFNTd4hcA7XFdx4mjat4uzMEa9x3j12Kmg8BveNPrCXvIch3xO
6V99ozvUC8i/OqBCxebvDZ9GJIXkn7TnYOBdLgt9G6zeDgQrBfQRs/225XBblq52
2zv8J4zV6Qwiwz+NV+9BNdccn18D9cGxNSlPogwJ4RNf8jQeoBWVmD5MrQIDAQAB
o4IDczCCA28wHQYDVR0OBBYEFNEqfqt29vODhKL++AfIMTv+lyG+MB8GA1UdIwQY
MBaAFAHz7z4OqVqXVTfVwl2Ty3avaHI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEt
MzUzYjNhNjMzYWRhLzEvMFNwLXEzYjI4NE9Fb3Y3NEI4Z3hPXzZYSWI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEtMzUzYjNhNjMzYWRh
LzEvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhwYIKwYBBQUHAQcBAf8EggF2MIIBcjCBvAQCAAEwgbUD
BQMFCohwAwUCBQqI0AMFAgUKjQgDBQIFCo2IAwQBBZqAAwQCBZqQMAwDBAEFmpoD
BAUFmoAwCwMDAE+LAwQAT4sOMAwDBARXeBADBAJXeBgDBABfgsADBABfgsIDBABf
gscDBACRDkIDBACRDkQDBACRDkYDBACRDkkwDAMEApEOTAMEAJEOTgMEAJEOUAME
AJEOUwMEAJEOVQMEAJEOVwMEAJEOWTAMAwQAkQ5bAwQBkQ5cMIGwBAIAAjCBqQMI
ACoE9YCQMAEDBwAqBPWAkhADBwEqBPWBEQoDBwAqBPWBgEADBwAqBPWBgHADBwAq
BPWBgJADBwAqBPWBgLADBwAqBPWBgUADBwAqBPWBgXADBwAqBPWBgZADBwAqBPWB
gbADBwAqBPWBgkADBwAqBPWBgnADBwAqBPWBgpADBwAqBPWBgrAwFgMJACoE9YGg
DqABAwkAKgT1gaAOoAQDBwAqBPWBoA8wDQYJKoZIhvcNAQELBQADggEBAGEk2kjf
Jzx8TATkY1b9ba0AyqUQYcX+xdrx5E+j2rT+dXf1TYN5sht13s8lcqMIqGQ6BGdW
24+4oC+lTf/+8QLutdQnmXe2go1hkHfy6c95hPB4mCs6fBwgM7La5ckEswCXyZoB
9VlNOASYbHwAnc7ViwkPk7qRmcFjC4Cf8fMhTyzwji0Rx0gxTEy6dY63ML2v+pn2
482eTKwAihwTtiE2zesfTM2Hz1K4FP8e/GS2LusQgnwaxQ6G6F9mwwch2JpPBtBP
6aZXAYnuAr1Jlvd6NtwEnQRlte8t/oE8q2TE3IiZ7h6FiJsQjf/G9RwjH92oagoF
BLSom+ATdGsp0rM=
-----END CERTIFICATE-----
Generated at Tue Jun 17 01:32:16 2025 by rpki-client