Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/_65aGGwyijcQfXxk7gmqQtP-YRQ.roa
File: _65aGGwyijcQfXxk7gmqQtP-YRQ.roa (raw, json)
Hash identifier: wP7M39/Cu/s53QD4N2zEW/yg/RGTYLqJ4PT8i89utnQ=
Subject key identifier: FF:AE:5A:18:6C:32:8A:37:10:7D:7C:64:EE:09:AA:42:D3:FE:61:14
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018A9EB582D3BD73EFA4B3E742C629EBA5EF
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/_65aGGwyijcQfXxk7gmqQtP-YRQ.roa
Signing time: Sat 16 Sep 2023 15:56:50 +0000
ROA not before: Sat 16 Sep 2023 15:56:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198652
IP address blocks: 89.37.192.0/24 maxlen: 24
94.177.51.0/24 maxlen: 24
176.126.174.0/24 maxlen: 24
89.47.55.0/24 maxlen: 24
62.192.152.0/24 maxlen: 24
93.90.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9e:b5:82:d3:bd:73:ef:a4:b3:e7:42:c6:29:eb:a5:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 16 15:56:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ffae5a186c328a37107d7c64ee09aa42d3fe6114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:33:8d:e2:dd:0f:cc:e0:90:08:14:2c:60:35:
f0:a7:73:b1:d5:0a:d3:f2:44:a7:d8:0a:3e:00:b8:
53:46:40:65:c7:d5:ee:af:67:ce:f4:b3:cf:ee:9d:
a6:4e:22:6a:47:4a:3f:d1:8b:1c:3b:85:32:e8:31:
46:07:6d:67:ab:b3:53:4b:4f:6b:48:51:76:15:11:
da:60:41:dc:01:da:d4:2c:bd:0e:36:ed:c4:73:d9:
00:a9:c5:a9:72:78:2c:a1:ad:18:67:75:fc:d1:dd:
8b:1a:90:e1:dc:07:3f:39:0b:8d:67:cf:9c:bd:4d:
f1:a3:9a:b2:5e:28:47:11:49:a9:ae:b9:7a:b4:c0:
48:cb:02:6d:68:59:d5:eb:6a:ad:1a:07:c6:19:38:
ac:ca:3c:bb:dd:f9:fd:20:52:78:55:98:10:24:40:
78:1c:2d:3e:d3:81:a9:8c:6e:b0:56:77:33:85:6e:
d6:e3:98:e9:c7:39:8e:7b:5f:be:d3:52:51:45:fe:
f6:3a:93:df:1a:b1:72:00:b6:73:a4:ee:03:69:4f:
43:a3:9f:93:37:99:e8:e4:42:e2:0c:25:34:85:b0:
26:9e:94:cf:9d:5e:51:59:f0:aa:2c:99:0f:e2:9c:
d0:51:25:aa:0c:9e:c3:07:42:4c:34:9a:de:69:ba:
26:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:AE:5A:18:6C:32:8A:37:10:7D:7C:64:EE:09:AA:42:D3:FE:61:14
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/_65aGGwyijcQfXxk7gmqQtP-YRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.152.0/24
89.37.192.0/24
89.47.55.0/24
93.90.75.0/24
94.177.51.0/24
176.126.174.0/24
Signature Algorithm: sha256WithRSAEncryption
43:b6:ea:42:e5:28:a8:4b:3c:bf:89:3b:f1:8a:e0:e7:1a:ad:
d4:c2:8a:82:74:1b:ef:b5:82:42:74:90:78:39:ab:c4:3d:df:
fa:6b:68:c7:93:c3:6e:ce:70:55:f0:12:eb:3e:d9:cc:11:e3:
71:80:38:f5:0f:68:fe:45:da:b4:24:fc:c1:5d:ef:75:1b:71:
54:cb:99:2a:3b:d6:fc:15:af:78:ce:ee:1e:d2:7c:42:a9:d7:
06:46:93:9e:fa:15:d3:f0:f8:f1:4e:9e:48:28:e7:42:f2:77:
ca:5a:99:99:5b:0b:ef:a7:2e:a6:08:8e:ec:83:27:8d:d2:fd:
1a:17:c5:24:eb:c8:c5:47:ca:e1:2b:03:d2:a3:2a:cb:13:35:
fe:0f:b3:65:9f:36:50:dc:4b:7c:3b:c0:e6:83:60:c2:46:9f:
c9:3a:30:b0:35:71:d4:6f:21:56:de:0b:58:76:37:89:bf:65:
80:be:e8:e2:2d:bc:d0:16:f2:06:80:fc:3b:5b:fc:84:ce:ff:
db:71:de:d2:5f:a5:bd:e2:49:5a:c5:6c:b7:a7:b1:6a:a8:1f:
b6:b9:5c:95:ff:7f:aa:ad:86:4e:f3:74:c8:30:bf:50:8c:f8:
89:10:35:4f:0e:77:34:85:28:f1:a6:a9:62:d4:76:61:17:8d:
af:99:3b:12
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYqetYLTvXPvpLPnQsYp66XvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwOTE2MTU1NjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmFlNWExODZjMzI4YTM3MTA3ZDdjNjRlZTA5YWE0MmQzZmU2MTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzON4t0PzOCQCBQsYDXwp3Ox1QrT
8kSn2Ao+ALhTRkBlx9Xur2fO9LPP7p2mTiJqR0o/0YscO4Uy6DFGB21nq7NTS09r
SFF2FRHaYEHcAdrULL0ONu3Ec9kAqcWpcngsoa0YZ3X80d2LGpDh3Ac/OQuNZ8+c
vU3xo5qyXihHEUmprrl6tMBIywJtaFnV62qtGgfGGTisyjy73fn9IFJ4VZgQJEB4
HC0+04GpjG6wVnczhW7W45jpxzmOe1++01JRRf72OpPfGrFyALZzpO4DaU9Do5+T
N5no5ELiDCU0hbAmnpTPnV5RWfCqLJkP4pzQUSWqDJ7DB0JMNJreabomXwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFP+uWhhsMoo3EH18ZO4JqkLT/mEUMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvXzY1YUdHd3lpamNRZlh4azdnbXFRdFAtWVJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAPsCYAwQA
WSXAAwQAWS83AwQAXVpLAwQAXrEzAwQAsH6uMA0GCSqGSIb3DQEBCwUAA4IBAQBD
tupC5SioSzy/iTvxiuDnGq3UwoqCdBvvtYJCdJB4OavEPd/6a2jHk8NuznBV8BLr
PtnMEeNxgDj1D2j+Rdq0JPzBXe91G3FUy5kqO9b8Fa94zu4e0nxCqdcGRpOe+hXT
8PjxTp5IKOdC8nfKWpmZWwvvpy6mCI7sgyeN0v0aF8Uk68jFR8rhKwPSoyrLEzX+
D7NlnzZQ3Et8O8Dmg2DCRp/JOjCwNXHUbyFW3gtYdjeJv2WAvujiLbzQFvIGgPw7
W/yEzv/bcd7SX6W94klaxWy3p7FqqB+2uVyV/3+qrYZO83TIML9QjPiJEDVPDnc0
hSjxpqli1HZhF42vmTsS
-----END CERTIFICATE-----
Generated at Sun Jun 15 07:45:49 2025 by rpki-client