Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/x2vxMBFWiNklnUNqNQ4y0jtL6FE.roa
File: x2vxMBFWiNklnUNqNQ4y0jtL6FE.roa (raw, json)
Hash identifier: JysX+tDjzqWFM4mCIUo53zXT9xVaqgp7GqEcxphIidI=
Subject key identifier: C7:6B:F1:30:11:56:88:D9:25:9D:43:6A:35:0E:32:D2:3B:4B:E8:51
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018A9EB49881E90016A1B33038910CFEF16C
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/x2vxMBFWiNklnUNqNQ4y0jtL6FE.roa
Signing time: Sat 16 Sep 2023 15:55:50 +0000
ROA not before: Sat 16 Sep 2023 15:55:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 86.107.51.0/24 maxlen: 24
89.34.219.0/24 maxlen: 24
89.35.119.0/24 maxlen: 24
89.35.130.0/23 maxlen: 23
89.35.131.0/24 maxlen: 24
2.57.240.0/24 maxlen: 24
86.107.168.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
94.177.150.0/24 maxlen: 24
195.88.89.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
45.88.13.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9e:b4:98:81:e9:00:16:a1:b3:30:38:91:0c:fe:f1:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 16 15:55:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c76bf130115688d9259d436a350e32d23b4be851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:4b:99:be:61:06:2a:2a:9e:42:b8:d5:93:86:
aa:16:78:f6:ba:cd:d7:6a:c4:1c:70:5c:85:64:54:
35:76:46:87:e8:a4:59:90:c6:ec:9a:63:fd:bd:fc:
1b:9d:5c:5e:6d:8f:07:c1:b4:3d:c1:77:36:d1:88:
92:5f:69:e9:88:59:61:83:22:22:fc:7e:4e:4b:1b:
d2:55:74:43:20:8c:e4:0e:75:2f:76:56:2d:cd:34:
93:48:3e:f0:0d:aa:c5:08:63:ef:89:ea:39:83:a4:
ba:22:5f:db:be:f2:68:63:5a:76:6a:2e:2d:51:66:
b5:58:21:b4:24:2b:23:d7:70:a4:9d:9b:11:34:eb:
e0:4b:e5:1f:33:3a:35:37:da:5c:f6:ee:be:d5:01:
d6:c5:bb:43:db:e1:08:99:e9:73:ef:d5:9d:ac:55:
2f:1f:08:bc:dd:15:2f:8f:cb:7c:5b:09:47:a8:3f:
86:93:26:1d:d1:a2:a3:60:2e:4a:c7:8f:fa:4f:d0:
14:a1:bb:22:86:98:45:76:36:36:75:9a:67:43:a0:
ff:03:04:92:8b:f9:7c:7c:36:a2:43:44:20:ee:ff:
58:c5:78:63:4f:5a:f4:29:32:67:89:d3:70:cf:42:
6e:c2:e1:8b:4a:f0:b9:72:7c:46:94:5f:a0:35:da:
b7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:6B:F1:30:11:56:88:D9:25:9D:43:6A:35:0E:32:D2:3B:4B:E8:51
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/x2vxMBFWiNklnUNqNQ4y0jtL6FE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.240.0/24
45.88.13.0/24
86.107.51.0/24
86.107.168.0/24
89.34.106.0/24
89.34.219.0/24
89.35.119.0/24
89.35.130.0/23
89.47.36.0/24
94.177.150.0/24
188.214.107.0/24
195.88.89.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:ea:f5:15:16:54:0b:b3:af:ec:8d:1e:62:8d:18:74:2f:d0:
c2:1e:13:a0:ba:64:89:0c:eb:64:18:b2:2c:2f:20:de:93:a0:
4c:fc:43:f5:18:46:8d:0b:f8:63:39:53:0b:7f:19:f9:9e:cf:
47:3e:92:c4:5c:b7:b2:29:d3:ad:22:6c:af:62:04:58:4a:17:
92:e0:95:84:db:55:43:91:0c:d2:4d:e5:87:20:3f:62:d6:95:
5a:ce:e5:9b:52:c9:17:16:ee:24:32:28:a0:fc:a1:4f:8a:b9:
f0:38:97:ed:c4:fb:f9:b8:dc:fa:f7:25:aa:51:d5:66:76:fe:
c1:4e:3a:84:d5:fb:8d:a1:08:a2:af:3d:d6:d3:55:c3:b8:ae:
25:e2:38:c6:d5:e2:8b:13:47:de:c1:46:fe:ab:5c:50:79:33:
80:58:9d:ca:88:ed:c5:f1:5b:e7:5c:ca:cd:68:41:24:e0:e6:
74:55:24:30:67:40:6b:b9:47:57:34:aa:85:16:55:98:45:8b:
8f:72:4e:8b:a8:36:e4:26:87:e4:bd:cf:4d:8b:69:32:85:fb:
ce:f6:3d:d2:34:60:ac:6a:6c:96:66:d2:8e:c9:c8:1c:30:61:
9f:76:20:ff:d5:a0:16:8d:ea:83:13:a5:d3:c2:a9:a9:e5:3b:
a6:09:3f:ae
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYqetJiB6QAWobMwOJEM/vFsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwOTE2MTU1NTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzZiZjEzMDExNTY4OGQ5MjU5ZDQzNmEzNTBlMzJkMjNiNGJlODUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEuZvmEGKiqeQrjVk4aqFnj2us3X
asQccFyFZFQ1dkaH6KRZkMbsmmP9vfwbnVxebY8HwbQ9wXc20YiSX2npiFlhgyIi
/H5OSxvSVXRDIIzkDnUvdlYtzTSTSD7wDarFCGPvieo5g6S6Il/bvvJoY1p2ai4t
UWa1WCG0JCsj13CknZsRNOvgS+UfMzo1N9pc9u6+1QHWxbtD2+EImelz79WdrFUv
Hwi83RUvj8t8WwlHqD+GkyYd0aKjYC5Kx4/6T9AUobsihphFdjY2dZpnQ6D/AwSS
i/l8fDaiQ0Qg7v9YxXhjT1r0KTJnidNwz0JuwuGLSvC5cnxGlF+gNdq3zwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMdr8TARVojZJZ1DajUOMtI7S+hRMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEveDJ2eE1CRldpTmtsblVOcU5RNHkwanRMNkZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAAjnwAwQA
LVgNAwQAVmszAwQAVmuoAwQAWSJqAwQAWSLbAwQAWSN3AwQBWSOCAwQAWS8kAwQA
XrGWAwQAvNZrAwQAw1hZMA0GCSqGSIb3DQEBCwUAA4IBAQAd6vUVFlQLs6/sjR5i
jRh0L9DCHhOgumSJDOtkGLIsLyDek6BM/EP1GEaNC/hjOVMLfxn5ns9HPpLEXLey
KdOtImyvYgRYSheS4JWE21VDkQzSTeWHID9i1pVazuWbUskXFu4kMiig/KFPirnw
OJftxPv5uNz69yWqUdVmdv7BTjqE1fuNoQiirz3W01XDuK4l4jjG1eKLE0fewUb+
q1xQeTOAWJ3KiO3F8VvnXMrNaEEk4OZ0VSQwZ0BruUdXNKqFFlWYRYuPck6LqDbk
Jofkvc9Ni2kyhfvO9j3SNGCsamyWZtKOycgcMGGfdiD/1aAWjeqDE6XTwqmp5Tum
CT+u
-----END CERTIFICATE-----
Generated at Sun Jun 15 07:51:55 2025 by rpki-client