Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/u86cn1LVdOsLMURtPLnHlhExHIs.roa
File: u86cn1LVdOsLMURtPLnHlhExHIs.roa (raw, json)
Hash identifier: Z4ZssOZ+p2X5vDaPoSuo8FY7TEvxTr1C+BvjX4lJV68=
Subject key identifier: BB:CE:9C:9F:52:D5:74:EB:0B:31:44:6D:3C:B9:C7:96:11:31:1C:8B
Certificate issuer: /CN=2988a3c688e8eb1fef06c374a7aa5cf8fd778e0f
Certificate serial: 018B8B061F74BFA0FB30FC2B32F3BAFBEE12
Authority key identifier: 29:88:A3:C6:88:E8:EB:1F:EF:06:C3:74:A7:AA:5C:F8:FD:77:8E:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYijxojo6x_vBsN0p6pc-P13jg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/u86cn1LVdOsLMURtPLnHlhExHIs.roa
Signing time: Wed 01 Nov 2023 13:15:16 +0000
ROA not before: Wed 01 Nov 2023 13:15:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25106
IP address blocks: 176.60.4.0/22 maxlen: 22
176.60.0.0/18 maxlen: 24
176.60.44.0/22 maxlen: 22
176.60.40.0/22 maxlen: 22
46.56.114.0/23 maxlen: 23
46.56.125.0/24 maxlen: 24
176.60.128.0/18 maxlen: 24
176.60.132.0/22 maxlen: 22
176.60.64.0/18 maxlen: 24
176.60.80.0/23 maxlen: 23
46.56.56.0/22 maxlen: 24
46.56.60.0/23 maxlen: 24
46.56.60.0/24 maxlen: 24
46.56.62.0/23 maxlen: 23
46.56.64.0/19 maxlen: 24
46.56.96.0/19 maxlen: 24
46.56.40.0/24 maxlen: 24
46.56.41.0/24 maxlen: 24
46.56.42.0/24 maxlen: 24
46.56.40.0/21 maxlen: 21
46.216.184.0/21 maxlen: 21
46.216.192.0/21 maxlen: 21
46.216.192.0/18 maxlen: 24
46.216.128.0/18 maxlen: 24
46.216.144.0/21 maxlen: 21
134.17.208.0/22 maxlen: 24
134.17.208.0/20 maxlen: 24
46.216.152.0/21 maxlen: 21
134.17.224.0/20 maxlen: 24
46.216.246.0/24 maxlen: 24
134.17.16.0/21 maxlen: 21
134.17.17.0/24 maxlen: 24
185.20.112.0/23 maxlen: 23
178.168.160.0/21 maxlen: 21
185.20.114.0/23 maxlen: 23
178.168.168.0/21 maxlen: 24
134.17.24.0/21 maxlen: 21
134.17.24.0/22 maxlen: 22
134.17.28.0/24 maxlen: 24
134.17.32.0/19 maxlen: 19
134.17.32.0/22 maxlen: 22
178.168.180.0/22 maxlen: 22
178.168.192.0/19 maxlen: 24
134.17.64.0/20 maxlen: 20
176.60.176.0/23 maxlen: 23
178.168.128.0/18 maxlen: 24
176.60.184.0/22 maxlen: 24
176.60.192.0/20 maxlen: 20
178.168.144.0/23 maxlen: 23
176.60.192.0/18 maxlen: 24
134.17.0.0/20 maxlen: 24
176.60.208.0/23 maxlen: 23
134.17.124.0/24 maxlen: 24
134.17.128.0/19 maxlen: 19
134.17.128.0/21 maxlen: 21
134.17.136.0/21 maxlen: 21
134.17.144.0/20 maxlen: 20
134.17.160.0/19 maxlen: 19
46.216.0.0/17 maxlen: 24
178.168.220.0/22 maxlen: 22
178.168.224.0/19 maxlen: 24
134.17.79.0/24 maxlen: 24
134.17.80.0/21 maxlen: 21
134.17.80.0/22 maxlen: 22
134.17.88.0/21 maxlen: 24
134.17.89.0/24 maxlen: 24
178.168.242.0/23 maxlen: 23
134.17.96.0/19 maxlen: 19
178.168.253.0/24 maxlen: 24
2a02:bf0:7000::/36 maxlen: 36
2a02:bf0:6000::/36 maxlen: 36
2a02:bf0:5000::/36 maxlen: 36
2a02:bf0:4000::/36 maxlen: 36
2a02:bf0:1000::/36 maxlen: 36
2a02:bf0::/32 maxlen: 32
2a02:bf0:3000::/36 maxlen: 44
2a02:bf0:27::/48 maxlen: 48
2a02:bf0:1002::/48 maxlen: 48
2a02:bf0:2::/48 maxlen: 48
2a02:bf0:26::/48 maxlen: 48
2a02:bf0:29::/48 maxlen: 48
2a02:bf0:10::/44 maxlen: 44
2a02:bf0:1::/48 maxlen: 48
2a02:bf0:25::/48 maxlen: 48
2a02:bf0::/48 maxlen: 48
2a02:bf0:7::/48 maxlen: 48
2a02:bf0:6::/48 maxlen: 48
2a02:bf0:28::/48 maxlen: 48
2a02:bf0:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8b:06:1f:74:bf:a0:fb:30:fc:2b:32:f3:ba:fb:ee:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2988a3c688e8eb1fef06c374a7aa5cf8fd778e0f
Validity
Not Before: Nov 1 13:15:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbce9c9f52d574eb0b31446d3cb9c79611311c8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:47:54:bb:71:43:77:9c:08:d6:63:9e:6f:dd:
04:ad:5a:69:29:bd:e4:81:d7:f0:81:f7:e1:38:90:
ef:ea:02:df:d6:0e:6c:a4:26:35:ce:90:2a:38:dd:
57:e2:70:2f:fd:9f:dd:f4:58:d7:52:ee:77:3f:b7:
6e:b7:cc:ba:51:00:1a:79:95:7e:bc:1e:e3:6d:3a:
18:3d:3d:a3:90:1d:48:a4:d4:1f:44:6d:81:89:95:
ec:24:2b:a7:85:66:bb:ea:85:8f:1a:96:b2:07:d5:
f4:33:64:d8:ee:29:98:5e:63:8f:72:1b:df:6c:96:
ea:4f:a8:c2:fd:4f:a5:ee:8d:e3:ca:c2:1e:71:ad:
65:34:61:53:59:a1:93:e9:c7:79:a2:db:20:bb:7e:
47:4d:ad:5d:29:e3:fe:32:9c:56:b6:d4:7d:1e:18:
36:0d:16:9f:a8:f8:59:a4:7f:f9:f7:59:54:af:19:
93:5c:1b:96:0f:25:7f:d1:77:10:ff:1c:5b:90:22:
79:7f:40:94:2f:10:a1:5c:d0:99:9e:e6:fc:16:be:
53:b7:ef:5e:6a:aa:de:de:ae:1a:9f:3d:f8:b9:bd:
6b:56:18:4f:aa:17:37:c5:6a:1d:03:79:ba:ca:e6:
fb:53:87:d5:70:60:b1:64:23:1c:c6:81:c7:26:3c:
8f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:CE:9C:9F:52:D5:74:EB:0B:31:44:6D:3C:B9:C7:96:11:31:1C:8B
X509v3 Authority Key Identifier:
keyid:29:88:A3:C6:88:E8:EB:1F:EF:06:C3:74:A7:AA:5C:F8:FD:77:8E:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYijxojo6x_vBsN0p6pc-P13jg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/u86cn1LVdOsLMURtPLnHlhExHIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/KYijxojo6x_vBsN0p6pc-P13jg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.56.40.0/21
46.56.56.0-46.56.127.255
46.216.0.0/16
134.17.0.0-134.17.191.255
134.17.208.0-134.17.239.255
176.60.0.0/16
178.168.128.0/17
185.20.112.0/22
IPv6:
2a02:bf0::/32
Signature Algorithm: sha256WithRSAEncryption
a8:96:9f:6d:52:1a:4f:bd:3b:27:5a:e8:81:6f:de:89:01:90:
4a:68:2d:1d:f5:31:dc:b5:a8:f6:78:45:cf:0b:91:2f:58:de:
9e:43:29:5c:ab:08:8c:93:86:40:89:39:7e:54:f4:02:22:6a:
19:1f:9a:40:ed:72:fc:f4:df:eb:27:13:68:3d:b3:45:3a:5b:
01:cb:99:95:df:3b:c5:f5:6d:6e:53:5b:08:f5:1a:8c:9d:fa:
6b:4d:10:61:2f:12:e4:af:af:9a:3e:55:39:dd:8a:03:de:01:
ba:b3:33:c6:fc:b2:fb:c1:3e:71:97:24:ab:29:a1:24:4f:58:
92:1f:6b:d0:cf:e0:65:d1:57:6c:6e:48:f6:8f:54:90:71:9f:
c3:6e:67:7d:22:88:b2:d4:4b:92:84:28:a3:8d:4a:fb:cb:d4:
70:17:8a:da:61:c0:f6:d1:d2:a0:96:67:f8:66:12:12:89:a3:
57:3a:2a:89:4a:7f:72:d8:e2:6a:ab:58:ff:a3:4f:94:f0:c2:
01:d9:da:87:32:cb:7d:87:86:f6:df:ed:dc:a0:a6:fa:61:2f:
6e:04:de:b4:17:ff:3a:9c:16:9b:6f:65:d4:e5:7a:ee:17:49:
cf:36:b0:d8:4d:43:7f:14:54:f2:4f:d1:c2:7c:ea:7a:3c:1b:
3e:07:78:dc
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYuLBh90v6D7MPwrMvO6++4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODhhM2M2ODhlOGViMWZlZjA2YzM3NGE3YWE1Y2Y4ZmQ3
NzhlMGYwHhcNMjMxMTAxMTMxNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmNlOWM5ZjUyZDU3NGViMGIzMTQ0NmQzY2I5Yzc5NjExMzExYzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkdUu3FDd5wI1mOeb90ErVppKb3k
gdfwgffhOJDv6gLf1g5spCY1zpAqON1X4nAv/Z/d9FjXUu53P7dut8y6UQAaeZV+
vB7jbToYPT2jkB1IpNQfRG2BiZXsJCunhWa76oWPGpayB9X0M2TY7imYXmOPchvf
bJbqT6jC/U+l7o3jysIeca1lNGFTWaGT6cd5otsgu35HTa1dKeP+MpxWttR9Hhg2
DRafqPhZpH/591lUrxmTXBuWDyV/0XcQ/xxbkCJ5f0CULxChXNCZnub8Fr5Tt+9e
aqre3q4anz34ub1rVhhPqhc3xWodA3m6yub7U4fVcGCxZCMcxoHHJjyPjQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFLvOnJ9S1XTrCzFEbTy5x5YRMRyLMB8GA1UdIwQY
MBaAFCmIo8aI6Osf7wbDdKeqXPj9d44PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lpanhvam82eF92QnNOMHA2cGMtUDEzamc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85ZjUyZDEtYzk1ZC00NTViLWFmMDgt
Y2VjMGRiYzhkMjQ2LzEvdTg2Y24xTFZkT3NMTVVSdFBMbkhsaEV4SElzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85ZjUyZDEtYzk1ZC00NTViLWFmMDgtY2VjMGRiYzhkMjQ2
LzEvS1lpanhvam82eF92QnNOMHA2cGMtUDEzamc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBLBAIAATBFAwQDLjgoMAwD
BAMuODgDBAcuOAADAwAu2DALAwMAhhEDBAaGEYAwDAMEBIYR0AMEBIYR4AMDALA8
AwQHsqiAAwQCuRRwMA0EAgACMAcDBQAqAgvwMA0GCSqGSIb3DQEBCwUAA4IBAQCo
lp9tUhpPvTsnWuiBb96JAZBKaC0d9THctaj2eEXPC5EvWN6eQylcqwiMk4ZAiTl+
VPQCImoZH5pA7XL89N/rJxNoPbNFOlsBy5mV3zvF9W1uU1sI9RqMnfprTRBhLxLk
r6+aPlU53YoD3gG6szPG/LL7wT5xlySrKaEkT1iSH2vQz+Bl0Vdsbkj2j1SQcZ/D
bmd9Ioiy1EuShCijjUr7y9RwF4raYcD20dKglmf4ZhISiaNXOiqJSn9y2OJqq1j/
o0+U8MIB2dqHMst9h4b23+3coKb6YS9uBN60F/86nBabb2XU5XruF0nPNrDYTUN/
FFTyT9HCfOp6PBs+B3jc
-----END CERTIFICATE-----
Generated at Wed Apr 30 06:27:04 2025 by rpki-client