Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/sSPmf9znozcWKiPrJ-Lnefk7bfE.roa
File: sSPmf9znozcWKiPrJ-Lnefk7bfE.roa (raw, json)
Hash identifier: s/Bn0gWuFUXB3l+ZJghlcFcFpyIQ2L52Mh6OfekBBGY=
Subject key identifier: B1:23:E6:7F:DC:E7:A3:37:16:2A:23:EB:27:E2:E7:79:F9:3B:6D:F1
Certificate issuer: /CN=84e1429a53e6463b3c74f5a3f17c5d4a51ebd0b8
Certificate serial: 018B2836B539CBDCAC91CF19D3E93224BE22
Authority key identifier: 84:E1:42:9A:53:E6:46:3B:3C:74:F5:A3:F1:7C:5D:4A:51:EB:D0:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/sSPmf9znozcWKiPrJ-Lnefk7bfE.roa
Signing time: Fri 13 Oct 2023 08:45:55 +0000
ROA not before: Fri 13 Oct 2023 08:45:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62000
IP address blocks: 45.147.98.0/24 maxlen: 24
45.147.96.0/23 maxlen: 23
45.147.99.0/24 maxlen: 24
193.168.144.0/24 maxlen: 24
193.168.145.0/24 maxlen: 24
193.168.147.0/24 maxlen: 24
193.168.146.0/24 maxlen: 24
45.155.168.0/22 maxlen: 22
45.155.168.0/24 maxlen: 24
185.157.245.0/24 maxlen: 24
185.157.244.0/24 maxlen: 24
185.216.24.0/24 maxlen: 24
185.216.25.0/24 maxlen: 24
185.216.27.0/24 maxlen: 24
185.216.26.0/24 maxlen: 24
2a07:abc0::/29 maxlen: 29
2a0b:b140::/29 maxlen: 29
2a09:6383::/32 maxlen: 32
2a09:6385::/32 maxlen: 32
2a09:6382::/32 maxlen: 32
2a09:6384::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:28:36:b5:39:cb:dc:ac:91:cf:19:d3:e9:32:24:be:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84e1429a53e6463b3c74f5a3f17c5d4a51ebd0b8
Validity
Not Before: Oct 13 08:45:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b123e67fdce7a337162a23eb27e2e779f93b6df1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:86:0c:77:f7:8c:af:41:9b:c7:bf:61:aa:f4:
7d:69:dc:cf:49:a8:ac:3f:27:2a:b2:8d:9e:78:57:
ed:33:6d:12:15:e4:c4:87:3f:49:b6:46:5a:fa:01:
ab:15:33:6a:f2:6f:75:3c:35:37:2c:e4:d9:d9:42:
db:46:72:e9:c4:ba:bf:11:9e:8e:5a:aa:81:fb:92:
9d:bb:f8:75:51:bb:3d:29:31:da:18:51:08:57:ea:
22:b9:46:6b:df:b6:a3:86:14:fb:6e:4b:58:af:fe:
5f:a6:89:fb:1c:7d:68:a5:bd:8d:d1:5b:49:8a:25:
25:35:e8:41:39:89:ee:36:7b:41:39:e2:20:eb:f8:
6d:4a:0b:79:60:8b:17:d6:d4:35:fd:ab:d8:41:12:
80:b1:a8:bd:2c:e4:ed:56:cf:eb:96:c5:c3:f8:26:
84:00:f6:2d:a3:b0:51:3a:4a:1b:f8:d4:a8:8c:a7:
c2:9a:6f:9b:aa:28:0e:34:78:31:08:c2:83:b4:9f:
1f:60:bd:09:cc:85:7d:53:d6:05:8d:49:0d:d2:04:
f3:34:ba:09:b7:af:4c:ce:78:ed:47:e2:95:34:25:
fd:83:7a:05:67:e4:5f:dd:f1:fb:47:29:f1:91:20:
71:12:0f:93:42:d0:57:af:b7:3f:8c:c3:6e:87:69:
21:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:23:E6:7F:DC:E7:A3:37:16:2A:23:EB:27:E2:E7:79:F9:3B:6D:F1
X509v3 Authority Key Identifier:
keyid:84:E1:42:9A:53:E6:46:3B:3C:74:F5:A3:F1:7C:5D:4A:51:EB:D0:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/sSPmf9znozcWKiPrJ-Lnefk7bfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.96.0/22
45.155.168.0/22
185.157.244.0/23
185.216.24.0/22
193.168.144.0/22
IPv6:
2a07:abc0::/29
2a09:6382::-2a09:6385:ffff:ffff:ffff:ffff:ffff:ffff
2a0b:b140::/29
Signature Algorithm: sha256WithRSAEncryption
16:9f:00:97:b5:1b:a6:7c:34:6d:67:dc:b8:28:91:1d:55:ce:
62:22:d9:81:12:55:63:8c:a3:d6:78:93:32:be:21:d4:36:44:
de:af:0e:93:18:06:e3:a3:b6:cf:7a:32:e0:8d:a8:9d:8c:9b:
7c:79:ed:04:a6:d1:15:02:92:49:6c:68:97:77:06:5d:85:92:
f9:2b:2b:a8:57:b6:bc:74:92:08:4f:f1:5c:7c:cc:2d:09:91:
26:d6:5f:7d:6f:d8:0a:34:3b:92:53:0a:73:78:69:18:8e:4f:
0a:86:03:7c:21:37:b6:63:22:8f:87:41:04:98:a4:ed:42:8e:
1e:30:11:65:3e:42:f7:b3:61:f3:80:da:e9:39:c4:5f:6d:7d:
7a:61:c0:a4:03:c9:5b:d8:e7:f3:af:89:1a:0e:19:31:63:c5:
41:90:e6:b1:ca:3e:de:3d:de:0d:77:aa:f1:1f:94:4f:7f:16:
7c:1f:c1:23:57:f0:60:49:b7:19:4b:d5:c9:08:e5:ff:39:0a:
54:e5:a3:87:7f:e9:4e:23:a2:4c:23:fe:ca:c5:ac:fd:c9:07:
74:b6:76:39:ea:b4:56:5e:53:bd:3c:0e:b3:8f:8b:b3:d3:7a:
72:e1:55:0b:e9:a4:27:b2:ca:68:b9:53:d9:6d:91:a4:6e:aa:
f0:2a:c9:5e
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYsoNrU5y9yskc8Z0+kyJL4iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZTE0MjlhNTNlNjQ2M2IzYzc0ZjVhM2YxN2M1ZDRhNTFl
YmQwYjgwHhcNMjMxMDEzMDg0NTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTIzZTY3ZmRjZTdhMzM3MTYyYTIzZWIyN2UyZTc3OWY5M2I2ZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIYMd/eMr0Gbx79hqvR9adzPSais
Pycqso2eeFftM20SFeTEhz9JtkZa+gGrFTNq8m91PDU3LOTZ2ULbRnLpxLq/EZ6O
WqqB+5Kdu/h1Ubs9KTHaGFEIV+oiuUZr37ajhhT7bktYr/5fpon7HH1opb2N0VtJ
iiUlNehBOYnuNntBOeIg6/htSgt5YIsX1tQ1/avYQRKAsai9LOTtVs/rlsXD+CaE
APYto7BROkob+NSojKfCmm+bqigONHgxCMKDtJ8fYL0JzIV9U9YFjUkN0gTzNLoJ
t69MznjtR+KVNCX9g3oFZ+Rf3fH7RynxkSBxEg+TQtBXr7c/jMNuh2khHQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFLEj5n/c56M3Fioj6yfi53n5O23xMB8GA1UdIwQY
MBaAFIThQppT5kY7PHT1o/F8XUpR69C4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE9GQ21sUG1SanM4ZFBXajhYeGRTbEhyMExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83MmRiZGYtYzcxZC00ZTU5LTgwNzYt
YzQxZGNjYThiNzc1LzEvc1NQbWY5em5vemNXS2lQckotTG5lZms3YmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83MmRiZGYtYzcxZC00ZTU5LTgwNzYtYzQxZGNjYThiNzc1
LzEvaE9GQ21sUG1SanM4ZFBXajhYeGRTbEhyMExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAkBAIAATAeAwQCLZNgAwQC
LZuoAwQBuZ30AwQCudgYAwQCwaiQMCQEAgACMB4DBQMqB6vAMA4DBQEqCWOCAwUB
KgljhAMFAyoLsUAwDQYJKoZIhvcNAQELBQADggEBABafAJe1G6Z8NG1n3LgokR1V
zmIi2YESVWOMo9Z4kzK+IdQ2RN6vDpMYBuOjts96MuCNqJ2Mm3x57QSm0RUCkkls
aJd3Bl2FkvkrK6hXtrx0kghP8Vx8zC0JkSbWX31v2Ao0O5JTCnN4aRiOTwqGA3wh
N7ZjIo+HQQSYpO1Cjh4wEWU+QvezYfOA2uk5xF9tfXphwKQDyVvY5/OviRoOGTFj
xUGQ5rHKPt493g13qvEflE9/FnwfwSNX8GBJtxlL1ckI5f85ClTlo4d/6U4jokwj
/srFrP3JB3S2djnqtFZeU708DrOPi7PTenLhVQvppCeyymi5U9ltkaRuqvAqyV4=
-----END CERTIFICATE-----
Generated at Tue Apr 29 18:39:14 2025 by rpki-client