Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/EQvi5sPw8qH2I5im5Nt6QQ6ij0w.roa
File: EQvi5sPw8qH2I5im5Nt6QQ6ij0w.roa (raw, json)
Hash identifier: 1FzvzlG1wq5csyXdeYElR2IKqowGign98XQl/eq8sNc=
Subject key identifier: 11:0B:E2:E6:C3:F0:F2:A1:F6:23:98:A6:E4:DB:7A:41:0E:A2:8F:4C
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0189CF7F14D258E2F3190B35F258253B789E
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/EQvi5sPw8qH2I5im5Nt6QQ6ij0w.roa
Signing time: Mon 07 Aug 2023 10:15:59 +0000
ROA not before: Mon 07 Aug 2023 10:15:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
188.241.214.0/24 maxlen: 24
93.115.255.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
89.35.155.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.230.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cf:7f:14:d2:58:e2:f3:19:0b:35:f2:58:25:3b:78:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 7 10:15:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=110be2e6c3f0f2a1f62398a6e4db7a410ea28f4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:de:95:87:3e:f5:f2:21:e9:2d:18:67:53:76:
3a:c1:82:d3:cf:6e:be:a3:67:8c:e2:69:14:0a:a6:
da:9d:1b:66:d6:de:94:26:e2:01:58:c8:ba:87:e0:
84:5e:f1:07:71:08:65:60:70:86:ad:5f:53:ee:2b:
5a:de:bf:c6:79:b6:27:ca:01:e9:3b:f4:ea:1d:c3:
2c:49:17:b9:4f:59:6f:ec:32:04:24:41:de:96:a9:
81:17:a2:2b:85:3b:95:ec:44:b0:a4:0f:f3:d8:ad:
00:de:23:f7:07:b3:1a:f5:54:c2:98:50:cb:fc:5b:
92:8d:a6:04:9d:7e:ab:62:8c:18:54:a9:f7:23:ce:
33:f0:93:10:d7:b9:e0:2c:16:21:71:24:15:0a:f9:
9b:1d:1b:31:65:38:8a:a8:8f:7c:85:fc:2b:5e:09:
9d:73:c0:51:ad:cf:ce:8b:e6:47:f9:c6:c6:f6:f4:
27:c5:c4:45:bd:33:2d:68:0b:45:86:d8:01:61:87:
04:be:c7:56:90:83:89:c7:ab:79:af:83:76:a6:8d:
77:4b:2a:f0:a5:73:43:2f:f6:95:f4:fc:74:de:3e:
66:3c:94:42:17:ae:17:4b:d8:9e:e8:92:9f:5e:6c:
53:6b:d0:fc:a0:68:0f:2d:62:8b:04:43:60:be:8a:
08:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:0B:E2:E6:C3:F0:F2:A1:F6:23:98:A6:E4:DB:7A:41:0E:A2:8F:4C
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/EQvi5sPw8qH2I5im5Nt6QQ6ij0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.157.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/23
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.169.0-185.255.171.255
188.212.132.0/23
188.212.155.0/24
188.212.158.0/24
188.213.202.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.240.230.0/24
188.240.233.0/24
188.241.110.0/24
188.241.214.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
24:71:86:da:a3:13:ff:ff:f7:2d:ce:63:0e:73:7f:1e:f7:10:
5a:42:ac:45:9a:36:e1:c3:a8:c6:15:b1:4d:47:ea:b5:e5:16:
18:e1:77:7f:6e:5d:12:9f:d9:90:43:4c:6d:0c:29:34:be:04:
2f:2a:00:58:67:e0:33:1a:a1:e9:6d:cc:fd:10:0c:27:cd:81:
60:6c:72:22:d8:2c:95:82:c2:66:02:5a:e7:3a:3f:22:65:27:
b9:ee:63:ae:dd:e7:3e:6f:2e:28:52:e5:23:83:02:bd:24:64:
8b:7c:f2:ad:b5:68:9d:46:3f:81:04:dc:f0:62:2c:6a:b2:be:
b0:7b:8f:e9:d9:ac:fe:ef:53:f0:90:fc:c4:19:92:0b:fe:d9:
c1:f6:c2:c8:37:dd:1d:0d:c5:0c:36:f1:d0:c5:22:20:3e:5d:
44:5d:68:fd:f7:c2:d6:c9:66:e9:c2:3f:47:8f:0f:aa:ae:c6:
a3:65:ae:50:e1:56:a6:90:c2:a2:e9:ee:63:84:d5:64:f3:50:
67:4c:69:5c:4a:c1:d6:0d:96:0e:92:65:e7:21:20:aa:fe:a0:
b7:30:b4:16:e9:57:7e:84:c1:df:ff:39:7b:2b:af:87:a4:aa:
ba:f8:98:e9:ad:54:14:f7:77:fc:30:ef:e0:80:32:68:7c:b6:
bc:d1:10:e6
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYnPfxTSWOLzGQs18lglO3ieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwODA3MTAxNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTBiZTJlNmMzZjBmMmExZjYyMzk4YTZlNGRiN2E0MTBlYTI4ZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApN6Vhz718iHpLRhnU3Y6wYLTz26+
o2eM4mkUCqbanRtm1t6UJuIBWMi6h+CEXvEHcQhlYHCGrV9T7ita3r/GebYnygHp
O/TqHcMsSRe5T1lv7DIEJEHelqmBF6IrhTuV7ESwpA/z2K0A3iP3B7Ma9VTCmFDL
/FuSjaYEnX6rYowYVKn3I84z8JMQ17ngLBYhcSQVCvmbHRsxZTiKqI98hfwrXgmd
c8BRrc/Oi+ZH+cbG9vQnxcRFvTMtaAtFhtgBYYcEvsdWkIOJx6t5r4N2po13Syrw
pXNDL/aV9Px03j5mPJRCF64XS9ie6JKfXmxTa9D8oGgPLWKLBENgvooIawIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFBEL4ubD8PKh9iOYpuTbekEOoo9MMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvRVF2aTVzUHc4cUgySTVpbTVOdDZRUTZpajB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaoDBAAt
nJ0DBAJX95QDBAFZIVQDBAFZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAG5h4wDBAC5
h48DBAC57goDBAG58dIDBAC5/ycwDAMEALn/qQMEArn/qAMEAbzUhAMEALzUmwME
ALzUngMEAbzVygMEALzW0QMEAbzw4AMEALzw4wMEALzw5gMEALzw6QMEALzxbgME
ALzx1gMEALzx8wMEAcEXgAMEAtXoXDANBgkqhkiG9w0BAQsFAAOCAQEAJHGG2qMT
///3Lc5jDnN/HvcQWkKsRZo24cOoxhWxTUfqteUWGOF3f25dEp/ZkENMbQwpNL4E
LyoAWGfgMxqh6W3M/RAMJ82BYGxyItgslYLCZgJa5zo/ImUnue5jrt3nPm8uKFLl
I4MCvSRki3zyrbVonUY/gQTc8GIsarK+sHuP6dms/u9T8JD8xBmSC/7ZwfbCyDfd
HQ3FDDbx0MUiID5dRF1o/ffC1slm6cI/R48Pqq7Go2WuUOFWppDCounuY4TVZPNQ
Z0xpXErB1g2WDpJl5yEgqv6gtzC0FulXfoTB3/85eyuvh6SquviY6a1UFPd3/DDv
4IAyaHy2vNEQ5g==
-----END CERTIFICATE-----
Generated at Tue Apr 29 07:27:20 2025 by rpki-client