Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/tNuIxxN5wG3697hMwj05aTO30oU.roa
File: tNuIxxN5wG3697hMwj05aTO30oU.roa (raw, json)
Hash identifier: X7xUF2OrenWJlc6pN55BADBZv29FdW6GkXgUwPj4FNs=
Subject key identifier: B4:DB:88:C7:13:79:C0:6D:FA:F7:B8:4C:C2:3D:39:69:33:B7:D2:85
Certificate issuer: /CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Certificate serial: 01869CA33D1CB428D17467F4A4D44E77A783
Authority key identifier: 43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/tNuIxxN5wG3697hMwj05aTO30oU.roa
Signing time: Wed 01 Mar 2023 10:06:29 +0000
ROA not before: Wed 01 Mar 2023 10:06:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48359
IP address blocks: 185.221.192.0/24 maxlen: 24
185.221.192.0/22 maxlen: 22
185.221.194.0/24 maxlen: 24
185.221.193.0/24 maxlen: 24
185.221.195.0/24 maxlen: 24
195.191.44.0/24 maxlen: 24
195.191.45.0/24 maxlen: 24
185.121.58.0/24 maxlen: 24
185.121.57.0/24 maxlen: 24
185.121.56.0/22 maxlen: 22
185.121.56.0/24 maxlen: 24
185.121.59.0/24 maxlen: 24
195.8.112.0/24 maxlen: 24
195.8.110.0/24 maxlen: 24
195.8.114.0/24 maxlen: 24
185.238.44.0/24 maxlen: 24
185.238.47.0/24 maxlen: 24
185.238.46.0/24 maxlen: 24
185.238.45.0/24 maxlen: 24
195.191.23.0/24 maxlen: 24
195.191.22.0/24 maxlen: 24
185.137.60.0/22 maxlen: 24
185.142.95.0/24 maxlen: 24
185.142.92.0/22 maxlen: 22
185.142.92.0/24 maxlen: 24
193.246.200.0/24 maxlen: 24
185.142.94.0/24 maxlen: 24
185.142.93.0/24 maxlen: 24
193.246.201.0/24 maxlen: 24
185.142.124.0/24 maxlen: 24
185.142.124.0/22 maxlen: 22
185.142.125.0/24 maxlen: 24
185.142.127.0/24 maxlen: 24
185.142.126.0/24 maxlen: 24
195.8.102.0/24 maxlen: 24
195.230.97.0/24 maxlen: 24
195.230.105.0/24 maxlen: 24
91.213.151.0/24 maxlen: 24
195.230.107.0/24 maxlen: 24
91.213.157.0/24 maxlen: 24
185.82.64.0/24 maxlen: 24
185.82.64.0/22 maxlen: 22
195.230.124.0/24 maxlen: 24
185.82.66.0/24 maxlen: 24
185.82.67.0/24 maxlen: 24
185.82.65.0/24 maxlen: 24
91.213.172.0/24 maxlen: 24
91.213.167.0/24 maxlen: 24
185.47.48.0/23 maxlen: 23
185.47.50.0/23 maxlen: 23
45.155.192.0/24 maxlen: 24
193.246.175.0/24 maxlen: 24
193.246.174.0/24 maxlen: 24
45.155.195.0/24 maxlen: 24
45.155.193.0/24 maxlen: 24
45.155.194.0/24 maxlen: 24
185.125.22.0/24 maxlen: 24
185.125.21.0/24 maxlen: 24
185.125.23.0/24 maxlen: 24
185.125.20.0/24 maxlen: 24
185.212.192.0/24 maxlen: 24
185.212.193.0/24 maxlen: 24
185.212.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9c:a3:3d:1c:b4:28:d1:74:67:f4:a4:d4:4e:77:a7:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Validity
Not Before: Mar 1 10:06:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4db88c71379c06dfaf7b84cc23d396933b7d285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ed:ce:01:ec:0a:46:2e:3f:6d:3f:b4:e8:4e:
ce:f1:c6:11:77:8c:c1:77:34:26:8f:a1:4a:20:1e:
b3:55:8a:15:56:d8:3a:47:8d:38:d8:2f:68:88:53:
a1:f3:78:d5:1b:85:3b:5f:20:55:26:c1:0f:d2:fc:
fe:38:a6:57:35:ac:f4:a0:36:89:79:03:92:e7:69:
78:c3:1e:6b:10:ca:e1:31:45:e4:b0:4c:01:d9:57:
37:aa:4d:4a:ca:c9:f8:61:c9:05:9a:36:99:81:03:
e6:dd:5f:78:b9:ce:46:26:68:6d:fd:2a:79:fd:13:
e5:50:a2:b5:06:c1:bd:6e:08:40:cb:3f:1e:a5:4a:
3f:73:db:6a:56:e4:5c:4a:b3:53:91:d2:9c:9e:02:
3e:9c:92:bd:81:c5:e9:d4:1e:65:3e:2f:66:fa:14:
6b:9e:4e:b5:47:99:94:15:a7:47:85:8f:bb:dd:55:
a4:08:a4:c9:ca:44:ba:67:77:8e:b4:d3:e6:92:d1:
4f:69:6d:26:d2:b2:a8:64:dd:74:03:0e:32:40:7f:
78:cd:76:05:f5:6e:b4:a4:4a:d1:1b:e9:3d:1f:73:
11:a0:65:c7:e4:81:75:67:40:55:45:9a:91:dc:21:
1f:57:ae:71:fe:7a:44:90:d2:df:62:fc:d9:f6:e1:
0a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:DB:88:C7:13:79:C0:6D:FA:F7:B8:4C:C2:3D:39:69:33:B7:D2:85
X509v3 Authority Key Identifier:
keyid:43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/tNuIxxN5wG3697hMwj05aTO30oU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.192.0/22
91.213.151.0/24
91.213.157.0/24
91.213.167.0/24
91.213.172.0/24
185.47.48.0/22
185.82.64.0/22
185.121.56.0/22
185.125.20.0/22
185.137.60.0/22
185.142.92.0/22
185.142.124.0/22
185.212.192.0/23
185.212.195.0/24
185.221.192.0/22
185.238.44.0/22
193.246.174.0/23
193.246.200.0/23
195.8.102.0/24
195.8.110.0/24
195.8.112.0/24
195.8.114.0/24
195.191.22.0/23
195.191.44.0/23
195.230.97.0/24
195.230.105.0/24
195.230.107.0/24
195.230.124.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:0c:9b:06:d4:ed:a2:c2:65:5c:cd:88:84:dd:0d:0a:96:f2:
11:71:c6:84:e2:d9:ba:df:38:6b:ad:30:07:19:59:8a:51:49:
d7:98:d2:98:e6:65:c9:12:ee:8c:91:d3:a9:63:48:3b:fd:10:
03:7b:5e:cc:e5:9e:2e:f1:a5:f5:3d:2d:d0:4e:d1:fa:7b:6e:
7e:9c:3c:a8:a3:cb:87:64:9d:ce:11:60:20:6d:23:47:51:03:
5f:40:fe:1e:21:24:d9:0b:e4:cc:88:a6:90:c6:fd:34:e9:f7:
c2:57:fd:06:d1:56:fb:a9:b0:6e:8f:b6:ac:f2:9f:d4:d2:09:
08:f5:5e:9a:10:48:35:0c:4a:80:0d:b7:87:b9:42:57:4d:c2:
7c:ad:2f:20:dc:cf:c4:5c:30:1e:6c:28:c1:ef:1c:14:85:d6:
32:49:32:57:7b:30:ee:d7:76:d3:42:5f:15:50:b2:1e:dc:1e:
a7:8d:61:20:51:d6:9a:50:0c:e7:5f:2c:2f:cb:85:ee:c4:89:
dc:85:bf:84:e6:04:e2:df:9d:02:5e:51:18:b2:40:64:29:c7:
43:ce:25:d3:47:1c:82:25:cf:f6:05:ef:df:fe:25:d5:c7:db:
b0:8d:c0:09:51:cd:6f:00:bb:76:3f:8a:16:d7:1b:dd:b3:4b:
21:e4:77:4a
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYacoz0ctCjRdGf0pNROd6eDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOTY1ZGQxZjZmMjRhNDZkN2NjNGJjY2ZlY2Q0MTUxYzZk
ZDFiZmIwHhcNMjMwMzAxMTAwNjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGRiODhjNzEzNzljMDZkZmFmN2I4NGNjMjNkMzk2OTMzYjdkMjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+3OAewKRi4/bT+06E7O8cYRd4zB
dzQmj6FKIB6zVYoVVtg6R4042C9oiFOh83jVG4U7XyBVJsEP0vz+OKZXNaz0oDaJ
eQOS52l4wx5rEMrhMUXksEwB2Vc3qk1Kysn4YckFmjaZgQPm3V94uc5GJmht/Sp5
/RPlUKK1BsG9bghAyz8epUo/c9tqVuRcSrNTkdKcngI+nJK9gcXp1B5lPi9m+hRr
nk61R5mUFadHhY+73VWkCKTJykS6Z3eOtNPmktFPaW0m0rKoZN10Aw4yQH94zXYF
9W60pErRG+k9H3MRoGXH5IF1Z0BVRZqR3CEfV65x/npEkNLfYvzZ9uEKYQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFLTbiMcTecBt+ve4TMI9OWkzt9KFMB8GA1UdIwQY
MBaAFEOWXdH28kpG18xLzP7NQVHG3Rv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEt
MzM5ODBjMDNmMDhlLzEvdE51SXh4TjV3RzM2OTdoTXdqMDVhVE8zMG9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEtMzM5ODBjMDNmMDhl
LzEvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagDBAIt
m8ADBABb1ZcDBABb1Z0DBABb1acDBABb1awDBAK5LzADBAK5UkADBAK5eTgDBAK5
fRQDBAK5iTwDBAK5jlwDBAK5jnwDBAG51MADBAC51MMDBAK53cADBAK57iwDBAHB
9q4DBAHB9sgDBADDCGYDBADDCG4DBADDCHADBADDCHIDBAHDvxYDBAHDvywDBADD
5mEDBADD5mkDBADD5msDBADD5nwwDQYJKoZIhvcNAQELBQADggEBAE8MmwbU7aLC
ZVzNiITdDQqW8hFxxoTi2brfOGutMAcZWYpRSdeY0pjmZckS7oyR06ljSDv9EAN7
Xszlni7xpfU9LdBO0fp7bn6cPKijy4dknc4RYCBtI0dRA19A/h4hJNkL5MyIppDG
/TTp98JX/QbRVvupsG6Ptqzyn9TSCQj1XpoQSDUMSoANt4e5QldNwnytLyDcz8Rc
MB5sKMHvHBSF1jJJMld7MO7XdtNCXxVQsh7cHqeNYSBR1ppQDOdfLC/Lhe7EidyF
v4TmBOLfnQJeURiyQGQpx0POJdNHHIIlz/YF79/+JdXH27CNwAlRzW8Au3Y/ihbX
G92zSyHkd0o=
-----END CERTIFICATE-----
Generated at Mon Jun 16 15:02:07 2025 by rpki-client