Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/cd17fe-e44a-4b98-9f1c-2d8a8d9669f8/1/lWuh2w5DJKO3Z8l-meUO-PLE0WI.roa
File: lWuh2w5DJKO3Z8l-meUO-PLE0WI.roa (raw, json)
Hash identifier: HStPbCvfkzfj778HsXflMqievamzzRcwCDXegqBoghU=
Subject key identifier: 95:6B:A1:DB:0E:43:24:A3:B7:67:C9:7E:99:E5:0E:F8:F2:C4:D1:62
Certificate issuer: /CN=78fb099aa43081ac8395ee0b90ccf1a8844f8d64
Certificate serial: 01C006
Authority key identifier: 78:FB:09:9A:A4:30:81:AC:83:95:EE:0B:90:CC:F1:A8:84:4F:8D:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ePsJmqQwgayDle4LkMzxqIRPjWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/cd17fe-e44a-4b98-9f1c-2d8a8d9669f8/1/lWuh2w5DJKO3Z8l-meUO-PLE0WI.roa
Signing time: Thu 17 Mar 2022 19:24:44 +0000
ROA not before: Thu 17 Mar 2022 19:24:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47605
IP address blocks: 85.194.194.0/23 maxlen: 23
85.194.220.0/22 maxlen: 22
87.236.152.0/21 maxlen: 21
85.194.234.0/23 maxlen: 23
185.38.0.0/22 maxlen: 22
80.208.240.0/21 maxlen: 21
2a00:1d50:3::/48 maxlen: 48
2a00:1d50::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114694 (0x1c006)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78fb099aa43081ac8395ee0b90ccf1a8844f8d64
Validity
Not Before: Mar 17 19:24:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=956ba1db0e4324a3b767c97e99e50ef8f2c4d162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:52:48:36:2e:12:a5:d3:85:c0:38:09:9f:33:
ef:ee:18:a6:cf:f4:a7:55:13:ee:c8:ef:c5:27:ea:
ce:fa:aa:87:69:70:e6:a1:8a:62:1d:7b:72:16:ed:
b4:79:69:fd:b3:54:62:bc:20:9c:50:53:af:89:79:
21:4b:89:2f:3e:0d:60:fa:f3:e7:ba:c3:d3:19:28:
b5:ac:9b:0f:d2:a0:8e:c5:2f:65:38:0c:fc:91:b5:
4f:f4:f9:de:e0:cb:65:d0:53:f6:f8:71:98:e0:df:
5c:f2:35:c3:3b:7c:e6:9d:35:c7:b7:8b:ae:45:63:
f4:c3:45:18:f0:2b:9e:ea:16:c2:46:96:36:60:2d:
c9:72:5e:bf:2d:ae:aa:75:ed:52:79:53:75:b9:9b:
ab:01:7b:75:b1:7b:ea:c7:7f:f2:4b:5c:17:cd:3a:
49:32:69:f3:89:e5:2f:ad:f9:4e:1c:e8:7a:7d:d2:
cb:db:06:21:5a:08:d2:00:41:cc:54:71:25:a9:e9:
72:2d:49:d6:95:82:84:9e:7c:ff:df:75:98:67:c6:
ba:ad:29:19:dc:9e:eb:74:cb:ed:d6:2b:4a:aa:1b:
3d:f2:81:bb:12:61:b4:64:7b:ad:9b:4d:4d:55:d1:
aa:4e:62:de:43:79:4d:55:db:01:4d:ce:6f:df:05:
f2:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:6B:A1:DB:0E:43:24:A3:B7:67:C9:7E:99:E5:0E:F8:F2:C4:D1:62
X509v3 Authority Key Identifier:
keyid:78:FB:09:9A:A4:30:81:AC:83:95:EE:0B:90:CC:F1:A8:84:4F:8D:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ePsJmqQwgayDle4LkMzxqIRPjWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/cd17fe-e44a-4b98-9f1c-2d8a8d9669f8/1/lWuh2w5DJKO3Z8l-meUO-PLE0WI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/cd17fe-e44a-4b98-9f1c-2d8a8d9669f8/1/ePsJmqQwgayDle4LkMzxqIRPjWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.208.240.0/21
85.194.194.0/23
85.194.220.0/22
85.194.234.0/23
87.236.152.0/21
185.38.0.0/22
IPv6:
2a00:1d50::/32
Signature Algorithm: sha256WithRSAEncryption
83:64:0a:a4:4d:7a:70:db:60:34:fe:0c:97:5a:87:de:de:6a:
4b:05:1b:fd:f8:77:69:1c:3f:45:96:4f:2e:a1:bd:f6:87:0a:
00:11:5f:d2:8e:fa:4d:e5:63:bd:99:93:f2:d5:8e:51:1d:24:
eb:4b:88:50:3c:e3:a0:7a:9c:1b:da:7a:65:bf:aa:45:e5:a4:
b9:eb:ae:c9:29:c0:e7:a3:31:11:03:19:5a:ac:dc:9c:58:cf:
07:e0:fa:06:e9:3d:5e:d1:50:03:13:68:61:83:9c:2a:79:55:
f8:dc:83:14:f1:ad:f8:72:70:c5:c8:4d:7f:9e:43:4a:05:cb:
e5:c1:35:91:3e:67:5f:23:65:98:de:fb:5a:10:d5:15:bf:fb:
e5:b1:dd:27:e5:0f:cb:37:7f:a7:12:10:94:18:d9:0c:ef:c9:
dc:07:6b:72:79:41:5a:19:a9:ad:ce:52:40:7c:1c:5d:17:8a:
a9:4f:4f:1d:55:17:48:4f:a8:5e:d3:b2:af:c3:3b:a2:d7:5f:
87:cf:bc:33:5b:0f:87:b6:67:99:b1:79:09:16:fe:e2:02:47:
9a:70:a8:07:e8:45:eb:ae:b1:55:5a:ff:06:e4:f6:5e:91:d4:
98:bd:7c:8b:08:6d:b2:6c:c7:65:d9:03:ce:39:36:08:3d:f1:
b7:af:91:3e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIDAcAGMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc4
ZmIwOTlhYTQzMDgxYWM4Mzk1ZWUwYjkwY2NmMWE4ODQ0ZjhkNjQwHhcNMjIwMzE3
MTkyNDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5NTZiYTFkYjBlNDMy
NGEzYjc2N2M5N2U5OWU1MGVmOGYyYzRkMTYyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAk1JINi4SpdOFwDgJnzPv7himz/SnVRPuyO/FJ+rO+qqHaXDm
oYpiHXtyFu20eWn9s1RivCCcUFOviXkhS4kvPg1g+vPnusPTGSi1rJsP0qCOxS9l
OAz8kbVP9Pne4Mtl0FP2+HGY4N9c8jXDO3zmnTXHt4uuRWP0w0UY8Cue6hbCRpY2
YC3Jcl6/La6qde1SeVN1uZurAXt1sXvqx3/yS1wXzTpJMmnzieUvrflOHOh6fdLL
2wYhWgjSAEHMVHElqelyLUnWlYKEnnz/33WYZ8a6rSkZ3J7rdMvt1itKqhs98oG7
EmG0ZHutm01NVdGqTmLeQ3lNVdsBTc5v3wXyGwIDAQABo4ICNjCCAjIwHQYDVR0O
BBYEFJVrodsOQySjt2fJfpnlDvjyxNFiMB8GA1UdIwQYMBaAFHj7CZqkMIGsg5Xu
C5DM8aiET41kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZVBzSm1xUXdnYXlEbGU0TGtNenhxSVJQaldRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kOS9jZDE3ZmUtZTQ0YS00Yjk4LTlmMWMtMmQ4YThkOTY2OWY4LzEv
bFd1aDJ3NURKS08zWjhsLW1lVU8tUExFMFdJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9j
ZDE3ZmUtZTQ0YS00Yjk4LTlmMWMtMmQ4YThkOTY2OWY4LzEvZVBzSm1xUXdnYXlE
bGU0TGtNenhxSVJQaldRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEwG
CCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDUNDwAwQBVcLCAwQCVcLcAwQBVcLq
AwQDV+yYAwQCuSYAMA0EAgACMAcDBQAqAB1QMA0GCSqGSIb3DQEBCwUAA4IBAQCD
ZAqkTXpw22A0/gyXWofe3mpLBRv9+HdpHD9Flk8uob32hwoAEV/SjvpN5WO9mZPy
1Y5RHSTrS4hQPOOgepwb2nplv6pF5aS5667JKcDnozERAxlarNycWM8H4PoG6T1e
0VADE2hhg5wqeVX43IMU8a34cnDFyE1/nkNKBcvlwTWRPmdfI2WY3vtaENUVv/vl
sd0n5Q/LN3+nEhCUGNkM78ncB2tyeUFaGamtzlJAfBxdF4qpT08dVRdIT6he07Kv
wzui11+Hz7wzWw+HtmeZsXkJFv7iAkeacKgH6EXrrrFVWv8G5PZekdSYvXyLCG2y
bMdl2QPOOTYIPfG3r5E+
-----END CERTIFICATE-----
Generated at Mon Apr 28 12:26:42 2025 by rpki-client