Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/f0R2YdEz5WMQuECF_QapFyMvdso.roa
File: f0R2YdEz5WMQuECF_QapFyMvdso.roa (raw, json)
Hash identifier: 8On4abed+okpSAkkq9lqvq/3MwdgWe/w/nI4wkulrwQ=
Subject key identifier: 7F:44:76:61:D1:33:E5:63:10:B8:40:85:FD:06:A9:17:23:2F:76:CA
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 018679A3B4F54C0A547FF796F5CD83D660C4
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/f0R2YdEz5WMQuECF_QapFyMvdso.roa
Signing time: Wed 22 Feb 2023 15:00:17 +0000
ROA not before: Wed 22 Feb 2023 15:00:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 88.218.101.0/24 maxlen: 24
88.218.102.0/23 maxlen: 23
88.218.100.0/24 maxlen: 24
141.98.240.0/24 maxlen: 24
195.206.108.0/24 maxlen: 24
195.206.109.0/24 maxlen: 24
193.31.72.0/24 maxlen: 24
193.31.73.0/24 maxlen: 24
193.31.75.0/24 maxlen: 24
85.209.218.0/23 maxlen: 23
85.209.216.0/24 maxlen: 24
139.28.138.0/23 maxlen: 23
139.28.137.0/24 maxlen: 24
45.84.44.0/24 maxlen: 24
194.5.0.0/22 maxlen: 22
45.84.45.0/24 maxlen: 24
45.84.47.0/24 maxlen: 24
141.98.241.0/24 maxlen: 24
141.98.242.0/23 maxlen: 23
194.124.52.0/22 maxlen: 22
85.8.188.0/24 maxlen: 24
85.8.189.0/24 maxlen: 24
85.8.190.0/23 maxlen: 23
45.11.236.0/22 maxlen: 22
92.119.180.0/24 maxlen: 24
92.119.181.0/24 maxlen: 24
45.157.74.0/23 maxlen: 23
45.14.72.0/24 maxlen: 24
5.182.100.0/24 maxlen: 24
5.182.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:79:a3:b4:f5:4c:0a:54:7f:f7:96:f5:cd:83:d6:60:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Feb 22 15:00:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f447661d133e56310b84085fd06a917232f76ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d8:97:ef:99:7f:63:4b:08:df:43:22:dd:6f:
7a:eb:22:ad:1a:4a:6e:9c:00:85:21:93:d9:61:e5:
24:18:7f:36:3d:3f:bc:2e:f2:de:73:32:9c:4a:67:
43:c5:f2:66:c3:0f:85:c6:20:7f:cf:01:af:69:87:
70:3d:48:4e:b5:ff:e1:68:bb:23:12:ba:ec:e6:eb:
15:be:23:5b:ee:92:75:5c:b8:1a:71:35:cd:9c:d8:
74:c9:80:d5:79:a4:25:c2:1b:a0:1d:d6:76:2f:9a:
ac:fd:56:5e:b4:e3:63:6c:66:12:b8:46:66:1b:b8:
74:ad:4f:c4:82:49:68:d9:dc:cf:6a:e8:97:7f:ce:
44:e8:8d:eb:67:12:83:91:79:42:1f:64:42:7f:f1:
56:df:f4:39:3f:32:dd:70:83:79:d3:d4:b5:34:14:
97:ed:36:94:37:17:50:e3:83:ea:7a:11:31:7b:19:
b0:9f:1c:f8:c7:8e:22:98:ef:4c:f7:b3:34:f4:16:
82:1e:a4:b8:13:01:bb:5a:38:e7:d3:06:2f:09:ad:
58:09:32:34:d3:49:f0:c8:17:a3:07:2c:b3:b2:f6:
b7:f9:1d:3f:c8:aa:8e:c0:dd:c2:dc:1b:62:55:30:
82:ef:4a:2a:5b:11:f4:fc:70:0c:f6:c0:e5:21:b0:
ae:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:44:76:61:D1:33:E5:63:10:B8:40:85:FD:06:A9:17:23:2F:76:CA
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/f0R2YdEz5WMQuECF_QapFyMvdso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.100.0/24
5.182.103.0/24
45.11.236.0/22
45.14.72.0/24
45.84.44.0/23
45.84.47.0/24
45.157.74.0/23
85.8.188.0/22
85.209.216.0/24
85.209.218.0/23
88.218.100.0/22
92.119.180.0/23
139.28.137.0-139.28.139.255
141.98.240.0/22
193.31.72.0/23
193.31.75.0/24
194.5.0.0/22
194.124.52.0/22
195.206.108.0/23
Signature Algorithm: sha256WithRSAEncryption
11:9f:4b:f2:eb:25:f9:83:49:31:e5:70:0b:09:04:cb:c5:7a:
a9:1e:af:77:07:43:85:c3:17:9e:9f:2b:c2:51:5b:22:1d:93:
1d:9a:85:fe:64:98:f4:73:6e:2a:86:a3:6c:15:6c:66:42:13:
1b:90:52:80:2e:e1:87:29:ba:f5:53:ad:24:7c:54:cc:f2:60:
f4:87:3c:12:5d:ce:76:0b:9d:9e:eb:5b:22:ad:dc:13:ec:fd:
b1:36:8a:e6:50:ef:2f:e5:7a:26:3f:cb:fd:2d:41:3b:64:60:
0e:1e:33:a1:dc:39:5e:63:cd:12:23:e3:2c:39:e9:da:4d:6a:
13:ad:41:29:07:e8:04:ef:ac:f7:ed:09:7e:04:d6:64:97:ea:
8d:e3:ac:88:13:ac:ea:50:a6:86:a2:6e:d8:6d:50:a0:b8:ed:
a3:f6:a1:64:61:09:24:88:43:75:fe:8d:48:21:c0:52:51:4a:
13:b0:95:93:2e:d6:12:a8:1b:06:66:91:8d:05:ea:1f:6c:3d:
9e:cd:a2:7b:2b:39:02:10:f2:70:10:65:87:86:a4:a2:dd:58:
fe:2b:9c:35:33:ac:60:11:d1:f6:d2:f0:ec:a9:e0:71:0d:a4:
2e:61:b2:e3:38:a6:bb:e1:18:ef:a6:2b:73:c0:28:85:b2:c3:
5c:ec:f1:88
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYZ5o7T1TApUf/eW9c2D1mDEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjMwMjIyMTUwMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjQ0NzY2MWQxMzNlNTYzMTBiODQwODVmZDA2YTkxNzIzMmY3NmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtiX75l/Y0sI30Mi3W966yKtGkpu
nACFIZPZYeUkGH82PT+8LvLeczKcSmdDxfJmww+FxiB/zwGvaYdwPUhOtf/haLsj
Errs5usVviNb7pJ1XLgacTXNnNh0yYDVeaQlwhugHdZ2L5qs/VZetONjbGYSuEZm
G7h0rU/Egklo2dzPauiXf85E6I3rZxKDkXlCH2RCf/FW3/Q5PzLdcIN509S1NBSX
7TaUNxdQ44PqehExexmwnxz4x44imO9M97M09BaCHqS4EwG7Wjjn0wYvCa1YCTI0
00nwyBejByyzsva3+R0/yKqOwN3C3BtiVTCC70oqWxH0/HAM9sDlIbCuqQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFH9EdmHRM+VjELhAhf0GqRcjL3bKMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZjBSMllkRXo1V01RdUVDRl9RYXBGeU12ZHNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAAW2
ZAMEAAW2ZwMEAi0L7AMEAC0OSAMEAS1ULAMEAC1ULwMEAS2dSgMEAlUIvAMEAFXR
2AMEAVXR2gMEAljaZAMEAVx3tDAMAwQAixyJAwQCixyIAwQCjWLwAwQBwR9IAwQA
wR9LAwQCwgUAAwQCwnw0AwQBw85sMA0GCSqGSIb3DQEBCwUAA4IBAQARn0vy6yX5
g0kx5XALCQTLxXqpHq93B0OFwxeenyvCUVsiHZMdmoX+ZJj0c24qhqNsFWxmQhMb
kFKALuGHKbr1U60kfFTM8mD0hzwSXc52C52e61sirdwT7P2xNormUO8v5XomP8v9
LUE7ZGAOHjOh3DleY80SI+MsOenaTWoTrUEpB+gE76z37Ql+BNZkl+qN46yIE6zq
UKaGom7YbVCguO2j9qFkYQkkiEN1/o1IIcBSUUoTsJWTLtYSqBsGZpGNBeofbD2e
zaJ7KzkCEPJwEGWHhqSi3Vj+K5w1M6xgEdH20vDsqeBxDaQuYbLjOKa74Rjvpitz
wCiFssNc7PGI
-----END CERTIFICATE-----
Generated at Mon May 5 21:31:13 2025 by rpki-client