Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/I9Qa1tqjc9zUm10la1MY2Km4X3U.roa
File: I9Qa1tqjc9zUm10la1MY2Km4X3U.roa (raw, json)
Hash identifier: fIbNTcCVo8GbeOOcr3BFYPD73D/dtjUbivGv/nsFCA4=
Subject key identifier: 23:D4:1A:D6:DA:A3:73:DC:D4:9B:5D:25:6B:53:18:D8:A9:B8:5F:75
Certificate issuer: /CN=63444210ea08ac529878d51917e3b30054d620d1
Certificate serial: 018857776E3C1837AB84F9F6BF30AED80204
Authority key identifier: 63:44:42:10:EA:08:AC:52:98:78:D5:19:17:E3:B3:00:54:D6:20:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y0RCEOoIrFKYeNUZF-OzAFTWINE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/I9Qa1tqjc9zUm10la1MY2Km4X3U.roa
Signing time: Fri 26 May 2023 09:50:24 +0000
ROA not before: Fri 26 May 2023 09:50:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30722
IP address blocks: 109.119.0.0/16 maxlen: 16
2.34.0.0/15 maxlen: 20
109.114.0.0/15 maxlen: 19
176.242.0.0/15 maxlen: 15
109.115.192.0/19 maxlen: 19
109.115.96.0/19 maxlen: 19
2.32.0.0/16 maxlen: 20
109.112.0.0/15 maxlen: 15
188.152.128.0/17 maxlen: 20
109.118.0.0/16 maxlen: 16
109.116.0.0/15 maxlen: 20
176.244.0.0/14 maxlen: 14
2.36.0.0/14 maxlen: 18
188.218.0.0/15 maxlen: 18
188.152.0.0/17 maxlen: 20
188.216.0.0/15 maxlen: 17
109.115.224.0/19 maxlen: 19
130.0.128.0/18 maxlen: 21
188.153.0.0/16 maxlen: 20
130.25.0.0/16 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:57:77:6e:3c:18:37:ab:84:f9:f6:bf:30:ae:d8:02:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63444210ea08ac529878d51917e3b30054d620d1
Validity
Not Before: May 26 09:50:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23d41ad6daa373dcd49b5d256b5318d8a9b85f75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0f:d0:fd:b2:53:51:b8:f9:c7:fb:62:17:0c:
43:9a:89:19:0e:fc:c0:a4:70:7b:c5:ce:9b:9c:da:
1f:4a:46:c9:13:b2:2e:3e:f2:32:c2:70:03:f4:a8:
22:04:9d:d2:a3:d6:f7:7f:f9:f4:b3:c5:c7:6b:d2:
34:4b:dc:fe:03:45:0f:67:6e:46:28:3a:da:f5:1b:
2e:aa:61:56:83:d7:93:ec:1a:43:b5:d7:70:26:ac:
30:f4:a9:ae:23:8a:43:99:8c:b5:4b:b8:12:87:b7:
f5:e0:03:11:9d:df:12:e6:58:56:64:b9:bd:06:01:
ba:c8:4c:5e:e8:f9:12:3e:74:b6:e4:6c:d0:b5:5e:
9e:0d:48:d6:aa:6e:9f:b4:f5:a6:35:f4:ab:0f:73:
85:4d:59:a4:bb:d6:f8:7c:26:97:ce:f5:db:c3:ff:
54:8a:76:eb:4b:60:1a:62:0d:c8:e0:a2:0c:df:c7:
26:cc:27:06:b1:42:b7:21:35:e8:d3:d4:91:b9:a8:
d3:df:3e:48:61:23:05:89:16:63:ed:4f:01:ce:81:
a2:59:1c:ac:6b:eb:fa:9a:f7:87:6a:8e:70:b2:57:
73:f3:ee:13:2c:63:a1:59:84:f3:4d:7f:6c:bd:df:
56:04:63:05:96:db:2e:0d:e0:b9:30:e4:74:eb:94:
10:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:D4:1A:D6:DA:A3:73:DC:D4:9B:5D:25:6B:53:18:D8:A9:B8:5F:75
X509v3 Authority Key Identifier:
keyid:63:44:42:10:EA:08:AC:52:98:78:D5:19:17:E3:B3:00:54:D6:20:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y0RCEOoIrFKYeNUZF-OzAFTWINE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/I9Qa1tqjc9zUm10la1MY2Km4X3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/Y0RCEOoIrFKYeNUZF-OzAFTWINE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.32.0.0/16
2.34.0.0-2.39.255.255
109.112.0.0/13
130.0.128.0/18
130.25.0.0/16
176.242.0.0-176.247.255.255
188.152.0.0/15
188.216.0.0/14
Signature Algorithm: sha256WithRSAEncryption
12:10:9f:2a:2a:0b:dd:75:9c:db:ca:d7:2f:23:8b:10:f6:40:
ac:f7:4a:98:31:47:7e:49:2a:23:93:1c:14:77:54:ad:68:67:
50:81:ef:ca:42:31:cf:e8:bd:dd:53:8d:5b:e5:9d:5e:b6:15:
3e:d0:bc:68:ee:3b:cd:e7:b5:a0:de:8f:26:d8:9c:a7:3d:2c:
74:ad:4d:23:ba:57:5e:59:32:d9:f1:dc:92:f9:4c:ed:70:5c:
d3:f1:7b:03:f1:ac:35:c1:54:78:63:29:6c:cd:4b:95:7c:c1:
1a:fe:8d:54:cc:f3:da:5b:fa:5a:79:57:32:a2:9d:4a:54:01:
6f:3b:e2:02:8d:f8:ee:60:1e:e2:99:77:5c:ae:89:75:cb:8b:
cb:00:3f:69:03:b4:a5:8f:ec:5c:08:db:63:e8:d1:99:8c:88:
94:ca:76:25:89:34:47:58:e5:da:c6:e0:8e:8d:9e:86:b9:b5:
97:bd:b1:58:62:0e:88:31:2e:3b:34:4f:18:71:a6:da:55:ca:
1a:0a:47:74:d9:05:e7:5d:bc:4e:ed:c6:db:c1:c4:07:a3:1a:
c4:4e:6e:c6:65:b1:f5:83:37:c7:92:9b:c1:03:cd:87:6b:d4:
43:c7:94:74:c4:13:ef:44:e0:bc:46:5f:db:6d:24:3c:75:64:
3f:e2:bf:f8
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYhXd248GDerhPn2vzCu2AIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNDQ0MjEwZWEwOGFjNTI5ODc4ZDUxOTE3ZTNiMzAwNTRk
NjIwZDEwHhcNMjMwNTI2MDk1MDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2Q0MWFkNmRhYTM3M2RjZDQ5YjVkMjU2YjUzMThkOGE5Yjg1Zjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjg/Q/bJTUbj5x/tiFwxDmokZDvzA
pHB7xc6bnNofSkbJE7IuPvIywnAD9KgiBJ3So9b3f/n0s8XHa9I0S9z+A0UPZ25G
KDra9RsuqmFWg9eT7BpDtddwJqww9KmuI4pDmYy1S7gSh7f14AMRnd8S5lhWZLm9
BgG6yExe6PkSPnS25GzQtV6eDUjWqm6ftPWmNfSrD3OFTVmku9b4fCaXzvXbw/9U
inbrS2AaYg3I4KIM38cmzCcGsUK3ITXo09SRuajT3z5IYSMFiRZj7U8BzoGiWRys
a+v6mveHao5wsldz8+4TLGOhWYTzTX9svd9WBGMFltsuDeC5MOR065QQHQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFCPUGtbao3Pc1JtdJWtTGNipuF91MB8GA1UdIwQY
MBaAFGNEQhDqCKxSmHjVGRfjswBU1iDRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTBSQ0VPb0lyRktZZU5VWkYtT3pBRlRXSU5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lZGVhNmUtNjZjYy00ZmIxLWE0NTQt
ZmU4MzdmOThlMDI2LzEvSTlRYTF0cWpjOXpVbTEwbGExTVkyS200WDNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lZGVhNmUtNjZjYy00ZmIxLWE0NTQtZmU4MzdmOThlMDI2
LzEvWTBSQ0VPb0lyRktZZU5VWkYtT3pBRlRXSU5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzA9BAIAATA3AwMAAiAwCgMD
AQIiAwMDAiADAwNtcAMEBoIAgAMDAIIZMAoDAwGw8gMDA7DwAwMBvJgDAwK82DAN
BgkqhkiG9w0BAQsFAAOCAQEAEhCfKioL3XWc28rXLyOLEPZArPdKmDFHfkkqI5Mc
FHdUrWhnUIHvykIxz+i93VONW+WdXrYVPtC8aO47zee1oN6PJticpz0sdK1NI7pX
Xlky2fHckvlM7XBc0/F7A/GsNcFUeGMpbM1LlXzBGv6NVMzz2lv6WnlXMqKdSlQB
bzviAo347mAe4pl3XK6JdcuLywA/aQO0pY/sXAjbY+jRmYyIlMp2JYk0R1jl2sbg
jo2ehrm1l72xWGIOiDEuOzRPGHGm2lXKGgpHdNkF5128Tu3G28HEB6MaxE5uxmWx
9YM3x5KbwQPNh2vUQ8eUdMQT70TgvEZf220kPHVkP+K/+A==
-----END CERTIFICATE-----
Generated at Fri May 9 13:54:20 2025 by rpki-client