Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/0954b3-280a-4ca6-b84d-311304a9a211/1/t8WMuBziOav2DGPuQYCWNzmBCAM.roa
File: t8WMuBziOav2DGPuQYCWNzmBCAM.roa (raw, json)
Hash identifier: EQA9qVlx/dSS77QLGsaaoQzo7DcnUc5wOgv+H30T3j8=
Subject key identifier: B7:C5:8C:B8:1C:E2:39:AB:F6:0C:63:EE:41:80:96:37:39:81:08:03
Certificate issuer: /CN=ee024e46a746bf3b3af3dec081ce7ebc441100a3
Certificate serial: 018570B081224FC98B54C27850C71B2AFC44
Authority key identifier: EE:02:4E:46:A7:46:BF:3B:3A:F3:DE:C0:81:CE:7E:BC:44:11:00:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7gJORqdGvzs6897Agc5-vEQRAKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/0954b3-280a-4ca6-b84d-311304a9a211/1/t8WMuBziOav2DGPuQYCWNzmBCAM.roa
Signing time: Mon 02 Jan 2023 04:14:53 +0000
ROA not before: Mon 02 Jan 2023 04:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21385
IP address blocks: 185.55.120.0/22 maxlen: 22
86.110.64.0/19 maxlen: 19
81.92.160.0/20 maxlen: 20
212.82.160.0/19 maxlen: 19
217.151.80.0/20 maxlen: 20
193.110.24.0/22 maxlen: 22
2001:1b18::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:81:22:4f:c9:8b:54:c2:78:50:c7:1b:2a:fc:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee024e46a746bf3b3af3dec081ce7ebc441100a3
Validity
Not Before: Jan 2 04:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7c58cb81ce239abf60c63ee4180963739810803
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:5a:fd:38:21:7c:fa:cb:19:dc:f4:dd:1c:22:
65:5c:d6:8c:3b:3a:3a:a7:d2:ec:c7:38:3e:d0:25:
c6:d5:cc:11:db:61:19:21:06:14:4a:d7:11:b3:48:
aa:47:9e:37:0d:12:93:16:c7:4f:36:16:be:66:bb:
e7:d2:33:87:08:9f:a2:e9:8e:64:47:00:60:73:33:
c4:89:32:00:5d:70:c1:e0:df:12:c4:51:1a:5d:83:
f0:50:79:d4:72:04:bc:ab:4f:95:0d:71:65:0e:9d:
ed:87:04:b8:9f:de:10:9e:5d:39:97:26:24:e3:bc:
db:54:bf:5f:0a:c6:0f:c1:73:25:cd:c5:37:f4:ee:
ca:ab:ef:cd:4c:0a:9f:6c:6c:34:8b:13:4a:97:e8:
bd:a7:a6:7f:fa:7f:58:2f:32:f9:24:2d:71:e7:99:
3c:53:83:79:22:22:61:a7:69:d8:2b:1a:dc:16:97:
ae:13:db:1a:37:bf:ba:5b:6c:1f:d5:57:f3:7c:f7:
7d:00:81:5a:cd:63:de:7e:5f:37:a1:88:f8:79:06:
6a:1a:13:25:a5:35:6b:56:3a:c4:3b:f1:38:f3:33:
be:e1:29:16:28:b0:a5:6b:49:e1:82:9c:7d:88:d9:
9a:2a:8c:b9:44:73:cd:53:9d:55:02:44:34:a2:f1:
35:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:C5:8C:B8:1C:E2:39:AB:F6:0C:63:EE:41:80:96:37:39:81:08:03
X509v3 Authority Key Identifier:
keyid:EE:02:4E:46:A7:46:BF:3B:3A:F3:DE:C0:81:CE:7E:BC:44:11:00:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gJORqdGvzs6897Agc5-vEQRAKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0954b3-280a-4ca6-b84d-311304a9a211/1/t8WMuBziOav2DGPuQYCWNzmBCAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0954b3-280a-4ca6-b84d-311304a9a211/1/7gJORqdGvzs6897Agc5-vEQRAKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.92.160.0/20
86.110.64.0/19
185.55.120.0/22
193.110.24.0/22
212.82.160.0/19
217.151.80.0/20
IPv6:
2001:1b18::/32
Signature Algorithm: sha256WithRSAEncryption
95:41:cc:ac:a9:9b:09:9d:ac:b3:17:89:ae:14:90:6a:e0:6b:
3c:14:6f:df:0d:de:90:e9:d6:5d:43:c5:fc:2f:e5:51:35:e1:
a5:55:a7:f8:aa:d2:c1:75:4b:4f:73:18:5b:cd:ee:e5:47:9c:
62:af:2f:6d:d1:8a:c7:55:dc:18:50:ad:56:0b:95:cf:0b:99:
68:6f:5d:da:05:d4:a1:5a:bd:15:61:09:58:3f:f9:91:9d:c6:
e2:ba:df:83:84:d1:8a:50:6e:7d:af:11:47:eb:da:1a:3b:49:
9d:9b:17:f6:b4:29:5e:fb:7f:38:71:a8:61:16:ec:31:21:16:
3f:9f:fe:f4:2a:07:a0:3e:21:05:7c:ca:5a:d9:fb:5e:bb:ea:
2e:ad:1c:66:6a:59:ca:25:82:e9:30:07:49:03:a2:be:3c:76:
61:b9:6a:0f:ae:36:53:c6:f7:35:b7:92:3c:f9:51:51:8e:4e:
66:dd:c1:a8:b7:69:c4:18:55:3a:51:cc:33:08:1c:4d:a1:1f:
8c:f4:ea:17:38:e9:c6:42:4d:80:ed:7e:b4:83:db:bf:c0:f4:
4c:5e:98:17:e5:67:1e:8e:97:9f:53:53:7f:12:c5:d5:f1:80:
85:35:4c:20:08:97:e3:ba:7d:df:54:8b:5f:3d:bc:2f:ed:f6:
35:70:ee:5e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVwsIEiT8mLVMJ4UMcbKvxEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMDI0ZTQ2YTc0NmJmM2IzYWYzZGVjMDgxY2U3ZWJjNDQx
MTAwYTMwHhcNMjMwMTAyMDQxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2M1OGNiODFjZTIzOWFiZjYwYzYzZWU0MTgwOTYzNzM5ODEwODAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglr9OCF8+ssZ3PTdHCJlXNaMOzo6
p9Lsxzg+0CXG1cwR22EZIQYUStcRs0iqR543DRKTFsdPNha+Zrvn0jOHCJ+i6Y5k
RwBgczPEiTIAXXDB4N8SxFEaXYPwUHnUcgS8q0+VDXFlDp3thwS4n94Qnl05lyYk
47zbVL9fCsYPwXMlzcU39O7Kq+/NTAqfbGw0ixNKl+i9p6Z/+n9YLzL5JC1x55k8
U4N5IiJhp2nYKxrcFpeuE9saN7+6W2wf1VfzfPd9AIFazWPefl83oYj4eQZqGhMl
pTVrVjrEO/E48zO+4SkWKLCla0nhgpx9iNmaKoy5RHPNU51VAkQ0ovE1GQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLfFjLgc4jmr9gxj7kGAljc5gQgDMB8GA1UdIwQY
MBaAFO4CTkanRr87OvPewIHOfrxEEQCjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2dKT1JxZEd2enM2ODk3QWdjNS12RVFSQUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8wOTU0YjMtMjgwYS00Y2E2LWI4NGQt
MzExMzA0YTlhMjExLzEvdDhXTXVCemlPYXYyREdQdVFZQ1dOem1CQ0FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8wOTU0YjMtMjgwYS00Y2E2LWI4NGQtMzExMzA0YTlhMjEx
LzEvN2dKT1JxZEd2enM2ODk3QWdjNS12RVFSQUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEUVygAwQF
Vm5AAwQCuTd4AwQCwW4YAwQF1FKgAwQE2ZdQMA0EAgACMAcDBQAgARsYMA0GCSqG
SIb3DQEBCwUAA4IBAQCVQcysqZsJnayzF4muFJBq4Gs8FG/fDd6Q6dZdQ8X8L+VR
NeGlVaf4qtLBdUtPcxhbze7lR5xiry9t0YrHVdwYUK1WC5XPC5lob13aBdShWr0V
YQlYP/mRncbiut+DhNGKUG59rxFH69oaO0mdmxf2tCle+384cahhFuwxIRY/n/70
KgegPiEFfMpa2fteu+ourRxmalnKJYLpMAdJA6K+PHZhuWoPrjZTxvc1t5I8+VFR
jk5m3cGot2nEGFU6UcwzCBxNoR+M9OoXOOnGQk2A7X60g9u/wPRMXpgX5Wcejpef
U1N/EsXV8YCFNUwgCJfjun3fVItfPbwv7fY1cO5e
-----END CERTIFICATE-----
Generated at Fri May 9 01:01:55 2025 by rpki-client