Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/Axb4glOby1zG_aISMe2450aRcDs.roa
File: Axb4glOby1zG_aISMe2450aRcDs.roa (raw, json)
Hash identifier: Crk002kxeMq5alcCRXnuNMqjCW/oyeMR4kIgGO48SNA=
Subject key identifier: 03:16:F8:82:53:9B:CB:5C:C6:FD:A2:12:31:ED:B8:E7:46:91:70:3B
Certificate issuer: /CN=666034ca6a16bbd0144abdf5cf2458f968b1589c
Certificate serial: 018C5827506CFFC23A9BB7505979A66D5032
Authority key identifier: 66:60:34:CA:6A:16:BB:D0:14:4A:BD:F5:CF:24:58:F9:68:B1:58:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/Axb4glOby1zG_aISMe2450aRcDs.roa
Signing time: Mon 11 Dec 2023 09:13:40 +0000
ROA not before: Mon 11 Dec 2023 09:13:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34170
IP address blocks: 158.181.36.0/24 maxlen: 24
158.181.37.0/24 maxlen: 24
158.181.35.0/24 maxlen: 24
158.181.38.0/24 maxlen: 24
158.181.33.0/24 maxlen: 24
158.181.34.0/24 maxlen: 24
158.181.32.0/24 maxlen: 24
158.181.39.0/24 maxlen: 24
158.181.44.0/23 maxlen: 23
158.181.46.0/23 maxlen: 23
80.69.48.0/24 maxlen: 24
80.69.50.0/24 maxlen: 24
80.69.51.0/24 maxlen: 24
80.69.49.0/24 maxlen: 24
80.69.57.0/24 maxlen: 24
80.69.58.0/24 maxlen: 24
80.69.56.0/24 maxlen: 24
80.69.54.0/24 maxlen: 24
80.69.55.0/24 maxlen: 24
80.69.52.0/24 maxlen: 24
80.69.53.0/24 maxlen: 24
80.69.61.0/24 maxlen: 24
80.69.62.0/24 maxlen: 24
80.69.59.0/24 maxlen: 24
80.69.60.0/24 maxlen: 24
80.69.63.0/24 maxlen: 24
92.39.92.0/24 maxlen: 24
92.39.95.0/24 maxlen: 24
92.39.93.0/24 maxlen: 24
92.39.94.0/24 maxlen: 24
92.39.88.0/24 maxlen: 24
92.39.91.0/24 maxlen: 24
92.39.89.0/24 maxlen: 24
92.39.90.0/24 maxlen: 24
91.135.240.0/24 maxlen: 24
91.135.241.0/24 maxlen: 24
91.135.244.0/24 maxlen: 24
91.135.245.0/24 maxlen: 24
91.135.242.0/24 maxlen: 24
91.135.243.0/24 maxlen: 24
91.135.246.0/24 maxlen: 24
91.135.248.0/24 maxlen: 24
91.135.247.0/24 maxlen: 24
91.135.251.0/24 maxlen: 24
91.135.252.0/24 maxlen: 24
91.135.249.0/24 maxlen: 24
91.135.250.0/24 maxlen: 24
91.135.253.0/24 maxlen: 24
91.135.255.0/24 maxlen: 24
91.135.254.0/24 maxlen: 24
185.105.198.0/24 maxlen: 24
185.105.199.0/24 maxlen: 24
185.105.196.0/24 maxlen: 24
185.105.197.0/24 maxlen: 24
212.47.152.0/24 maxlen: 24
212.47.154.0/24 maxlen: 24
212.47.157.0/24 maxlen: 24
212.47.158.0/24 maxlen: 24
212.47.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:58:27:50:6c:ff:c2:3a:9b:b7:50:59:79:a6:6d:50:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=666034ca6a16bbd0144abdf5cf2458f968b1589c
Validity
Not Before: Dec 11 09:13:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0316f882539bcb5cc6fda21231edb8e74691703b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:18:95:b5:19:e6:25:b1:29:29:99:1d:59:d2:
ef:c8:e0:e4:f6:fe:9a:03:cb:7a:42:ae:7e:89:de:
59:5f:75:d5:70:85:14:f5:f2:27:e8:d0:18:68:5d:
c0:41:7d:3c:29:a7:a0:eb:1a:9c:fa:2c:eb:ab:8b:
1d:40:05:99:c3:f6:33:d4:bd:29:8e:58:d2:a2:6c:
ed:79:9a:71:31:ff:29:a8:cd:e0:51:40:72:aa:e1:
51:a0:4e:5c:be:ea:7a:a9:62:19:99:7d:53:3c:f0:
b1:80:e2:60:01:68:d4:67:de:f9:c3:bb:84:70:a2:
5f:5c:35:84:3c:22:5b:e7:1c:ed:16:79:ef:17:a9:
e3:2b:f7:52:f4:35:4e:c3:36:ef:83:e2:7b:bb:f7:
16:13:d0:1e:4c:93:e8:3a:5c:e1:ea:47:6f:a7:b1:
54:e0:c8:28:1f:06:0a:7a:7d:3b:c7:f9:c9:64:88:
56:d8:11:1e:0a:aa:af:ab:07:46:fc:1c:33:e4:52:
ae:79:46:e5:11:e8:96:47:0d:d4:00:59:b7:3a:84:
e8:56:87:2f:cb:7d:a9:5a:80:a2:6e:aa:b6:c3:a8:
3b:40:f3:dc:27:2c:fa:85:8a:1e:c9:dd:8b:87:0c:
b8:7d:52:e5:49:43:83:4f:48:ee:d5:b1:b5:8b:19:
de:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:16:F8:82:53:9B:CB:5C:C6:FD:A2:12:31:ED:B8:E7:46:91:70:3B
X509v3 Authority Key Identifier:
keyid:66:60:34:CA:6A:16:BB:D0:14:4A:BD:F5:CF:24:58:F9:68:B1:58:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/Axb4glOby1zG_aISMe2450aRcDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/ZmA0ymoWu9AUSr31zyRY-WixWJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.69.48.0/20
91.135.240.0/20
92.39.88.0/21
158.181.32.0/21
158.181.44.0/22
185.105.196.0/22
212.47.152.0/24
212.47.154.0/24
212.47.157.0-212.47.159.255
Signature Algorithm: sha256WithRSAEncryption
99:19:d4:5f:b5:80:10:1b:6d:28:7a:6d:e7:85:5a:c4:11:7a:
04:0d:71:d8:47:63:c7:1a:30:5d:fc:ae:aa:29:7f:21:db:d1:
47:90:ca:54:a4:4b:44:c8:28:02:2f:13:97:ba:58:fc:af:64:
a1:8d:3f:90:db:96:d1:5d:75:7b:d3:6f:d5:81:ca:c2:93:fc:
00:20:77:57:9a:09:0c:6e:ab:9d:59:5c:2b:f2:0c:4b:51:0f:
05:90:5c:8f:27:e5:4d:f9:13:e6:14:2a:27:b4:ca:a2:16:04:
05:13:93:3e:58:4f:b7:b0:93:35:c8:a4:81:14:1f:c4:61:7b:
d9:31:94:64:35:ed:67:97:28:e5:40:4b:d2:24:86:75:65:aa:
58:c1:2d:d9:f1:23:19:bc:c0:66:03:70:88:fe:54:e6:f7:71:
fc:e6:87:c5:b7:1f:c2:fb:01:25:ec:f4:19:5e:00:67:b0:a3:
94:e1:6a:6d:8b:78:03:98:0d:0a:b2:13:f7:44:3c:d0:5c:e1:
51:ac:85:b4:29:a7:c9:09:93:b8:f6:ee:31:11:c5:c4:05:ce:
c0:33:e7:50:b8:3c:a8:2e:60:d5:44:49:69:bb:06:15:4f:85:
4d:8c:fd:70:74:76:e7:8f:0c:91:a3:e6:06:42:41:23:5b:0d:
62:f0:5b:7a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYxYJ1Bs/8I6m7dQWXmmbVAyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NjAzNGNhNmExNmJiZDAxNDRhYmRmNWNmMjQ1OGY5Njhi
MTU4OWMwHhcNMjMxMjExMDkxMzQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzE2Zjg4MjUzOWJjYjVjYzZmZGEyMTIzMWVkYjhlNzQ2OTE3MDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRiVtRnmJbEpKZkdWdLvyODk9v6a
A8t6Qq5+id5ZX3XVcIUU9fIn6NAYaF3AQX08Kaeg6xqc+izrq4sdQAWZw/Yz1L0p
jljSomzteZpxMf8pqM3gUUByquFRoE5cvup6qWIZmX1TPPCxgOJgAWjUZ975w7uE
cKJfXDWEPCJb5xztFnnvF6njK/dS9DVOwzbvg+J7u/cWE9AeTJPoOlzh6kdvp7FU
4MgoHwYKen07x/nJZIhW2BEeCqqvqwdG/Bwz5FKueUblEeiWRw3UAFm3OoToVocv
y32pWoCibqq2w6g7QPPcJyz6hYoeyd2Lhwy4fVLlSUODT0ju1bG1ixnefwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFAMW+IJTm8tcxv2iEjHtuOdGkXA7MB8GA1UdIwQY
MBaAFGZgNMpqFrvQFEq99c8kWPlosVicMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm1BMHltb1d1OUFVU3IzMXp5UlktV2l4V0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNGI3MzMtMjlhZC00ZDU2LWI5ZDIt
NWQ0OGJjZDdjMWRjLzEvQXhiNGdsT2J5MXpHX2FJU01lMjQ1MGFSY0RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mNGI3MzMtMjlhZC00ZDU2LWI5ZDItNWQ0OGJjZDdjMWRj
LzEvWm1BMHltb1d1OUFVU3IzMXp5UlktV2l4V0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQEUEUwAwQE
W4fwAwQDXCdYAwQDnrUgAwQCnrUsAwQCuWnEAwQA1C+YAwQA1C+aMAwDBADUL50D
BAXUL4AwDQYJKoZIhvcNAQELBQADggEBAJkZ1F+1gBAbbSh6beeFWsQRegQNcdhH
Y8caMF38rqopfyHb0UeQylSkS0TIKAIvE5e6WPyvZKGNP5DbltFddXvTb9WBysKT
/AAgd1eaCQxuq51ZXCvyDEtRDwWQXI8n5U35E+YUKie0yqIWBAUTkz5YT7ewkzXI
pIEUH8Rhe9kxlGQ17WeXKOVAS9IkhnVlqljBLdnxIxm8wGYDcIj+VOb3cfzmh8W3
H8L7ASXs9BleAGewo5Tham2LeAOYDQqyE/dEPNBc4VGshbQpp8kJk7j27jERxcQF
zsAz51C4PKguYNVESWm7BhVPhU2M/XB0duePDJGj5gZCQSNbDWLwW3o=
-----END CERTIFICATE-----
Generated at Sat May 10 09:48:29 2025 by rpki-client