Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/suIho42nU8yPHSPyAWv2S8vJIrU.roa
File: suIho42nU8yPHSPyAWv2S8vJIrU.roa (raw, json)
Hash identifier: b3VPfntMoulyfBNZAAvHXmqh32CqtiXMMtrUyfy5st8=
Subject key identifier: B2:E2:21:A3:8D:A7:53:CC:8F:1D:23:F2:01:6B:F6:4B:CB:C9:22:B5
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 018A451C1C7C5D30C3CA6C4234E33CF2BABB
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/suIho42nU8yPHSPyAWv2S8vJIrU.roa
Signing time: Wed 30 Aug 2023 06:23:04 +0000
ROA not before: Wed 30 Aug 2023 06:23:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42473
IP address blocks: 185.228.148.0/22 maxlen: 22
37.235.4.0/24 maxlen: 24
37.235.3.0/24 maxlen: 24
37.235.5.0/24 maxlen: 24
185.2.176.0/22 maxlen: 32
144.208.192.0/18 maxlen: 32
144.208.205.0/24 maxlen: 24
144.208.206.0/24 maxlen: 24
144.208.212.0/22 maxlen: 32
144.208.207.0/24 maxlen: 24
178.255.152.0/21 maxlen: 32
94.16.125.0/24 maxlen: 24
94.16.126.0/24 maxlen: 24
193.33.114.0/23 maxlen: 32
176.123.54.0/23 maxlen: 23
213.227.160.0/19 maxlen: 32
194.1.206.0/24 maxlen: 32
185.116.97.0/24 maxlen: 24
185.116.98.0/24 maxlen: 24
185.116.96.0/24 maxlen: 24
185.116.99.0/24 maxlen: 24
188.172.230.0/23 maxlen: 23
217.146.0.0/19 maxlen: 24
188.172.249.0/24 maxlen: 24
188.172.247.0/24 maxlen: 24
188.172.254.0/24 maxlen: 24
45.132.61.0/24 maxlen: 24
45.132.62.0/23 maxlen: 24
185.81.206.0/24 maxlen: 24
188.172.192.0/18 maxlen: 32
185.81.209.0/24 maxlen: 24
188.172.208.0/24 maxlen: 24
188.65.72.0/21 maxlen: 32
37.252.226.0/24 maxlen: 24
37.252.224.0/19 maxlen: 32
37.252.228.0/24 maxlen: 32
37.252.234.0/24 maxlen: 24
37.252.243.0/24 maxlen: 24
37.252.253.0/24 maxlen: 24
37.252.251.0/24 maxlen: 24
185.50.232.0/23 maxlen: 23
185.50.235.0/24 maxlen: 24
144.208.216.0/24 maxlen: 24
144.208.219.0/24 maxlen: 24
144.208.217.0/24 maxlen: 24
144.208.226.0/24 maxlen: 24
144.208.224.0/24 maxlen: 24
144.208.225.0/24 maxlen: 24
144.208.223.0/24 maxlen: 24
144.208.221.0/24 maxlen: 24
144.208.222.0/24 maxlen: 24
144.208.229.0/24 maxlen: 24
144.208.230.0/24 maxlen: 24
144.208.228.0/24 maxlen: 24
144.208.233.0/24 maxlen: 24
144.208.232.0/24 maxlen: 24
144.208.235.0/24 maxlen: 24
144.208.244.0/24 maxlen: 24
2a00:11c0:66::/48 maxlen: 48
2a00:11c0:dc::/48 maxlen: 48
2a00:11c0::/32 maxlen: 128
2a01:aea0:dd1::/48 maxlen: 48
2a00:11c0:19::/48 maxlen: 48
2a00:11c0:42::/48 maxlen: 48
2a00:11c0:dd::/48 maxlen: 48
2a00:11c0:13::/48 maxlen: 48
2a00:11c0:96::/48 maxlen: 48
2a00:11c0:9a::/48 maxlen: 48
2a00:11c0:1335::/48 maxlen: 48
2a00:11c0:24::/48 maxlen: 48
2a01:aea0::/40 maxlen: 40
2a01:aea0::/32 maxlen: 32
2a00:11c0:43::/48 maxlen: 48
2a00:11c0:83::/48 maxlen: 48
2a00:11c0:86::/48 maxlen: 48
2a00:11c0:97::/48 maxlen: 48
2a00:11c0:4a::/48 maxlen: 48
2a00:11c0:de::/48 maxlen: 48
2a01:aea0:df1::/48 maxlen: 48
2a00:11c0:79::/48 maxlen: 48
2a00:11c0:22::/48 maxlen: 48
2a00:11c0:98::/48 maxlen: 48
2a00:11c0:87::/48 maxlen: 48
2a00:11c0:29::/48 maxlen: 48
2a00:11c0:84::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:45:1c:1c:7c:5d:30:c3:ca:6c:42:34:e3:3c:f2:ba:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Aug 30 06:23:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2e221a38da753cc8f1d23f2016bf64bcbc922b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f0:29:1a:3a:48:fc:cf:93:c1:6a:fb:3e:09:
d8:05:f1:b7:15:86:fd:11:98:0f:9a:bd:b9:f7:3a:
a5:55:99:97:c9:22:31:e7:a5:d1:a5:fc:6f:01:3c:
53:25:82:c6:99:3d:ff:aa:9e:9d:6d:46:41:02:7a:
26:97:45:b2:c5:6b:a7:ef:ed:ea:9c:e0:9e:76:37:
75:10:9c:fb:4f:86:d5:4a:6f:26:52:8b:92:23:3f:
ce:5f:81:93:a8:77:b8:92:50:c3:a9:8f:a2:e8:eb:
a0:4c:1a:bc:c5:17:9e:b2:3c:fe:70:17:7e:d6:5f:
41:9b:52:50:d1:b6:7e:84:77:01:2a:40:c7:a1:e6:
53:ba:42:77:12:b5:d9:c9:31:0e:1e:d6:c9:14:82:
72:30:67:e4:59:58:c9:df:dd:1a:e0:6d:ed:df:d1:
73:8e:e3:1f:1b:59:44:8a:e0:25:6e:1e:c8:87:2a:
fc:f6:84:d0:65:6a:10:1f:88:57:2f:e3:78:d4:41:
99:d2:03:cf:2f:a6:98:e2:c6:0a:3c:4a:4e:26:ff:
28:e1:14:a0:cd:f8:37:9a:dc:0f:47:43:a4:da:3e:
57:24:f5:fd:ee:83:46:a3:62:5e:36:d3:a2:1a:9a:
e9:25:08:c1:c2:0a:86:99:e4:e0:c5:fd:bb:b4:b0:
d5:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:E2:21:A3:8D:A7:53:CC:8F:1D:23:F2:01:6B:F6:4B:CB:C9:22:B5
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/suIho42nU8yPHSPyAWv2S8vJIrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.3.0-37.235.5.255
37.252.224.0/19
45.132.61.0-45.132.63.255
94.16.125.0-94.16.126.255
144.208.192.0/18
176.123.54.0/23
178.255.152.0/21
185.2.176.0/22
185.50.232.0/23
185.50.235.0/24
185.81.206.0/24
185.81.209.0/24
185.116.96.0/22
185.228.148.0/22
188.65.72.0/21
188.172.192.0/18
193.33.114.0/23
194.1.206.0/24
213.227.160.0/19
217.146.0.0/19
IPv6:
2a00:11c0::/32
2a01:aea0::/32
Signature Algorithm: sha256WithRSAEncryption
11:03:a5:7c:d8:92:9d:35:a0:46:3d:11:6c:cf:40:50:b3:1c:
d2:dc:fc:b9:65:c8:16:ec:ee:cd:47:24:aa:0c:a2:25:b6:6c:
a3:66:fa:9a:7c:32:7f:51:3c:df:7c:f0:6e:1a:39:45:00:60:
15:c2:9f:ff:0b:bd:a0:e1:06:5e:0f:90:6a:de:dc:4c:e9:94:
82:bb:c2:cc:b8:3f:fd:a2:ca:82:06:71:5e:1f:32:86:72:65:
ab:39:d2:de:cd:45:2d:95:0a:64:97:b5:b5:9a:57:49:89:42:
45:42:24:db:3a:5a:e8:cf:b7:60:b1:8f:81:33:61:05:f2:ab:
13:a5:a5:5b:2f:63:40:d3:1b:f1:c5:69:3f:1f:ad:eb:35:39:
1c:76:4c:f0:08:82:b6:1a:86:bc:5b:89:54:9f:e0:ee:b4:14:
3a:a4:ca:7a:69:60:1a:c4:e4:a5:3c:67:ce:08:13:28:d2:6a:
bd:07:9d:ca:6a:8b:5e:58:5f:0b:0f:2f:3b:d6:86:9c:e3:47:
36:70:6d:ed:04:30:a1:bf:d1:d8:c1:5d:e2:2b:d8:69:9e:41:
23:51:7b:c7:6e:8f:80:2b:ac:25:1b:de:98:c6:ed:96:f4:93:
a6:31:9c:78:94:31:2e:10:b4:17:76:01:f9:0c:ed:cf:38:33:
d7:9e:14:8e
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYpFHBx8XTDDymxCNOM88rq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjMwODMwMDYyMzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmUyMjFhMzhkYTc1M2NjOGYxZDIzZjIwMTZiZjY0YmNiYzkyMmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/ApGjpI/M+TwWr7PgnYBfG3FYb9
EZgPmr259zqlVZmXySIx56XRpfxvATxTJYLGmT3/qp6dbUZBAnoml0WyxWun7+3q
nOCedjd1EJz7T4bVSm8mUouSIz/OX4GTqHe4klDDqY+i6OugTBq8xReesjz+cBd+
1l9Bm1JQ0bZ+hHcBKkDHoeZTukJ3ErXZyTEOHtbJFIJyMGfkWVjJ390a4G3t39Fz
juMfG1lEiuAlbh7Ihyr89oTQZWoQH4hXL+N41EGZ0gPPL6aY4sYKPEpOJv8o4RSg
zfg3mtwPR0Ok2j5XJPX97oNGo2JeNtOiGprpJQjBwgqGmeTgxf27tLDVywIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFLLiIaONp1PMjx0j8gFr9kvLySK1MB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvc3VJaG80Mm5VOHlQSFNQeUFXdjJTOHZKSXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBlwQCAAEwgZAwDAME
ACXrAwMEASXrBAMEBSX84DAMAwQALYQ9AwQGLYQAMAwDBABeEH0DBABeEH4DBAaQ
0MADBAGwezYDBAOy/5gDBAK5ArADBAG5MugDBAC5MusDBAC5Uc4DBAC5UdEDBAK5
dGADBAK55JQDBAO8QUgDBAa8rMADBAHBIXIDBADCAc4DBAXV46ADBAXZkgAwFAQC
AAIwDgMFACoAEcADBQAqAa6gMA0GCSqGSIb3DQEBCwUAA4IBAQARA6V82JKdNaBG
PRFsz0BQsxzS3Py5ZcgW7O7NRySqDKIltmyjZvqafDJ/UTzffPBuGjlFAGAVwp//
C72g4QZeD5Bq3txM6ZSCu8LMuD/9osqCBnFeHzKGcmWrOdLezUUtlQpkl7W1mldJ
iUJFQiTbOlroz7dgsY+BM2EF8qsTpaVbL2NA0xvxxWk/H63rNTkcdkzwCIK2Goa8
W4lUn+DutBQ6pMp6aWAaxOSlPGfOCBMo0mq9B53KaoteWF8LDy871oac40c2cG3t
BDChv9HYwV3iK9hpnkEjUXvHbo+AK6wlG96Yxu2W9JOmMZx4lDEuELQXdgH5DO3P
ODPXnhSO
-----END CERTIFICATE-----
Generated at Sat May 10 21:18:37 2025 by rpki-client