Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/tbtCZD_1t6KNiu67WAaTfcrbaF4.roa
File: tbtCZD_1t6KNiu67WAaTfcrbaF4.roa (raw, json)
Hash identifier: 62VjDicRMiXLzSdkThgcfTqJQF/eSHhmLMo+iLHUi2I=
Subject key identifier: B5:BB:42:64:3F:F5:B7:A2:8D:8A:EE:BB:58:06:93:7D:CA:DB:68:5E
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 01879FD35B3E3BB1DC76830E68BA4CCB4FF1
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/tbtCZD_1t6KNiu67WAaTfcrbaF4.roa
Signing time: Thu 20 Apr 2023 18:00:41 +0000
ROA not before: Thu 20 Apr 2023 18:00:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15557
IP address blocks: 80.124.0.0/16 maxlen: 16
80.70.32.0/20 maxlen: 20
217.19.192.0/20 maxlen: 20
88.141.0.0/16 maxlen: 16
212.198.0.0/16 maxlen: 16
91.151.112.0/20 maxlen: 20
213.144.192.0/19 maxlen: 19
217.70.80.0/20 maxlen: 20
79.80.0.0/12 maxlen: 12
185.147.204.0/22 maxlen: 22
77.144.0.0/12 maxlen: 12
79.174.192.0/18 maxlen: 18
195.3.0.0/18 maxlen: 18
77.137.196.0/22 maxlen: 24
85.168.0.0/14 maxlen: 14
77.137.200.0/21 maxlen: 24
77.137.208.0/20 maxlen: 24
79.174.232.0/21 maxlen: 21
81.185.0.0/16 maxlen: 24
194.6.128.0/19 maxlen: 19
195.146.192.0/19 maxlen: 19
84.96.0.0/13 maxlen: 13
77.136.172.0/24 maxlen: 24
88.140.0.0/16 maxlen: 16
77.136.173.0/24 maxlen: 24
77.136.174.0/24 maxlen: 24
87.231.0.0/16 maxlen: 16
62.39.0.0/16 maxlen: 24
77.140.0.0/14 maxlen: 24
89.2.0.0/15 maxlen: 15
62.106.128.0/17 maxlen: 17
217.112.224.0/20 maxlen: 20
194.183.192.0/19 maxlen: 19
62.62.128.0/17 maxlen: 24
141.170.216.0/21 maxlen: 21
212.39.128.0/19 maxlen: 19
213.245.0.0/16 maxlen: 16
86.66.127.0/24 maxlen: 24
62.241.64.0/18 maxlen: 18
81.220.0.0/16 maxlen: 16
213.203.64.0/18 maxlen: 24
89.156.0.0/14 maxlen: 14
213.169.160.0/19 maxlen: 19
93.0.0.0/11 maxlen: 11
109.0.0.0/11 maxlen: 11
81.1.0.0/18 maxlen: 18
81.65.0.0/16 maxlen: 16
84.55.128.0/18 maxlen: 18
62.129.160.0/19 maxlen: 24
78.112.0.0/12 maxlen: 12
62.8.0.0/19 maxlen: 19
77.136.0.0/16 maxlen: 24
46.35.0.0/19 maxlen: 19
88.136.0.0/14 maxlen: 14
37.64.0.0/13 maxlen: 24
77.128.0.0/13 maxlen: 24
80.236.0.0/17 maxlen: 17
212.94.160.0/19 maxlen: 19
81.185.160.0/21 maxlen: 21
81.185.160.0/20 maxlen: 20
80.125.0.0/16 maxlen: 16
81.185.168.0/21 maxlen: 21
83.141.128.0/17 maxlen: 17
84.205.128.0/19 maxlen: 19
77.134.204.0/24 maxlen: 24
212.30.96.0/19 maxlen: 24
84.205.144.0/20 maxlen: 20
80.118.4.0/24 maxlen: 24
81.64.0.0/14 maxlen: 14
213.128.32.0/19 maxlen: 19
80.118.0.0/15 maxlen: 15
194.242.176.0/20 maxlen: 20
92.88.0.0/13 maxlen: 13
195.7.96.0/19 maxlen: 19
91.68.0.0/22 maxlen: 22
195.132.0.0/16 maxlen: 16
85.68.0.0/15 maxlen: 15
195.98.96.0/19 maxlen: 19
213.223.0.0/16 maxlen: 16
91.68.0.0/14 maxlen: 14
84.4.0.0/14 maxlen: 14
77.192.0.0/12 maxlen: 12
86.64.0.0/12 maxlen: 12
82.216.0.0/16 maxlen: 16
195.115.0.0/16 maxlen: 16
78.155.128.0/19 maxlen: 19
88.142.0.0/16 maxlen: 16
2a02:8400::/48 maxlen: 48
2a02:8400:14::/48 maxlen: 48
2a00:7180::/32 maxlen: 32
2a02:8440:5000::/36 maxlen: 36
2a02:8400:11::/48 maxlen: 48
2a02:8400::/25 maxlen: 25
2a02:8400:12::/48 maxlen: 48
2a02:8400:13::/48 maxlen: 48
2a00:6200::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9f:d3:5b:3e:3b:b1:dc:76:83:0e:68:ba:4c:cb:4f:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Apr 20 18:00:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5bb42643ff5b7a28d8aeebb5806937dcadb685e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:db:4e:b0:b5:16:ae:71:b1:98:ca:f1:63:84:
93:a2:b2:e4:c9:3c:d3:e6:00:34:cf:00:06:66:5c:
30:92:85:aa:db:8a:db:f9:d8:f3:2b:9d:f5:f3:a5:
4c:ce:97:bf:b6:ca:f9:0b:16:96:67:1a:3d:a3:d9:
55:20:57:4c:ff:03:f0:06:4a:61:79:ff:80:37:29:
b4:8b:43:88:87:0a:02:83:de:69:93:87:05:d2:39:
58:c3:b8:51:40:7b:45:08:ce:ad:37:fa:a7:b1:8a:
ff:0e:36:57:fa:73:66:89:f6:37:ff:3f:b3:f9:a7:
f1:75:5c:82:21:bb:c5:06:31:b2:41:a6:3e:36:a2:
25:90:db:ec:be:b8:d7:a2:e6:bd:01:d3:85:9c:16:
74:59:00:4b:85:dd:99:89:a2:c0:8e:d1:d8:33:8a:
3f:dd:62:d1:04:5c:71:7b:a0:61:46:27:0c:a3:5a:
28:8c:b7:db:91:f7:05:55:68:f3:35:5d:20:15:00:
28:d3:d2:02:18:d1:6e:c2:5a:f4:b4:8e:25:20:52:
f9:63:40:1c:02:b8:a3:e3:8e:7e:75:f5:2b:51:3e:
1d:34:1c:3b:12:92:89:a8:7e:1b:b8:95:72:af:9f:
28:fb:48:70:8d:67:a7:bc:f7:fd:d5:07:35:90:68:
5d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:BB:42:64:3F:F5:B7:A2:8D:8A:EE:BB:58:06:93:7D:CA:DB:68:5E
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/tbtCZD_1t6KNiu67WAaTfcrbaF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.64.0.0/13
46.35.0.0/19
62.8.0.0/19
62.39.0.0/16
62.62.128.0/17
62.106.128.0/17
62.129.160.0/19
62.241.64.0/18
77.128.0.0-77.136.255.255
77.137.196.0-77.137.223.255
77.140.0.0-77.159.255.255
77.192.0.0/12
78.112.0.0/12
78.155.128.0/19
79.80.0.0/12
79.174.192.0/18
80.70.32.0/20
80.118.0.0/15
80.124.0.0/15
80.236.0.0/17
81.1.0.0/18
81.64.0.0/14
81.185.0.0/16
81.220.0.0/16
82.216.0.0/16
83.141.128.0/17
84.4.0.0/14
84.55.128.0/18
84.96.0.0/13
84.205.128.0/19
85.68.0.0/15
85.168.0.0/14
86.64.0.0/12
87.231.0.0/16
88.136.0.0-88.142.255.255
89.2.0.0/15
89.156.0.0/14
91.68.0.0/14
91.151.112.0/20
92.88.0.0/13
93.0.0.0/11
109.0.0.0/11
141.170.216.0/21
185.147.204.0/22
194.6.128.0/19
194.183.192.0/19
194.242.176.0/20
195.3.0.0/18
195.7.96.0/19
195.98.96.0/19
195.115.0.0/16
195.132.0.0/16
195.146.192.0/19
212.30.96.0/19
212.39.128.0/19
212.94.160.0/19
212.198.0.0/16
213.128.32.0/19
213.144.192.0/19
213.169.160.0/19
213.203.64.0/18
213.223.0.0/16
213.245.0.0/16
217.19.192.0/20
217.70.80.0/20
217.112.224.0/20
IPv6:
2a00:6200::/29
2a00:7180::/32
2a02:8400::/25
Signature Algorithm: sha256WithRSAEncryption
a3:2f:b7:cd:79:58:a3:75:88:77:07:86:f2:20:91:69:0a:b3:
f1:6e:e9:d8:09:b8:74:9e:4c:d3:29:07:40:fa:55:d2:59:a9:
aa:d8:ad:55:1c:20:97:43:ad:e4:6a:93:76:b8:65:36:a3:26:
65:af:98:ef:eb:7c:27:17:cb:13:ba:ac:08:0a:22:98:45:22:
2d:3b:80:f3:97:be:a7:68:97:9d:38:f3:19:db:4e:8f:89:fb:
5c:af:34:69:7c:e6:36:96:71:dd:81:39:68:c2:ee:b1:ce:17:
22:65:50:72:83:86:47:b1:35:18:98:76:8d:bf:07:ca:58:9a:
52:a5:ef:a8:0c:41:c8:cc:bd:2b:cd:c3:5c:d2:7f:3b:38:c5:
c3:93:24:a0:e4:fb:11:b7:a5:f1:fd:12:3e:6b:dd:ec:bc:18:
bb:de:02:59:6e:be:10:13:56:ba:cc:41:fb:2f:f1:65:fd:32:
8e:1f:8c:80:ce:ab:23:8b:c5:a2:0a:5b:74:dd:5e:16:35:80:
8f:51:b5:b9:da:85:8b:a3:65:a2:6b:4a:8b:24:cb:13:40:07:
18:57:53:f8:f0:fa:80:e0:9c:32:64:6c:69:44:a2:8b:91:ff:
f9:48:40:a6:ad:fe:a3:b1:f1:dc:02:41:02:22:d1:c0:1a:9c:
4a:8d:c5:50
-----BEGIN CERTIFICATE-----
MIIGqDCCBZCgAwIBAgISAYef01s+O7HcdoMOaLpMy0/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjMwNDIwMTgwMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWJiNDI2NDNmZjViN2EyOGQ4YWVlYmI1ODA2OTM3ZGNhZGI2ODVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9tOsLUWrnGxmMrxY4STorLkyTzT
5gA0zwAGZlwwkoWq24rb+djzK53186VMzpe/tsr5CxaWZxo9o9lVIFdM/wPwBkph
ef+ANym0i0OIhwoCg95pk4cF0jlYw7hRQHtFCM6tN/qnsYr/DjZX+nNmifY3/z+z
+afxdVyCIbvFBjGyQaY+NqIlkNvsvrjXoua9AdOFnBZ0WQBLhd2ZiaLAjtHYM4o/
3WLRBFxxe6BhRicMo1oojLfbkfcFVWjzNV0gFQAo09ICGNFuwlr0tI4lIFL5Y0Ac
Arij445+dfUrUT4dNBw7EpKJqH4buJVyr58o+0hwjWenvPf91Qc1kGhdlQIDAQAB
o4IDtDCCA7AwHQYDVR0OBBYEFLW7QmQ/9beijYruu1gGk33K22heMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvdGJ0Q1pEXzF0NktOaXU2N1dBYVRmY3JiYUY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIByAYIKwYBBQUHAQcBAf8EggG3MIIBszCCAZIEAgABMIIB
igMDAyVAAwQFLiMAAwQFPggAAwMAPicDBAc+PoADBAc+aoADBAU+gaADBAY+8UAw
CgMDB02AAwMATYgwDAMEAk2JxAMEBU2JwDAKAwMCTYwDAwVNgAMDBE3AAwMETnAD
BAVOm4ADAwRPUAMEBk+uwAMEBFBGIAMDAVB2AwMBUHwDBAdQ7AADBAZRAQADAwJR
QAMDAFG5AwMAUdwDAwBS2AMEB1ONgAMDAlQEAwQGVDeAAwMDVGADBAVUzYADAwFV
RAMDAlWoAwMEVkADAwBX5zAKAwMDWIgDAwBYjgMDAVkCAwMCWZwDAwJbRAMEBFuX
cAMDA1xYAwMFXQADAwVtAAMEA42q2AMEArmTzAMEBcIGgAMEBcK3wAMEBMLysAME
BsMDAAMEBcMHYAMEBcNiYAMDAMNzAwMAw4QDBAXDksADBAXUHmADBAXUJ4ADBAXU
XqADAwDUxgMEBdWAIAMEBdWQwAMEBdWpoAMEBtXLQAMDANXfAwMA1fUDBATZE8AD
BATZRlADBATZcOAwGwQCAAIwFQMFAyoAYgADBQAqAHGAAwUHKgKEADANBgkqhkiG
9w0BAQsFAAOCAQEAoy+3zXlYo3WIdweG8iCRaQqz8W7p2Am4dJ5M0ykHQPpV0lmp
qtitVRwgl0Ot5GqTdrhlNqMmZa+Y7+t8JxfLE7qsCAoimEUiLTuA85e+p2iXnTjz
GdtOj4n7XK80aXzmNpZx3YE5aMLusc4XImVQcoOGR7E1GJh2jb8HyliaUqXvqAxB
yMy9K83DXNJ/OzjFw5MkoOT7Ebel8f0SPmvd7LwYu94CWW6+EBNWusxB+y/xZf0y
jh+MgM6rI4vFogpbdN1eFjWAj1G1udqFi6NlomtKiyTLE0AHGFdT+PD6gOCcMmRs
aUSii5H/+UhApq3+o7Hx3AJBAiLRwBqcSo3FUA==
-----END CERTIFICATE-----
Generated at Mon May 12 19:48:32 2025 by rpki-client