Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/mB6eIlbJ-TwHt9hZxlepm37Mweo.roa
File: mB6eIlbJ-TwHt9hZxlepm37Mweo.roa (raw, json)
Hash identifier: 55w91ryJva2CR0uiydfg0dQAaXyt/dAhB5U9imFbicc=
Subject key identifier: 98:1E:9E:22:56:C9:F9:3C:07:B7:D8:59:C6:57:A9:9B:7E:CC:C1:EA
Certificate issuer: /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial: 01897D8FDA7DC6B7546663CC8EC6375B0507
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/mB6eIlbJ-TwHt9hZxlepm37Mweo.roa
Signing time: Sat 22 Jul 2023 12:25:26 +0000
ROA not before: Sat 22 Jul 2023 12:25:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48715
IP address blocks: 78.110.120.0/22 maxlen: 24
185.141.105.0/24 maxlen: 24
185.141.104.0/24 maxlen: 24
185.141.104.0/22 maxlen: 22
185.141.107.0/24 maxlen: 24
185.141.106.0/24 maxlen: 24
185.18.212.0/22 maxlen: 22
185.18.212.0/24 maxlen: 24
185.18.213.0/24 maxlen: 24
185.18.214.0/24 maxlen: 24
185.18.215.0/24 maxlen: 24
195.211.44.0/24 maxlen: 24
195.211.44.0/22 maxlen: 22
195.211.47.0/24 maxlen: 24
195.211.45.0/24 maxlen: 24
195.211.46.0/24 maxlen: 24
195.110.38.0/23 maxlen: 23
91.236.168.0/24 maxlen: 24
91.236.168.0/23 maxlen: 23
91.236.169.0/24 maxlen: 24
152.89.44.0/24 maxlen: 24
152.89.44.0/22 maxlen: 22
152.89.47.0/24 maxlen: 24
152.89.46.0/24 maxlen: 24
152.89.45.0/24 maxlen: 24
185.58.240.0/22 maxlen: 24
185.51.200.0/22 maxlen: 22
185.51.200.0/24 maxlen: 24
185.51.203.0/24 maxlen: 24
185.51.201.0/24 maxlen: 24
185.51.202.0/24 maxlen: 24
185.112.150.0/23 maxlen: 23
185.112.150.0/24 maxlen: 24
185.112.151.0/24 maxlen: 24
185.112.149.0/24 maxlen: 24
185.121.131.0/24 maxlen: 24
185.121.130.0/24 maxlen: 24
185.121.130.0/23 maxlen: 23
88.135.38.0/24 maxlen: 24
88.135.36.0/22 maxlen: 22
88.135.36.0/24 maxlen: 24
88.135.37.0/24 maxlen: 24
185.141.132.0/24 maxlen: 24
185.141.132.0/22 maxlen: 22
185.141.134.0/24 maxlen: 24
185.141.135.0/24 maxlen: 24
185.141.133.0/24 maxlen: 24
185.252.200.0/24 maxlen: 24
188.209.152.0/24 maxlen: 24
188.209.152.0/23 maxlen: 23
188.209.153.0/24 maxlen: 24
88.135.39.0/24 maxlen: 24
185.128.138.0/24 maxlen: 24
185.128.139.0/24 maxlen: 24
185.128.136.0/22 maxlen: 22
185.128.137.0/24 maxlen: 24
185.128.136.0/24 maxlen: 24
2a0a:5e80::/48 maxlen: 48
2a0a:5e80::/64 maxlen: 64
2a0a:5e80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:7d:8f:da:7d:c6:b7:54:66:63:cc:8e:c6:37:5b:05:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Validity
Not Before: Jul 22 12:25:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=981e9e2256c9f93c07b7d859c657a99b7eccc1ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8e:c7:15:6d:7d:01:34:08:cc:cb:57:ba:06:
e1:69:c3:7d:8f:e7:3a:ac:2f:a2:06:e9:bb:10:1c:
b8:8b:ed:4c:f4:6a:17:47:ff:ed:65:3c:7a:0d:e1:
26:fc:8d:66:85:06:4b:a0:8e:7b:4f:cc:79:22:8e:
08:83:92:fb:08:0f:e6:b8:79:1a:aa:ff:34:91:db:
a9:7f:a9:20:21:3b:e9:56:5e:d2:17:56:d4:6d:79:
66:bd:6e:60:8f:ce:de:88:de:ea:e0:a6:ec:b6:0c:
c0:2e:5c:6d:4c:04:4f:61:3c:f3:a0:8e:b8:1a:7b:
e9:fe:3b:4e:be:9b:52:fd:f9:91:3f:d4:2f:da:9f:
bb:5f:0a:bd:17:f3:c0:e1:79:2e:88:a5:2d:9c:a4:
16:e8:64:a4:aa:e0:4a:d0:4d:ed:7c:3e:3f:a0:5b:
57:a6:05:56:8a:53:f0:42:d4:97:9e:41:80:d0:4c:
1a:11:90:dd:bd:b6:bc:5e:33:2f:63:6d:a8:ee:c7:
9c:d0:9e:c5:20:89:b8:ca:f7:c0:c1:5a:fc:bd:51:
12:a4:96:9e:89:8d:38:5d:23:24:c0:9b:86:4f:00:
9b:73:3a:98:95:11:b5:f5:fe:f7:37:d3:97:f9:3e:
bb:6b:84:d9:15:99:0b:98:5e:96:45:c3:cd:ab:48:
e1:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:1E:9E:22:56:C9:F9:3C:07:B7:D8:59:C6:57:A9:9B:7E:CC:C1:EA
X509v3 Authority Key Identifier:
keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/mB6eIlbJ-TwHt9hZxlepm37Mweo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.110.120.0/22
88.135.36.0/22
91.236.168.0/23
152.89.44.0/22
185.18.212.0/22
185.51.200.0/22
185.58.240.0/22
185.112.149.0-185.112.151.255
185.121.130.0/23
185.128.136.0/22
185.141.104.0/22
185.141.132.0/22
185.252.200.0/24
188.209.152.0/23
195.110.38.0/23
195.211.44.0/22
IPv6:
2a0a:5e80::/29
Signature Algorithm: sha256WithRSAEncryption
ae:d3:d3:34:e7:25:ca:cf:df:9b:57:44:69:58:7c:f9:64:00:
d6:a9:21:df:08:ce:f9:fc:09:5e:4b:90:7b:ab:7e:22:64:6a:
19:3c:9e:1b:16:af:4f:39:66:16:b1:e7:61:10:91:98:4d:d9:
85:5c:ad:e7:9c:14:53:11:78:70:6c:62:b3:bb:7b:9c:10:18:
89:75:7e:fe:cd:e9:ef:1f:42:ab:7c:e2:ce:04:77:26:35:9f:
f5:91:82:20:81:79:fa:b0:e9:ed:b7:72:16:d9:70:60:39:e3:
94:89:3f:d9:49:bb:40:39:8a:f9:8e:a6:9b:94:ea:86:c7:0f:
b0:b7:87:b3:bc:2b:a9:10:5e:10:5b:33:6b:95:8f:6c:af:8b:
8d:7c:21:8e:09:ff:d1:e0:ea:42:d7:cf:da:bf:b1:f7:6a:15:
c4:df:40:e1:77:bd:df:fd:4b:87:d3:34:86:03:bc:84:1d:99:
12:e7:fc:83:17:c1:11:ce:51:2e:10:a8:44:62:81:46:bf:21:
d6:86:af:40:eb:c8:c6:1a:23:0f:4e:2f:b7:a7:4f:9a:ee:a1:
1a:ef:ed:e3:55:8d:1d:8d:6d:e6:d0:10:64:3d:e2:8b:ec:55:
97:05:8d:fb:bc:be:e2:25:72:39:fc:2b:ec:ec:28:48:30:d6:
be:01:4d:2f
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAYl9j9p9xrdUZmPMjsY3WwUHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MWI3YTIyZTUxY2ZiOWNmODQyMDVlNDQ0OTk5OGFkNTVk
OGYwNjUwHhcNMjMwNzIyMTIyNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODFlOWUyMjU2YzlmOTNjMDdiN2Q4NTljNjU3YTk5YjdlY2NjMWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsY7HFW19ATQIzMtXugbhacN9j+c6
rC+iBum7EBy4i+1M9GoXR//tZTx6DeEm/I1mhQZLoI57T8x5Io4Ig5L7CA/muHka
qv80kdupf6kgITvpVl7SF1bUbXlmvW5gj87eiN7q4KbstgzALlxtTARPYTzzoI64
Gnvp/jtOvptS/fmRP9Qv2p+7Xwq9F/PA4XkuiKUtnKQW6GSkquBK0E3tfD4/oFtX
pgVWilPwQtSXnkGA0EwaEZDdvba8XjMvY22o7sec0J7FIIm4yvfAwVr8vVESpJae
iY04XSMkwJuGTwCbczqYlRG19f73N9OX+T67a4TZFZkLmF6WRcPNq0jhuQIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFJgeniJWyfk8B7fYWcZXqZt+zMHqMB8GA1UdIwQY
MBaAFAgbeiLlHPuc+EIF5ESZmK1V2PBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYt
MDM2NzI2OGZmODcxLzEvbUI2ZUlsYkotVHdIdDloWnhsZXBtMzdNd2VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYtMDM2NzI2OGZmODcx
LzEvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MG4EAgABMGgDBAJObngD
BAJYhyQDBAFb7KgDBAKYWSwDBAK5EtQDBAK5M8gDBAK5OvAwDAMEALlwlQMEA7lw
kAMEAbl5ggMEArmAiAMEArmNaAMEArmNhAMEALn8yAMEAbzRmAMEAcNuJgMEAsPT
LDANBAIAAjAHAwUDKgpegDANBgkqhkiG9w0BAQsFAAOCAQEArtPTNOclys/fm1dE
aVh8+WQA1qkh3wjO+fwJXkuQe6t+ImRqGTyeGxavTzlmFrHnYRCRmE3ZhVyt55wU
UxF4cGxis7t7nBAYiXV+/s3p7x9Cq3zizgR3JjWf9ZGCIIF5+rDp7bdyFtlwYDnj
lIk/2Um7QDmK+Y6mm5TqhscPsLeHs7wrqRBeEFsza5WPbK+LjXwhjgn/0eDqQtfP
2r+x92oVxN9A4Xe93/1Lh9M0hgO8hB2ZEuf8gxfBEc5RLhCoRGKBRr8h1oavQOvI
xhojD04vt6dPmu6hGu/t41WNHY1t5tAQZD3ii+xVlwWN+7y+4iVyOfwr7OwoSDDW
vgFNLw==
-----END CERTIFICATE-----
Generated at Fri May 16 19:43:18 2025 by rpki-client