Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/9TjqwghvCaJD_JHPcgMPh9Cbo7M.roa
File: 9TjqwghvCaJD_JHPcgMPh9Cbo7M.roa (raw, json)
Hash identifier: NOVVzXJjgSw57IrMsdkkvVerlViXKcyF/7ad9hWtrws=
Subject key identifier: F5:38:EA:C2:08:6F:09:A2:43:FC:91:CF:72:03:0F:87:D0:9B:A3:B3
Certificate issuer: /CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Certificate serial: 018BB2F1DDD2C81BEE054D2B4E0888DDE01F
Authority key identifier: DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/9TjqwghvCaJD_JHPcgMPh9Cbo7M.roa
Signing time: Thu 09 Nov 2023 07:17:57 +0000
ROA not before: Thu 09 Nov 2023 07:17:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8437
IP address blocks: 62.218.100.0/24 maxlen: 24
178.114.0.0/16 maxlen: 16
62.218.52.0/24 maxlen: 24
178.114.92.0/22 maxlen: 22
213.235.196.0/24 maxlen: 24
213.235.192.0/18 maxlen: 18
62.218.164.0/24 maxlen: 24
62.218.165.0/24 maxlen: 24
62.218.169.0/24 maxlen: 24
62.218.168.0/24 maxlen: 24
62.218.174.0/24 maxlen: 24
62.218.175.0/24 maxlen: 24
46.57.0.0/17 maxlen: 17
195.96.0.0/19 maxlen: 19
86.59.0.0/17 maxlen: 17
62.116.64.0/18 maxlen: 18
213.129.224.0/19 maxlen: 19
213.90.0.0/17 maxlen: 17
62.218.4.0/24 maxlen: 24
62.218.0.0/16 maxlen: 16
195.248.32.0/19 maxlen: 19
81.189.213.0/24 maxlen: 24
81.189.212.0/22 maxlen: 22
81.189.212.0/24 maxlen: 24
81.189.215.0/24 maxlen: 24
81.189.214.0/24 maxlen: 24
91.186.128.0/19 maxlen: 19
77.119.32.0/19 maxlen: 19
178.115.96.0/19 maxlen: 19
77.118.192.0/20 maxlen: 20
188.118.192.0/18 maxlen: 18
77.118.208.0/20 maxlen: 20
212.152.128.0/17 maxlen: 17
78.142.128.0/18 maxlen: 18
62.116.0.0/19 maxlen: 19
77.119.96.0/22 maxlen: 22
77.119.64.0/18 maxlen: 18
77.119.88.0/21 maxlen: 21
46.57.120.0/22 maxlen: 22
178.114.208.0/21 maxlen: 21
77.118.56.0/21 maxlen: 21
212.27.64.0/18 maxlen: 18
81.189.0.0/16 maxlen: 16
46.57.72.0/22 maxlen: 22
213.235.234.0/24 maxlen: 24
195.70.224.0/19 maxlen: 19
77.118.0.0/16 maxlen: 16
46.57.104.0/22 maxlen: 22
77.118.17.0/24 maxlen: 24
77.118.160.0/20 maxlen: 20
77.118.176.0/20 maxlen: 20
77.118.112.0/20 maxlen: 20
2001:858:40::/45 maxlen: 45
2001:858::/32 maxlen: 32
2001:938::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b2:f1:dd:d2:c8:1b:ee:05:4d:2b:4e:08:88:dd:e0:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Validity
Not Before: Nov 9 07:17:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f538eac2086f09a243fc91cf72030f87d09ba3b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5c:1c:1a:1f:cb:42:81:78:ae:0d:a6:ea:eb:
c2:d8:da:9a:c5:44:11:f1:84:00:61:ce:5c:0d:25:
43:71:3d:ff:c7:b8:0f:95:f0:1d:e0:83:0a:53:f4:
fa:7d:10:ea:29:33:67:8e:bc:73:3e:80:fc:93:07:
47:6d:13:81:fb:24:fc:1a:35:59:4c:fe:0e:2a:19:
b3:c9:f3:fa:a8:c0:d9:70:0a:6f:67:56:b9:2d:b4:
84:3d:d9:4f:9f:1f:e5:55:06:24:6b:92:71:3e:ca:
bd:58:b8:3c:4f:93:2d:f9:64:bb:3a:20:86:70:c8:
ec:01:d5:55:68:2a:d6:13:a9:c9:ba:d7:ee:5f:10:
42:8e:d9:d6:4f:77:de:0d:1e:5a:67:45:6d:4c:0c:
e6:5c:4e:a8:7b:22:20:68:fb:2b:47:a2:93:82:54:
c6:30:a4:81:46:68:1e:b6:b9:e3:19:10:ad:8b:60:
a1:4c:0d:4a:fc:0f:d2:9e:35:29:4c:cc:29:f3:35:
3a:1d:8c:12:93:ea:b7:0f:07:c2:b8:a7:92:f0:ff:
28:48:9a:9e:02:52:cf:38:9e:ec:dc:63:cb:03:00:
04:58:25:ce:7b:f7:10:1a:ca:6c:e9:06:8a:ae:5c:
10:62:a4:de:39:5b:26:36:ad:b0:dc:58:de:8d:c8:
29:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:38:EA:C2:08:6F:09:A2:43:FC:91:CF:72:03:0F:87:D0:9B:A3:B3
X509v3 Authority Key Identifier:
keyid:DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/9TjqwghvCaJD_JHPcgMPh9Cbo7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.57.0.0/17
62.116.0.0/19
62.116.64.0/18
62.218.0.0/16
77.118.0.0/16
77.119.32.0-77.119.127.255
78.142.128.0/18
81.189.0.0/16
86.59.0.0/17
91.186.128.0/19
178.114.0.0/16
178.115.96.0/19
188.118.192.0/18
195.70.224.0/19
195.96.0.0/19
195.248.32.0/19
212.27.64.0/18
212.152.128.0/17
213.90.0.0/17
213.129.224.0/19
213.235.192.0/18
IPv6:
2001:858::/32
2001:938::/32
Signature Algorithm: sha256WithRSAEncryption
8d:f7:e3:7e:1f:c7:95:a5:35:c3:10:56:87:ac:45:a7:69:53:
33:61:de:ef:d6:08:b5:37:df:c3:08:2e:11:91:ed:8c:1c:8a:
27:8c:ff:3c:d7:89:db:58:12:bf:7a:76:de:df:fa:d0:7c:05:
f1:35:31:25:95:2d:14:f4:68:e0:ee:82:0b:f7:56:ce:60:ac:
5c:97:bc:4a:6a:d6:50:18:f5:57:8f:f9:e8:56:12:0e:13:35:
2b:49:0e:45:52:21:fc:b2:9e:fc:22:a6:ea:45:bb:f9:a7:a2:
71:cc:d1:f2:50:e0:bc:d0:b9:dd:32:5c:e0:c2:f1:6f:2a:fb:
ff:b5:aa:cd:b8:2f:e5:b9:06:8f:31:c6:5e:23:92:f4:14:cd:
b1:c8:d5:bc:3d:bc:37:c6:18:44:de:f0:e5:0b:38:eb:a5:c7:
03:94:c0:4d:1b:c3:03:79:36:94:1e:19:47:1c:44:4a:d3:d4:
f6:3d:e1:9c:c1:45:e7:e7:00:e7:5b:59:2f:f1:72:07:33:ae:
fa:01:ed:12:66:11:5f:11:2a:50:d0:e8:39:d6:f0:c6:e9:28:
c0:eb:49:03:0d:4c:15:8e:cf:76:fc:56:26:ad:f0:52:df:ea:
d9:ca:ec:42:ec:92:39:23:c1:aa:0e:98:38:40:cd:df:5d:ba:
ae:3e:a7:8a
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYuy8d3SyBvuBU0rTgiI3eAfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOWQxOTdmYmJlZTJhMWRjY2I0ZjU1NzIyYTgyMTBkMzEw
NWIwNDIwHhcNMjMxMTA5MDcxNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTM4ZWFjMjA4NmYwOWEyNDNmYzkxY2Y3MjAzMGY4N2QwOWJhM2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFwcGh/LQoF4rg2m6uvC2NqaxUQR
8YQAYc5cDSVDcT3/x7gPlfAd4IMKU/T6fRDqKTNnjrxzPoD8kwdHbROB+yT8GjVZ
TP4OKhmzyfP6qMDZcApvZ1a5LbSEPdlPnx/lVQYka5JxPsq9WLg8T5Mt+WS7OiCG
cMjsAdVVaCrWE6nJutfuXxBCjtnWT3feDR5aZ0VtTAzmXE6oeyIgaPsrR6KTglTG
MKSBRmgetrnjGRCti2ChTA1K/A/SnjUpTMwp8zU6HYwSk+q3DwfCuKeS8P8oSJqe
AlLPOJ7s3GPLAwAEWCXOe/cQGsps6QaKrlwQYqTeOVsmNq2w3FjejcgppQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFPU46sIIbwmiQ/yRz3IDD4fQm6OzMB8GA1UdIwQY
MBaAFNudGX+77iodzLT1VyKoIQ0xBbBCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMt
NGIyMzk1NmZiZDg2LzEvOVRqcXdnaHZDYUpEX0pIUGNnTVBoOUNibzdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMtNGIyMzk1NmZiZDg2
LzEvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBiQQCAAEwgYIDBAcu
OQADBAU+dAADBAY+dEADAwA+2gMDAE12MAwDBAVNdyADBAdNdwADBAZOjoADAwBR
vQMEB1Y7AAMEBVu6gAMDALJyAwQFsnNgAwQGvHbAAwQFw0bgAwQFw2AAAwQFw/gg
AwQG1BtAAwQH1JiAAwQH1VoAAwQF1YHgAwQG1evAMBQEAgACMA4DBQAgAQhYAwUA
IAEJODANBgkqhkiG9w0BAQsFAAOCAQEAjffjfh/HlaU1wxBWh6xFp2lTM2He79YI
tTffwwguEZHtjByKJ4z/PNeJ21gSv3p23t/60HwF8TUxJZUtFPRo4O6CC/dWzmCs
XJe8SmrWUBj1V4/56FYSDhM1K0kORVIh/LKe/CKm6kW7+aeicczR8lDgvNC53TJc
4MLxbyr7/7Wqzbgv5bkGjzHGXiOS9BTNscjVvD28N8YYRN7w5Qs466XHA5TATRvD
A3k2lB4ZRxxEStPU9j3hnMFF5+cA51tZL/FyBzOu+gHtEmYRXxEqUNDoOdbwxuko
wOtJAw1MFY7PdvxWJq3wUt/q2crsQuySOSPBqg6YOEDN3126rj6nig==
-----END CERTIFICATE-----
Generated at Tue May 13 17:21:09 2025 by rpki-client