Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/4_8N-RTjNevEGW3AUGLs--n7pDc.roa
File: 4_8N-RTjNevEGW3AUGLs--n7pDc.roa (raw, json)
Hash identifier: 26iVRDR17tRm45nS6gh1epu5bPdvmjLdCjV9IpZr6eI=
Subject key identifier: E3:FF:0D:F9:14:E3:35:EB:C4:19:6D:C0:50:62:EC:FB:E9:FB:A4:37
Certificate issuer: /CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Certificate serial: 0187B97D25AE034C263EC4E27CAEE84F7887
Authority key identifier: 92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/4_8N-RTjNevEGW3AUGLs--n7pDc.roa
Signing time: Tue 25 Apr 2023 17:36:39 +0000
ROA not before: Tue 25 Apr 2023 17:36:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51862
IP address blocks: 46.16.72.0/21 maxlen: 24
217.160.216.0/24 maxlen: 24
217.160.219.0/24 maxlen: 24
217.160.222.0/24 maxlen: 24
78.137.96.0/21 maxlen: 24
212.227.51.0/24 maxlen: 24
212.227.68.0/24 maxlen: 24
81.173.112.0/24 maxlen: 24
81.173.115.0/24 maxlen: 24
81.173.114.0/24 maxlen: 24
81.173.113.0/24 maxlen: 24
185.48.116.0/22 maxlen: 24
85.184.248.0/22 maxlen: 24
157.97.104.0/21 maxlen: 24
212.227.151.0/24 maxlen: 24
212.227.171.0/24 maxlen: 24
87.106.112.0/22 maxlen: 24
212.227.115.0/24 maxlen: 24
212.227.118.0/24 maxlen: 24
212.227.129.0/24 maxlen: 24
217.160.200.0/22 maxlen: 24
217.160.210.0/23 maxlen: 24
217.160.118.0/24 maxlen: 24
217.160.117.0/24 maxlen: 24
194.126.206.0/24 maxlen: 24
217.160.120.0/24 maxlen: 24
212.227.224.0/24 maxlen: 24
213.244.192.0/24 maxlen: 24
212.227.233.0/24 maxlen: 24
217.160.154.0/25 maxlen: 25
2a02:2478::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b9:7d:25:ae:03:4c:26:3e:c4:e2:7c:ae:e8:4f:78:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Validity
Not Before: Apr 25 17:36:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3ff0df914e335ebc4196dc05062ecfbe9fba437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:4c:bd:c5:e8:f2:a8:9d:b1:aa:4c:93:49:ab:
4f:91:35:bf:c3:ce:a0:b9:c8:20:a8:5c:e9:eb:e9:
d3:c5:d2:84:3b:16:a9:9b:c8:0d:b8:0e:8e:dd:6b:
8d:69:49:95:d5:9f:20:c0:6f:f7:d7:35:66:14:d8:
99:ba:21:a9:99:4d:af:f9:e6:54:9b:63:f4:1a:dc:
a8:ed:fb:fd:68:bd:7e:3d:9c:fc:da:9f:8c:a9:53:
95:a9:b3:38:f4:2b:73:26:a9:93:3f:df:fc:79:d6:
3c:50:d7:dd:90:02:b0:d3:9d:14:e7:06:ff:4d:cb:
6f:0e:fc:31:13:00:22:d9:b4:83:3d:60:10:70:8d:
2a:bf:7b:26:a5:98:0c:58:4d:43:4b:94:a3:db:5f:
02:2f:39:25:17:da:fb:ca:bd:7b:17:50:36:7d:5c:
fe:2a:07:a3:03:fb:91:90:ee:d1:c9:10:b3:3c:2f:
6d:1d:68:32:0e:eb:9c:49:70:62:0a:97:6e:9f:93:
69:a5:a6:4d:90:bf:cb:e4:07:5d:2e:c9:9c:d4:bd:
7d:52:39:6d:dd:29:6b:eb:46:84:92:8b:cd:00:d4:
e7:6b:c4:4e:26:5b:f5:29:ad:d5:96:10:55:ab:18:
36:ed:3f:d4:11:e1:98:6b:69:c6:92:42:f3:ec:dd:
c3:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:FF:0D:F9:14:E3:35:EB:C4:19:6D:C0:50:62:EC:FB:E9:FB:A4:37
X509v3 Authority Key Identifier:
keyid:92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/4_8N-RTjNevEGW3AUGLs--n7pDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kpWx8dzY-mrB73iCeMSJ4V6srnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.72.0/21
78.137.96.0/21
81.173.112.0/22
85.184.248.0/22
87.106.112.0/22
157.97.104.0/21
185.48.116.0/22
194.126.206.0/24
212.227.51.0/24
212.227.68.0/24
212.227.115.0/24
212.227.118.0/24
212.227.129.0/24
212.227.151.0/24
212.227.171.0/24
212.227.224.0/24
212.227.233.0/24
213.244.192.0/24
217.160.117.0-217.160.118.255
217.160.120.0/24
217.160.154.0/25
217.160.200.0/22
217.160.210.0/23
217.160.216.0/24
217.160.219.0/24
217.160.222.0/24
IPv6:
2a02:2478::/32
Signature Algorithm: sha256WithRSAEncryption
32:b7:cb:76:0e:f0:34:b3:b9:51:42:fd:45:ce:be:85:82:4e:
3d:ef:3c:26:66:1f:70:7c:00:0d:e9:93:0d:94:8f:f8:ec:c2:
66:87:a2:17:c2:66:b4:3f:3e:c1:c1:d7:11:e0:07:cd:ad:aa:
5d:1b:9c:fe:4e:46:6d:61:d1:fb:ae:61:37:79:28:f0:b1:08:
2e:17:a1:6b:99:aa:e8:7a:d4:85:a9:99:41:36:0a:35:2b:8f:
95:5e:62:b7:76:c5:a3:f0:3f:da:f6:66:42:10:f0:c1:f3:11:
d4:a5:97:fb:58:e9:78:56:3a:69:cd:1d:32:22:ee:bd:6c:cc:
78:5c:29:98:cf:81:d1:67:4b:32:fc:c4:49:51:bb:9a:e0:90:
e4:24:6d:c9:3a:ef:56:3c:12:db:df:64:d2:55:25:3a:40:10:
77:53:c1:3b:fa:7a:8f:6f:fa:7e:bf:3d:ff:71:6b:d3:99:ce:
52:13:80:d9:24:b8:93:57:8c:c5:16:ab:2f:13:a5:66:06:b8:
9d:2d:88:1f:36:4b:a7:2e:25:d7:0f:25:e7:29:65:4d:0e:98:
28:e2:38:52:c2:c9:ba:4e:f5:b0:ff:cb:94:a1:be:db:be:be:
0a:b0:5c:50:22:d2:48:3e:da:9c:31:d6:b4:e2:10:c1:32:a9:
07:cd:86:9b
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYe5fSWuA0wmPsTifK7oT3iHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTViMWYxZGNkOGZhNmFjMWVmNzg4Mjc4YzQ4OWUxNWVh
Y2FlNzAwHhcNMjMwNDI1MTczNjM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2ZmMGRmOTE0ZTMzNWViYzQxOTZkYzA1MDYyZWNmYmU5ZmJhNDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEy9xejyqJ2xqkyTSatPkTW/w86g
ucggqFzp6+nTxdKEOxapm8gNuA6O3WuNaUmV1Z8gwG/31zVmFNiZuiGpmU2v+eZU
m2P0Gtyo7fv9aL1+PZz82p+MqVOVqbM49CtzJqmTP9/8edY8UNfdkAKw050U5wb/
TctvDvwxEwAi2bSDPWAQcI0qv3smpZgMWE1DS5Sj218CLzklF9r7yr17F1A2fVz+
KgejA/uRkO7RyRCzPC9tHWgyDuucSXBiCpdun5NppaZNkL/L5AddLsmc1L19Ujlt
3Slr60aEkovNANTna8ROJlv1Ka3VlhBVqxg27T/UEeGYa2nGkkLz7N3DywIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFOP/DfkU4zXrxBltwFBi7Pvp+6Q3MB8GA1UdIwQY
MBaAFJKVsfHc2Ppqwe94gnjEieFerK5wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMt
OWViNDBjYzVmNjhiLzEvNF84Ti1SVGpOZXZFR1czQVVHTHMtLW43cERjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMtOWViNDBjYzVmNjhi
LzEva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBrAQCAAEwgaUDBAMu
EEgDBANOiWADBAJRrXADBAJVuPgDBAJXanADBAOdYWgDBAK5MHQDBADCfs4DBADU
4zMDBADU40QDBADU43MDBADU43YDBADU44EDBADU45cDBADU46sDBADU4+ADBADU
4+kDBADV9MAwDAMEANmgdQMEANmgdgMEANmgeAMFB9mgmgADBALZoMgDBAHZoNID
BADZoNgDBADZoNsDBADZoN4wDQQCAAIwBwMFACoCJHgwDQYJKoZIhvcNAQELBQAD
ggEBADK3y3YO8DSzuVFC/UXOvoWCTj3vPCZmH3B8AA3pkw2Uj/jswmaHohfCZrQ/
PsHB1xHgB82tql0bnP5ORm1h0fuuYTd5KPCxCC4XoWuZquh61IWpmUE2CjUrj5Ve
Yrd2xaPwP9r2ZkIQ8MHzEdSll/tY6XhWOmnNHTIi7r1szHhcKZjPgdFnSzL8xElR
u5rgkOQkbck671Y8EtvfZNJVJTpAEHdTwTv6eo9v+n6/Pf9xa9OZzlITgNkkuJNX
jMUWqy8TpWYGuJ0tiB82S6cuJdcPJecpZU0OmCjiOFLCybpO9bD/y5Shvtu+vgqw
XFAi0kg+2pwx1rTiEMEyqQfNhps=
-----END CERTIFICATE-----
Generated at Mon May 5 17:39:59 2025 by rpki-client