Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/ebf3f7-e3ab-4f8c-86e8-7087e3fe2a5d/1/khmsQMze74vL52Xi1bpMuHukeug.roa
File: khmsQMze74vL52Xi1bpMuHukeug.roa (raw, json)
Hash identifier: nPzSpY3Iux5GWAbAvduZczU0IFdhY2++mjlUwZOilsg=
Subject key identifier: 92:19:AC:40:CC:DE:EF:8B:CB:E7:65:E2:D5:BA:4C:B8:7B:A4:7A:E8
Certificate issuer: /CN=59dda75f8110743d250c3068a356ce6acf1c4fe2
Certificate serial: 0184C50D6671EE275C12212F178E7532A46D
Authority key identifier: 59:DD:A7:5F:81:10:74:3D:25:0C:30:68:A3:56:CE:6A:CF:1C:4F:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wd2nX4EQdD0lDDBoo1bOas8cT-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/ebf3f7-e3ab-4f8c-86e8-7087e3fe2a5d/1/khmsQMze74vL52Xi1bpMuHukeug.roa
Signing time: Tue 29 Nov 2022 20:21:40 +0000
ROA not before: Tue 29 Nov 2022 20:21:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41897
IP address blocks: 94.248.184.0/21 maxlen: 21
80.245.96.0/22 maxlen: 22
46.40.56.0/22 maxlen: 22
46.40.63.0/24 maxlen: 24
46.40.60.0/23 maxlen: 23
46.40.62.0/24 maxlen: 24
46.40.0.0/18 maxlen: 18
46.40.1.0/24 maxlen: 24
46.40.8.0/22 maxlen: 22
46.40.6.0/24 maxlen: 24
94.248.233.0/24 maxlen: 24
94.248.232.0/24 maxlen: 24
46.40.16.0/21 maxlen: 21
94.248.232.0/21 maxlen: 21
94.248.232.0/22 maxlen: 22
46.40.15.0/24 maxlen: 24
46.40.12.0/23 maxlen: 23
94.248.238.0/24 maxlen: 24
94.248.239.0/24 maxlen: 24
94.248.237.0/24 maxlen: 24
94.248.235.0/24 maxlen: 24
94.248.236.0/24 maxlen: 24
94.248.234.0/24 maxlen: 24
46.40.26.0/24 maxlen: 24
46.40.27.0/24 maxlen: 24
46.40.31.0/24 maxlen: 24
46.40.30.0/24 maxlen: 24
46.40.30.0/23 maxlen: 23
46.40.29.0/24 maxlen: 24
46.40.37.0/24 maxlen: 24
46.40.35.0/24 maxlen: 24
46.40.33.0/24 maxlen: 24
46.40.34.0/24 maxlen: 24
46.40.32.0/24 maxlen: 24
45.158.16.0/22 maxlen: 22
91.147.244.0/22 maxlen: 22
46.40.40.0/21 maxlen: 21
46.40.48.0/21 maxlen: 21
46.251.8.0/22 maxlen: 22
91.102.224.0/21 maxlen: 21
91.102.229.0/24 maxlen: 24
185.231.128.0/22 maxlen: 22
195.192.244.0/22 maxlen: 22
95.85.173.0/24 maxlen: 24
95.85.176.0/22 maxlen: 22
95.85.184.0/23 maxlen: 23
95.85.186.0/23 maxlen: 23
185.169.248.0/22 maxlen: 22
185.169.248.0/24 maxlen: 24
95.85.128.0/22 maxlen: 22
95.85.128.0/18 maxlen: 18
95.85.136.0/22 maxlen: 22
95.85.135.0/24 maxlen: 24
95.85.144.0/21 maxlen: 21
95.85.152.0/23 maxlen: 23
81.24.240.0/21 maxlen: 21
95.85.156.0/22 maxlen: 22
81.24.247.0/24 maxlen: 24
95.85.154.0/23 maxlen: 23
95.85.172.0/24 maxlen: 24
185.141.198.0/24 maxlen: 24
185.141.199.0/24 maxlen: 24
185.141.196.0/22 maxlen: 22
185.141.196.0/23 maxlen: 23
85.222.176.0/21 maxlen: 21
85.222.176.0/20 maxlen: 20
185.6.190.0/24 maxlen: 24
185.6.191.0/24 maxlen: 24
185.6.189.0/24 maxlen: 24
185.6.188.0/24 maxlen: 24
185.6.188.0/22 maxlen: 22
185.10.204.0/22 maxlen: 22
185.10.204.0/24 maxlen: 24
217.17.97.0/24 maxlen: 24
217.17.96.0/20 maxlen: 20
217.17.98.0/24 maxlen: 24
217.17.96.0/24 maxlen: 24
217.17.111.0/24 maxlen: 24
217.17.110.0/24 maxlen: 24
178.20.200.0/24 maxlen: 24
178.20.202.0/23 maxlen: 23
178.20.201.0/24 maxlen: 24
185.37.168.0/22 maxlen: 22
2a00:ad00::/29 maxlen: 29
2a00:ad03::/32 maxlen: 32
2a00:ad00:2010::/44 maxlen: 44
2a00:ad07:3000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c5:0d:66:71:ee:27:5c:12:21:2f:17:8e:75:32:a4:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59dda75f8110743d250c3068a356ce6acf1c4fe2
Validity
Not Before: Nov 29 20:21:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9219ac40ccdeef8bcbe765e2d5ba4cb87ba47ae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:70:fd:c9:9d:61:64:ca:1f:52:85:08:d4:3a:
9b:fe:52:0e:49:56:86:ec:55:63:d9:98:bf:ec:7f:
a5:e8:22:0a:29:7c:f6:a6:15:88:a0:42:cd:dd:a0:
28:4b:7c:2d:58:1c:c7:33:ed:f1:a3:62:97:3c:6b:
37:4d:66:f9:0c:e2:9f:a9:93:8f:5e:8a:5d:66:f1:
13:7d:84:27:c3:33:8b:cf:a1:3e:0a:ba:48:50:30:
15:ff:55:0e:20:3c:12:ed:39:7a:9e:f8:86:c0:04:
58:c0:44:33:38:3b:c0:1f:54:5d:c7:75:e6:1c:75:
5c:d0:cb:55:09:87:88:61:c1:95:48:ce:03:54:28:
03:a2:da:08:55:4c:65:1b:be:80:c5:6d:ce:06:6c:
d8:62:14:01:be:ed:7f:92:89:cc:d6:2a:d0:f9:2c:
9c:b1:35:41:a1:f7:7e:03:f0:b5:78:5c:a1:59:d2:
d5:a5:02:74:8d:7c:02:70:82:e7:ce:0c:8f:74:a5:
8d:29:65:f3:e1:41:de:07:a3:e9:7d:1a:28:20:49:
0b:21:44:1e:78:d3:8d:bf:fa:76:a2:93:ec:01:ad:
51:bf:72:0d:67:50:00:d5:02:11:c3:1b:9e:77:36:
6a:41:45:88:df:06:45:c6:f3:1f:c8:65:e8:17:3f:
c9:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:19:AC:40:CC:DE:EF:8B:CB:E7:65:E2:D5:BA:4C:B8:7B:A4:7A:E8
X509v3 Authority Key Identifier:
keyid:59:DD:A7:5F:81:10:74:3D:25:0C:30:68:A3:56:CE:6A:CF:1C:4F:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wd2nX4EQdD0lDDBoo1bOas8cT-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ebf3f7-e3ab-4f8c-86e8-7087e3fe2a5d/1/khmsQMze74vL52Xi1bpMuHukeug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ebf3f7-e3ab-4f8c-86e8-7087e3fe2a5d/1/Wd2nX4EQdD0lDDBoo1bOas8cT-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.16.0/22
46.40.0.0/18
46.251.8.0/22
80.245.96.0/22
81.24.240.0/21
85.222.176.0/20
91.102.224.0/21
91.147.244.0/22
94.248.184.0/21
94.248.232.0/21
95.85.128.0/18
178.20.200.0/22
185.6.188.0/22
185.10.204.0/22
185.37.168.0/22
185.141.196.0/22
185.169.248.0/22
185.231.128.0/22
195.192.244.0/22
217.17.96.0/20
IPv6:
2a00:ad00::/29
Signature Algorithm: sha256WithRSAEncryption
62:15:df:71:0e:20:d1:2e:4d:1d:83:0d:48:2b:96:10:c7:5b:
1a:84:d2:9d:8b:e2:68:b8:75:1d:07:d1:c4:eb:af:1a:68:2c:
bb:1f:17:27:ea:a7:a1:8f:e1:3d:1e:4b:7e:2c:47:25:ab:f7:
ac:68:e8:93:65:32:e9:d5:27:52:77:e7:4d:d4:f5:47:46:73:
fd:63:07:92:dc:3b:bd:cb:39:2d:9b:d8:46:b9:a6:14:09:0b:
26:24:79:05:ca:35:db:22:d0:98:bb:16:34:ed:35:f1:3a:61:
d2:09:d9:2d:e5:1f:6f:b1:a6:76:00:5b:eb:60:ce:3c:0a:84:
d3:6b:68:ef:bf:54:5b:28:1c:f5:be:da:e5:a7:c7:3f:a7:2e:
73:12:e9:c0:59:45:fe:c7:60:b7:ce:c6:d8:af:14:1f:8c:32:
71:ee:2e:ab:bf:b6:23:63:40:85:1d:14:6b:ba:4a:99:10:86:
9b:f9:b0:e5:53:c4:e0:84:4a:3f:bb:f3:9b:24:aa:9f:35:20:
40:fb:80:3e:be:eb:df:fe:89:fa:18:33:db:b9:18:53:1b:2a:
f1:8f:43:4e:29:d7:4f:99:d4:e8:b3:9a:75:ae:0b:2c:9b:9a:
e1:66:21:45:c2:19:cb:eb:d2:13:40:d8:54:5a:7b:68:cd:f2:
d9:11:58:e3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAYTFDWZx7idcEiEvF451MqRtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZGRhNzVmODExMDc0M2QyNTBjMzA2OGEzNTZjZTZhY2Yx
YzRmZTIwHhcNMjIxMTI5MjAyMTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjE5YWM0MGNjZGVlZjhiY2JlNzY1ZTJkNWJhNGNiODdiYTQ3YWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHD9yZ1hZMofUoUI1Dqb/lIOSVaG
7FVj2Zi/7H+l6CIKKXz2phWIoELN3aAoS3wtWBzHM+3xo2KXPGs3TWb5DOKfqZOP
XopdZvETfYQnwzOLz6E+CrpIUDAV/1UOIDwS7Tl6nviGwARYwEQzODvAH1Rdx3Xm
HHVc0MtVCYeIYcGVSM4DVCgDotoIVUxlG76AxW3OBmzYYhQBvu1/konM1irQ+Syc
sTVBofd+A/C1eFyhWdLVpQJ0jXwCcILnzgyPdKWNKWXz4UHeB6PpfRooIEkLIUQe
eNONv/p2opPsAa1Rv3INZ1AA1QIRwxuedzZqQUWI3wZFxvMfyGXoFz/JLwIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFJIZrEDM3u+Ly+dl4tW6TLh7pHroMB8GA1UdIwQY
MBaAFFndp1+BEHQ9JQwwaKNWzmrPHE/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2Qyblg0RVFkRDBsRERCb28xYk9hczhjVC1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lYmYzZjctZTNhYi00ZjhjLTg2ZTgt
NzA4N2UzZmUyYTVkLzEva2htc1FNemU3NHZMNTJYaTFicE11SHVrZXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lYmYzZjctZTNhYi00ZjhjLTg2ZTgtNzA4N2UzZmUyYTVk
LzEvV2Qyblg0RVFkRDBsRERCb28xYk9hczhjVC1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzB+BAIAATB4AwQCLZ4Q
AwQGLigAAwQCLvsIAwQCUPVgAwQDURjwAwQEVd6wAwQDW2bgAwQCW5P0AwQDXvi4
AwQDXvjoAwQGX1WAAwQCshTIAwQCuQa8AwQCuQrMAwQCuSWoAwQCuY3EAwQCuan4
AwQCueeAAwQCw8D0AwQE2RFgMA0EAgACMAcDBQMqAK0AMA0GCSqGSIb3DQEBCwUA
A4IBAQBiFd9xDiDRLk0dgw1IK5YQx1sahNKdi+JouHUdB9HE668aaCy7Hxcn6qeh
j+E9Hkt+LEclq/esaOiTZTLp1SdSd+dN1PVHRnP9YweS3Du9yzktm9hGuaYUCQsm
JHkFyjXbItCYuxY07TXxOmHSCdkt5R9vsaZ2AFvrYM48CoTTa2jvv1RbKBz1vtrl
p8c/py5zEunAWUX+x2C3zsbYrxQfjDJx7i6rv7YjY0CFHRRrukqZEIab+bDlU8Tg
hEo/u/ObJKqfNSBA+4A+vuvf/on6GDPbuRhTGyrxj0NOKddPmdTos5p1rgssm5rh
ZiFFwhnL69ITQNhUWntozfLZEVjj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:31 2024 by rpki-client on console-ams.rpki-client.org