Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/cmWRm8gUGhN1cfjExpz1vZehYjE.roa
File: cmWRm8gUGhN1cfjExpz1vZehYjE.roa (raw, json)
Hash identifier: Dw+cQHnV4bCBpCwfLIvZrBRGula1whaOZOFW3aT5b6U=
Subject key identifier: 72:65:91:9B:C8:14:1A:13:75:71:F8:C4:C6:9C:F5:BD:97:A1:62:31
Certificate issuer: /CN=49dd8f1a62a5d7f80212de0f3efe75b2fa338ffe
Certificate serial: 018C674ECAC3C563F0545E0EC5F38863DCE3
Authority key identifier: 49:DD:8F:1A:62:A5:D7:F8:02:12:DE:0F:3E:FE:75:B2:FA:33:8F:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sd2PGmKl1_gCEt4PPv51svozj_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/cmWRm8gUGhN1cfjExpz1vZehYjE.roa
Signing time: Thu 14 Dec 2023 07:51:06 +0000
ROA not before: Thu 14 Dec 2023 07:51:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51684
IP address blocks: 185.16.26.0/24 maxlen: 24
185.16.26.0/23 maxlen: 23
5.181.198.0/24 maxlen: 24
5.181.196.0/24 maxlen: 24
5.181.197.0/24 maxlen: 24
89.46.204.0/23 maxlen: 23
89.46.206.0/24 maxlen: 24
89.46.206.0/23 maxlen: 23
89.46.203.0/24 maxlen: 24
89.46.202.0/23 maxlen: 23
89.46.202.0/24 maxlen: 24
89.46.204.0/24 maxlen: 24
89.46.205.0/24 maxlen: 24
89.46.200.0/24 maxlen: 24
89.46.200.0/23 maxlen: 23
89.46.201.0/24 maxlen: 24
89.46.207.0/24 maxlen: 24
223.25.123.0/24 maxlen: 24
223.25.124.0/24 maxlen: 24
223.25.125.0/24 maxlen: 24
223.25.120.0/24 maxlen: 24
223.25.121.0/24 maxlen: 24
223.25.122.0/24 maxlen: 24
223.25.126.0/24 maxlen: 24
91.217.185.0/24 maxlen: 24
185.254.203.0/24 maxlen: 24
185.254.200.0/24 maxlen: 24
185.254.200.0/23 maxlen: 23
185.254.201.0/24 maxlen: 24
82.199.208.0/23 maxlen: 23
82.199.208.0/24 maxlen: 24
82.199.209.0/24 maxlen: 24
82.199.210.0/24 maxlen: 24
82.199.211.0/24 maxlen: 24
82.199.212.0/23 maxlen: 23
82.199.212.0/24 maxlen: 24
82.199.213.0/24 maxlen: 24
82.199.214.0/23 maxlen: 23
82.199.218.0/23 maxlen: 23
82.199.218.0/24 maxlen: 24
82.199.219.0/24 maxlen: 24
82.199.214.0/24 maxlen: 24
82.199.215.0/24 maxlen: 24
82.199.216.0/24 maxlen: 24
82.199.216.0/23 maxlen: 23
82.199.217.0/24 maxlen: 24
82.199.221.0/24 maxlen: 24
82.199.222.0/24 maxlen: 24
82.199.222.0/23 maxlen: 23
82.199.223.0/24 maxlen: 24
82.199.220.0/24 maxlen: 24
82.199.220.0/23 maxlen: 23
212.95.128.0/24 maxlen: 24
212.95.129.0/24 maxlen: 24
212.95.130.0/24 maxlen: 24
212.95.131.0/24 maxlen: 24
212.95.132.0/24 maxlen: 24
212.95.138.0/24 maxlen: 24
212.95.139.0/24 maxlen: 24
212.95.134.0/24 maxlen: 24
212.95.135.0/24 maxlen: 24
212.95.136.0/24 maxlen: 24
212.95.137.0/24 maxlen: 24
212.95.133.0/24 maxlen: 24
185.247.37.0/24 maxlen: 24
185.247.38.0/24 maxlen: 24
212.95.141.0/24 maxlen: 24
185.247.36.0/24 maxlen: 24
185.247.36.0/23 maxlen: 23
212.95.140.0/24 maxlen: 24
185.95.204.0/23 maxlen: 23
185.95.204.0/24 maxlen: 24
185.95.205.0/24 maxlen: 24
185.95.206.0/24 maxlen: 24
185.95.206.0/23 maxlen: 23
185.95.207.0/24 maxlen: 24
91.213.191.0/24 maxlen: 24
185.247.38.0/23 maxlen: 23
185.247.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:4e:ca:c3:c5:63:f0:54:5e:0e:c5:f3:88:63:dc:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49dd8f1a62a5d7f80212de0f3efe75b2fa338ffe
Validity
Not Before: Dec 14 07:51:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7265919bc8141a137571f8c4c69cf5bd97a16231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:34:c7:6c:6b:14:92:92:98:6c:fb:24:fb:42:
0c:89:c0:92:e1:e2:0b:d9:af:80:88:94:67:63:ed:
56:98:f4:1d:cc:b9:3a:03:56:64:b7:4c:b0:0e:eb:
85:15:9f:6f:6d:7b:69:b0:e6:a2:74:d1:d2:76:cf:
85:84:62:a3:1f:e9:c1:dc:67:fb:2a:b0:b7:f5:82:
ba:0e:71:17:7f:ce:37:14:25:f8:13:6f:32:89:02:
ab:ca:fc:cf:b2:27:2d:ac:55:be:ec:c6:ea:28:ab:
67:79:7d:e8:a0:8b:fe:2c:a5:8c:3a:08:d8:d9:22:
95:0f:33:dd:14:42:68:03:71:5f:45:77:b6:01:7e:
c4:b4:ee:da:bb:18:e1:f4:c1:02:ac:84:8e:33:0f:
e3:e7:77:73:47:ae:25:26:c6:f6:ba:7a:1a:1d:f3:
08:a2:25:0b:50:b2:72:5e:be:53:03:62:fa:a7:29:
ca:75:68:9c:1e:db:fb:ff:5f:0d:25:b8:76:52:2a:
9a:5d:5e:77:e6:a8:bc:67:de:5f:53:e6:f2:4a:63:
b8:5b:d5:01:a0:45:0e:28:69:e2:be:b5:c6:41:dc:
59:2e:41:2e:4f:ea:81:15:67:34:b0:48:1c:8c:0b:
ba:fa:76:50:65:ca:d6:7a:99:a0:74:33:6c:9d:47:
0a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:65:91:9B:C8:14:1A:13:75:71:F8:C4:C6:9C:F5:BD:97:A1:62:31
X509v3 Authority Key Identifier:
keyid:49:DD:8F:1A:62:A5:D7:F8:02:12:DE:0F:3E:FE:75:B2:FA:33:8F:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sd2PGmKl1_gCEt4PPv51svozj_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/cmWRm8gUGhN1cfjExpz1vZehYjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/Sd2PGmKl1_gCEt4PPv51svozj_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.196.0-5.181.198.255
82.199.208.0/20
89.46.200.0/21
91.213.191.0/24
91.217.185.0/24
185.16.26.0/23
185.95.204.0/22
185.247.36.0/22
185.254.200.0/23
185.254.203.0/24
212.95.128.0-212.95.141.255
223.25.120.0-223.25.126.255
Signature Algorithm: sha256WithRSAEncryption
24:c2:4b:bc:35:37:7c:6d:56:92:82:28:fc:dc:76:bf:74:13:
77:34:09:86:79:de:27:2f:6c:5f:48:b4:fd:31:fc:7f:f1:9e:
1e:a6:88:55:6a:f6:b0:70:96:08:f7:97:f2:01:23:dc:83:37:
e2:55:c5:93:46:58:80:f9:54:33:a8:67:45:8d:7a:05:62:62:
ff:09:66:8d:02:7a:4c:0b:2b:72:e5:b1:21:f1:00:bb:68:f8:
bd:39:71:65:aa:e8:d1:b5:08:2b:83:06:73:7b:16:25:5f:0e:
76:19:ac:dd:34:39:47:68:0c:07:d4:a9:1c:8e:8f:3b:26:be:
8e:41:7f:9f:ae:46:84:56:16:91:4d:d2:68:43:ef:ee:1c:d2:
d7:e2:06:5c:cf:70:4c:b2:36:03:75:9a:74:e3:e8:45:45:ab:
07:86:32:6f:f0:14:25:66:f8:2f:2e:6f:ca:4c:73:86:f5:e9:
c9:78:1a:da:46:79:fc:03:38:d6:f2:5b:25:b9:f7:1a:a4:ff:
b3:0b:e3:e5:b8:95:4d:5c:63:83:65:af:4d:0a:49:43:55:b6:
dc:73:4e:3b:b4:7f:ab:4b:15:17:48:16:bb:1b:76:4f:57:f5:
49:5d:a9:bd:e3:ae:84:6b:b3:c8:1f:b2:69:d6:e4:00:af:eb:
9f:87:e3:f0
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYxnTsrDxWPwVF4OxfOIY9zjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZGQ4ZjFhNjJhNWQ3ZjgwMjEyZGUwZjNlZmU3NWIyZmEz
MzhmZmUwHhcNMjMxMjE0MDc1MTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjY1OTE5YmM4MTQxYTEzNzU3MWY4YzRjNjljZjViZDk3YTE2MjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzTHbGsUkpKYbPsk+0IMicCS4eIL
2a+AiJRnY+1WmPQdzLk6A1Zkt0ywDuuFFZ9vbXtpsOaidNHSds+FhGKjH+nB3Gf7
KrC39YK6DnEXf843FCX4E28yiQKryvzPsictrFW+7MbqKKtneX3ooIv+LKWMOgjY
2SKVDzPdFEJoA3FfRXe2AX7EtO7auxjh9MECrISOMw/j53dzR64lJsb2unoaHfMI
oiULULJyXr5TA2L6pynKdWicHtv7/18NJbh2UiqaXV535qi8Z95fU+bySmO4W9UB
oEUOKGnivrXGQdxZLkEuT+qBFWc0sEgcjAu6+nZQZcrWepmgdDNsnUcKmQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFHJlkZvIFBoTdXH4xMac9b2XoWIxMB8GA1UdIwQY
MBaAFEndjxpipdf4AhLeDz7+dbL6M4/+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2QyUEdtS2wxX2dDRXQ0UFB2NTFzdm96al80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8wMWIxZWYtMjMzYi00ZDZmLThkY2Yt
Y2VlYzQ5MTI0YzBmLzEvY21XUm04Z1VHaE4xY2ZqRXhwejF2WmVoWWpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8wMWIxZWYtMjMzYi00ZDZmLThkY2YtY2VlYzQ5MTI0YzBm
LzEvU2QyUEdtS2wxX2dDRXQ0UFB2NTFzdm96al80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgMAwDBAIFtcQD
BAAFtcYDBARSx9ADBANZLsgDBABb1b8DBABb2bkDBAG5EBoDBAK5X8wDBAK59yQD
BAG5/sgDBAC5/sswDAMEB9RfgAMEAdRfjDAMAwQD3xl4AwQA3xl+MA0GCSqGSIb3
DQEBCwUAA4IBAQAkwku8NTd8bVaSgij83Ha/dBN3NAmGed4nL2xfSLT9Mfx/8Z4e
pohVavawcJYI95fyASPcgzfiVcWTRliA+VQzqGdFjXoFYmL/CWaNAnpMCyty5bEh
8QC7aPi9OXFlqujRtQgrgwZzexYlXw52GazdNDlHaAwH1Kkcjo87Jr6OQX+frkaE
VhaRTdJoQ+/uHNLX4gZcz3BMsjYDdZp04+hFRasHhjJv8BQlZvgvLm/KTHOG9enJ
eBraRnn8AzjW8lslufcapP+zC+PluJVNXGODZa9NCklDVbbcc047tH+rSxUXSBa7
G3ZPV/VJXam9466Ea7PIH7Jp1uQAr+ufh+Pw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:04 2025 by rpki-client