Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/LT73cMZGJiI0BUXhwUjchgmzhGM.roa
File: LT73cMZGJiI0BUXhwUjchgmzhGM.roa (raw, json)
Hash identifier: 26Q/MTwWbEjcsmuBK7VizdoLrpJG0fpgJwc5fbgXZr0=
Subject key identifier: 2D:3E:F7:70:C6:46:26:22:34:05:45:E1:C1:48:DC:86:09:B3:84:63
Certificate issuer: /CN=97429de8bcc3be474abbda2be2a89d0f3208c385
Certificate serial: 018B47989F0629CE912618EA354515EBCF0B
Authority key identifier: 97:42:9D:E8:BC:C3:BE:47:4A:BB:DA:2B:E2:A8:9D:0F:32:08:C3:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l0Kd6LzDvkdKu9or4qidDzIIw4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/LT73cMZGJiI0BUXhwUjchgmzhGM.roa
Signing time: Thu 19 Oct 2023 11:01:06 +0000
ROA not before: Thu 19 Oct 2023 11:01:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41833
IP address blocks: 95.141.48.0/20 maxlen: 20
95.141.49.0/24 maxlen: 24
95.141.48.0/24 maxlen: 24
95.141.57.0/24 maxlen: 24
95.141.58.0/24 maxlen: 24
95.141.55.0/24 maxlen: 24
95.141.56.0/24 maxlen: 24
95.141.62.0/24 maxlen: 24
95.141.63.0/24 maxlen: 24
95.141.61.0/24 maxlen: 24
95.141.59.0/24 maxlen: 24
95.141.60.0/24 maxlen: 24
46.227.255.0/24 maxlen: 24
46.227.254.0/24 maxlen: 24
46.227.253.0/24 maxlen: 24
46.227.251.0/24 maxlen: 24
46.227.249.0/24 maxlen: 24
46.227.248.0/21 maxlen: 21
46.227.248.0/24 maxlen: 24
46.227.252.0/24 maxlen: 24
185.58.201.0/24 maxlen: 24
185.58.202.0/24 maxlen: 24
185.58.200.0/24 maxlen: 24
185.58.200.0/22 maxlen: 22
93.185.231.0/29 maxlen: 29
89.249.212.0/28 maxlen: 28
93.185.229.0/24 maxlen: 24
93.185.233.0/24 maxlen: 24
93.185.231.0/24 maxlen: 24
141.138.191.0/24 maxlen: 24
93.185.232.0/24 maxlen: 24
141.138.189.0/24 maxlen: 24
93.185.230.0/24 maxlen: 24
141.138.187.0/24 maxlen: 24
141.138.188.0/24 maxlen: 24
93.185.228.0/24 maxlen: 24
93.185.227.0/24 maxlen: 24
93.185.238.0/24 maxlen: 24
93.185.239.0/24 maxlen: 24
93.185.236.0/24 maxlen: 24
93.185.237.0/24 maxlen: 24
93.185.235.0/24 maxlen: 24
93.185.229.0/30 maxlen: 30
89.249.212.0/24 maxlen: 24
89.249.213.0/24 maxlen: 24
89.249.210.0/24 maxlen: 24
89.249.211.0/24 maxlen: 24
89.249.208.0/24 maxlen: 24
89.249.209.0/24 maxlen: 24
89.249.208.0/20 maxlen: 20
141.138.178.0/24 maxlen: 24
89.249.219.0/24 maxlen: 24
141.138.176.0/20 maxlen: 20
141.138.179.0/24 maxlen: 24
89.249.217.0/24 maxlen: 24
141.138.177.0/24 maxlen: 24
89.249.218.0/24 maxlen: 24
89.249.215.0/24 maxlen: 24
141.138.176.0/24 maxlen: 24
89.249.214.0/24 maxlen: 24
141.138.182.0/24 maxlen: 24
89.249.222.0/24 maxlen: 24
89.249.223.0/24 maxlen: 24
141.138.183.0/24 maxlen: 24
141.138.184.0/24 maxlen: 24
141.138.185.0/24 maxlen: 24
141.138.186.0/24 maxlen: 24
141.138.180.0/24 maxlen: 24
93.185.226.0/24 maxlen: 24
93.185.225.0/24 maxlen: 24
93.185.224.0/20 maxlen: 20
93.185.224.0/24 maxlen: 24
89.249.221.0/24 maxlen: 24
141.138.181.0/24 maxlen: 24
89.249.220.0/24 maxlen: 24
2a02:f50::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:47:98:9f:06:29:ce:91:26:18:ea:35:45:15:eb:cf:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97429de8bcc3be474abbda2be2a89d0f3208c385
Validity
Not Before: Oct 19 11:01:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d3ef770c6462622340545e1c148dc8609b38463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c2:1e:a0:86:af:2f:2f:76:0f:ea:80:f6:1d:
77:50:24:af:e7:fb:81:77:da:50:64:5c:74:d0:9b:
9a:f8:9d:ce:82:ca:30:07:05:ca:aa:4d:3c:51:8a:
57:af:73:ad:1c:6f:01:02:66:d9:ec:fb:8b:b3:86:
1c:f6:3b:19:56:17:a8:8f:11:52:0c:18:a6:b5:55:
68:de:4e:a6:c1:1d:55:9d:9f:f0:59:ab:ba:49:ef:
3f:ff:23:c2:29:e9:ab:4f:ff:57:38:ba:1b:ac:dd:
5b:c1:20:d6:f9:29:f6:33:10:0a:26:5b:a8:95:28:
b8:af:02:25:df:0e:20:dc:9e:e4:06:f8:7a:1f:92:
94:41:89:ae:6a:b6:76:53:c7:a8:8a:29:27:55:ad:
87:62:ce:63:ca:f8:04:70:d8:01:95:77:e6:2f:5e:
28:43:f0:88:ef:25:bd:94:d8:a8:2e:f8:3d:6b:fa:
66:0d:fa:23:a7:33:d6:f4:25:27:01:73:46:29:ec:
24:ce:a1:e5:01:34:b1:0e:d9:40:f5:fa:d3:8e:c3:
d3:dc:73:cc:02:ef:49:03:df:d0:28:a8:94:83:de:
38:ff:c1:a5:f1:02:01:49:96:95:a9:3f:85:59:98:
92:81:63:de:7d:ff:72:98:d3:90:0b:43:9f:53:d2:
a8:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:3E:F7:70:C6:46:26:22:34:05:45:E1:C1:48:DC:86:09:B3:84:63
X509v3 Authority Key Identifier:
keyid:97:42:9D:E8:BC:C3:BE:47:4A:BB:DA:2B:E2:A8:9D:0F:32:08:C3:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0Kd6LzDvkdKu9or4qidDzIIw4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/LT73cMZGJiI0BUXhwUjchgmzhGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/l0Kd6LzDvkdKu9or4qidDzIIw4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.248.0/21
89.249.208.0/20
93.185.224.0/20
95.141.48.0/20
141.138.176.0/20
185.58.200.0/22
IPv6:
2a02:f50::/32
Signature Algorithm: sha256WithRSAEncryption
93:47:88:85:2b:b0:a1:e1:cd:6e:05:83:76:b0:44:33:d9:ba:
4d:4c:80:95:b6:17:ea:69:37:ca:f4:00:fc:e6:e8:5e:46:dc:
b9:65:eb:44:00:84:c0:4c:66:2b:56:16:4b:99:79:ac:92:dd:
87:de:7f:d4:4c:27:81:d7:08:4d:9c:c5:f0:06:f1:0f:df:d0:
25:07:1b:56:88:f8:d8:29:43:65:d7:44:d5:ba:65:db:8b:c2:
8f:23:b4:a8:50:97:f1:cb:89:1e:d0:9a:8c:98:0b:37:e4:04:
ce:b3:3f:0e:60:8e:de:ca:7b:7b:6f:e3:ac:d7:bf:9d:6f:09:
bd:b6:51:18:e3:1c:7d:ab:61:c4:c6:93:9f:e2:77:4a:5b:a8:
84:56:17:63:71:74:3a:b6:e3:48:23:6d:87:c6:5b:8c:a0:18:
e4:d3:2f:79:de:fd:f2:5e:63:1d:eb:11:be:4d:77:c6:41:4a:
41:8e:77:2e:12:aa:cf:bc:65:66:07:74:be:b0:ab:58:60:5f:
b7:b3:80:6d:c5:b4:a4:ec:c9:12:00:93:11:b3:bd:46:ce:73:
35:be:f9:fc:99:c6:c8:47:e9:dd:06:e9:3a:d3:5d:72:b0:95:
bc:23:74:f3:b2:fd:f2:89:8c:2e:64:b2:7c:c7:74:f6:1a:a6:
79:56:0c:23
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYtHmJ8GKc6RJhjqNUUV688LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NDI5ZGU4YmNjM2JlNDc0YWJiZGEyYmUyYTg5ZDBmMzIw
OGMzODUwHhcNMjMxMDE5MTEwMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDNlZjc3MGM2NDYyNjIyMzQwNTQ1ZTFjMTQ4ZGM4NjA5YjM4NDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcIeoIavLy92D+qA9h13UCSv5/uB
d9pQZFx00Jua+J3OgsowBwXKqk08UYpXr3OtHG8BAmbZ7PuLs4Yc9jsZVheojxFS
DBimtVVo3k6mwR1VnZ/wWau6Se8//yPCKemrT/9XOLobrN1bwSDW+Sn2MxAKJluo
lSi4rwIl3w4g3J7kBvh6H5KUQYmuarZ2U8eoiiknVa2HYs5jyvgEcNgBlXfmL14o
Q/CI7yW9lNioLvg9a/pmDfojpzPW9CUnAXNGKewkzqHlATSxDtlA9frTjsPT3HPM
Au9JA9/QKKiUg944/8Gl8QIBSZaVqT+FWZiSgWPeff9ymNOQC0OfU9KohwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFC0+93DGRiYiNAVF4cFI3IYJs4RjMB8GA1UdIwQY
MBaAFJdCnei8w75HSrvaK+KonQ8yCMOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDBLZDZMekR2a2RLdTlvcjRxaWREeklJdzRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC85OTExYWMtNGNmMi00ZWU1LThkNjMt
MDQ5YmRjNmI4ZWYzLzEvTFQ3M2NNWkdKaUkwQlVYaHdVamNoZ216aEdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC85OTExYWMtNGNmMi00ZWU1LThkNjMtMDQ5YmRjNmI4ZWYz
LzEvbDBLZDZMekR2a2RLdTlvcjRxaWREeklJdzRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDLuP4AwQE
WfnQAwQEXbngAwQEX40wAwQEjYqwAwQCuTrIMA0EAgACMAcDBQAqAg9QMA0GCSqG
SIb3DQEBCwUAA4IBAQCTR4iFK7Ch4c1uBYN2sEQz2bpNTICVthfqaTfK9AD85uhe
Rty5ZetEAITATGYrVhZLmXmskt2H3n/UTCeB1whNnMXwBvEP39AlBxtWiPjYKUNl
10TVumXbi8KPI7SoUJfxy4ke0JqMmAs35ATOsz8OYI7eynt7b+Os17+dbwm9tlEY
4xx9q2HExpOf4ndKW6iEVhdjcXQ6tuNII22HxluMoBjk0y953v3yXmMd6xG+TXfG
QUpBjncuEqrPvGVmB3S+sKtYYF+3s4BtxbSk7MkSAJMRs71GznM1vvn8mcbIR+nd
Buk6011ysJW8I3Tzsv3yiYwuZLJ8x3T2GqZ5Vgwj
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:01 2025 by rpki-client