Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/KzhWX0W3yEkLF3jvMXqJ9I0M5kM.roa
File: KzhWX0W3yEkLF3jvMXqJ9I0M5kM.roa (raw, json)
Hash identifier: 5WAJ1dmK4eOgxve0fEBLi+jf32oDl28GE3vIQJyk3M0=
Subject key identifier: 2B:38:56:5F:45:B7:C8:49:0B:17:78:EF:31:7A:89:F4:8D:0C:E6:43
Certificate issuer: /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial: 0585BB40
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/KzhWX0W3yEkLF3jvMXqJ9I0M5kM.roa
Signing time: Wed 20 Apr 2022 09:35:10 +0000
ROA not before: Wed 20 Apr 2022 09:35:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8308
IP address blocks: 194.181.65.0/24 maxlen: 24
194.181.66.0/24 maxlen: 24
194.181.68.0/24 maxlen: 24
194.181.69.0/24 maxlen: 24
194.181.70.0/24 maxlen: 24
194.181.71.0/24 maxlen: 24
194.181.72.0/24 maxlen: 24
194.181.73.0/24 maxlen: 24
194.181.74.0/24 maxlen: 24
194.181.75.0/24 maxlen: 24
194.181.76.0/24 maxlen: 24
194.181.77.0/24 maxlen: 24
194.181.78.0/24 maxlen: 24
194.181.79.0/24 maxlen: 24
194.181.80.0/24 maxlen: 24
194.181.81.0/24 maxlen: 24
194.181.82.0/24 maxlen: 24
194.181.83.0/24 maxlen: 24
194.181.84.0/24 maxlen: 24
194.181.85.0/24 maxlen: 24
194.181.89.0/24 maxlen: 24
194.181.90.0/24 maxlen: 24
194.181.91.0/24 maxlen: 24
194.181.86.0/24 maxlen: 24
194.181.87.0/24 maxlen: 24
194.181.88.0/24 maxlen: 24
194.181.92.0/24 maxlen: 24
194.181.93.0/24 maxlen: 24
194.181.94.0/24 maxlen: 24
194.181.95.0/24 maxlen: 24
194.181.96.0/24 maxlen: 24
194.181.97.0/24 maxlen: 24
194.181.98.0/24 maxlen: 24
194.181.99.0/24 maxlen: 24
194.181.100.0/24 maxlen: 24
194.181.101.0/24 maxlen: 24
194.181.102.0/24 maxlen: 24
194.181.103.0/24 maxlen: 24
194.181.104.0/24 maxlen: 24
194.181.105.0/24 maxlen: 24
194.181.106.0/24 maxlen: 24
194.181.107.0/24 maxlen: 24
194.181.108.0/24 maxlen: 24
194.181.109.0/24 maxlen: 24
194.181.110.0/24 maxlen: 24
194.181.19.0/24 maxlen: 24
194.181.20.0/24 maxlen: 24
194.181.21.0/24 maxlen: 24
194.181.22.0/24 maxlen: 24
194.181.23.0/24 maxlen: 24
194.181.24.0/24 maxlen: 24
194.181.25.0/24 maxlen: 24
194.181.26.0/24 maxlen: 24
194.181.27.0/24 maxlen: 24
194.181.28.0/24 maxlen: 24
194.181.29.0/24 maxlen: 24
194.181.30.0/24 maxlen: 24
194.181.34.0/24 maxlen: 24
194.181.35.0/24 maxlen: 24
194.181.36.0/24 maxlen: 24
194.181.37.0/24 maxlen: 24
194.181.32.0/24 maxlen: 24
194.181.33.0/24 maxlen: 24
194.181.39.0/24 maxlen: 24
194.181.42.0/24 maxlen: 24
194.181.46.0/24 maxlen: 24
194.181.50.0/24 maxlen: 24
194.181.51.0/24 maxlen: 24
194.181.52.0/24 maxlen: 24
194.181.53.0/24 maxlen: 24
194.181.54.0/24 maxlen: 24
194.181.55.0/24 maxlen: 24
194.181.58.0/24 maxlen: 24
194.181.59.0/24 maxlen: 24
194.181.60.0/24 maxlen: 24
194.181.61.0/24 maxlen: 24
194.181.62.0/24 maxlen: 24
194.181.63.0/24 maxlen: 24
194.181.64.0/24 maxlen: 24
193.59.1.0/24 maxlen: 24
193.59.2.0/24 maxlen: 24
193.59.3.0/24 maxlen: 24
193.59.4.0/24 maxlen: 24
195.187.0.0/18 maxlen: 18
193.59.5.0/24 maxlen: 24
193.59.6.0/24 maxlen: 24
193.59.7.0/24 maxlen: 24
193.59.10.0/24 maxlen: 24
193.59.11.0/24 maxlen: 24
193.59.0.0/16 maxlen: 16
193.59.20.0/24 maxlen: 24
193.59.21.0/24 maxlen: 24
193.59.22.0/24 maxlen: 24
193.59.23.0/24 maxlen: 24
193.59.28.0/24 maxlen: 24
193.59.29.0/24 maxlen: 24
193.59.30.0/24 maxlen: 24
193.59.31.0/24 maxlen: 24
194.181.1.0/24 maxlen: 24
194.181.4.0/24 maxlen: 24
194.181.0.0/16 maxlen: 16
194.181.5.0/24 maxlen: 24
195.187.101.0/24 maxlen: 24
195.187.128.0/17 maxlen: 17
217.9.160.0/20 maxlen: 20
217.9.160.0/24 maxlen: 24
217.9.165.0/24 maxlen: 24
195.164.0.0/16 maxlen: 16
194.181.255.0/24 maxlen: 24
2001:a10::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92650304 (0x585bb40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Validity
Not Before: Apr 20 09:35:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b38565f45b7c8490b1778ef317a89f48d0ce643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:92:9c:4a:2f:04:fb:25:1f:e7:fc:2b:53:07:
ea:9b:44:67:64:fb:60:f2:30:f8:78:d8:2c:bb:b4:
d8:21:1f:33:ba:42:32:ff:67:a9:8b:6f:63:fd:b2:
33:f6:59:86:6f:8f:7a:65:a6:da:16:73:19:96:a1:
71:98:f9:24:c9:1f:e1:b2:9a:93:d3:f2:0e:a9:8e:
59:6e:cd:40:cb:ac:3c:c1:fb:60:b4:33:1f:05:01:
54:17:71:85:f5:64:ce:48:9a:c8:a3:2f:94:cd:d1:
a7:ab:58:47:07:90:20:a0:b3:cf:a2:82:46:1a:d0:
6d:4f:f9:98:0d:db:c1:b9:4d:f1:35:42:41:fb:73:
d5:16:f3:ed:ef:1a:b5:eb:5c:ec:da:4d:e9:1f:60:
83:c6:d3:38:11:17:2e:9e:2a:cd:d1:ba:88:82:4e:
e2:48:da:fd:d5:11:bf:d5:98:5e:8a:ed:f7:b2:74:
ad:fc:e7:63:ca:d6:56:84:47:d0:12:75:dc:a1:a1:
a4:b1:1d:a0:97:81:da:a6:02:e4:93:09:43:43:ce:
40:82:9f:5e:a0:c9:07:de:27:32:61:c4:f5:be:e8:
78:08:74:94:ed:13:7f:9f:75:d2:99:24:12:85:2b:
7b:11:6b:a9:8d:6b:35:0e:03:f0:43:e8:1f:ff:94:
9b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:38:56:5F:45:B7:C8:49:0B:17:78:EF:31:7A:89:F4:8D:0C:E6:43
X509v3 Authority Key Identifier:
keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/KzhWX0W3yEkLF3jvMXqJ9I0M5kM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.59.0.0/16
194.181.0.0/16
195.164.0.0/16
195.187.0.0/18
195.187.101.0/24
195.187.128.0/17
217.9.160.0/20
IPv6:
2001:a10::/32
Signature Algorithm: sha256WithRSAEncryption
5f:90:12:09:66:7f:35:6d:a4:d5:c1:24:4d:a2:04:75:84:0f:
96:48:d2:dd:2f:0a:da:b9:21:5b:d6:f8:bd:7d:7a:d4:b7:72:
63:dc:f3:62:46:2f:71:70:5e:53:ff:3a:4b:a7:78:e8:58:1f:
b7:cf:69:5f:19:3e:9a:2e:6d:e7:2f:49:3b:d3:60:76:53:41:
69:dc:62:81:df:7f:e6:97:5c:61:ec:bf:a1:62:d3:87:52:51:
7e:f0:9e:dc:47:c6:28:a8:47:77:0a:dc:2c:d1:fc:e4:f8:d3:
96:14:db:df:e0:1d:03:42:21:f2:93:a1:17:aa:80:fb:f9:b7:
e1:be:23:22:50:ef:dc:90:7a:d8:4a:3b:8d:a0:a7:ce:84:13:
d6:6d:6d:c3:0b:52:c7:fa:92:ff:8d:de:01:a0:63:d4:fe:16:
b1:02:9b:c5:f0:1f:d9:db:fe:7c:24:02:b6:80:52:a7:38:a5:
57:6e:99:cc:d5:96:95:0a:35:6c:e5:ab:b7:ed:cc:bb:de:9e:
be:dd:f2:0b:e0:cf:f6:c8:e2:e2:cb:b2:9a:95:a9:4d:40:8b:
b5:8c:c8:8e:7a:e3:62:1b:12:e2:4d:9d:64:84:bf:94:74:89:
66:e9:6a:9b:4e:17:d7:a6:90:83:11:1b:69:53:91:04:5e:4e:
ce:61:08:c9
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEBYW7QDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MGM0MDk2MTNmZWEwYTJiNDQyY2UxMTJlOWNiZGI0ODVlMDExODhmMB4XDTIyMDQy
MDA5MzUxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmIzODU2NWY0NWI3
Yzg0OTBiMTc3OGVmMzE3YTg5ZjQ4ZDBjZTY0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+SnEovBPslH+f8K1MH6ptEZ2T7YPIw+HjYLLu02CEfM7pC
Mv9nqYtvY/2yM/ZZhm+PemWm2hZzGZahcZj5JMkf4bKak9PyDqmOWW7NQMusPMH7
YLQzHwUBVBdxhfVkzkiayKMvlM3Rp6tYRweQIKCzz6KCRhrQbU/5mA3bwblN8TVC
Qftz1Rbz7e8atetc7NpN6R9gg8bTOBEXLp4qzdG6iIJO4kja/dURv9WYXort97J0
rfznY8rWVoRH0BJ13KGhpLEdoJeB2qYC5JMJQ0POQIKfXqDJB94nMmHE9b7oeAh0
lO0Tf5910pkkEoUrexFrqY1rNQ4D8EPoH/+Um00CAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQrOFZfRbfISQsXeO8xeon0jQzmQzAfBgNVHSMEGDAWgBQwxAlhP+oKK0Qs
4RLpy9tIXgEYjzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01NUUpZVF9xQ2l0RUxPRVM2Y3ZiU0Y0QkdJOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvYjc4ZmI1LWFmY2EtNGRiNy04ODg2LWMwNjcxYmY0Y2YzZS8x
L0t6aFdYMFczeUVrTEYzanZNWHFKOUkwTTVrTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
Yjc4ZmI1LWFmY2EtNGRiNy04ODg2LWMwNjcxYmY0Y2YzZS8xL01NUUpZVF9xQ2l0
RUxPRVM2Y3ZiU0Y0QkdJOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wLQQCAAEwJwMDAME7AwMAwrUDAwDDpAMEBsO7AAME
AMO7ZQMEB8O7gAMEBNkJoDANBAIAAjAHAwUAIAEKEDANBgkqhkiG9w0BAQsFAAOC
AQEAX5ASCWZ/NW2k1cEkTaIEdYQPlkjS3S8K2rkhW9b4vX161LdyY9zzYkYvcXBe
U/86S6d46Fgft89pXxk+mi5t5y9JO9NgdlNBadxigd9/5pdcYey/oWLTh1JRfvCe
3EfGKKhHdwrcLNH85PjTlhTb3+AdA0Ih8pOhF6qA+/m34b4jIlDv3JB62Eo7jaCn
zoQT1m1twwtSx/qS/43eAaBj1P4WsQKbxfAf2dv+fCQCtoBSpzilV26ZzNWWlQo1
bOWrt+3Mu96evt3yC+DP9sji4suympWpTUCLtYzIjnrjYhsS4k2dZIS/lHSJZulq
m04X16aQgxEbaVORBF5OzmEIyQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:40 2024 by rpki-client on console-fra.rpki-client.org