Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/KveUB7OAQ8cjuwsr-751R0KFeNU.roa
File: KveUB7OAQ8cjuwsr-751R0KFeNU.roa (raw, json)
Hash identifier: q4NwepNvO/fqaj7kCBrqy31zQqVzNbPVYWw8Qz18yHc=
Subject key identifier: 2A:F7:94:07:B3:80:43:C7:23:BB:0B:2B:FB:BE:75:47:42:85:78:D5
Certificate issuer: /CN=63444210ea08ac529878d51917e3b30054d620d1
Certificate serial: 018857A18BE4A36F8FE50236AF1A050694D4
Authority key identifier: 63:44:42:10:EA:08:AC:52:98:78:D5:19:17:E3:B3:00:54:D6:20:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y0RCEOoIrFKYeNUZF-OzAFTWINE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/KveUB7OAQ8cjuwsr-751R0KFeNU.roa
Signing time: Fri 26 May 2023 10:36:24 +0000
ROA not before: Fri 26 May 2023 10:36:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30722
IP address blocks: 109.119.0.0/16 maxlen: 16
31.156.0.0/14 maxlen: 19
109.114.0.0/15 maxlen: 19
176.242.0.0/15 maxlen: 15
109.115.192.0/19 maxlen: 19
2.45.0.0/16 maxlen: 20
109.115.96.0/19 maxlen: 19
109.112.0.0/15 maxlen: 15
2.43.0.0/16 maxlen: 16
188.152.128.0/17 maxlen: 20
31.27.224.0/19 maxlen: 19
37.116.0.0/16 maxlen: 19
109.116.0.0/15 maxlen: 20
176.244.0.0/14 maxlen: 14
2.42.0.0/16 maxlen: 20
2.40.0.0/16 maxlen: 20
109.115.224.0/19 maxlen: 19
188.153.0.0/16 maxlen: 20
130.25.0.0/16 maxlen: 18
2.44.0.0/16 maxlen: 19
2.34.0.0/15 maxlen: 20
2.32.0.0/16 maxlen: 20
31.27.0.0/18 maxlen: 18
109.118.0.0/16 maxlen: 16
2.36.0.0/14 maxlen: 18
31.26.0.0/16 maxlen: 16
31.27.192.0/19 maxlen: 19
188.218.0.0/15 maxlen: 18
188.152.0.0/17 maxlen: 20
31.27.96.0/20 maxlen: 20
188.216.0.0/15 maxlen: 17
130.0.128.0/18 maxlen: 21
31.27.128.0/17 maxlen: 19
2.46.0.0/15 maxlen: 20
2.41.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:57:a1:8b:e4:a3:6f:8f:e5:02:36:af:1a:05:06:94:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63444210ea08ac529878d51917e3b30054d620d1
Validity
Not Before: May 26 10:36:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2af79407b38043c723bb0b2bfbbe7547428578d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a1:13:38:dd:98:74:aa:20:ac:f2:cc:33:ce:
ac:8d:30:b0:28:c6:63:94:36:95:10:34:00:c9:c1:
de:01:db:46:e4:91:48:b7:ef:d9:8d:6e:a0:ee:db:
77:ff:f2:a4:3f:b8:85:1d:12:3b:8a:0f:d1:17:cb:
7d:6d:17:79:f9:57:a4:6e:7a:41:85:3c:05:85:50:
e8:e0:4d:99:e3:8d:13:4f:5e:5e:fc:de:bb:40:09:
ab:f7:3a:70:ec:45:7f:94:54:6c:5c:65:b9:27:03:
2c:6c:d8:bf:1f:cf:fa:7e:b3:20:e7:a9:6c:29:92:
08:7f:e0:51:4c:6a:b2:5c:63:e8:de:df:99:15:8c:
de:34:ad:54:bd:84:25:fa:af:d6:f4:c1:41:78:e6:
b7:93:d0:e5:bb:24:83:68:da:21:c1:10:d2:2f:c7:
55:3b:5f:41:64:3d:7e:83:61:89:5d:87:e5:e8:73:
2a:86:ac:32:ee:e3:5b:5f:d8:16:71:dd:e8:72:ce:
2c:ac:cc:84:d2:7f:be:f3:e2:77:10:4a:8d:09:79:
83:4f:f3:16:c9:e9:ac:df:22:c8:e1:3f:50:87:64:
94:99:ce:3c:fb:9d:a4:39:f6:64:b5:39:d4:a7:0f:
5d:46:e6:e3:30:4a:83:ac:76:f3:f9:56:a9:a2:7c:
78:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F7:94:07:B3:80:43:C7:23:BB:0B:2B:FB:BE:75:47:42:85:78:D5
X509v3 Authority Key Identifier:
keyid:63:44:42:10:EA:08:AC:52:98:78:D5:19:17:E3:B3:00:54:D6:20:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y0RCEOoIrFKYeNUZF-OzAFTWINE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/KveUB7OAQ8cjuwsr-751R0KFeNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/Y0RCEOoIrFKYeNUZF-OzAFTWINE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.32.0.0/16
2.34.0.0-2.47.255.255
31.26.0.0-31.27.63.255
31.27.96.0/20
31.27.128.0/17
31.156.0.0/14
37.116.0.0/16
109.112.0.0/13
130.0.128.0/18
130.25.0.0/16
176.242.0.0-176.247.255.255
188.152.0.0/15
188.216.0.0/14
Signature Algorithm: sha256WithRSAEncryption
3e:20:bc:be:ee:45:01:97:ca:70:e8:76:91:83:82:d4:da:bc:
50:29:7c:de:f7:c1:dc:49:cd:d2:71:f1:74:d3:2f:9a:3b:5d:
b5:2e:31:e6:af:bd:eb:b9:a2:0f:9b:b2:e2:8a:86:ee:a2:4e:
8a:48:cc:5f:ba:79:99:c4:d3:59:fd:ff:9c:eb:63:d6:dd:3e:
3e:08:29:95:76:5d:d3:bf:19:d3:73:17:28:24:03:42:f8:31:
3f:90:08:80:a0:2d:9d:84:05:f2:00:73:71:9e:5d:98:b2:22:
1e:e5:35:5d:f7:0a:5c:a4:29:d7:65:34:47:12:c7:81:bf:cf:
7f:cc:de:42:8e:d8:f2:7f:e9:56:10:9a:50:50:18:a1:1b:f1:
c4:27:e6:8a:da:62:8f:ab:df:7d:d4:d7:79:5f:b1:fa:21:1e:
52:ca:55:ad:34:5c:4f:8c:b9:5f:c0:7a:5c:68:ab:77:62:b5:
6c:3e:07:ee:54:2f:8c:1b:62:2e:aa:fb:eb:b4:e5:40:f2:a9:
73:91:75:12:5e:65:1b:7b:50:9d:e4:7c:7a:b4:d9:04:91:99:
ad:10:42:16:bd:0f:bd:5c:73:bd:ff:c7:a1:ef:cd:6f:54:ab:
2e:4b:77:9a:fc:80:69:6a:4c:64:4f:2a:85:26:f2:f4:82:f5:
81:77:1c:19
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYhXoYvko2+P5QI2rxoFBpTUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNDQ0MjEwZWEwOGFjNTI5ODc4ZDUxOTE3ZTNiMzAwNTRk
NjIwZDEwHhcNMjMwNTI2MTAzNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWY3OTQwN2IzODA0M2M3MjNiYjBiMmJmYmJlNzU0NzQyODU3OGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKETON2YdKogrPLMM86sjTCwKMZj
lDaVEDQAycHeAdtG5JFIt+/ZjW6g7tt3//KkP7iFHRI7ig/RF8t9bRd5+VekbnpB
hTwFhVDo4E2Z440TT15e/N67QAmr9zpw7EV/lFRsXGW5JwMsbNi/H8/6frMg56ls
KZIIf+BRTGqyXGPo3t+ZFYzeNK1UvYQl+q/W9MFBeOa3k9DluySDaNohwRDSL8dV
O19BZD1+g2GJXYfl6HMqhqwy7uNbX9gWcd3ocs4srMyE0n++8+J3EEqNCXmDT/MW
yems3yLI4T9Qh2SUmc48+52kOfZktTnUpw9dRubjMEqDrHbz+Vaponx4QQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFCr3lAezgEPHI7sLK/u+dUdChXjVMB8GA1UdIwQY
MBaAFGNEQhDqCKxSmHjVGRfjswBU1iDRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTBSQ0VPb0lyRktZZU5VWkYtT3pBRlRXSU5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lZGVhNmUtNjZjYy00ZmIxLWE0NTQt
ZmU4MzdmOThlMDI2LzEvS3ZlVUI3T0FROGNqdXdzci03NTFSMEtGZU5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lZGVhNmUtNjZjYy00ZmIxLWE0NTQtZmU4MzdmOThlMDI2
LzEvWTBSQ0VPb0lyRktZZU5VWkYtT3pBRlRXSU5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwMAAiAwCgMD
AQIiAwMEAiAwCwMDAR8aAwQGHxsAAwQEHxtgAwQHHxuAAwMCH5wDAwAldAMDA21w
AwQGggCAAwMAghkwCgMDAbDyAwMDsPADAwG8mAMDArzYMA0GCSqGSIb3DQEBCwUA
A4IBAQA+ILy+7kUBl8pw6HaRg4LU2rxQKXze98HcSc3ScfF00y+aO121LjHmr73r
uaIPm7Liiobuok6KSMxfunmZxNNZ/f+c62PW3T4+CCmVdl3TvxnTcxcoJANC+DE/
kAiAoC2dhAXyAHNxnl2YsiIe5TVd9wpcpCnXZTRHEseBv89/zN5Cjtjyf+lWEJpQ
UBihG/HEJ+aK2mKPq9991Nd5X7H6IR5SylWtNFxPjLlfwHpcaKt3YrVsPgfuVC+M
G2IuqvvrtOVA8qlzkXUSXmUbe1Cd5Hx6tNkEkZmtEEIWvQ+9XHO9/8eh781vVKsu
S3ea/IBpakxkTyqFJvL0gvWBdxwZ
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:44:40 2025 by rpki-client