Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/Wkn7GktoWBLwmaTdyD9RfnXy4zQ.roa
File: Wkn7GktoWBLwmaTdyD9RfnXy4zQ.roa (raw, json)
Hash identifier: 7steHL3bwGhRdNHyR7tShy5IyGMRlMpGt8aw6dOJsus=
Subject key identifier: 5A:49:FB:1A:4B:68:58:12:F0:99:A4:DD:C8:3F:51:7E:75:F2:E3:34
Certificate issuer: /CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Certificate serial: 08097BD1
Authority key identifier: 64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/Wkn7GktoWBLwmaTdyD9RfnXy4zQ.roa
Signing time: Tue 18 Jan 2022 07:46:21 +0000
ROA not before: Tue 18 Jan 2022 07:46:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49367
IP address blocks: 89.43.52.0/24 maxlen: 24
188.215.6.0/23 maxlen: 23
188.215.6.0/24 maxlen: 24
85.204.255.0/24 maxlen: 24
89.34.236.0/23 maxlen: 23
89.34.239.0/24 maxlen: 24
188.208.16.0/23 maxlen: 23
89.43.34.0/23 maxlen: 23
94.176.212.0/24 maxlen: 24
89.39.254.0/24 maxlen: 24
86.107.110.0/24 maxlen: 24
185.184.240.0/22 maxlen: 22
188.211.248.0/24 maxlen: 24
94.177.48.0/23 maxlen: 23
193.239.140.0/23 maxlen: 23
91.212.52.0/24 maxlen: 24
188.240.229.0/24 maxlen: 24
188.240.228.0/23 maxlen: 23
37.156.174.0/24 maxlen: 24
188.240.228.0/24 maxlen: 24
89.40.142.0/23 maxlen: 23
45.86.144.0/22 maxlen: 22
91.229.186.0/24 maxlen: 24
45.83.56.0/22 maxlen: 22
93.113.145.0/24 maxlen: 24
93.113.144.0/21 maxlen: 21
93.113.144.0/22 maxlen: 22
93.113.144.0/24 maxlen: 24
93.113.147.0/24 maxlen: 24
93.113.146.0/24 maxlen: 24
93.113.149.0/24 maxlen: 24
93.113.148.0/24 maxlen: 24
93.113.150.0/24 maxlen: 24
93.113.151.0/24 maxlen: 24
89.42.134.0/24 maxlen: 24
89.40.227.0/24 maxlen: 24
77.81.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134839249 (0x8097bd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Validity
Not Before: Jan 18 07:46:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a49fb1a4b685812f099a4ddc83f517e75f2e334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6f:c3:a9:cc:e8:18:43:5b:65:1b:e1:e0:02:
52:b0:6e:43:5e:28:3d:71:35:19:c2:a6:5a:ea:b8:
59:a4:09:76:79:0e:8b:2e:a7:26:ff:a2:34:2c:88:
c0:6c:87:84:a4:16:cb:de:74:ae:45:5d:a5:25:8e:
e7:b7:ce:02:5e:1c:2c:84:e3:fc:99:45:50:96:31:
35:22:54:80:47:60:b1:87:31:91:ef:cf:73:ce:26:
45:98:74:fb:01:ce:a3:b4:2c:5a:00:cf:8a:92:16:
b1:d5:27:b1:a6:cd:9e:0c:50:1f:24:45:3b:59:85:
4a:d1:5f:41:bd:67:c5:43:34:26:6d:17:f8:33:27:
43:11:e7:cc:43:8f:05:84:a4:17:2d:64:60:3e:d5:
23:6c:45:a6:c3:0e:37:78:d7:d9:1c:4e:9b:f8:df:
3d:c6:94:cc:18:2a:4a:7e:6e:ff:f3:ae:dc:e9:09:
2b:d1:24:f6:02:00:5a:21:c6:31:90:6d:f0:79:3a:
f1:fb:95:ea:d0:28:1e:10:80:cf:a0:2b:ea:1f:e8:
49:af:d3:87:a5:c0:d9:98:4c:6d:30:20:0d:46:a5:
36:16:e4:6a:e4:2d:64:f8:8c:b9:62:bf:5f:79:55:
f3:73:64:88:51:11:81:0d:5d:c3:31:5a:5d:c1:cf:
d0:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:49:FB:1A:4B:68:58:12:F0:99:A4:DD:C8:3F:51:7E:75:F2:E3:34
X509v3 Authority Key Identifier:
keyid:64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/Wkn7GktoWBLwmaTdyD9RfnXy4zQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.174.0/24
45.83.56.0/22
45.86.144.0/22
77.81.103.0/24
85.204.255.0/24
86.107.110.0/24
89.34.236.0/23
89.34.239.0/24
89.39.254.0/24
89.40.142.0/23
89.40.227.0/24
89.42.134.0/24
89.43.34.0/23
89.43.52.0/24
91.212.52.0/24
91.229.186.0/24
93.113.144.0/21
94.176.212.0/24
94.177.48.0/23
185.184.240.0/22
188.208.16.0/23
188.211.248.0/24
188.215.6.0/23
188.240.228.0/23
193.239.140.0/23
Signature Algorithm: sha256WithRSAEncryption
95:85:6f:a6:b4:3d:ee:6f:80:33:e4:7e:cf:6a:cb:53:f0:dd:
9f:fc:7c:15:7c:bd:a5:7f:9c:25:36:23:c5:96:74:ee:ec:c5:
49:1d:26:02:2f:6e:e9:ba:2c:cd:69:eb:85:fb:e3:62:ef:53:
fb:8c:e2:cb:a1:30:16:c7:e0:ce:3d:70:ca:21:c4:ec:75:b1:
da:bd:c7:44:eb:37:1b:e8:df:c0:53:e0:a1:48:de:e6:e0:f9:
fa:45:3b:b4:3c:dd:d7:f0:38:6a:f5:02:e2:c5:d8:67:97:96:
96:16:b2:fb:af:a4:aa:ae:ef:5c:32:6a:8c:2e:e1:b7:bc:40:
3d:01:08:81:73:0f:e9:cd:b0:85:19:b3:b8:37:cd:c1:b8:76:
30:22:93:1e:ee:6a:d2:5d:04:1b:e6:91:21:42:2f:d4:f2:3e:
2b:92:34:f0:96:fd:83:8a:fa:98:90:6c:9c:7e:e6:74:bf:14:
75:a3:10:4b:e0:5d:10:59:97:00:74:28:c1:70:1d:52:54:88:
0b:25:0c:17:0d:73:f1:8e:31:84:f1:b8:e0:a0:d5:92:d6:30:
1a:38:24:6b:56:22:16:0a:3a:7b:27:9e:2f:ad:45:88:dd:98:
98:38:c7:77:74:cc:51:5d:a7:ec:35:37:3e:c8:57:c1:0a:ab:
0f:8f:3f:9a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIECAl70TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NGZhNjZmYjg0YTc4MWEwNTg0ZmQwZDFjMmRmMzliZGE0NzYwNTE5MB4XDTIyMDEx
ODA3NDYyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWE0OWZiMWE0YjY4
NTgxMmYwOTlhNGRkYzgzZjUxN2U3NWYyZTMzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJZvw6nM6BhDW2Ub4eACUrBuQ14oPXE1GcKmWuq4WaQJdnkO
iy6nJv+iNCyIwGyHhKQWy950rkVdpSWO57fOAl4cLITj/JlFUJYxNSJUgEdgsYcx
ke/Pc84mRZh0+wHOo7QsWgDPipIWsdUnsabNngxQHyRFO1mFStFfQb1nxUM0Jm0X
+DMnQxHnzEOPBYSkFy1kYD7VI2xFpsMON3jX2RxOm/jfPcaUzBgqSn5u//Ou3OkJ
K9Ek9gIAWiHGMZBt8Hk68fuV6tAoHhCAz6Ar6h/oSa/Th6XA2ZhMbTAgDUalNhbk
auQtZPiMuWK/X3lV83NkiFERgQ1dwzFaXcHP0KECAwEAAaOCAp4wggKaMB0GA1Ud
DgQWBBRaSfsaS2hYEvCZpN3IP1F+dfLjNDAfBgNVHSMEGDAWgBRk+mb7hKeBoFhP
0NHC3zm9pHYFGTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pQcG0tNFNuZ2FCWVQ5RFJ3dDg1dmFSMkJSay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmYvNjYzYjRkLWI4MGUtNDk0Ni04NGM0LTc0MDhlYjhiYzU4Ni8x
L1drbjdHa3RvV0JMd21hVGR5RDlSZm5YeTR6US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYv
NjYzYjRkLWI4MGUtNDk0Ni04NGM0LTc0MDhlYjhiYzU4Ni8xL1pQcG0tNFNuZ2FC
WVQ5RFJ3dDg1dmFSMkJSay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
swYIKwYBBQUHAQcBAf8EgaMwgaAwgZ0EAgABMIGWAwQAJZyuAwQCLVM4AwQCLVaQ
AwQATVFnAwQAVcz/AwQAVmtuAwQBWSLsAwQAWSLvAwQAWSf+AwQBWSiOAwQAWSjj
AwQAWSqGAwQBWSsiAwQAWSs0AwQAW9Q0AwQAW+W6AwQDXXGQAwQAXrDUAwQBXrEw
AwQCubjwAwQBvNAQAwQAvNP4AwQBvNcGAwQBvPDkAwQBwe+MMA0GCSqGSIb3DQEB
CwUAA4IBAQCVhW+mtD3ub4Az5H7PastT8N2f/HwVfL2lf5wlNiPFlnTu7MVJHSYC
L27puizNaeuF++Ni71P7jOLLoTAWx+DOPXDKIcTsdbHavcdE6zcb6N/AU+ChSN7m
4Pn6RTu0PN3X8Dhq9QLixdhnl5aWFrL7r6Sqru9cMmqMLuG3vEA9AQiBcw/pzbCF
GbO4N83BuHYwIpMe7mrSXQQb5pEhQi/U8j4rkjTwlv2DivqYkGycfuZ0vxR1oxBL
4F0QWZcAdCjBcB1SVIgLJQwXDXPxjjGE8bjgoNWS1jAaOCRrViIWCjp7J54vrUWI
3ZiYOMd3dMxRXafsNTc+yFfBCqsPjz+a
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:04:12 2025 by rpki-client