Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/gEt4xVkBsCqJKSJZvpyJmjD31gM.roa
File: gEt4xVkBsCqJKSJZvpyJmjD31gM.roa (raw, json)
Hash identifier: H1RaYK0PuqDVyuJG6fXctxXQWZkYiPrpTf4f4G9vt+c=
Subject key identifier: 80:4B:78:C5:59:01:B0:2A:89:29:22:59:BE:9C:89:9A:30:F7:D6:03
Certificate issuer: /CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Certificate serial: 01896E66EFF53E20B6E14BC11A02EB03C90A
Authority key identifier: 64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/gEt4xVkBsCqJKSJZvpyJmjD31gM.roa
Signing time: Wed 19 Jul 2023 13:46:27 +0000
ROA not before: Wed 19 Jul 2023 13:46:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49367
IP address blocks: 89.43.52.0/24 maxlen: 24
188.215.7.0/24 maxlen: 24
188.215.6.0/23 maxlen: 23
188.215.6.0/24 maxlen: 24
85.204.255.0/24 maxlen: 24
89.34.236.0/23 maxlen: 23
89.34.239.0/24 maxlen: 24
188.208.17.0/24 maxlen: 24
188.208.16.0/23 maxlen: 23
188.208.16.0/24 maxlen: 24
89.43.35.0/24 maxlen: 24
94.176.212.0/24 maxlen: 24
89.39.254.0/24 maxlen: 24
86.107.110.0/24 maxlen: 24
185.184.240.0/22 maxlen: 22
188.211.248.0/24 maxlen: 24
94.177.48.0/23 maxlen: 23
193.239.140.0/23 maxlen: 23
91.212.52.0/24 maxlen: 24
188.240.229.0/24 maxlen: 24
188.240.228.0/23 maxlen: 23
188.240.228.0/24 maxlen: 24
37.156.174.0/24 maxlen: 24
89.40.142.0/23 maxlen: 23
45.86.144.0/22 maxlen: 22
91.229.186.0/24 maxlen: 24
45.83.56.0/22 maxlen: 22
93.113.145.0/24 maxlen: 24
93.113.144.0/21 maxlen: 21
93.113.144.0/22 maxlen: 22
93.113.144.0/24 maxlen: 24
93.113.149.0/24 maxlen: 24
93.113.148.0/24 maxlen: 24
93.113.150.0/24 maxlen: 24
93.113.151.0/24 maxlen: 24
93.113.147.0/24 maxlen: 24
93.113.146.0/24 maxlen: 24
89.42.134.0/24 maxlen: 24
89.40.227.0/24 maxlen: 24
77.81.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6e:66:ef:f5:3e:20:b6:e1:4b:c1:1a:02:eb:03:c9:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Validity
Not Before: Jul 19 13:46:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=804b78c55901b02a89292259be9c899a30f7d603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:40:fa:6b:a1:b9:6b:5c:7b:04:4d:0f:1c:13:
4c:81:bf:f2:c4:2b:9b:4e:03:9b:0d:26:db:ff:58:
0b:a5:a8:11:1b:97:9e:72:6c:bc:64:8f:ee:1d:58:
52:26:93:0c:c4:69:8d:87:9a:54:5f:6c:30:63:34:
7e:b1:98:81:11:e3:29:09:dd:aa:ad:a7:2d:19:79:
07:31:8c:ee:84:d2:5e:62:f2:8f:dc:ba:1a:7a:23:
a4:b8:86:65:bb:e6:bc:bb:61:fc:85:34:7d:fe:55:
bb:56:20:98:7d:07:7a:4e:0d:49:c6:79:80:ab:17:
68:8c:f3:ab:2f:90:44:73:58:b3:21:18:08:69:94:
13:ed:d9:7a:8d:87:1e:d8:a3:70:0a:32:ea:78:ea:
e9:ff:2d:09:4e:f0:aa:1a:5d:5c:01:62:80:66:5d:
7c:3f:47:c4:6c:04:71:9b:f3:99:ce:9e:5f:6c:60:
50:00:4d:1e:83:3e:ca:73:57:98:7e:cc:55:12:70:
7a:5c:66:c0:54:f5:80:53:ee:5a:ab:9c:4a:d8:4f:
0e:72:d1:f1:3e:e7:82:37:37:3f:8b:a7:b4:24:02:
a2:6f:b0:07:c4:47:ed:45:68:9c:ae:2b:25:fd:98:
40:d1:5f:fc:a8:9d:c1:7f:fb:67:e5:29:e0:4a:68:
6a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:4B:78:C5:59:01:B0:2A:89:29:22:59:BE:9C:89:9A:30:F7:D6:03
X509v3 Authority Key Identifier:
keyid:64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/gEt4xVkBsCqJKSJZvpyJmjD31gM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.174.0/24
45.83.56.0/22
45.86.144.0/22
77.81.103.0/24
85.204.255.0/24
86.107.110.0/24
89.34.236.0/23
89.34.239.0/24
89.39.254.0/24
89.40.142.0/23
89.40.227.0/24
89.42.134.0/24
89.43.35.0/24
89.43.52.0/24
91.212.52.0/24
91.229.186.0/24
93.113.144.0/21
94.176.212.0/24
94.177.48.0/23
185.184.240.0/22
188.208.16.0/23
188.211.248.0/24
188.215.6.0/23
188.240.228.0/23
193.239.140.0/23
Signature Algorithm: sha256WithRSAEncryption
41:61:c4:50:37:fc:c5:9a:29:b5:28:1a:99:2d:80:d0:88:e2:
33:31:98:34:e9:f1:13:a0:87:20:20:58:8f:df:c4:26:73:2f:
41:eb:78:16:28:b8:be:df:df:cb:27:53:b2:3c:d1:2c:25:6b:
1b:7c:91:7e:52:18:4d:9f:da:b3:bb:cd:63:59:68:e3:aa:12:
66:df:ae:49:7d:89:22:e7:c3:38:49:21:2d:a6:95:97:64:63:
46:df:06:cb:e0:a0:15:db:04:bf:f2:8a:a1:b0:b7:b7:d9:2a:
15:bc:bb:d9:4e:33:55:d5:57:e9:f9:55:86:db:fe:72:6a:04:
44:98:6a:37:77:0a:55:03:a9:f3:88:24:46:78:dd:26:a7:c5:
78:b5:5e:0b:b6:96:cb:82:db:70:08:c7:ca:3c:4e:ed:f9:7d:
ee:0f:09:a9:dd:fd:a2:05:ca:fb:b0:cf:e6:da:18:a0:2c:d4:
ec:9a:04:a1:2b:2b:a0:d8:22:73:5d:d5:a5:d5:99:8f:a3:e8:
cc:3c:d1:3b:86:cb:fb:1e:90:e7:0b:4e:f8:2a:97:bf:ff:ac:
e8:90:25:ef:fc:17:f7:1d:f7:6c:01:46:00:4a:b1:a7:50:6c:
78:25:7f:60:69:9d:8f:b9:60:8b:bf:b6:45:f7:4f:be:a4:24:
ef:12:3b:8e
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYluZu/1PiC24UvBGgLrA8kKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZmE2NmZiODRhNzgxYTA1ODRmZDBkMWMyZGYzOWJkYTQ3
NjA1MTkwHhcNMjMwNzE5MTM0NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDRiNzhjNTU5MDFiMDJhODkyOTIyNTliZTljODk5YTMwZjdkNjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10D6a6G5a1x7BE0PHBNMgb/yxCub
TgObDSbb/1gLpagRG5eecmy8ZI/uHVhSJpMMxGmNh5pUX2wwYzR+sZiBEeMpCd2q
ractGXkHMYzuhNJeYvKP3LoaeiOkuIZlu+a8u2H8hTR9/lW7ViCYfQd6Tg1JxnmA
qxdojPOrL5BEc1izIRgIaZQT7dl6jYce2KNwCjLqeOrp/y0JTvCqGl1cAWKAZl18
P0fEbARxm/OZzp5fbGBQAE0egz7Kc1eYfsxVEnB6XGbAVPWAU+5aq5xK2E8OctHx
PueCNzc/i6e0JAKib7AHxEftRWicrisl/ZhA0V/8qJ3Bf/tn5SngSmhqrQIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFIBLeMVZAbAqiSkiWb6ciZow99YDMB8GA1UdIwQY
MBaAFGT6ZvuEp4GgWE/Q0cLfOb2kdgUZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQt
NzQwOGViOGJjNTg2LzEvZ0V0NHhWa0JzQ3FKS1NKWnZweUptakQzMWdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQtNzQwOGViOGJjNTg2
LzEvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBAAl
nK4DBAItUzgDBAItVpADBABNUWcDBABVzP8DBABWa24DBAFZIuwDBABZIu8DBABZ
J/4DBAFZKI4DBABZKOMDBABZKoYDBABZKyMDBABZKzQDBABb1DQDBABb5boDBANd
cZADBABesNQDBAFesTADBAK5uPADBAG80BADBAC80/gDBAG81wYDBAG88OQDBAHB
74wwDQYJKoZIhvcNAQELBQADggEBAEFhxFA3/MWaKbUoGpktgNCI4jMxmDTp8ROg
hyAgWI/fxCZzL0HreBYouL7f38snU7I80Swlaxt8kX5SGE2f2rO7zWNZaOOqEmbf
rkl9iSLnwzhJIS2mlZdkY0bfBsvgoBXbBL/yiqGwt7fZKhW8u9lOM1XVV+n5VYbb
/nJqBESYajd3ClUDqfOIJEZ43SanxXi1Xgu2lsuC23AIx8o8Tu35fe4PCand/aIF
yvuwz+baGKAs1OyaBKErK6DYInNd1aXVmY+j6Mw80TuGy/sekOcLTvgql7//rOiQ
Je/8F/cd92wBRgBKsadQbHglf2BpnY+5YIu/tkX3T76kJO8SO44=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:37:48 2025 by rpki-client