Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/lGYEgrtqdW2328PyoohLwvXaL1o.roa
File: lGYEgrtqdW2328PyoohLwvXaL1o.roa (raw, json)
Hash identifier: JiNAW5ueuXEyZqbr3eRs1sfCftjNgFRbxooJaR3l15c=
Subject key identifier: 94:66:04:82:BB:6A:75:6D:B7:DB:C3:F2:A2:88:4B:C2:F5:DA:2F:5A
Certificate issuer: /CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Certificate serial: 018570797A3855039A226851BC395D09EF25
Authority key identifier: 64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/lGYEgrtqdW2328PyoohLwvXaL1o.roa
Signing time: Mon 02 Jan 2023 03:14:47 +0000
ROA not before: Mon 02 Jan 2023 03:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49367
IP address blocks: 89.43.52.0/24 maxlen: 24
188.215.7.0/24 maxlen: 24
188.215.6.0/23 maxlen: 23
188.215.6.0/24 maxlen: 24
85.204.255.0/24 maxlen: 24
89.34.236.0/23 maxlen: 23
89.34.239.0/24 maxlen: 24
188.208.16.0/23 maxlen: 23
89.43.35.0/24 maxlen: 24
94.176.212.0/24 maxlen: 24
89.39.254.0/24 maxlen: 24
86.107.110.0/24 maxlen: 24
185.184.240.0/22 maxlen: 22
188.211.248.0/24 maxlen: 24
94.177.48.0/23 maxlen: 23
193.239.140.0/23 maxlen: 23
91.212.52.0/24 maxlen: 24
188.240.229.0/24 maxlen: 24
188.240.228.0/23 maxlen: 23
37.156.174.0/24 maxlen: 24
188.240.228.0/24 maxlen: 24
89.40.142.0/23 maxlen: 23
45.86.144.0/22 maxlen: 22
91.229.186.0/24 maxlen: 24
45.83.56.0/22 maxlen: 22
93.113.145.0/24 maxlen: 24
93.113.144.0/21 maxlen: 21
93.113.144.0/22 maxlen: 22
93.113.144.0/24 maxlen: 24
93.113.149.0/24 maxlen: 24
93.113.148.0/24 maxlen: 24
93.113.150.0/24 maxlen: 24
93.113.151.0/24 maxlen: 24
93.113.147.0/24 maxlen: 24
93.113.146.0/24 maxlen: 24
89.42.134.0/24 maxlen: 24
89.40.227.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:7a:38:55:03:9a:22:68:51:bc:39:5d:09:ef:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Validity
Not Before: Jan 2 03:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94660482bb6a756db7dbc3f2a2884bc2f5da2f5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:71:7a:e2:85:ce:fa:7f:6d:3f:b8:95:f3:0d:
bb:33:51:70:64:5f:7c:16:eb:5e:95:5e:ee:11:e2:
d5:ac:61:7f:68:10:14:c9:59:b3:f1:47:e5:20:43:
f9:00:dc:84:3d:11:90:dc:78:96:f1:83:e4:11:ef:
75:2e:05:8d:76:38:b8:fb:9f:4c:af:60:32:c0:9a:
7a:92:53:54:89:18:54:36:ec:98:5d:91:6f:e4:a6:
0c:6f:67:76:88:79:3c:80:6c:76:45:b0:e1:dd:5e:
02:e1:71:27:dc:e4:52:30:4a:bc:c9:52:19:e5:5a:
7a:6b:99:aa:5a:12:ce:60:1e:e9:c2:f8:f7:29:68:
ea:ee:a7:02:da:67:ff:ed:49:84:8f:c1:ab:6b:30:
5c:49:c1:fa:c8:9d:7e:69:03:a0:ff:16:03:24:a1:
b7:05:74:af:37:47:ff:52:dc:76:6b:51:c3:f5:73:
2a:5b:95:00:88:23:f2:4a:46:b6:16:c4:d9:d4:b7:
32:83:db:6b:3f:91:22:12:2d:20:4f:ea:c6:85:75:
47:7b:dd:70:70:0d:33:62:04:a9:e6:78:d5:6b:d3:
13:e6:40:4f:8c:c4:b5:70:27:5b:0a:81:20:49:19:
0d:6a:a4:90:d9:18:dd:46:a4:a1:c4:2e:e5:d3:b3:
a5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:66:04:82:BB:6A:75:6D:B7:DB:C3:F2:A2:88:4B:C2:F5:DA:2F:5A
X509v3 Authority Key Identifier:
keyid:64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/lGYEgrtqdW2328PyoohLwvXaL1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.174.0/24
45.83.56.0/22
45.86.144.0/22
85.204.255.0/24
86.107.110.0/24
89.34.236.0/23
89.34.239.0/24
89.39.254.0/24
89.40.142.0/23
89.40.227.0/24
89.42.134.0/24
89.43.35.0/24
89.43.52.0/24
91.212.52.0/24
91.229.186.0/24
93.113.144.0/21
94.176.212.0/24
94.177.48.0/23
185.184.240.0/22
188.208.16.0/23
188.211.248.0/24
188.215.6.0/23
188.240.228.0/23
193.239.140.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:dc:80:53:d5:91:d6:29:1b:08:84:99:e8:cf:32:8d:48:67:
b8:51:4d:0b:d1:36:dc:c7:60:d6:0d:8f:96:d8:b2:f2:69:08:
e9:74:4b:98:de:86:82:b9:4c:42:14:12:5d:c6:c9:1a:f0:4e:
12:90:dc:d2:5a:7c:93:1c:ee:71:5c:cd:ee:61:84:d3:96:a4:
1c:39:3a:b1:64:54:91:7c:62:df:7a:9b:ba:81:5c:e6:36:48:
e4:07:fe:8d:80:74:8a:23:0f:b7:16:09:13:af:f2:93:82:4a:
4c:e2:1f:02:35:a0:c0:1b:3b:1d:4b:c3:98:73:9c:7f:f9:fa:
45:48:ef:14:7c:66:af:32:5c:f8:34:7a:99:c0:73:be:f1:8c:
e6:75:34:12:1c:14:ca:85:1c:50:3c:d6:8e:21:33:94:f6:b4:
0f:40:28:8f:2f:df:1d:e7:f7:e8:a1:a7:e7:71:08:13:f1:11:
c9:64:f5:36:b7:5e:ef:98:04:26:4b:c9:62:b9:32:49:11:6a:
3f:90:f5:49:ff:04:ee:11:ef:b3:db:f3:db:f7:f4:1a:f4:ea:
f8:9c:ee:1d:c2:f9:e5:09:00:60:fa:14:09:8e:82:f3:16:37:
ab:07:76:c4:90:b1:c6:6f:c3:56:b6:04:e7:1c:e8:b3:46:64:
b2:ea:c3:21
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAYVweXo4VQOaImhRvDldCe8lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZmE2NmZiODRhNzgxYTA1ODRmZDBkMWMyZGYzOWJkYTQ3
NjA1MTkwHhcNMjMwMTAyMDMxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDY2MDQ4MmJiNmE3NTZkYjdkYmMzZjJhMjg4NGJjMmY1ZGEyZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHF64oXO+n9tP7iV8w27M1FwZF98
FutelV7uEeLVrGF/aBAUyVmz8UflIEP5ANyEPRGQ3HiW8YPkEe91LgWNdji4+59M
r2AywJp6klNUiRhUNuyYXZFv5KYMb2d2iHk8gGx2RbDh3V4C4XEn3ORSMEq8yVIZ
5Vp6a5mqWhLOYB7pwvj3KWjq7qcC2mf/7UmEj8GrazBcScH6yJ1+aQOg/xYDJKG3
BXSvN0f/Utx2a1HD9XMqW5UAiCPySka2FsTZ1Lcyg9trP5EiEi0gT+rGhXVHe91w
cA0zYgSp5njVa9MT5kBPjMS1cCdbCoEgSRkNaqSQ2RjdRqShxC7l07OlfQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFJRmBIK7anVtt9vD8qKIS8L12i9aMB8GA1UdIwQY
MBaAFGT6ZvuEp4GgWE/Q0cLfOb2kdgUZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQt
NzQwOGViOGJjNTg2LzEvbEdZRWdydHFkVzIzMjhQeW9vaEx3dlhhTDFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQtNzQwOGViOGJjNTg2
LzEvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAAl
nK4DBAItUzgDBAItVpADBABVzP8DBABWa24DBAFZIuwDBABZIu8DBABZJ/4DBAFZ
KI4DBABZKOMDBABZKoYDBABZKyMDBABZKzQDBABb1DQDBABb5boDBANdcZADBABe
sNQDBAFesTADBAK5uPADBAG80BADBAC80/gDBAG81wYDBAG88OQDBAHB74wwDQYJ
KoZIhvcNAQELBQADggEBACvcgFPVkdYpGwiEmejPMo1IZ7hRTQvRNtzHYNYNj5bY
svJpCOl0S5jehoK5TEIUEl3GyRrwThKQ3NJafJMc7nFcze5hhNOWpBw5OrFkVJF8
Yt96m7qBXOY2SOQH/o2AdIojD7cWCROv8pOCSkziHwI1oMAbOx1Lw5hznH/5+kVI
7xR8Zq8yXPg0epnAc77xjOZ1NBIcFMqFHFA81o4hM5T2tA9AKI8v3x3n9+ihp+dx
CBPxEclk9Ta3Xu+YBCZLyWK5MkkRaj+Q9Un/BO4R77Pb89v39Br06vic7h3C+eUJ
AGD6FAmOgvMWN6sHdsSQscZvw1a2BOcc6LNGZLLqwyE=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:27:03 2025 by rpki-client