Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/2KhKGLneGeDqzVpiRiXsTmKdl-g.roa
File: 2KhKGLneGeDqzVpiRiXsTmKdl-g.roa (raw, json)
Hash identifier: eNs480dcmRD4UOmxHM0YSQw0J/G8cdkvto86hd7fXl0=
Subject key identifier: D8:A8:4A:18:B9:DE:19:E0:EA:CD:5A:62:46:25:EC:4E:62:9D:97:E8
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 0BE3E2AF
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/2KhKGLneGeDqzVpiRiXsTmKdl-g.roa
Signing time: Thu 17 Mar 2022 17:00:28 +0000
ROA not before: Thu 17 Mar 2022 17:00:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49666
IP address blocks: 2.188.0.0/24 maxlen: 24
2.188.1.0/24 maxlen: 24
2.188.9.0/24 maxlen: 24
2.188.7.0/24 maxlen: 24
2.188.17.0/24 maxlen: 24
2.188.12.0/22 maxlen: 22
2.188.22.0/24 maxlen: 24
2.188.23.0/24 maxlen: 24
2.188.30.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
2.176.0.0/17 maxlen: 17
217.218.67.0/24 maxlen: 24
2.188.64.0/21 maxlen: 21
2.176.128.0/17 maxlen: 17
2.188.76.0/24 maxlen: 24
195.146.63.0/24 maxlen: 24
2.185.0.0/16 maxlen: 16
78.38.245.0/24 maxlen: 24
78.38.253.0/24 maxlen: 24
2.189.3.0/24 maxlen: 24
2.189.1.0/24 maxlen: 24
2.188.179.0/24 maxlen: 24
2.188.181.0/24 maxlen: 24
2.188.185.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
2.188.187.0/24 maxlen: 24
2.177.0.0/16 maxlen: 16
2.189.72.0/24 maxlen: 24
2.189.44.0/24 maxlen: 24
2.189.63.0/24 maxlen: 24
2001:4188:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 199484079 (0xbe3e2af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Mar 17 17:00:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8a84a18b9de19e0eacd5a624625ec4e629d97e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:37:dc:13:76:61:df:a9:1f:c8:a4:77:57:42:
c5:6d:20:31:27:d4:ce:c8:92:74:43:70:e6:2b:ee:
f4:7c:dc:e0:6d:96:cb:dc:b9:49:e2:e6:3d:5b:fe:
4d:bf:68:08:27:b4:84:24:06:f9:3a:d4:ed:8d:cf:
e2:a9:d3:7a:07:bf:60:76:d7:30:88:f7:a9:e7:4e:
e3:f0:ae:67:d0:e1:38:74:5c:24:1b:55:d3:24:56:
5f:16:68:ec:f0:67:be:ab:eb:ca:d8:0c:e5:ee:c7:
ae:19:6b:ad:d0:d8:4d:bd:41:9c:31:1f:11:f7:61:
1e:54:52:1a:dd:59:5b:93:29:4a:38:ed:f4:bb:0e:
28:2c:44:af:e4:41:6f:04:ae:02:86:b7:49:6c:7c:
d8:e7:f4:e9:0e:a8:4b:bb:82:a0:e6:10:c4:c8:58:
d4:4b:05:ca:9d:7d:e6:3f:7f:9c:c0:9b:f3:b1:9b:
aa:fc:57:44:c1:fe:c6:42:9b:31:2a:de:d5:a1:92:
d9:be:cc:ba:3c:e6:13:25:b1:0d:d0:9a:a4:95:53:
ef:c9:2a:48:11:a6:8f:5b:07:6f:c1:68:04:9d:7b:
dc:30:58:e7:d8:d2:2f:52:f5:67:a8:a9:4e:62:b1:
a1:90:d4:a5:de:3f:45:5a:36:bb:c8:2c:1b:0c:8c:
cf:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A8:4A:18:B9:DE:19:E0:EA:CD:5A:62:46:25:EC:4E:62:9D:97:E8
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/2KhKGLneGeDqzVpiRiXsTmKdl-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.0.0/15
2.185.0.0/16
2.188.0.0/23
2.188.7.0/24
2.188.9.0/24
2.188.12.0/22
2.188.17.0/24
2.188.22.0/23
2.188.28.0/24
2.188.30.0/24
2.188.64.0/21
2.188.76.0/24
2.188.179.0/24
2.188.181.0/24
2.188.184.0/23
2.188.187.0/24
2.189.1.0/24
2.189.3.0/24
2.189.44.0/24
2.189.63.0/24
2.189.72.0/24
78.38.245.0/24
78.38.253.0/24
195.146.63.0/24
217.218.67.0/24
IPv6:
2001:4188:2::/48
Signature Algorithm: sha256WithRSAEncryption
35:d4:19:5d:dc:8c:8a:8c:10:4f:61:fd:d9:c4:05:3d:ec:17:
65:3f:c0:b6:b2:19:cd:bb:d8:3f:83:c3:6d:a5:9e:0e:ca:8d:
1c:95:e3:79:91:b0:59:60:0f:67:d2:74:e1:8c:93:c6:f2:89:
55:da:11:b3:62:62:8c:23:6a:56:5b:d3:ab:2f:4c:3a:58:7a:
e4:35:40:af:45:a1:90:b2:cd:06:a2:1c:bc:32:43:0b:f7:3d:
45:86:ed:70:d6:18:36:ff:2f:47:a0:37:f6:89:fc:3a:aa:93:
84:87:83:46:73:e0:2b:04:32:f2:e6:c5:ee:9d:2c:30:4a:37:
e7:b1:3e:2f:40:af:36:67:da:4d:36:6d:e1:5c:e5:f6:1c:13:
73:75:f8:34:49:f6:bc:c2:b5:6c:5a:ae:67:e1:4b:a3:56:ce:
0b:24:22:ef:e4:dc:f0:eb:16:4c:fe:1d:6f:4f:49:99:76:ec:
8b:94:f3:06:17:b2:fb:70:65:eb:c5:7e:1f:60:5e:52:1c:9c:
a6:cc:9a:fb:67:6e:74:ba:5b:a5:20:41:09:a1:bc:f4:96:68:
ab:b8:cc:2c:96:3c:d8:38:70:74:63:08:ab:85:50:5a:a5:3d:
1d:e4:2e:01:df:76:9f:d8:6d:4b:f5:2d:03:b8:c9:b8:79:f9:
1b:02:fa:cb
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIEC+PirzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
N2EzOWU0Nzk0YzM0NjEyZTdmMjI1NjliMWE2YTgxNzEwMjYwYWU1MB4XDTIyMDMx
NzE3MDAyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDhhODRhMThiOWRl
MTllMGVhY2Q1YTYyNDYyNWVjNGU2MjlkOTdlODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMs33BN2Yd+pH8ikd1dCxW0gMSfUzsiSdENw5ivu9Hzc4G2W
y9y5SeLmPVv+Tb9oCCe0hCQG+TrU7Y3P4qnTege/YHbXMIj3qedO4/CuZ9DhOHRc
JBtV0yRWXxZo7PBnvqvrytgM5e7HrhlrrdDYTb1BnDEfEfdhHlRSGt1ZW5MpSjjt
9LsOKCxEr+RBbwSuAoa3SWx82Of06Q6oS7uCoOYQxMhY1EsFyp195j9/nMCb87Gb
qvxXRMH+xkKbMSre1aGS2b7MujzmEyWxDdCapJVT78kqSBGmj1sHb8FoBJ173DBY
59jSL1L1Z6ipTmKxoZDUpd4/RVo2u8gsGwyMz+0CAwEAAaOCAq0wggKpMB0GA1Ud
DgQWBBTYqEoYud4Z4OrNWmJGJexOYp2X6DAfBgNVHSMEGDAWgBQno55HlMNGEufy
JWmxpqgXECYK5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0o2T2VSNVREUmhMbjhpVnBzYWFvRnhBbUN1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvMzhmYzMzLTA2YzEtNDAwNi05ZTIzLWY3NGQ5NTE4NTc2Yy8x
LzJLaEtHTG5lR2VEcXpWcGlSaVhzVG1LZGwtZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
MzhmYzMzLTA2YzEtNDAwNi05ZTIzLWY3NGQ5NTE4NTc2Yy8xL0o2T2VSNVREUmhM
bjhpVnBzYWFvRnhBbUN1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
wgYIKwYBBQUHAQcBAf8EgbIwga8wgZsEAgABMIGUAwMBArADAwACuQMEAQK8AAME
AAK8BwMEAAK8CQMEAgK8DAMEAAK8EQMEAQK8FgMEAAK8HAMEAAK8HgMEAwK8QAME
AAK8TAMEAAK8swMEAAK8tQMEAQK8uAMEAAK8uwMEAAK9AQMEAAK9AwMEAAK9LAME
AAK9PwMEAAK9SAMEAE4m9QMEAE4m/QMEAMOSPwMEANnaQzAPBAIAAjAJAwcAIAFB
iAACMA0GCSqGSIb3DQEBCwUAA4IBAQA11Bld3IyKjBBPYf3ZxAU97BdlP8C2shnN
u9g/g8NtpZ4Oyo0cleN5kbBZYA9n0nThjJPG8olV2hGzYmKMI2pWW9OrL0w6WHrk
NUCvRaGQss0Gohy8MkML9z1Fhu1w1hg2/y9HoDf2ifw6qpOEh4NGc+ArBDLy5sXu
nSwwSjfnsT4vQK82Z9pNNm3hXOX2HBNzdfg0Sfa8wrVsWq5n4UujVs4LJCLv5Nzw
6xZM/h1vT0mZduyLlPMGF7L7cGXrxX4fYF5SHJymzJr7Z250ululIEEJobz0lmir
uMwsljzYOHB0YwirhVBapT0d5C4B33af2G1L9S0DuMm4efkbAvrL
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:12:15 2025 by rpki-client