Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/IKKj9IgI5MZ7eseEpJLQR2MY3a4.roa
File: IKKj9IgI5MZ7eseEpJLQR2MY3a4.roa (raw, json)
Hash identifier: vTbDTx/6ub+Y8tgfZljH6aH0CwkngWieO+o7ttGXRKw=
Subject key identifier: 20:A2:A3:F4:88:08:E4:C6:7B:7A:C7:84:A4:92:D0:47:63:18:DD:AE
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 0B2357D1
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/IKKj9IgI5MZ7eseEpJLQR2MY3a4.roa
Signing time: Sat 01 Jan 2022 05:02:29 +0000
ROA not before: Sat 01 Jan 2022 05:02:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48159
IP address blocks: 2.188.1.0/24 maxlen: 24
2.188.0.0/24 maxlen: 24
2.188.22.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
78.39.240.0/24 maxlen: 24
78.39.149.0/24 maxlen: 24
78.39.150.0/24 maxlen: 24
78.39.151.0/24 maxlen: 24
80.191.56.0/24 maxlen: 24
217.219.236.0/22 maxlen: 22
78.38.0.0/16 maxlen: 16
217.218.67.0/24 maxlen: 24
2.185.18.0/24 maxlen: 24
2.185.40.0/21 maxlen: 21
78.38.160.0/19 maxlen: 19
2.188.64.0/21 maxlen: 21
2.188.76.0/24 maxlen: 24
2.176.128.0/17 maxlen: 17
2.185.0.0/20 maxlen: 20
2.185.0.0/16 maxlen: 16
78.39.0.0/16 maxlen: 16
2.185.164.0/24 maxlen: 24
2.185.160.0/19 maxlen: 19
2.189.1.0/24 maxlen: 24
2.188.179.0/24 maxlen: 24
2.185.88.0/22 maxlen: 22
217.219.0.0/16 maxlen: 16
2.188.185.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
2.188.187.0/24 maxlen: 24
2.177.0.0/16 maxlen: 16
2.189.72.0/24 maxlen: 24
2.191.0.0/16 maxlen: 16
80.191.0.0/16 maxlen: 16
217.218.0.0/17 maxlen: 17
217.218.0.0/16 maxlen: 16
2.189.42.0/24 maxlen: 24
2.189.43.0/24 maxlen: 24
2.189.56.0/24 maxlen: 24
2.189.58.0/24 maxlen: 24
2.182.128.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 186865617 (0xb2357d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 1 05:02:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20a2a3f48808e4c67b7ac784a492d0476318ddae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:97:90:6b:f5:a5:b6:be:20:05:4c:ff:37:13:
21:31:b1:0b:e8:45:d1:44:ff:6a:18:74:ae:f3:39:
0a:06:c9:4b:3c:4c:99:b8:10:f8:e0:74:f2:b1:f9:
ac:e4:51:ed:36:74:e3:f4:af:21:8a:66:8a:b5:ed:
de:d5:a2:45:f0:99:c5:68:73:a1:6f:e1:3f:03:4e:
7a:89:f9:96:a3:1f:6b:fb:32:34:d7:df:24:6d:1e:
f9:ce:72:75:62:69:cd:d5:c8:14:17:b5:a1:17:80:
59:6c:bc:87:98:35:e3:c1:4e:2f:94:97:52:21:d0:
22:e9:32:f4:26:8a:c7:6b:89:d1:46:79:7e:1e:9b:
f2:51:15:2c:87:31:cd:68:e8:26:b6:7a:39:6c:1b:
5f:77:cd:47:6a:ac:a1:25:ea:50:b7:f9:a8:b5:ff:
43:88:6c:73:c3:dd:51:be:6c:c6:01:c1:60:32:7a:
a0:02:e5:bd:5e:96:73:3b:63:b6:93:49:39:85:26:
b4:6f:e6:ce:d6:d6:53:18:b5:3f:ca:d5:21:44:07:
68:d3:9b:f8:6e:79:0e:46:a5:55:43:17:2b:5f:cf:
9c:53:77:0c:83:46:ad:55:fd:33:26:21:a2:f2:7c:
c7:88:8e:ed:c4:73:5f:77:b1:a6:1e:76:53:6f:d6:
05:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:A2:A3:F4:88:08:E4:C6:7B:7A:C7:84:A4:92:D0:47:63:18:DD:AE
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/IKKj9IgI5MZ7eseEpJLQR2MY3a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.128.0-2.177.255.255
2.182.128.0/21
2.185.0.0/16
2.188.0.0/23
2.188.22.0/24
2.188.28.0/24
2.188.64.0/21
2.188.76.0/24
2.188.179.0/24
2.188.184.0/23
2.188.187.0/24
2.189.1.0/24
2.189.42.0/23
2.189.56.0/24
2.189.58.0/24
2.189.72.0/24
2.191.0.0/16
78.38.0.0/15
80.191.0.0/16
217.218.0.0/15
Signature Algorithm: sha256WithRSAEncryption
97:78:c1:94:c5:d7:74:af:2d:bb:0d:02:74:76:ac:06:d9:86:
08:a0:49:97:75:00:8f:71:ec:2c:8d:04:95:2d:48:43:c0:4a:
a0:8b:0e:9b:71:6b:e1:70:18:e5:6b:06:26:53:ea:37:b2:15:
10:08:1d:5f:ee:ee:0d:7e:de:af:14:b2:45:b6:1d:96:2b:9b:
48:e6:9f:3a:47:ea:e8:29:61:7d:39:61:29:ea:77:a7:d5:72:
c0:ee:01:1b:f0:b6:e4:f5:45:3e:c0:48:90:0b:93:e3:93:f7:
c4:aa:02:54:32:79:f9:f6:4a:6a:7e:27:4f:f9:01:fb:2a:12:
a8:64:64:ce:ae:84:be:e6:6a:d7:e1:a4:f3:32:95:54:04:de:
32:96:5c:2c:7a:b9:c4:7a:32:10:6c:5d:9d:1e:35:93:af:54:
48:f6:de:9f:cf:c2:ae:13:e4:37:e2:76:5a:5a:05:29:15:c4:
30:d9:31:25:6b:3c:aa:f5:d2:9b:6d:c2:46:4c:68:2c:10:42:
c9:e6:df:25:48:4b:30:68:8f:54:da:b4:f2:ab:39:e0:a6:a7:
b4:eb:c2:a2:a8:fc:61:27:7d:e1:5d:e5:af:d5:d5:a6:a6:56:
76:62:61:17:a6:02:01:7d:78:9a:24:f5:d3:04:e5:67:36:83:
9c:18:26:14
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIECyNX0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
N2EzOWU0Nzk0YzM0NjEyZTdmMjI1NjliMWE2YTgxNzEwMjYwYWU1MB4XDTIyMDEw
MTA1MDIyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjBhMmEzZjQ4ODA4
ZTRjNjdiN2FjNzg0YTQ5MmQwNDc2MzE4ZGRhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMeXkGv1pba+IAVM/zcTITGxC+hF0UT/ahh0rvM5CgbJSzxM
mbgQ+OB08rH5rORR7TZ04/SvIYpmirXt3tWiRfCZxWhzoW/hPwNOeon5lqMfa/sy
NNffJG0e+c5ydWJpzdXIFBe1oReAWWy8h5g148FOL5SXUiHQIuky9CaKx2uJ0UZ5
fh6b8lEVLIcxzWjoJrZ6OWwbX3fNR2qsoSXqULf5qLX/Q4hsc8PdUb5sxgHBYDJ6
oALlvV6WcztjtpNJOYUmtG/mztbWUxi1P8rVIUQHaNOb+G55DkalVUMXK1/PnFN3
DINGrVX9MyYhovJ8x4iO7cRzX3exph52U2/WBXECAwEAAaOCAoEwggJ9MB0GA1Ud
DgQWBBQgoqP0iAjkxnt6x4SkktBHYxjdrjAfBgNVHSMEGDAWgBQno55HlMNGEufy
JWmxpqgXECYK5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0o2T2VSNVREUmhMbjhpVnBzYWFvRnhBbUN1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvMzhmYzMzLTA2YzEtNDAwNi05ZTIzLWY3NGQ5NTE4NTc2Yy8x
L0lLS2o5SWdJNU1aN2VzZUVwSkxRUjJNWTNhNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
MzhmYzMzLTA2YzEtNDAwNi05ZTIzLWY3NGQ5NTE4NTc2Yy8xL0o2T2VSNVREUmhM
bjhpVnBzYWFvRnhBbUN1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
lgYIKwYBBQUHAQcBAf8EgYYwgYMwgYAEAgABMHowCwMEBwKwgAMDAQKwAwQDAraA
AwMAArkDBAECvAADBAACvBYDBAACvBwDBAMCvEADBAACvEwDBAACvLMDBAECvLgD
BAACvLsDBAACvQEDBAECvSoDBAACvTgDBAACvToDBAACvUgDAwACvwMDAU4mAwMA
UL8DAwHZ2jANBgkqhkiG9w0BAQsFAAOCAQEAl3jBlMXXdK8tuw0CdHasBtmGCKBJ
l3UAj3HsLI0ElS1IQ8BKoIsOm3Fr4XAY5WsGJlPqN7IVEAgdX+7uDX7erxSyRbYd
liubSOafOkfq6ClhfTlhKep3p9VywO4BG/C25PVFPsBIkAuT45P3xKoCVDJ5+fZK
an4nT/kB+yoSqGRkzq6EvuZq1+Gk8zKVVATeMpZcLHq5xHoyEGxdnR41k69USPbe
n8/CrhPkN+J2WloFKRXEMNkxJWs8qvXSm23CRkxoLBBCyebfJUhLMGiPVNq08qs5
4KantOvCoqj8YSd94V3lr9XVpqZWdmJhF6YCAX14miT10wTlZzaDnBgmFA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:02 2023 by rpki-client on console-fra.rpki-client.org