Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/MhKYsvyBWEFdx0VKc4WhzVHq1ms.roa
File: MhKYsvyBWEFdx0VKc4WhzVHq1ms.roa (raw, json)
Hash identifier: wA5cP1LlVOZBK7bhqjIE+k0wVnGpJjOgFNmCjZeK2A0=
Subject key identifier: 32:12:98:B2:FC:81:58:41:5D:C7:45:4A:73:85:A1:CD:51:EA:D6:6B
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018BB177C17B6237B5915B225E107F4C225B
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/MhKYsvyBWEFdx0VKc4WhzVHq1ms.roa
Signing time: Thu 09 Nov 2023 00:24:57 +0000
ROA not before: Thu 09 Nov 2023 00:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 78.38.25.0/24 maxlen: 24
2.188.40.0/21 maxlen: 24
78.39.155.0/24 maxlen: 24
78.39.156.0/24 maxlen: 24
78.39.153.0/24 maxlen: 24
2.189.160.0/21 maxlen: 24
2.189.168.0/21 maxlen: 24
2.188.72.0/22 maxlen: 24
78.38.246.0/24 maxlen: 24
78.38.243.0/24 maxlen: 24
2.188.225.0/24 maxlen: 24
78.38.250.0/24 maxlen: 24
2.188.224.0/20 maxlen: 24
78.38.251.0/24 maxlen: 24
78.38.248.0/24 maxlen: 24
78.38.254.0/24 maxlen: 24
2.188.232.0/23 maxlen: 23
2.188.234.0/24 maxlen: 24
2.188.236.0/23 maxlen: 23
2.188.240.0/20 maxlen: 24
2.188.164.0/22 maxlen: 22
2.188.160.0/22 maxlen: 22
2.188.165.0/24 maxlen: 24
2.188.161.0/24 maxlen: 24
2.188.160.0/21 maxlen: 24
2.188.176.0/23 maxlen: 23
2.188.192.0/19 maxlen: 24
2.189.80.0/21 maxlen: 24
2.189.88.0/21 maxlen: 24
2.182.172.0/24 maxlen: 24
78.39.40.0/24 maxlen: 24
78.39.43.0/24 maxlen: 24
78.39.50.0/24 maxlen: 24
78.39.46.0/24 maxlen: 24
78.39.49.0/24 maxlen: 24
78.39.48.0/24 maxlen: 24
78.39.51.0/24 maxlen: 24
78.39.47.0/24 maxlen: 24
78.39.58.0/24 maxlen: 24
78.39.54.0/24 maxlen: 24
78.39.57.0/24 maxlen: 24
78.39.53.0/24 maxlen: 24
78.39.56.0/24 maxlen: 24
78.39.55.0/24 maxlen: 24
78.39.62.0/23 maxlen: 24
78.39.59.0/24 maxlen: 24
2.189.48.0/21 maxlen: 24
2.189.64.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b1:77:c1:7b:62:37:b5:91:5b:22:5e:10:7f:4c:22:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Nov 9 00:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=321298b2fc8158415dc7454a7385a1cd51ead66b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e6:31:43:a9:c5:23:e5:40:1b:b1:ed:cb:d6:
9a:e1:30:27:96:23:8b:ea:e8:a3:58:5c:a6:2a:43:
dc:5d:2c:7c:14:e2:7d:06:b2:f2:ef:8f:16:ba:52:
10:0b:82:d4:9d:fc:5d:d9:ae:38:75:24:54:80:6b:
7d:bb:df:24:92:11:64:e4:eb:fb:72:70:99:b0:97:
57:75:a9:cb:c8:30:73:41:c4:d7:af:7f:cc:38:dc:
cc:f2:b1:61:0d:d6:a6:ba:ca:3c:f4:80:4f:cf:af:
4e:25:57:02:6c:f0:6b:c2:b1:7a:10:81:cd:a1:2b:
31:ed:0a:ce:08:d2:c3:d7:ab:5e:1d:43:4f:24:53:
0d:c3:1c:78:89:be:ad:24:f6:72:4e:59:84:00:1b:
8f:fb:c1:0f:1d:71:fd:5e:ea:72:42:78:06:d5:35:
22:98:06:f2:04:a9:d2:d7:5e:a2:00:26:3f:4b:6f:
0f:f5:7b:85:73:ec:23:75:4b:7e:2e:95:57:16:67:
63:60:d1:0d:0c:42:10:f8:33:6f:49:4d:4e:c8:7f:
fc:ff:ff:91:94:8d:9d:43:a1:52:92:40:35:5d:52:
e3:f2:12:8a:e1:86:29:73:ef:7c:d4:66:aa:5a:d0:
8d:eb:c5:15:bd:2f:f8:4b:31:8a:be:13:f7:2a:8f:
f0:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:12:98:B2:FC:81:58:41:5D:C7:45:4A:73:85:A1:CD:51:EA:D6:6B
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/MhKYsvyBWEFdx0VKc4WhzVHq1ms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.182.172.0/24
2.188.40.0/21
2.188.72.0/22
2.188.160.0/21
2.188.176.0/23
2.188.192.0/18
2.189.48.0/21
2.189.64.0/22
2.189.80.0/20
2.189.160.0/20
78.38.25.0/24
78.38.243.0/24
78.38.246.0/24
78.38.248.0/24
78.38.250.0/23
78.38.254.0/24
78.39.40.0/24
78.39.43.0/24
78.39.46.0-78.39.51.255
78.39.53.0-78.39.59.255
78.39.62.0/23
78.39.153.0/24
78.39.155.0-78.39.156.255
Signature Algorithm: sha256WithRSAEncryption
11:97:4a:d0:92:52:52:30:da:b3:99:55:11:a2:e4:a3:ed:0b:
c5:36:f2:a0:4c:f6:6c:a9:49:69:ac:e0:50:20:a3:57:2d:f2:
77:9a:5c:d2:1c:ea:cd:4f:6c:16:31:cf:31:96:69:d8:c7:c7:
6d:4c:d5:a8:11:e2:5d:e2:13:7a:14:3b:46:d9:31:21:05:fd:
61:08:d6:e2:1e:fb:e7:97:0c:c9:1e:a9:5f:bd:f8:aa:bf:70:
29:7e:d9:09:96:b4:43:b5:1b:74:23:ac:00:a1:97:7c:0c:ca:
34:78:64:42:56:16:c5:68:d2:4b:91:c5:ef:5e:55:57:c9:bf:
cc:75:4d:b0:9f:dd:f8:7f:42:c5:3b:d2:de:55:4c:6a:09:d0:
ff:ff:03:c4:34:94:4e:32:f4:92:dc:2a:7d:f8:b3:88:29:d4:
c6:17:0f:a9:26:bc:c7:60:47:35:ed:4f:de:18:aa:3c:95:e2:
8b:5c:c4:d7:40:b5:55:b1:de:61:f5:13:82:8a:d2:24:2c:0f:
79:fa:c8:98:c5:13:3b:38:f8:8e:31:26:cf:62:d3:ef:6e:4f:
e6:93:e1:97:be:5e:20:a0:52:2b:cf:bf:92:3f:d3:1a:6a:17:
e1:6f:14:95:f1:4b:fb:9f:7a:7f:6e:b5:81:90:24:5e:09:93:
fa:77:45:98
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAYuxd8F7Yje1kVsiXhB/TCJbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMxMTA5MDAyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjEyOThiMmZjODE1ODQxNWRjNzQ1NGE3Mzg1YTFjZDUxZWFkNjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuYxQ6nFI+VAG7Hty9aa4TAnliOL
6uijWFymKkPcXSx8FOJ9BrLy748WulIQC4LUnfxd2a44dSRUgGt9u98kkhFk5Ov7
cnCZsJdXdanLyDBzQcTXr3/MONzM8rFhDdamuso89IBPz69OJVcCbPBrwrF6EIHN
oSsx7QrOCNLD16teHUNPJFMNwxx4ib6tJPZyTlmEABuP+8EPHXH9XupyQngG1TUi
mAbyBKnS116iACY/S28P9XuFc+wjdUt+LpVXFmdjYNENDEIQ+DNvSU1OyH/8//+R
lI2dQ6FSkkA1XVLj8hKK4YYpc+981GaqWtCN68UVvS/4SzGKvhP3Ko/wawIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFDISmLL8gVhBXcdFSnOFoc1R6tZrMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvTWhLWXN2eUJXRUZkeDBWS2M0V2h6VkhxMW1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIDBAAC
tqwDBAMCvCgDBAICvEgDBAMCvKADBAECvLADBAYCvMADBAMCvTADBAICvUADBAQC
vVADBAQCvaADBABOJhkDBABOJvMDBABOJvYDBABOJvgDBAFOJvoDBABOJv4DBABO
JygDBABOJyswDAMEAU4nLgMEAk4nMDAMAwQATic1AwQCTic4AwQBTic+AwQATieZ
MAwDBABOJ5sDBABOJ5wwDQYJKoZIhvcNAQELBQADggEBABGXStCSUlIw2rOZVRGi
5KPtC8U28qBM9mypSWms4FAgo1ct8neaXNIc6s1PbBYxzzGWadjHx21M1agR4l3i
E3oUO0bZMSEF/WEI1uIe++eXDMkeqV+9+Kq/cCl+2QmWtEO1G3QjrAChl3wMyjR4
ZEJWFsVo0kuRxe9eVVfJv8x1TbCf3fh/QsU70t5VTGoJ0P//A8Q0lE4y9JLcKn34
s4gp1MYXD6kmvMdgRzXtT94YqjyV4otcxNdAtVWx3mH1E4KK0iQsD3n6yJjFEzs4
+I4xJs9i0+9uT+aT4Ze+XiCgUivPv5I/0xpqF+FvFJXxS/ufen9utYGQJF4Jk/p3
RZg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:31 2025 by rpki-client