Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/rxDX_ZbkRoAlgkUqcgGdB4bRL5g.roa
File: rxDX_ZbkRoAlgkUqcgGdB4bRL5g.roa (raw, json)
Hash identifier: tPGNyUOyOpPncsvS5Ud9Po4+1lsDngrn/WPjfnZfSQY=
Subject key identifier: AF:10:D7:FD:96:E4:46:80:25:82:45:2A:72:01:9D:07:86:D1:2F:98
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 0188164AA0BD3416C1ECF35EBA29A976BE64
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/rxDX_ZbkRoAlgkUqcgGdB4bRL5g.roa
Signing time: Sat 13 May 2023 18:06:09 +0000
ROA not before: Sat 13 May 2023 18:06:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49666
IP address blocks: 2.188.0.0/24 maxlen: 24
2.188.1.0/24 maxlen: 24
2.188.0.0/16 maxlen: 24
2.188.9.0/24 maxlen: 24
2.188.7.0/24 maxlen: 24
2.188.17.0/24 maxlen: 24
2.188.12.0/22 maxlen: 22
2.188.22.0/24 maxlen: 24
2.188.23.0/24 maxlen: 24
2.188.30.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
2.176.0.0/17 maxlen: 17
78.39.155.0/24 maxlen: 24
78.38.0.0/16 maxlen: 24
217.218.67.0/24 maxlen: 24
2.188.64.0/21 maxlen: 21
2.176.128.0/17 maxlen: 17
2.188.76.0/24 maxlen: 24
195.146.63.0/24 maxlen: 24
2.185.0.0/16 maxlen: 16
78.38.245.0/24 maxlen: 24
78.38.253.0/24 maxlen: 24
78.39.0.0/16 maxlen: 24
2.189.3.0/24 maxlen: 24
2.189.1.0/24 maxlen: 24
2.189.0.0/16 maxlen: 24
2.188.179.0/24 maxlen: 24
2.188.186.0/24 maxlen: 24
2.188.181.0/24 maxlen: 24
2.188.185.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
2.188.187.0/24 maxlen: 24
2.177.0.0/16 maxlen: 16
2.189.72.0/24 maxlen: 24
217.218.0.0/16 maxlen: 24
2.189.44.0/24 maxlen: 24
2.189.63.0/24 maxlen: 24
2001:4188:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:16:4a:a0:bd:34:16:c1:ec:f3:5e:ba:29:a9:76:be:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: May 13 18:06:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af10d7fd96e446802582452a72019d0786d12f98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fd:50:22:7b:f8:5a:23:d5:f7:73:d0:08:9c:
86:de:7a:00:1a:22:d1:13:7e:1f:8e:5c:44:f4:7d:
3d:90:c1:cf:74:72:36:a3:0a:d6:85:98:ed:c8:41:
df:98:b9:fa:f4:eb:ab:a1:14:99:33:40:ae:9d:45:
af:0f:ce:d7:0c:63:c3:8d:dc:83:dd:cd:49:ef:68:
b4:5a:ae:2d:48:68:1e:c9:7c:f6:e2:c1:eb:eb:be:
03:3a:38:37:6e:5c:da:e1:53:39:ea:8c:ff:81:21:
4c:1e:3e:bf:42:67:18:3b:d1:86:39:01:79:b6:f9:
05:b1:62:70:8f:38:ea:08:3b:56:4a:bd:e4:5d:e8:
94:29:c0:62:89:85:2c:54:c7:bb:be:a2:c4:35:ee:
b6:16:c2:0e:7d:b5:bd:4a:bf:ad:66:15:8f:46:96:
fa:4e:53:c7:95:9d:4b:10:76:b6:04:46:6f:20:4c:
0d:c1:dd:53:6c:46:8d:0c:7b:f0:68:b8:29:c5:55:
a9:22:29:37:ff:e2:66:6f:5c:e4:19:dc:71:6f:e8:
64:d4:2b:7b:4b:e5:13:a7:92:b6:0a:5b:cd:bb:c7:
40:1a:68:4b:68:7c:96:36:ae:50:07:b2:5a:94:14:
5d:b8:f3:b9:94:93:a4:a2:8d:7b:ba:5d:ea:ec:ac:
0d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:10:D7:FD:96:E4:46:80:25:82:45:2A:72:01:9D:07:86:D1:2F:98
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/rxDX_ZbkRoAlgkUqcgGdB4bRL5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.0.0/15
2.185.0.0/16
2.188.0.0/15
78.38.0.0/15
195.146.63.0/24
217.218.0.0/16
IPv6:
2001:4188:2::/48
Signature Algorithm: sha256WithRSAEncryption
22:fb:8b:86:e9:72:37:70:24:a1:dc:57:18:8a:b8:4c:ab:92:
9b:9d:0b:df:16:30:dc:be:1a:f1:46:3e:b2:b0:5f:87:e0:8e:
22:d2:4a:7b:be:37:f0:f5:3b:3f:7a:66:5e:e5:9f:62:00:67:
c8:63:6f:6e:0e:96:99:14:42:88:e1:97:1b:81:b6:5d:9e:72:
8d:6d:eb:94:07:47:07:a7:21:92:d2:29:83:1d:97:84:d3:76:
6c:d4:af:1e:74:80:9d:74:e3:c7:84:84:c2:8a:31:9d:80:a0:
56:9a:12:87:1d:ce:bb:4d:15:3d:cb:dd:a7:7c:c6:40:1e:c9:
6c:8d:b1:9f:aa:2d:a7:f3:f6:a1:83:3a:58:6c:48:3c:32:08:
87:24:5e:ca:40:fb:2b:bf:3b:de:de:3a:b7:c8:19:94:4d:4b:
92:b3:35:49:32:cd:97:8f:52:76:a1:c6:09:d4:bd:d4:85:23:
ef:31:94:c3:f6:7d:f7:89:db:f5:80:08:c4:53:a2:e0:e0:e9:
3a:59:6d:82:19:50:a7:7b:02:4d:ba:94:2f:df:f1:3f:ed:74:
c3:e5:63:05:0b:59:f4:2b:f4:e1:d7:ce:6c:e3:9e:86:7b:06:
3e:1a:7f:7d:b6:d1:8d:d4:9d:04:0c:7d:8b:4a:ce:0b:34:4a:
bf:02:b8:92
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYgWSqC9NBbB7PNeuimpdr5kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNTEzMTgwNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjEwZDdmZDk2ZTQ0NjgwMjU4MjQ1MmE3MjAxOWQwNzg2ZDEyZjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/1QInv4WiPV93PQCJyG3noAGiLR
E34fjlxE9H09kMHPdHI2owrWhZjtyEHfmLn69OuroRSZM0CunUWvD87XDGPDjdyD
3c1J72i0Wq4tSGgeyXz24sHr674DOjg3blza4VM56oz/gSFMHj6/QmcYO9GGOQF5
tvkFsWJwjzjqCDtWSr3kXeiUKcBiiYUsVMe7vqLENe62FsIOfbW9Sr+tZhWPRpb6
TlPHlZ1LEHa2BEZvIEwNwd1TbEaNDHvwaLgpxVWpIik3/+Jmb1zkGdxxb+hk1Ct7
S+UTp5K2ClvNu8dAGmhLaHyWNq5QB7JalBRduPO5lJOkoo17ul3q7KwNtwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFK8Q1/2W5EaAJYJFKnIBnQeG0S+YMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvcnhEWF9aYmtSb0FsZ2tVcWNnR2RCNGJSTDVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAlBAIAATAfAwMBArADAwAC
uQMDAQK8AwMBTiYDBADDkj8DAwDZ2jAPBAIAAjAJAwcAIAFBiAACMA0GCSqGSIb3
DQEBCwUAA4IBAQAi+4uG6XI3cCSh3FcYirhMq5KbnQvfFjDcvhrxRj6ysF+H4I4i
0kp7vjfw9Ts/emZe5Z9iAGfIY29uDpaZFEKI4ZcbgbZdnnKNbeuUB0cHpyGS0imD
HZeE03Zs1K8edICddOPHhITCijGdgKBWmhKHHc67TRU9y92nfMZAHslsjbGfqi2n
8/ahgzpYbEg8MgiHJF7KQPsrvzve3jq3yBmUTUuSszVJMs2Xj1J2ocYJ1L3UhSPv
MZTD9n33idv1gAjEU6Lg4Ok6WW2CGVCnewJNupQv3/E/7XTD5WMFC1n0K/Th185s
456GewY+Gn99ttGN1J0EDH2LSs4LNEq/AriS
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:25 2025 by rpki-client