Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/vB6lmF4-vLJVi2kLbAzroSAX9M0.roa
File: vB6lmF4-vLJVi2kLbAzroSAX9M0.roa (raw, json)
Hash identifier: rwrfcDy6Zi5ml3veRAUxL0vi6unAutTeBuoJaTpRgOY=
Subject key identifier: BC:1E:A5:98:5E:3E:BC:B2:55:8B:69:0B:6C:0C:EB:A1:20:17:F4:CD
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018571B9F0AF6ABC72DA41C19F084079E6FB
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/vB6lmF4-vLJVi2kLbAzroSAX9M0.roa
Signing time: Mon 02 Jan 2023 09:04:49 +0000
ROA not before: Mon 02 Jan 2023 09:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48159
IP address blocks: 2.188.1.0/24 maxlen: 24
2.188.0.0/24 maxlen: 24
2.188.22.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
78.39.240.0/24 maxlen: 24
78.39.149.0/24 maxlen: 24
78.39.150.0/24 maxlen: 24
78.39.151.0/24 maxlen: 24
80.191.56.0/24 maxlen: 24
217.219.236.0/22 maxlen: 22
78.38.0.0/16 maxlen: 16
217.218.67.0/24 maxlen: 24
2.185.18.0/24 maxlen: 24
2.185.40.0/21 maxlen: 21
78.38.160.0/19 maxlen: 19
2.188.64.0/21 maxlen: 21
2.188.76.0/24 maxlen: 24
2.176.128.0/17 maxlen: 17
2.185.0.0/20 maxlen: 20
2.185.0.0/16 maxlen: 16
78.39.0.0/16 maxlen: 16
2.185.164.0/24 maxlen: 24
2.185.160.0/19 maxlen: 19
2.189.1.0/24 maxlen: 24
2.188.179.0/24 maxlen: 24
2.185.88.0/22 maxlen: 22
217.219.0.0/16 maxlen: 16
2.188.185.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
2.188.187.0/24 maxlen: 24
2.177.0.0/16 maxlen: 16
2.189.68.0/24 maxlen: 24
2.189.72.0/24 maxlen: 24
2.191.0.0/16 maxlen: 16
80.191.0.0/16 maxlen: 16
217.218.0.0/17 maxlen: 17
217.218.0.0/16 maxlen: 16
2.189.42.0/24 maxlen: 24
2.189.43.0/24 maxlen: 24
2.189.56.0/24 maxlen: 24
2.189.58.0/24 maxlen: 24
2.182.128.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b9:f0:af:6a:bc:72:da:41:c1:9f:08:40:79:e6:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 09:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc1ea5985e3ebcb2558b690b6c0ceba12017f4cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b9:c2:7f:7a:30:50:39:50:8c:d7:0c:81:d7:
e8:bb:18:7d:44:d4:9a:79:65:43:d8:64:80:7c:60:
f1:1b:b3:be:c5:41:c5:64:14:bc:c4:09:30:ee:a8:
4c:f8:c2:18:0a:b3:b2:12:0d:c3:fa:a4:20:e0:17:
7a:d6:c7:cd:05:4b:ec:62:6f:f5:c4:b2:f0:ed:9b:
8c:6d:97:5b:0b:48:d6:f7:e7:b7:78:7f:38:fc:fe:
04:4e:4f:c3:b5:f4:c4:4b:79:bf:60:de:66:d5:0a:
0e:93:6f:4d:3b:76:96:9e:90:9e:16:da:cb:90:a1:
16:bc:54:ec:6a:3a:b4:26:d7:4b:1c:97:18:e7:75:
1f:0c:31:14:07:e1:91:ea:58:74:67:12:a6:ff:8b:
bc:f0:17:81:9f:38:2a:1b:d6:d9:75:34:91:b1:81:
27:e3:eb:36:df:0f:50:e0:02:10:ac:f7:b0:cc:b7:
d5:d1:7d:28:af:64:99:24:8c:de:8b:16:00:31:9e:
4b:81:8b:41:3c:72:77:5b:c1:cc:67:7f:bd:a5:1d:
2c:ef:2c:dc:b8:bf:57:4e:ef:ae:90:99:a8:af:31:
8e:49:ab:b7:a3:da:8f:54:85:71:e4:34:e9:21:39:
6d:d5:b8:fa:0a:69:fe:97:28:12:31:00:98:a6:f0:
b7:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:1E:A5:98:5E:3E:BC:B2:55:8B:69:0B:6C:0C:EB:A1:20:17:F4:CD
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/vB6lmF4-vLJVi2kLbAzroSAX9M0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.128.0-2.177.255.255
2.182.128.0/21
2.185.0.0/16
2.188.0.0/23
2.188.22.0/24
2.188.28.0/24
2.188.64.0/21
2.188.76.0/24
2.188.179.0/24
2.188.184.0/23
2.188.187.0/24
2.189.1.0/24
2.189.42.0/23
2.189.56.0/24
2.189.58.0/24
2.189.68.0/24
2.189.72.0/24
2.191.0.0/16
78.38.0.0/15
80.191.0.0/16
217.218.0.0/15
Signature Algorithm: sha256WithRSAEncryption
41:64:6b:d1:4f:a6:40:5d:b9:66:44:3b:10:7c:8e:e3:3f:32:
20:68:b1:56:97:ba:7e:92:a9:9e:ad:ff:6d:75:07:62:4b:55:
10:0a:0f:5a:8c:68:65:87:dd:d9:d8:93:75:15:bd:a6:0d:f0:
dc:23:39:f0:b1:25:e1:2a:5e:21:f7:59:4c:84:cc:52:6a:7d:
2a:80:96:67:4b:7b:e0:91:21:23:81:56:25:00:9d:79:36:1f:
5b:0e:16:9f:47:8f:7d:87:c5:b5:e4:dd:86:b8:a1:d0:86:1a:
2c:74:5f:28:16:9e:e4:11:18:3d:39:6e:85:b1:8b:0c:73:9c:
d0:47:9f:bd:76:74:36:26:f5:7f:5d:41:83:8c:77:13:7a:5c:
7c:51:db:fc:a8:bb:1e:13:e4:0c:6d:15:d6:9f:57:8a:9f:16:
f3:74:ff:3e:33:8b:ce:9e:26:98:c2:13:6c:40:3d:8d:eb:f6:
e5:e5:1d:06:0f:e3:10:ac:6c:4e:14:a9:fc:a3:12:d4:4e:c4:
3e:3d:1d:7e:65:2e:a2:7b:93:8d:78:ca:99:f9:04:f7:be:69:
5f:3d:bc:8c:bb:61:1d:35:e9:58:2d:3f:cd:7d:c1:2a:72:71:
a9:76:0d:96:49:2d:a8:3d:59:16:dd:fb:fb:1e:a9:6d:74:0e:
5f:17:a5:ff
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYVxufCvarxy2kHBnwhAeeb7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwMTAyMDkwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzFlYTU5ODVlM2ViY2IyNTU4YjY5MGI2YzBjZWJhMTIwMTdmNGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbnCf3owUDlQjNcMgdfouxh9RNSa
eWVD2GSAfGDxG7O+xUHFZBS8xAkw7qhM+MIYCrOyEg3D+qQg4Bd61sfNBUvsYm/1
xLLw7ZuMbZdbC0jW9+e3eH84/P4ETk/DtfTES3m/YN5m1QoOk29NO3aWnpCeFtrL
kKEWvFTsajq0JtdLHJcY53UfDDEUB+GR6lh0ZxKm/4u88BeBnzgqG9bZdTSRsYEn
4+s23w9Q4AIQrPewzLfV0X0or2SZJIzeixYAMZ5LgYtBPHJ3W8HMZ3+9pR0s7yzc
uL9XTu+ukJmorzGOSau3o9qPVIVx5DTpITlt1bj6Cmn+lygSMQCYpvC36QIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFLwepZhePryyVYtpC2wM66EgF/TNMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvdkI2bG1GNC12TEpWaTJrTGJBenJvU0FYOU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYAwCwME
BwKwgAMDAQKwAwQDAraAAwMAArkDBAECvAADBAACvBYDBAACvBwDBAMCvEADBAAC
vEwDBAACvLMDBAECvLgDBAACvLsDBAACvQEDBAECvSoDBAACvTgDBAACvToDBAAC
vUQDBAACvUgDAwACvwMDAU4mAwMAUL8DAwHZ2jANBgkqhkiG9w0BAQsFAAOCAQEA
QWRr0U+mQF25ZkQ7EHyO4z8yIGixVpe6fpKpnq3/bXUHYktVEAoPWoxoZYfd2diT
dRW9pg3w3CM58LEl4SpeIfdZTITMUmp9KoCWZ0t74JEhI4FWJQCdeTYfWw4Wn0eP
fYfFteTdhrih0IYaLHRfKBae5BEYPTluhbGLDHOc0EefvXZ0Nib1f11Bg4x3E3pc
fFHb/Ki7HhPkDG0V1p9Xip8W83T/PjOLzp4mmMITbEA9jev25eUdBg/jEKxsThSp
/KMS1E7EPj0dfmUuonuTjXjKmfkE975pXz28jLthHTXpWC0/zX3BKnJxqXYNlkkt
qD1ZFt37+x6pbXQOXxel/w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:55 2025 by rpki-client