Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/aaxVRs42IjzfIZoGejxoKfzwk4U.roa
File: aaxVRs42IjzfIZoGejxoKfzwk4U.roa (raw, json)
Hash identifier: GOTB1yOJsKDNRd1PEMHIzSAwabcwxChRYnSmiweFnWM=
Subject key identifier: 69:AC:55:46:CE:36:22:3C:DF:21:9A:06:7A:3C:68:29:FC:F0:93:85
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 2AF3DA90
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/aaxVRs42IjzfIZoGejxoKfzwk4U.roa
Signing time: Sat 01 Jan 2022 13:57:54 +0000
ROA not before: Sat 01 Jan 2022 13:57:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43939
IP address blocks: 178.252.0.0/18 maxlen: 25
194.242.0.0/23 maxlen: 24
89.187.224.0/19 maxlen: 24
193.19.122.0/23 maxlen: 24
194.150.238.0/23 maxlen: 24
188.114.95.0/24 maxlen: 24
77.87.136.0/21 maxlen: 24
193.107.196.0/22 maxlen: 22
93.181.128.0/18 maxlen: 24
193.151.64.0/23 maxlen: 23
193.151.64.0/22 maxlen: 24
83.143.96.0/21 maxlen: 24
91.220.225.0/24 maxlen: 24
91.146.192.0/18 maxlen: 24
193.227.100.0/24 maxlen: 24
84.234.32.0/20 maxlen: 24
89.200.152.0/21 maxlen: 24
217.197.64.0/20 maxlen: 24
193.238.40.0/22 maxlen: 24
62.69.192.0/18 maxlen: 18
194.187.180.0/22 maxlen: 24
80.238.64.0/19 maxlen: 25
185.2.36.0/22 maxlen: 24
91.150.128.0/19 maxlen: 24
178.214.128.0/19 maxlen: 19
90.156.0.0/17 maxlen: 24
77.88.128.0/18 maxlen: 24
84.234.0.0/20 maxlen: 24
193.58.232.0/24 maxlen: 24
194.146.128.0/22 maxlen: 24
91.142.192.0/20 maxlen: 24
193.105.180.0/24 maxlen: 24
84.38.96.0/20 maxlen: 24
87.99.0.0/18 maxlen: 24
5.57.128.0/18 maxlen: 20
195.225.248.0/22 maxlen: 24
91.215.228.0/22 maxlen: 24
95.155.64.0/18 maxlen: 24
194.33.185.0/24 maxlen: 24
194.6.204.0/22 maxlen: 24
195.222.100.0/22 maxlen: 24
195.74.56.0/22 maxlen: 24
87.239.72.0/21 maxlen: 21
91.145.128.0/18 maxlen: 25
85.202.208.0/20 maxlen: 24
193.239.224.0/23 maxlen: 24
195.128.180.0/23 maxlen: 24
83.142.56.0/21 maxlen: 21
193.138.140.0/22 maxlen: 22
91.195.232.0/23 maxlen: 24
91.202.172.0/22 maxlen: 24
2a00:1d18::/32 maxlen: 32
2a02:2270::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 720624272 (0x2af3da90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 1 13:57:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69ac5546ce36223cdf219a067a3c6829fcf09385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:32:e8:01:c7:2b:54:6e:bf:47:1b:4c:60:df:
5b:9a:22:e5:19:2a:ae:1a:9c:ac:ef:41:cd:4c:61:
3c:81:82:57:8e:45:56:8c:27:30:b5:3a:d7:2d:b3:
5e:56:1c:2b:3a:41:f0:10:0e:74:5b:35:08:c4:41:
2e:8d:16:dd:6c:8e:ea:64:ed:5e:60:0a:c5:4a:da:
94:ee:5f:8d:c4:38:2c:40:71:5a:3b:84:e6:4c:8e:
07:59:ab:ea:06:a7:85:76:94:f8:fa:51:bf:50:59:
6e:43:41:b7:87:06:cb:fa:41:2e:91:f0:a4:79:5a:
86:76:8e:bc:30:37:3a:ca:74:e1:7c:67:20:db:71:
d9:7e:2c:9a:9b:3a:f8:5e:16:e5:7e:55:1c:c9:c9:
21:7b:16:b1:13:e3:55:94:64:c6:9b:5c:8b:3e:ed:
4c:8d:1c:a9:bd:9b:d6:51:72:8b:04:19:58:39:e5:
fe:81:ca:e8:e8:10:f2:d6:88:34:e4:56:29:10:b4:
c1:51:f8:d7:d6:f4:cf:a1:4c:17:e9:ce:ef:ce:95:
8d:4c:53:72:7f:6e:b0:79:fa:af:dd:46:34:d7:ff:
89:97:6f:b3:00:b7:1f:d4:e0:25:7f:f7:65:43:71:
fd:59:98:97:30:5d:95:c6:40:af:3e:f3:07:75:a4:
9a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:AC:55:46:CE:36:22:3C:DF:21:9A:06:7A:3C:68:29:FC:F0:93:85
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/aaxVRs42IjzfIZoGejxoKfzwk4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.128.0/18
62.69.192.0/18
77.87.136.0/21
77.88.128.0/18
80.238.64.0/19
83.142.56.0/21
83.143.96.0/21
84.38.96.0/20
84.234.0.0/20
84.234.32.0/20
85.202.208.0/20
87.99.0.0/18
87.239.72.0/21
89.187.224.0/19
89.200.152.0/21
90.156.0.0/17
91.142.192.0/20
91.145.128.0/18
91.146.192.0/18
91.150.128.0/19
91.195.232.0/23
91.202.172.0/22
91.215.228.0/22
91.220.225.0/24
93.181.128.0/18
95.155.64.0/18
178.214.128.0/19
178.252.0.0/18
185.2.36.0/22
188.114.95.0/24
193.19.122.0/23
193.58.232.0/24
193.105.180.0/24
193.107.196.0/22
193.138.140.0/22
193.151.64.0/22
193.227.100.0/24
193.238.40.0/22
193.239.224.0/23
194.6.204.0/22
194.33.185.0/24
194.146.128.0/22
194.150.238.0/23
194.187.180.0/22
194.242.0.0/23
195.74.56.0/22
195.128.180.0/23
195.222.100.0/22
195.225.248.0/22
217.197.64.0/20
IPv6:
2a00:1d18::/32
2a02:2270::/32
Signature Algorithm: sha256WithRSAEncryption
8c:78:fb:7b:45:78:60:f7:6c:0c:7f:8f:c9:58:bb:1d:06:b6:
b0:42:70:bf:17:c6:fe:0f:3a:ee:7f:68:92:73:93:b0:a0:a0:
03:e4:d3:2a:9c:82:71:f9:ff:5b:c0:9b:40:a0:4a:2e:8b:3a:
04:e6:c0:3f:90:a8:97:15:96:c2:41:13:70:56:9e:62:0a:7a:
3e:d5:b0:8c:ac:c7:a8:ea:e0:8e:db:b3:c3:5c:0a:8b:71:8c:
c7:88:4d:9a:f4:d2:a7:a9:ac:86:50:e2:fa:f2:dc:92:ff:75:
2e:07:14:e5:78:17:da:7d:9d:e7:94:11:95:c8:e6:d0:77:17:
e5:6d:78:1d:e1:aa:d1:1b:aa:50:bf:ce:ea:ae:ed:b3:94:27:
49:65:5c:f2:af:4a:2d:06:f7:9f:15:05:a7:fc:80:fa:4e:27:
be:ba:fe:60:ab:dc:71:a5:e8:cd:e5:84:c0:7f:9d:7c:c6:4d:
0e:f3:72:74:41:14:e4:e2:65:70:5d:47:91:fb:ce:96:0a:49:
75:91:81:3a:d6:5d:c7:1f:c5:35:da:ec:e4:ad:49:fc:3b:78:
eb:30:df:e2:77:ee:02:21:4b:c7:a9:18:73:83:ef:b5:92:c1:
84:f8:5c:bf:99:46:8b:01:3c:6c:14:9a:4b:65:7d:a4:fa:a4:
1c:85:32:b5
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgIEKvPakDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTk1NDQ5OTk3NzI3OGE3NTU3MGIzNDAzZjRkM2FhMDBiMWIzNmU4MB4XDTIyMDEw
MTEzNTc1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjlhYzU1NDZjZTM2
MjIzY2RmMjE5YTA2N2EzYzY4MjlmY2YwOTM4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMIy6AHHK1Ruv0cbTGDfW5oi5RkqrhqcrO9BzUxhPIGCV45F
VownMLU61y2zXlYcKzpB8BAOdFs1CMRBLo0W3WyO6mTtXmAKxUralO5fjcQ4LEBx
WjuE5kyOB1mr6ganhXaU+PpRv1BZbkNBt4cGy/pBLpHwpHlahnaOvDA3Osp04Xxn
INtx2X4smps6+F4W5X5VHMnJIXsWsRPjVZRkxptciz7tTI0cqb2b1lFyiwQZWDnl
/oHK6OgQ8taINORWKRC0wVH419b0z6FMF+nO786VjUxTcn9usHn6r91GNNf/iZdv
swC3H9TgJX/3ZUNx/VmYlzBdlcZArz7zB3WkmhECAwEAAaOCA08wggNLMB0GA1Ud
DgQWBBRprFVGzjYiPN8hmgZ6PGgp/PCThTAfBgNVHSMEGDAWgBS5lUSZl3J4p1Vw
s0A/TTqgCxs26DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VaVkVtWmR5ZUtkVmNMTkFQMDA2b0FzYk51Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvNzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8x
L2FheFZSczQySWp6Zklab0dlanhvS2Z6d2s0VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
Nzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8xL3VaVkVtWmR5ZUtk
VmNMTkFQMDA2b0FzYk51Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AWMGCCsGAQUFBwEHAQH/BIIBUjCCAU4wggE0BAIAATCCASwDBAYFOYADBAY+RcAD
BANNV4gDBAZNWIADBAVQ7kADBANTjjgDBANTj2ADBARUJmADBARU6gADBARU6iAD
BARVytADBAZXYwADBANX70gDBAVZu+ADBANZyJgDBAdanAADBARbjsADBAZbkYAD
BAZbksADBAVbloADBAFbw+gDBAJbyqwDBAJb1+QDBABb3OEDBAZdtYADBAZfm0AD
BAWy1oADBAay/AADBAK5AiQDBAC8cl8DBAHBE3oDBADBOugDBADBabQDBALBa8QD
BALBiowDBALBl0ADBADB42QDBALB7igDBAHB7+ADBALCBswDBADCIbkDBALCkoAD
BAHClu4DBALCu7QDBAHC8gADBALDSjgDBAHDgLQDBALD3mQDBALD4fgDBATZxUAw
FAQCAAIwDgMFACoAHRgDBQAqAiJwMA0GCSqGSIb3DQEBCwUAA4IBAQCMePt7RXhg
92wMf4/JWLsdBrawQnC/F8b+Dzruf2iSc5OwoKAD5NMqnIJx+f9bwJtAoEouizoE
5sA/kKiXFZbCQRNwVp5iCno+1bCMrMeo6uCO27PDXAqLcYzHiE2a9NKnqayGUOL6
8tyS/3UuBxTleBfafZ3nlBGVyObQdxflbXgd4arRG6pQv87qru2zlCdJZVzyr0ot
BvefFQWn/ID6Tie+uv5gq9xxpejN5YTAf518xk0O83J0QRTk4mVwXUeR+86WCkl1
kYE61l3HH8U12uzkrUn8O3jrMN/id+4CIUvHqRhzg++1ksGE+Fy/mUaLATxsFJpL
ZX2k+qQchTK1
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:37:00 2025 by rpki-client