Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/mtHEKSdv7gGePgzE6kKyB4WeI1A.roa
File: mtHEKSdv7gGePgzE6kKyB4WeI1A.roa (raw, json)
Hash identifier: o9cg+cji72GIC7UHmRwnpGwusFcnGapLQE/MQIX1vas=
Subject key identifier: 9A:D1:C4:29:27:6F:EE:01:9E:3E:0C:C4:EA:42:B2:07:85:9E:23:50
Certificate issuer: /CN=e215be4532e9588c40531a7f331eabfbf4770a5e
Certificate serial: 0187097E543606FF561335FF309CE86DCEF4
Authority key identifier: E2:15:BE:45:32:E9:58:8C:40:53:1A:7F:33:1E:AB:FB:F4:77:0A:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/mtHEKSdv7gGePgzE6kKyB4WeI1A.roa
Signing time: Wed 22 Mar 2023 13:24:46 +0000
ROA not before: Wed 22 Mar 2023 13:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48737
IP address blocks: 185.56.239.0/24 maxlen: 24
185.56.236.0/24 maxlen: 24
185.56.237.0/24 maxlen: 24
185.56.238.0/24 maxlen: 24
185.59.73.0/24 maxlen: 24
185.59.74.0/24 maxlen: 24
185.59.75.0/24 maxlen: 24
185.59.72.0/24 maxlen: 24
81.22.97.0/24 maxlen: 24
81.22.98.0/24 maxlen: 24
81.22.96.0/24 maxlen: 24
81.22.104.0/24 maxlen: 24
81.22.105.0/24 maxlen: 24
81.22.101.0/24 maxlen: 24
81.22.102.0/24 maxlen: 24
81.22.103.0/24 maxlen: 24
81.22.99.0/24 maxlen: 24
81.22.100.0/24 maxlen: 24
81.22.111.0/24 maxlen: 24
81.22.108.0/24 maxlen: 24
81.22.109.0/24 maxlen: 24
81.22.110.0/24 maxlen: 24
81.22.106.0/24 maxlen: 24
81.22.107.0/24 maxlen: 24
95.128.58.0/24 maxlen: 24
95.128.56.0/24 maxlen: 24
95.128.57.0/24 maxlen: 24
95.128.62.0/24 maxlen: 24
95.128.63.0/24 maxlen: 24
95.128.59.0/24 maxlen: 24
95.128.60.0/24 maxlen: 24
95.128.61.0/24 maxlen: 24
46.20.144.0/24 maxlen: 24
46.20.145.0/24 maxlen: 24
46.20.150.0/24 maxlen: 24
46.20.151.0/24 maxlen: 24
46.20.152.0/24 maxlen: 24
46.20.147.0/24 maxlen: 24
46.20.148.0/24 maxlen: 24
46.20.149.0/24 maxlen: 24
46.20.146.0/24 maxlen: 24
46.20.157.0/24 maxlen: 24
46.20.158.0/24 maxlen: 24
46.20.159.0/24 maxlen: 24
46.20.154.0/24 maxlen: 24
46.20.155.0/24 maxlen: 24
46.20.156.0/24 maxlen: 24
46.20.153.0/24 maxlen: 24
37.58.16.0/24 maxlen: 24
37.58.17.0/24 maxlen: 24
37.58.23.0/24 maxlen: 24
37.58.19.0/24 maxlen: 24
37.58.20.0/24 maxlen: 24
37.58.21.0/24 maxlen: 24
37.58.22.0/24 maxlen: 24
37.58.18.0/24 maxlen: 24
2a02:dc40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:09:7e:54:36:06:ff:56:13:35:ff:30:9c:e8:6d:ce:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e215be4532e9588c40531a7f331eabfbf4770a5e
Validity
Not Before: Mar 22 13:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ad1c429276fee019e3e0cc4ea42b207859e2350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:c2:8c:b7:1e:6e:96:66:90:82:53:ed:3c:c1:
43:52:71:39:f7:8d:c4:8a:46:65:13:7d:02:b4:5b:
38:a4:47:81:99:fd:ec:eb:b0:fa:44:b1:3d:16:99:
a7:9c:62:8d:04:88:36:86:83:e5:b7:65:3b:28:a6:
56:68:99:20:84:16:3b:6c:fb:5a:1b:f4:0a:b6:aa:
ee:b9:b4:3a:76:f3:0f:06:4a:5a:e1:36:4b:ba:5f:
9f:04:40:25:8c:4f:ed:58:77:77:18:5f:85:d5:3c:
72:ac:ed:c4:af:65:fe:05:9c:1a:1e:ec:49:9e:a3:
07:76:0f:0c:a6:41:d0:c3:95:f1:28:94:b3:09:34:
3c:8b:0e:52:39:f8:8b:89:a3:0a:dd:90:b5:7a:f1:
7c:21:39:ba:49:8e:e2:b2:ee:37:82:bb:6e:b1:e6:
93:34:00:7b:1e:67:d3:74:81:ff:d9:5d:05:fd:43:
ee:03:40:3b:e4:99:e0:53:05:7b:fb:99:b5:f3:02:
cb:50:2d:d9:11:e4:6e:a6:4b:82:84:70:85:fc:bd:
3b:78:52:8a:43:1a:a1:0b:47:9d:b8:e0:35:13:ff:
af:e3:0b:e7:8c:93:8a:71:e5:0e:a0:7a:63:48:7d:
fe:fb:c0:95:84:54:a4:fd:11:97:e5:2f:d4:3d:a3:
13:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D1:C4:29:27:6F:EE:01:9E:3E:0C:C4:EA:42:B2:07:85:9E:23:50
X509v3 Authority Key Identifier:
keyid:E2:15:BE:45:32:E9:58:8C:40:53:1A:7F:33:1E:AB:FB:F4:77:0A:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/mtHEKSdv7gGePgzE6kKyB4WeI1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.58.16.0/21
46.20.144.0/20
81.22.96.0/20
95.128.56.0/21
185.56.236.0/22
185.59.72.0/22
IPv6:
2a02:dc40::/29
Signature Algorithm: sha256WithRSAEncryption
dd:99:db:c6:ac:64:56:e2:29:65:3e:18:11:db:9e:cc:38:57:
7c:f5:5a:da:09:46:74:7b:59:57:75:5d:79:de:5d:7f:59:4a:
5c:b3:0d:1f:d0:e3:4b:59:93:8e:23:ad:14:98:4f:9d:20:64:
ae:8a:c1:95:3e:fb:7d:9d:e8:5c:83:de:f7:39:34:23:21:8a:
e0:00:24:31:73:81:05:96:d1:3b:ad:b8:e8:92:50:db:a9:1e:
01:c8:2c:4e:be:aa:dd:a1:a8:94:eb:d3:d6:29:9b:26:27:ef:
d0:7e:f4:d4:62:6f:e6:42:e4:ac:e7:a7:66:be:57:cf:30:31:
4c:99:ff:15:f4:18:52:64:96:d6:20:e5:12:1e:e9:19:5c:ad:
51:cd:9b:25:21:65:85:02:d8:59:ee:b6:41:25:d3:bd:48:e6:
13:c5:d8:fb:6e:2b:9b:8b:f3:1c:cd:b3:2b:ca:4e:50:49:d7:
41:0f:e1:b4:bf:17:d9:e1:2b:3c:0a:73:f6:c0:90:82:4a:a3:
e1:79:a9:64:ea:ae:44:94:d9:07:49:ea:94:7f:cd:fd:ce:1c:
a5:eb:73:46:93:d8:5b:f4:59:ee:39:a8:c0:5e:c7:7f:0d:9d:
b4:41:d9:44:5c:d1:94:99:ce:08:33:e5:00:7c:f8:ab:12:b4:
89:c6:9b:76
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYcJflQ2Bv9WEzX/MJzobc70MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMTViZTQ1MzJlOTU4OGM0MDUzMWE3ZjMzMWVhYmZiZjQ3
NzBhNWUwHhcNMjMwMzIyMTMyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWQxYzQyOTI3NmZlZTAxOWUzZTBjYzRlYTQyYjIwNzg1OWUyMzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48KMtx5ulmaQglPtPMFDUnE5943E
ikZlE30CtFs4pEeBmf3s67D6RLE9FpmnnGKNBIg2hoPlt2U7KKZWaJkghBY7bPta
G/QKtqruubQ6dvMPBkpa4TZLul+fBEAljE/tWHd3GF+F1TxyrO3Er2X+BZwaHuxJ
nqMHdg8MpkHQw5XxKJSzCTQ8iw5SOfiLiaMK3ZC1evF8ITm6SY7isu43grtuseaT
NAB7HmfTdIH/2V0F/UPuA0A75JngUwV7+5m18wLLUC3ZEeRupkuChHCF/L07eFKK
QxqhC0eduOA1E/+v4wvnjJOKceUOoHpjSH3++8CVhFSk/RGX5S/UPaMTDQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJrRxCknb+4Bnj4MxOpCsgeFniNQMB8GA1UdIwQY
MBaAFOIVvkUy6ViMQFMafzMeq/v0dwpeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGhXLVJUTHBXSXhBVXhwX014NnItX1IzQ2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS80ZWU4NWUtMjJjYi00MmVkLTkwNzEt
NDY1MWZkODAyNzM3LzEvbXRIRUtTZHY3Z0dlUGd6RTZrS3lCNFdlSTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS80ZWU4NWUtMjJjYi00MmVkLTkwNzEtNDY1MWZkODAyNzM3
LzEvNGhXLVJUTHBXSXhBVXhwX014NnItX1IzQ2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDJToQAwQE
LhSQAwQEURZgAwQDX4A4AwQCuTjsAwQCuTtIMA0EAgACMAcDBQMqAtxAMA0GCSqG
SIb3DQEBCwUAA4IBAQDdmdvGrGRW4illPhgR257MOFd89VraCUZ0e1lXdV153l1/
WUpcsw0f0ONLWZOOI60UmE+dIGSuisGVPvt9nehcg973OTQjIYrgACQxc4EFltE7
rbjoklDbqR4ByCxOvqrdoaiU69PWKZsmJ+/QfvTUYm/mQuSs56dmvlfPMDFMmf8V
9BhSZJbWIOUSHukZXK1RzZslIWWFAthZ7rZBJdO9SOYTxdj7biubi/MczbMryk5Q
SddBD+G0vxfZ4Ss8CnP2wJCCSqPhealk6q5ElNkHSeqUf839zhyl63NGk9hb9Fnu
OajAXsd/DZ20QdlEXNGUmc4IM+UAfPirErSJxpt2
-----END CERTIFICATE-----
Generated at Wed Apr 16 19:09:57 2025 by rpki-client