Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/BWudaVm6CwbqKkuyP0AfXHXwRjk.roa
File: BWudaVm6CwbqKkuyP0AfXHXwRjk.roa (raw, json)
Hash identifier: h+XXcusBCJTDoL6B15H4sSCYIJfGjgsag6JaRWMma/k=
Subject key identifier: 05:6B:9D:69:59:BA:0B:06:EA:2A:4B:B2:3F:40:1F:5C:75:F0:46:39
Certificate issuer: /CN=2988a3c688e8eb1fef06c374a7aa5cf8fd778e0f
Certificate serial: 0185723A154D97B15B13534F98BF03907367
Authority key identifier: 29:88:A3:C6:88:E8:EB:1F:EF:06:C3:74:A7:AA:5C:F8:FD:77:8E:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYijxojo6x_vBsN0p6pc-P13jg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/BWudaVm6CwbqKkuyP0AfXHXwRjk.roa
Signing time: Mon 02 Jan 2023 11:24:47 +0000
ROA not before: Mon 02 Jan 2023 11:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25106
IP address blocks: 176.60.4.0/22 maxlen: 22
176.60.0.0/18 maxlen: 24
176.60.44.0/22 maxlen: 22
176.60.40.0/22 maxlen: 22
46.56.114.0/23 maxlen: 23
46.56.125.0/24 maxlen: 24
176.60.128.0/18 maxlen: 24
176.60.132.0/22 maxlen: 22
176.60.64.0/18 maxlen: 24
176.60.80.0/23 maxlen: 23
46.56.56.0/22 maxlen: 24
46.56.60.0/23 maxlen: 23
46.56.62.0/23 maxlen: 23
46.56.64.0/19 maxlen: 24
46.56.96.0/19 maxlen: 24
46.56.40.0/24 maxlen: 24
46.56.41.0/24 maxlen: 24
46.56.42.0/24 maxlen: 24
46.56.40.0/21 maxlen: 21
46.216.184.0/21 maxlen: 21
46.216.192.0/21 maxlen: 21
46.216.192.0/18 maxlen: 24
46.216.128.0/18 maxlen: 24
46.216.144.0/21 maxlen: 21
134.17.208.0/22 maxlen: 24
134.17.208.0/20 maxlen: 24
46.216.152.0/21 maxlen: 21
134.17.224.0/20 maxlen: 24
46.216.246.0/24 maxlen: 24
134.17.16.0/21 maxlen: 21
134.17.17.0/24 maxlen: 24
185.20.112.0/23 maxlen: 23
178.168.160.0/21 maxlen: 21
185.20.114.0/23 maxlen: 23
178.168.168.0/21 maxlen: 24
134.17.24.0/21 maxlen: 21
134.17.24.0/22 maxlen: 22
134.17.28.0/24 maxlen: 24
134.17.32.0/19 maxlen: 19
134.17.32.0/22 maxlen: 22
178.168.180.0/22 maxlen: 22
178.168.192.0/19 maxlen: 24
134.17.64.0/20 maxlen: 20
176.60.176.0/23 maxlen: 23
178.168.128.0/18 maxlen: 24
176.60.184.0/22 maxlen: 22
176.60.192.0/20 maxlen: 20
178.168.144.0/23 maxlen: 23
176.60.192.0/18 maxlen: 24
134.17.0.0/20 maxlen: 24
176.60.208.0/23 maxlen: 23
134.17.124.0/24 maxlen: 24
134.17.128.0/19 maxlen: 19
134.17.128.0/21 maxlen: 21
134.17.136.0/21 maxlen: 21
134.17.144.0/20 maxlen: 20
134.17.160.0/19 maxlen: 19
46.216.0.0/17 maxlen: 24
178.168.220.0/22 maxlen: 22
178.168.224.0/19 maxlen: 24
134.17.79.0/24 maxlen: 24
134.17.80.0/21 maxlen: 21
134.17.80.0/22 maxlen: 22
134.17.88.0/21 maxlen: 24
134.17.89.0/24 maxlen: 24
178.168.242.0/23 maxlen: 23
134.17.96.0/19 maxlen: 19
178.168.253.0/24 maxlen: 24
2a02:bf0:3000::/36 maxlen: 36
2a02:bf0:7000::/36 maxlen: 36
2a02:bf0:6000::/36 maxlen: 36
2a02:bf0:5000::/36 maxlen: 36
2a02:bf0:4000::/36 maxlen: 36
2a02:bf0:1000::/36 maxlen: 36
2a02:bf0::/32 maxlen: 32
2a02:bf0:27::/48 maxlen: 48
2a02:bf0:1002::/48 maxlen: 48
2a02:bf0:2::/48 maxlen: 48
2a02:bf0:26::/48 maxlen: 48
2a02:bf0:29::/48 maxlen: 48
2a02:bf0:10::/44 maxlen: 44
2a02:bf0:1::/48 maxlen: 48
2a02:bf0:25::/48 maxlen: 48
2a02:bf0::/48 maxlen: 48
2a02:bf0:7::/48 maxlen: 48
2a02:bf0:6::/48 maxlen: 48
2a02:bf0:28::/48 maxlen: 48
2a02:bf0:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:15:4d:97:b1:5b:13:53:4f:98:bf:03:90:73:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2988a3c688e8eb1fef06c374a7aa5cf8fd778e0f
Validity
Not Before: Jan 2 11:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=056b9d6959ba0b06ea2a4bb23f401f5c75f04639
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8e:dc:a9:c6:04:63:95:65:ee:20:78:10:38:
ac:e0:da:73:ae:a8:63:43:6b:77:05:80:39:60:98:
cf:4b:29:31:57:29:1b:42:67:ab:99:3f:67:9a:ea:
37:40:d4:63:e7:32:38:6f:f5:26:4e:27:02:9b:65:
9b:87:67:c2:b4:24:e3:a4:49:10:fc:07:e6:42:5c:
a2:de:24:d0:e5:b2:fc:a0:5d:06:7e:81:dd:4e:f9:
95:ab:ad:3c:3c:b2:d1:57:82:7f:5b:90:3e:d2:8e:
ca:a7:3a:80:3c:3b:fc:93:ef:21:c7:f2:69:40:0e:
69:30:ec:97:83:9a:be:07:b8:4f:19:4a:f7:84:c7:
78:89:b1:15:df:a4:78:4b:83:15:0a:be:d2:9a:12:
dd:96:01:a9:da:1e:28:06:db:9c:bf:96:28:ea:fd:
6d:d9:a4:a5:cf:71:47:11:96:6c:09:6a:18:7a:34:
c7:65:7b:7f:53:77:be:26:0b:c2:c5:c8:3f:16:3a:
07:39:80:83:45:04:0e:75:6a:ea:7b:cf:00:27:7d:
ed:8c:cf:d3:2a:9f:dc:4b:9e:08:31:c5:ff:1e:d4:
b9:e3:82:97:25:62:bb:69:80:70:b5:87:9b:e7:9d:
e7:a1:3d:1f:e8:f8:9c:5a:87:ef:fa:41:e0:5e:d9:
e9:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:6B:9D:69:59:BA:0B:06:EA:2A:4B:B2:3F:40:1F:5C:75:F0:46:39
X509v3 Authority Key Identifier:
keyid:29:88:A3:C6:88:E8:EB:1F:EF:06:C3:74:A7:AA:5C:F8:FD:77:8E:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYijxojo6x_vBsN0p6pc-P13jg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/BWudaVm6CwbqKkuyP0AfXHXwRjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/KYijxojo6x_vBsN0p6pc-P13jg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.56.40.0/21
46.56.56.0-46.56.127.255
46.216.0.0/16
134.17.0.0-134.17.191.255
134.17.208.0-134.17.239.255
176.60.0.0/16
178.168.128.0/17
185.20.112.0/22
IPv6:
2a02:bf0::/32
Signature Algorithm: sha256WithRSAEncryption
41:f4:10:da:91:a8:44:c8:88:a1:b3:e8:36:ec:bb:37:53:05:
9f:6d:08:d7:73:d1:c6:ae:bc:cd:10:79:c7:4f:ac:d7:64:4e:
74:de:4f:42:1a:bc:a8:6a:9b:8c:ac:0a:80:c8:4e:ef:ac:8a:
f7:85:dd:50:f4:ba:3b:be:e0:46:ce:e9:7d:1f:70:93:c6:28:
32:29:38:89:ee:e5:9a:5a:95:42:3b:ca:64:28:a4:78:59:7d:
c0:57:c8:af:a5:5f:38:99:6a:d9:d7:8a:20:8e:a5:1f:01:cd:
9a:e2:ed:6c:5f:22:b9:fe:ad:2c:dc:42:6e:1f:c9:bc:45:59:
b8:c8:f8:8a:21:a9:e9:7a:1f:c8:47:60:fc:34:15:98:7f:05:
a9:87:e4:78:9c:b2:55:b1:7e:86:16:d8:cd:76:e9:24:95:21:
02:79:6d:7d:1e:ec:17:2b:2a:5b:11:66:5e:77:37:ed:c4:93:
a2:68:cc:22:9c:b7:d5:56:ec:28:3b:c9:79:08:37:d9:18:ff:
02:ff:20:8a:02:0e:18:f9:f5:f1:16:cd:14:d0:44:c6:7e:e2:
c1:ba:4c:c2:8b:61:a8:a0:c1:68:63:6b:43:05:8e:68:2a:bb:
34:80:41:a2:1e:0b:ee:8e:bf:d8:cd:6e:a6:cd:0a:4d:cf:d4:
f3:36:3f:44
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYVyOhVNl7FbE1NPmL8DkHNnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODhhM2M2ODhlOGViMWZlZjA2YzM3NGE3YWE1Y2Y4ZmQ3
NzhlMGYwHhcNMjMwMTAyMTEyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTZiOWQ2OTU5YmEwYjA2ZWEyYTRiYjIzZjQwMWY1Yzc1ZjA0NjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo47cqcYEY5Vl7iB4EDis4Npzrqhj
Q2t3BYA5YJjPSykxVykbQmermT9nmuo3QNRj5zI4b/UmTicCm2Wbh2fCtCTjpEkQ
/AfmQlyi3iTQ5bL8oF0GfoHdTvmVq608PLLRV4J/W5A+0o7KpzqAPDv8k+8hx/Jp
QA5pMOyXg5q+B7hPGUr3hMd4ibEV36R4S4MVCr7SmhLdlgGp2h4oBtucv5Yo6v1t
2aSlz3FHEZZsCWoYejTHZXt/U3e+JgvCxcg/FjoHOYCDRQQOdWrqe88AJ33tjM/T
Kp/cS54IMcX/HtS544KXJWK7aYBwtYeb553noT0f6PicWofv+kHgXtnpDwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFAVrnWlZugsG6ipLsj9AH1x18EY5MB8GA1UdIwQY
MBaAFCmIo8aI6Osf7wbDdKeqXPj9d44PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lpanhvam82eF92QnNOMHA2cGMtUDEzamc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85ZjUyZDEtYzk1ZC00NTViLWFmMDgt
Y2VjMGRiYzhkMjQ2LzEvQld1ZGFWbTZDd2JxS2t1eVAwQWZYSFh3UmprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85ZjUyZDEtYzk1ZC00NTViLWFmMDgtY2VjMGRiYzhkMjQ2
LzEvS1lpanhvam82eF92QnNOMHA2cGMtUDEzamc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBLBAIAATBFAwQDLjgoMAwD
BAMuODgDBAcuOAADAwAu2DALAwMAhhEDBAaGEYAwDAMEBIYR0AMEBIYR4AMDALA8
AwQHsqiAAwQCuRRwMA0EAgACMAcDBQAqAgvwMA0GCSqGSIb3DQEBCwUAA4IBAQBB
9BDakahEyIihs+g27Ls3UwWfbQjXc9HGrrzNEHnHT6zXZE503k9CGryoapuMrAqA
yE7vrIr3hd1Q9Lo7vuBGzul9H3CTxigyKTiJ7uWaWpVCO8pkKKR4WX3AV8ivpV84
mWrZ14ogjqUfAc2a4u1sXyK5/q0s3EJuH8m8RVm4yPiKIanpeh/IR2D8NBWYfwWp
h+R4nLJVsX6GFtjNdukklSECeW19HuwXKypbEWZedzftxJOiaMwinLfVVuwoO8l5
CDfZGP8C/yCKAg4Y+fXxFs0U0ETGfuLBukzCi2GooMFoY2tDBY5oKrs0gEGiHgvu
jr/YzW6mzQpNz9TzNj9E
-----END CERTIFICATE-----
Generated at Fri Apr 18 04:11:14 2025 by rpki-client