Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/40W6k51I-HtQQ-KfjbvA9DXT7Tg.roa
File: 40W6k51I-HtQQ-KfjbvA9DXT7Tg.roa (raw, json)
Hash identifier: OcPpgDDcmbZ1Sn5faApzGt7vS/lUH+v7LHXa4c8TTjI=
Subject key identifier: E3:45:BA:93:9D:48:F8:7B:50:43:E2:9F:8D:BB:C0:F4:35:D3:ED:38
Certificate issuer: /CN=ca37843f0752224459e6034569a217c8b611564b
Certificate serial: 0CA63A3A
Authority key identifier: CA:37:84:3F:07:52:22:44:59:E6:03:45:69:A2:17:C8:B6:11:56:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjeEPwdSIkRZ5gNFaaIXyLYRVks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/40W6k51I-HtQQ-KfjbvA9DXT7Tg.roa
Signing time: Sat 01 Jan 2022 05:53:10 +0000
ROA not before: Sat 01 Jan 2022 05:53:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19905
IP address blocks: 195.137.228.0/24 maxlen: 24
195.137.229.0/24 maxlen: 24
87.254.96.0/24 maxlen: 24
87.254.97.0/24 maxlen: 24
87.254.98.0/24 maxlen: 24
87.254.102.0/24 maxlen: 24
87.254.103.0/24 maxlen: 24
87.254.104.0/24 maxlen: 24
87.254.105.0/24 maxlen: 24
87.254.99.0/24 maxlen: 24
87.254.100.0/24 maxlen: 24
87.254.101.0/24 maxlen: 24
87.254.109.0/24 maxlen: 24
87.254.110.0/24 maxlen: 24
87.254.111.0/24 maxlen: 24
87.254.112.0/24 maxlen: 24
87.254.106.0/24 maxlen: 24
87.254.107.0/24 maxlen: 24
87.254.108.0/24 maxlen: 24
87.254.116.0/24 maxlen: 24
87.254.117.0/24 maxlen: 24
87.254.118.0/24 maxlen: 24
87.254.113.0/24 maxlen: 24
87.254.114.0/24 maxlen: 24
87.254.115.0/24 maxlen: 24
87.254.119.0/24 maxlen: 24
87.254.123.0/24 maxlen: 24
87.254.124.0/24 maxlen: 24
87.254.125.0/24 maxlen: 24
87.254.120.0/24 maxlen: 24
87.254.121.0/24 maxlen: 24
87.254.122.0/24 maxlen: 24
87.254.126.0/24 maxlen: 24
87.254.127.0/24 maxlen: 24
185.69.216.0/24 maxlen: 24
185.69.217.0/24 maxlen: 24
185.69.218.0/24 maxlen: 24
185.69.219.0/24 maxlen: 24
212.24.192.0/24 maxlen: 24
212.24.193.0/24 maxlen: 24
212.24.194.0/24 maxlen: 24
212.24.199.0/24 maxlen: 24
212.24.195.0/24 maxlen: 24
212.24.196.0/24 maxlen: 24
212.24.197.0/24 maxlen: 24
212.24.198.0/24 maxlen: 24
212.24.200.0/24 maxlen: 24
212.24.201.0/24 maxlen: 24
212.24.206.0/24 maxlen: 24
212.24.202.0/24 maxlen: 24
212.24.203.0/24 maxlen: 24
212.24.204.0/24 maxlen: 24
212.24.205.0/24 maxlen: 24
212.24.207.0/24 maxlen: 24
212.24.208.0/24 maxlen: 24
212.24.213.0/24 maxlen: 24
212.24.209.0/24 maxlen: 24
212.24.210.0/24 maxlen: 24
212.24.211.0/24 maxlen: 24
212.24.212.0/24 maxlen: 24
212.24.216.0/24 maxlen: 24
212.24.217.0/24 maxlen: 24
212.24.218.0/24 maxlen: 24
212.24.219.0/24 maxlen: 24
212.24.214.0/24 maxlen: 24
212.24.215.0/24 maxlen: 24
212.24.220.0/24 maxlen: 24
212.24.221.0/24 maxlen: 24
212.24.222.0/24 maxlen: 24
212.24.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 212220474 (0xca63a3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca37843f0752224459e6034569a217c8b611564b
Validity
Not Before: Jan 1 05:53:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e345ba939d48f87b5043e29f8dbbc0f435d3ed38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:5d:98:b3:d9:50:ea:2a:48:46:84:3a:00:20:
38:1d:4e:65:f2:04:40:be:4b:ee:9c:64:44:ef:92:
ee:1d:5f:57:b3:45:4a:0e:27:99:6a:72:90:02:f6:
3f:c9:00:d0:d0:84:f0:fa:5b:d2:cd:d3:19:b9:c5:
e5:a2:4f:c3:d4:92:2e:fb:45:fc:71:7b:42:f7:76:
28:cf:4e:c4:b9:2f:27:08:ce:19:c2:b4:86:d0:6d:
4c:86:de:55:ea:60:cd:d5:fb:b8:1a:89:ac:11:80:
5e:ed:a2:ea:1c:14:a0:c6:54:1e:c5:49:e4:92:b3:
14:b8:8a:72:fb:58:ca:87:40:a1:c9:70:3e:24:43:
d1:27:0d:0f:01:89:e2:97:77:e7:fe:4c:e5:17:3c:
0e:27:31:bc:5b:02:08:73:2c:29:17:20:9a:2f:ca:
07:7e:cb:3b:6a:d0:5a:8a:e9:bb:18:7f:bf:03:14:
3f:33:6a:89:6d:1c:db:d9:fc:39:d5:5a:78:bb:8d:
3a:38:79:24:27:a3:e2:9c:9a:12:bc:4a:a0:bf:0a:
c3:0f:e8:b3:b5:12:b6:80:c9:3c:c3:e9:7f:29:0a:
52:83:fd:a4:b1:da:e9:6e:70:5a:27:ce:62:77:7d:
ef:4e:cb:c9:c9:e7:66:7e:d8:3e:87:9c:c7:d6:3f:
bf:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:45:BA:93:9D:48:F8:7B:50:43:E2:9F:8D:BB:C0:F4:35:D3:ED:38
X509v3 Authority Key Identifier:
keyid:CA:37:84:3F:07:52:22:44:59:E6:03:45:69:A2:17:C8:B6:11:56:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjeEPwdSIkRZ5gNFaaIXyLYRVks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/40W6k51I-HtQQ-KfjbvA9DXT7Tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/yjeEPwdSIkRZ5gNFaaIXyLYRVks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.96.0/19
185.69.216.0/22
195.137.228.0/23
212.24.192.0/19
Signature Algorithm: sha256WithRSAEncryption
18:57:3a:ed:e1:28:37:7d:f9:ec:6d:4a:44:16:59:3c:cd:99:
6a:d1:b1:a7:d4:d7:d8:1a:78:f5:62:2a:8b:1c:3a:47:ad:ca:
27:e7:05:a5:d1:2f:0c:9f:40:f0:11:f8:56:ea:96:3b:fc:31:
bc:78:26:a1:84:1a:5e:07:54:3f:b3:5d:d8:26:82:f6:53:3c:
26:10:d3:37:1d:68:96:34:f9:50:5b:15:95:33:83:b7:01:cb:
a1:01:bb:27:7d:85:d0:96:7e:6b:3d:da:e0:aa:b3:65:0c:61:
a1:d3:ca:07:02:ed:3c:89:9b:b2:8e:eb:f2:7c:a4:26:b3:01:
59:a3:7c:2f:45:5f:2a:db:23:5c:36:e2:61:37:4c:ea:b8:3c:
4e:5f:3e:4e:ed:98:95:4b:8d:ba:b0:9f:cd:8f:90:dd:2e:ce:
96:ff:2c:ee:ed:dc:75:0b:e5:00:b3:d4:3d:f1:46:66:65:4f:
5b:d2:c9:0e:2a:cf:e0:74:1e:7e:97:94:22:69:ad:1d:ec:0b:
63:9c:b5:3a:75:e7:17:25:ff:10:15:6e:ad:b6:c7:22:b6:bf:
06:15:e5:b5:3f:06:f8:0b:bd:d3:c9:5d:f5:d1:38:67:5c:4f:
7a:9c:06:86:91:0c:f3:94:20:b9:5c:4d:07:00:04:4b:76:11:
7d:11:4f:c9
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEDKY6OjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YTM3ODQzZjA3NTIyMjQ0NTllNjAzNDU2OWEyMTdjOGI2MTE1NjRiMB4XDTIyMDEw
MTA1NTMxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTM0NWJhOTM5ZDQ4
Zjg3YjUwNDNlMjlmOGRiYmMwZjQzNWQzZWQzODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMpdmLPZUOoqSEaEOgAgOB1OZfIEQL5L7pxkRO+S7h1fV7NF
Sg4nmWpykAL2P8kA0NCE8Ppb0s3TGbnF5aJPw9SSLvtF/HF7Qvd2KM9OxLkvJwjO
GcK0htBtTIbeVepgzdX7uBqJrBGAXu2i6hwUoMZUHsVJ5JKzFLiKcvtYyodAoclw
PiRD0ScNDwGJ4pd35/5M5Rc8DicxvFsCCHMsKRcgmi/KB37LO2rQWorpuxh/vwMU
PzNqiW0c29n8OdVaeLuNOjh5JCej4pyaErxKoL8Kww/os7UStoDJPMPpfykKUoP9
pLHa6W5wWifOYnd9707LycnnZn7YPoecx9Y/vzMCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTjRbqTnUj4e1BD4p+Nu8D0NdPtODAfBgNVHSMEGDAWgBTKN4Q/B1IiRFnm
A0VpohfIthFWSzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lqZUVQd2RTSWtSWjVnTkZhYUlYeUxZUlZrcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvZDcxNmNkLWQ3OWYtNDQ4NC05Njg1LThmZTc4NGUzMWU1ZC8x
LzQwVzZrNTFJLUh0UVEtS2ZqYnZBOURYVDdUZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
ZDcxNmNkLWQ3OWYtNDQ4NC05Njg1LThmZTc4NGUzMWU1ZC8xL3lqZUVQd2RTSWtS
WjVnTkZhYUlYeUxZUlZrcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEBVf+YAMEArlF2AMEAcOJ5AMEBdQY
wDANBgkqhkiG9w0BAQsFAAOCAQEAGFc67eEoN3357G1KRBZZPM2ZatGxp9TX2Bp4
9WIqixw6R63KJ+cFpdEvDJ9A8BH4VuqWO/wxvHgmoYQaXgdUP7Nd2CaC9lM8JhDT
Nx1oljT5UFsVlTODtwHLoQG7J32F0JZ+az3a4KqzZQxhodPKBwLtPImbso7r8nyk
JrMBWaN8L0VfKtsjXDbiYTdM6rg8Tl8+Tu2YlUuNurCfzY+Q3S7Olv8s7u3cdQvl
ALPUPfFGZmVPW9LJDirP4HQefpeUImmtHewLY5y1OnXnFyX/EBVurbbHIra/BhXl
tT8G+Au908ld9dE4Z1xPepwGhpEM85QguVxNBwAES3YRfRFPyQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:36 2025 by rpki-client