Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/L-MdmB7WQV3ATz8hOhKRC-euOzQ.roa
File: L-MdmB7WQV3ATz8hOhKRC-euOzQ.roa (raw, json)
Hash identifier: hkIliwfoQamRU0A3Uk+rYPDTInt4aHwtzVciIuVR70I=
Subject key identifier: 2F:E3:1D:98:1E:D6:41:5D:C0:4F:3F:21:3A:12:91:0B:E7:AE:3B:34
Certificate issuer: /CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Certificate serial: 01838977BD1C2B324827363238BFF85ECB4C
Authority key identifier: D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/L-MdmB7WQV3ATz8hOhKRC-euOzQ.roa
Signing time: Thu 29 Sep 2022 13:37:49 +0000
ROA not before: Thu 29 Sep 2022 13:37:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49544
IP address blocks: 185.41.140.0/22 maxlen: 22
213.179.192.0/19 maxlen: 19
213.179.192.0/22 maxlen: 22
213.179.196.0/22 maxlen: 22
91.216.207.0/24 maxlen: 24
188.122.64.0/19 maxlen: 24
91.198.152.0/24 maxlen: 24
185.52.12.0/22 maxlen: 24
185.50.104.0/22 maxlen: 22
213.163.64.0/19 maxlen: 24
162.245.204.0/22 maxlen: 22
5.200.0.0/19 maxlen: 24
185.179.202.0/23 maxlen: 24
213.179.204.0/22 maxlen: 22
213.179.200.0/22 maxlen: 22
185.179.200.0/23 maxlen: 24
213.179.210.0/23 maxlen: 23
213.179.209.0/24 maxlen: 24
213.179.212.0/22 maxlen: 22
213.179.216.0/22 maxlen: 22
212.19.224.0/22 maxlen: 22
213.179.220.0/22 maxlen: 22
146.247.76.0/22 maxlen: 22
109.200.192.0/19 maxlen: 24
109.200.194.0/23 maxlen: 23
109.200.208.0/22 maxlen: 22
162.244.52.0/22 maxlen: 23
185.197.24.0/22 maxlen: 23
104.153.84.0/22 maxlen: 22
193.43.218.0/23 maxlen: 23
31.204.132.0/22 maxlen: 22
31.204.128.0/19 maxlen: 24
31.204.156.0/23 maxlen: 23
138.128.136.0/22 maxlen: 22
91.195.234.0/23 maxlen: 23
138.128.140.0/22 maxlen: 22
2a01:9580::/32 maxlen: 34
2a04:c600::/29 maxlen: 34
2a00:1630::/29 maxlen: 32
2a00:1631::/32 maxlen: 32
2a00:1637::/32 maxlen: 32
2a00:1d26::/32 maxlen: 34
2a00:1630::/32 maxlen: 48
2a00:1632::/32 maxlen: 32
2a00:1d20::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:89:77:bd:1c:2b:32:48:27:36:32:38:bf:f8:5e:cb:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Validity
Not Before: Sep 29 13:37:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2fe31d981ed6415dc04f3f213a12910be7ae3b34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:2d:22:e3:36:44:35:df:38:79:50:85:24:c9:
58:5f:63:8e:86:6b:11:d3:15:b1:1c:77:5c:60:b6:
fe:3a:ec:e5:07:9b:63:24:d9:72:78:5a:6e:a0:e4:
fb:35:86:95:c1:d3:8a:47:84:6e:2f:25:17:c6:a7:
10:4f:8e:c5:16:b0:0b:53:a0:2b:71:df:af:8d:b7:
36:60:08:ba:db:82:b9:19:46:4e:60:93:d8:4c:6a:
f1:42:ac:2e:95:d0:e7:60:ee:6f:d0:91:b8:3d:f7:
6a:83:03:fd:31:83:52:f5:da:96:50:53:6e:1e:24:
06:1c:cd:93:85:e6:f6:2d:06:5e:80:6e:72:a7:74:
60:0a:03:91:14:a1:b5:48:bf:7f:f7:62:7b:39:7d:
b3:dd:34:20:a5:90:6f:7e:0f:8c:49:7e:c0:92:5e:
61:47:12:30:8d:63:09:90:c1:c0:e0:73:5f:89:5e:
03:76:ac:92:06:92:9d:43:c0:87:0f:9e:44:d5:7e:
c8:66:3b:f2:dc:17:36:3c:39:68:a1:3b:30:f4:11:
e8:b7:72:cf:c5:5f:33:8e:3b:45:71:28:ad:90:1c:
49:f2:71:3f:eb:38:19:61:b2:c0:e2:48:29:85:11:
01:6e:9b:9f:dc:65:82:fc:7c:85:75:ae:d4:21:7d:
5c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:E3:1D:98:1E:D6:41:5D:C0:4F:3F:21:3A:12:91:0B:E7:AE:3B:34
X509v3 Authority Key Identifier:
keyid:D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/L-MdmB7WQV3ATz8hOhKRC-euOzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.200.0.0/19
31.204.128.0/19
91.195.234.0/23
91.198.152.0/24
91.216.207.0/24
104.153.84.0/22
109.200.192.0/19
138.128.136.0/21
146.247.76.0/22
162.244.52.0/22
162.245.204.0/22
185.41.140.0/22
185.50.104.0/22
185.52.12.0/22
185.179.200.0/22
185.197.24.0/22
188.122.64.0/19
193.43.218.0/23
212.19.224.0/22
213.163.64.0/19
213.179.192.0/19
IPv6:
2a00:1630::/29
2a00:1d20::/29
2a01:9580::/32
2a04:c600::/29
Signature Algorithm: sha256WithRSAEncryption
22:a2:22:5e:87:25:db:ad:d2:57:53:84:80:ab:00:8e:c0:ff:
03:c5:27:18:3a:a9:d8:6d:24:83:6a:4d:24:5a:98:c4:88:28:
a3:10:82:b0:83:d4:ff:2b:4f:07:33:fe:fe:66:31:63:bf:b7:
63:34:1f:8b:f0:9c:3e:18:2e:4d:58:5c:4e:c2:70:5d:17:9a:
09:62:bc:f1:cd:aa:72:34:e5:d0:99:ac:9d:fc:01:ae:d3:94:
2b:8f:26:17:ec:01:89:98:31:6a:66:9b:c7:8b:31:b8:fc:aa:
f6:97:f3:f7:92:52:6c:98:0e:3d:a2:fd:24:b8:4d:7b:34:11:
d8:eb:46:4a:8e:74:62:1d:29:c5:b4:30:4f:e0:a9:78:11:54:
e6:d1:4c:f0:d4:ab:ef:c3:de:78:e1:06:26:cd:f4:1e:ee:75:
67:f9:1e:e7:a9:57:2a:dc:6e:53:f5:b7:15:49:61:ed:a1:7b:
7d:98:3d:52:e3:c2:eb:83:23:ff:88:0e:41:85:7a:9c:4c:d5:
a0:68:8c:b5:aa:42:d8:f4:3a:40:12:9d:e6:68:2f:55:55:0b:
1d:08:0c:c4:8c:42:f1:9d:35:36:3b:f7:5b:cc:5b:6a:ac:70:
f9:b8:f7:a0:78:75:9b:5f:81:e7:46:31:cc:c2:c2:d6:ea:88:
5a:67:e9:d5
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAYOJd70cKzJIJzYyOL/4XstMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTcwM2RiMzAyMGNjMWVmMmZkNzEwOTFhNDY4ZjRhNjQ5
YzIzOGYwHhcNMjIwOTI5MTMzNzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmUzMWQ5ODFlZDY0MTVkYzA0ZjNmMjEzYTEyOTEwYmU3YWUzYjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5y0i4zZENd84eVCFJMlYX2OOhmsR
0xWxHHdcYLb+OuzlB5tjJNlyeFpuoOT7NYaVwdOKR4RuLyUXxqcQT47FFrALU6Ar
cd+vjbc2YAi624K5GUZOYJPYTGrxQqwuldDnYO5v0JG4PfdqgwP9MYNS9dqWUFNu
HiQGHM2Theb2LQZegG5yp3RgCgORFKG1SL9/92J7OX2z3TQgpZBvfg+MSX7Akl5h
RxIwjWMJkMHA4HNfiV4DdqySBpKdQ8CHD55E1X7IZjvy3Bc2PDlooTsw9BHot3LP
xV8zjjtFcSitkBxJ8nE/6zgZYbLA4kgphREBbpuf3GWC/HyFda7UIX1ciwIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFC/jHZge1kFdwE8/IToSkQvnrjs0MB8GA1UdIwQY
MBaAFNQXA9swIMwe8v1xCRpGj0pknCOPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYt
NDhkMzFjNzVmMzFlLzEvTC1NZG1CN1dRVjNBVHo4aE9oS1JDLWV1T3pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYtNDhkMzFjNzVmMzFl
LzEvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzCBhAQCAAEwfgMEBQXI
AAMEBR/MgAMEAVvD6gMEAFvGmAMEAFvYzwMEAmiZVAMEBW3IwAMEA4qAiAMEApL3
TAMEAqL0NAMEAqL1zAMEArkpjAMEArkyaAMEArk0DAMEArmzyAMEArnFGAMEBbx6
QAMEAcEr2gMEAtQT4AMEBdWjQAMEBdWzwDAiBAIAAjAcAwUDKgAWMAMFAyoAHSAD
BQAqAZWAAwUDKgTGADANBgkqhkiG9w0BAQsFAAOCAQEAIqIiXocl263SV1OEgKsA
jsD/A8UnGDqp2G0kg2pNJFqYxIgooxCCsIPU/ytPBzP+/mYxY7+3YzQfi/CcPhgu
TVhcTsJwXReaCWK88c2qcjTl0JmsnfwBrtOUK48mF+wBiZgxamabx4sxuPyq9pfz
95JSbJgOPaL9JLhNezQR2OtGSo50Yh0pxbQwT+CpeBFU5tFM8NSr78PeeOEGJs30
Hu51Z/ke56lXKtxuU/W3FUlh7aF7fZg9UuPC64Mj/4gOQYV6nEzVoGiMtapC2PQ6
QBKd5mgvVVULHQgMxIxC8Z01Njv3W8xbaqxw+bj3oHh1m1+B50YxzMLC1uqIWmfp
1Q==
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:20:15 2025 by rpki-client