Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/FPuKnKMOqdxFbFOGmDtPywUWBi4.roa
File: FPuKnKMOqdxFbFOGmDtPywUWBi4.roa (raw, json)
Hash identifier: bVe6WkX6zI8kAe9OGFFW9DrKtcIYq2FB/ePnpjg3+jk=
Subject key identifier: 14:FB:8A:9C:A3:0E:A9:DC:45:6C:53:86:98:3B:4F:CB:05:16:06:2E
Certificate issuer: /CN=2875f185823dbc6a82d105b3ca16077db5729377
Certificate serial: 3457A539
Authority key identifier: 28:75:F1:85:82:3D:BC:6A:82:D1:05:B3:CA:16:07:7D:B5:72:93:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHXxhYI9vGqC0QWzyhYHfbVyk3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/FPuKnKMOqdxFbFOGmDtPywUWBi4.roa
Signing time: Tue 15 Feb 2022 12:59:33 +0000
ROA not before: Tue 15 Feb 2022 12:59:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 185.60.4.0/24 maxlen: 24
185.60.5.0/24 maxlen: 24
185.60.6.0/24 maxlen: 24
185.60.7.0/24 maxlen: 24
149.19.179.0/24 maxlen: 24
149.19.176.0/24 maxlen: 24
149.19.177.0/24 maxlen: 24
149.19.178.0/24 maxlen: 24
195.206.186.0/24 maxlen: 24
195.206.184.0/24 maxlen: 24
195.206.185.0/24 maxlen: 24
195.206.187.0/24 maxlen: 24
195.206.188.0/24 maxlen: 24
195.206.189.0/24 maxlen: 24
195.206.190.0/24 maxlen: 24
195.206.191.0/24 maxlen: 24
185.91.43.0/24 maxlen: 24
185.91.40.0/24 maxlen: 24
185.91.41.0/24 maxlen: 24
185.91.42.0/24 maxlen: 24
185.86.23.0/24 maxlen: 24
185.86.20.0/24 maxlen: 24
185.86.21.0/24 maxlen: 24
185.86.22.0/24 maxlen: 24
185.2.79.0/24 maxlen: 24
185.34.80.0/24 maxlen: 24
185.34.81.0/24 maxlen: 24
185.34.82.0/24 maxlen: 24
185.34.83.0/24 maxlen: 24
185.61.88.0/24 maxlen: 24
185.61.89.0/24 maxlen: 24
185.61.90.0/24 maxlen: 24
185.61.91.0/24 maxlen: 24
37.157.48.0/24 maxlen: 24
37.157.49.0/24 maxlen: 24
37.157.50.0/24 maxlen: 24
37.157.51.0/24 maxlen: 24
37.157.52.0/24 maxlen: 24
37.157.53.0/24 maxlen: 24
37.157.54.0/24 maxlen: 24
37.157.55.0/24 maxlen: 24
185.2.76.0/24 maxlen: 24
185.2.77.0/24 maxlen: 24
185.2.78.0/24 maxlen: 24
2a00:b840::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 878159161 (0x3457a539)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2875f185823dbc6a82d105b3ca16077db5729377
Validity
Not Before: Feb 15 12:59:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=14fb8a9ca30ea9dc456c5386983b4fcb0516062e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c6:19:d2:a6:2f:9f:27:87:76:69:d7:a8:d8:
cd:ca:85:65:aa:d8:a8:03:28:89:cb:c7:0a:bd:a7:
d8:f1:15:50:3a:fc:56:82:72:b7:55:ba:e1:ca:81:
72:de:fc:f0:12:ef:5a:82:02:5b:0a:6e:26:a3:51:
13:0f:29:22:c9:41:2a:93:0a:a7:a1:16:3c:a2:e5:
16:74:71:64:51:a5:47:2d:d6:74:6a:39:0b:2c:cd:
72:8e:7f:68:df:5b:5a:80:5b:fe:64:3f:0f:6d:27:
04:ad:ca:e6:79:d0:bf:e0:01:b4:f6:f7:e0:4c:b4:
a8:87:09:71:2d:c6:c6:4f:d4:0e:ef:5e:c8:b9:32:
94:c5:a9:e0:49:dc:2f:5c:0a:24:95:95:c7:2b:eb:
4d:08:09:85:b5:fd:b5:fe:62:e3:b3:d8:b3:83:98:
e8:f2:3c:77:ed:bb:6c:86:3f:af:56:13:0e:af:a4:
0b:dc:a0:f7:fb:b0:09:64:90:96:07:e1:dc:f4:54:
3e:a9:20:f5:ed:3d:26:fd:72:ff:98:a9:ee:3e:69:
63:4f:16:95:2e:93:75:c4:f8:ad:17:97:12:23:84:
81:2b:40:e4:ff:c4:21:da:9c:f1:70:be:86:e1:49:
9a:9a:05:f2:78:a2:4d:a7:ae:85:90:8b:aa:ac:62:
ab:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:FB:8A:9C:A3:0E:A9:DC:45:6C:53:86:98:3B:4F:CB:05:16:06:2E
X509v3 Authority Key Identifier:
keyid:28:75:F1:85:82:3D:BC:6A:82:D1:05:B3:CA:16:07:7D:B5:72:93:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHXxhYI9vGqC0QWzyhYHfbVyk3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/FPuKnKMOqdxFbFOGmDtPywUWBi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/KHXxhYI9vGqC0QWzyhYHfbVyk3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.48.0/21
149.19.176.0/22
185.2.76.0/22
185.34.80.0/22
185.60.4.0/22
185.61.88.0/22
185.86.20.0/22
185.91.40.0/22
195.206.184.0/21
IPv6:
2a00:b840::/29
Signature Algorithm: sha256WithRSAEncryption
3f:d5:85:46:ff:2c:4e:7c:1c:bd:16:df:9d:74:22:91:f0:50:
31:09:19:cc:11:7a:ec:a0:b5:a9:01:ab:9d:af:ad:26:54:82:
c6:e2:72:8e:45:f0:58:ee:20:c4:51:95:ee:ec:8e:f7:de:f7:
8e:fa:87:12:93:19:91:1d:a8:14:6f:0d:e7:b9:0d:f0:24:c4:
56:62:26:e7:c4:b6:ac:fe:60:ff:02:d7:cb:7a:3e:51:17:0c:
a2:0a:49:41:c2:47:b7:70:cd:ce:95:e7:2c:ba:ba:85:b1:0f:
05:d8:a6:7f:35:5f:6b:55:11:f0:3c:42:64:02:2a:05:56:6b:
65:53:71:d4:ca:28:f5:ee:46:4b:7b:85:db:e8:31:4f:93:d9:
9c:03:11:61:9e:59:ed:9d:96:12:24:3d:8d:f6:7d:69:50:55:
24:4e:8d:7d:ea:a6:b9:4a:72:ac:b2:11:49:8c:4d:e2:06:8e:
51:dd:39:fb:d5:90:c0:2e:4c:99:47:64:65:6a:d9:62:bb:63:
1e:e4:03:41:ec:ec:98:80:46:0f:49:9b:66:58:52:0c:5c:a4:
7e:35:1a:a7:e6:67:b1:72:4d:46:91:4e:fb:5c:1d:62:7f:36:
a3:34:8d:3d:e0:1d:f4:a9:56:0f:0d:20:e6:76:0d:e4:a8:fb:
3c:33:81:e2
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIENFelOTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ODc1ZjE4NTgyM2RiYzZhODJkMTA1YjNjYTE2MDc3ZGI1NzI5Mzc3MB4XDTIyMDIx
NTEyNTkzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTRmYjhhOWNhMzBl
YTlkYzQ1NmM1Mzg2OTgzYjRmY2IwNTE2MDYyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALvGGdKmL58nh3Zp16jYzcqFZarYqAMoicvHCr2n2PEVUDr8
VoJyt1W64cqBct788BLvWoICWwpuJqNREw8pIslBKpMKp6EWPKLlFnRxZFGlRy3W
dGo5CyzNco5/aN9bWoBb/mQ/D20nBK3K5nnQv+ABtPb34Ey0qIcJcS3Gxk/UDu9e
yLkylMWp4EncL1wKJJWVxyvrTQgJhbX9tf5i47PYs4OY6PI8d+27bIY/r1YTDq+k
C9yg9/uwCWSQlgfh3PRUPqkg9e09Jv1y/5ip7j5pY08WlS6TdcT4rReXEiOEgStA
5P/EIdqc8XC+huFJmpoF8niiTaeuhZCLqqxiq4cCAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBQU+4qcow6p3EVsU4aYO0/LBRYGLjAfBgNVHSMEGDAWgBQodfGFgj28aoLR
BbPKFgd9tXKTdzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tIWHhoWUk5dkdxQzBRV3p5aFlIZmJWeWszYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvYTA0ZGE2LTk4ODctNDJhNS04ZWQ3LTk0ZTVkNDljYzYyOC8x
L0ZQdUtuS01PcWR4RmJGT0dtRHRQeXdVV0JpNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
YTA0ZGE2LTk4ODctNDJhNS04ZWQ3LTk0ZTVkNDljYzYyOC8xL0tIWHhoWUk5dkdx
QzBRV3p5aFlIZmJWeWszYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEAyWdMAMEApUTsAMEArkCTAMEArki
UAMEArk8BAMEArk9WAMEArlWFAMEArlbKAMEA8POuDANBAIAAjAHAwUDKgC4QDAN
BgkqhkiG9w0BAQsFAAOCAQEAP9WFRv8sTnwcvRbfnXQikfBQMQkZzBF67KC1qQGr
na+tJlSCxuJyjkXwWO4gxFGV7uyO9973jvqHEpMZkR2oFG8N57kN8CTEVmIm58S2
rP5g/wLXy3o+URcMogpJQcJHt3DNzpXnLLq6hbEPBdimfzVfa1UR8DxCZAIqBVZr
ZVNx1Moo9e5GS3uF2+gxT5PZnAMRYZ5Z7Z2WEiQ9jfZ9aVBVJE6NfeqmuUpyrLIR
SYxN4gaOUd05+9WQwC5MmUdkZWrZYrtjHuQDQezsmIBGD0mbZlhSDFykfjUap+Zn
sXJNRpFO+1wdYn82ozSNPeAd9KlWDw0g5nYN5Kj7PDOB4g==
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:50:24 2025 by rpki-client