Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/RwVK9HP1ZtHGCp4H64f-ebggALQ.roa
File: RwVK9HP1ZtHGCp4H64f-ebggALQ.roa (raw, json)
Hash identifier: +Kh3i2UN7goa8Gm9LQW6AiYUKLXkYLzdolMBsrO+Mko=
Subject key identifier: 47:05:4A:F4:73:F5:66:D1:C6:0A:9E:07:EB:87:FE:79:B8:20:00:B4
Certificate issuer: /CN=574cca899ef5bf4237f0f6bdd1779221b20052f3
Certificate serial: 0188940E1A24983B19A3D61077171BC1CCC3
Authority key identifier: 57:4C:CA:89:9E:F5:BF:42:37:F0:F6:BD:D1:77:92:21:B2:00:52:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V0zKiZ71v0I38Pa90XeSIbIAUvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/RwVK9HP1ZtHGCp4H64f-ebggALQ.roa
Signing time: Wed 07 Jun 2023 04:12:12 +0000
ROA not before: Wed 07 Jun 2023 04:12:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12365
IP address blocks: 185.78.136.0/22 maxlen: 22
89.146.84.0/22 maxlen: 22
89.146.80.0/22 maxlen: 22
82.215.92.0/22 maxlen: 22
89.146.88.0/22 maxlen: 22
82.215.112.0/22 maxlen: 22
89.146.96.0/22 maxlen: 22
89.146.92.0/22 maxlen: 22
89.146.104.0/22 maxlen: 22
82.215.116.0/22 maxlen: 22
81.95.224.0/20 maxlen: 20
89.146.100.0/22 maxlen: 22
89.146.112.0/22 maxlen: 22
82.215.124.0/22 maxlen: 22
89.146.108.0/22 maxlen: 22
82.215.120.0/22 maxlen: 22
89.146.116.0/22 maxlen: 22
89.146.124.0/22 maxlen: 22
89.146.120.0/22 maxlen: 22
82.215.68.0/23 maxlen: 23
82.215.66.0/23 maxlen: 23
89.146.64.0/22 maxlen: 22
82.215.77.0/24 maxlen: 24
82.215.78.0/23 maxlen: 23
82.215.72.0/22 maxlen: 22
82.215.85.0/24 maxlen: 24
89.146.68.0/22 maxlen: 22
89.146.64.0/18 maxlen: 18
82.215.80.0/22 maxlen: 22
89.146.76.0/22 maxlen: 22
82.215.88.0/21 maxlen: 21
82.215.88.0/22 maxlen: 22
82.215.86.0/23 maxlen: 23
89.146.72.0/22 maxlen: 22
2a00:8841::/32 maxlen: 32
2a00:8840:f000::/36 maxlen: 36
2a00:8840::/32 maxlen: 32
2a00:8842::/32 maxlen: 32
2a00:8846::/32 maxlen: 32
2a00:8843::/32 maxlen: 32
2a00:8844::/32 maxlen: 32
2a00:8845::/32 maxlen: 32
2a00:8847::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:94:0e:1a:24:98:3b:19:a3:d6:10:77:17:1b:c1:cc:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=574cca899ef5bf4237f0f6bdd1779221b20052f3
Validity
Not Before: Jun 7 04:12:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47054af473f566d1c60a9e07eb87fe79b82000b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:02:fe:be:0d:7a:5e:f8:01:fe:52:29:c4:65:
71:62:47:70:d8:38:11:12:c9:ce:d6:f4:2d:91:58:
a9:a9:0b:c2:d2:34:0e:d4:de:b1:90:de:1b:6b:49:
89:40:5b:09:68:77:7b:e8:76:1f:ab:35:fa:d1:f5:
1d:1c:56:ce:a8:69:c5:13:e6:aa:5f:fd:44:70:81:
85:ed:c4:15:1e:9e:30:25:fb:aa:0e:e8:c4:3f:15:
9c:43:9a:37:b7:2c:d7:e7:44:12:bd:31:77:82:83:
31:4d:d5:0f:a0:8b:32:ae:ca:e5:91:2b:09:ec:24:
27:c1:70:ac:db:8e:a6:ce:53:75:da:e7:19:88:7b:
42:76:24:06:83:11:0b:05:f5:b6:2c:dd:e3:ac:3e:
c3:4b:f3:8b:e1:09:3a:8a:4d:9f:9c:c3:a6:81:c6:
e1:f8:b6:88:49:d4:d7:5d:ee:dc:91:b3:7f:98:e4:
c9:6a:af:17:8d:20:4a:c1:79:8e:15:1b:4c:c5:9b:
bd:6d:e2:94:e8:f0:15:8c:5a:3f:af:ee:39:30:ee:
f1:f2:93:7a:42:69:15:c0:9e:a4:e2:96:67:2e:d5:
f0:0c:63:e9:fd:8a:98:24:b6:38:0b:e0:0a:c9:31:
6a:1b:4b:5b:e6:01:57:6e:bd:12:b3:0e:8f:46:00:
37:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:05:4A:F4:73:F5:66:D1:C6:0A:9E:07:EB:87:FE:79:B8:20:00:B4
X509v3 Authority Key Identifier:
keyid:57:4C:CA:89:9E:F5:BF:42:37:F0:F6:BD:D1:77:92:21:B2:00:52:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V0zKiZ71v0I38Pa90XeSIbIAUvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/RwVK9HP1ZtHGCp4H64f-ebggALQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/V0zKiZ71v0I38Pa90XeSIbIAUvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.224.0/20
82.215.66.0-82.215.69.255
82.215.72.0/22
82.215.77.0-82.215.83.255
82.215.85.0-82.215.95.255
82.215.112.0/20
89.146.64.0/18
185.78.136.0/22
IPv6:
2a00:8840::/29
Signature Algorithm: sha256WithRSAEncryption
44:d5:a6:44:5c:33:87:c3:15:b8:79:d7:89:3c:6d:a5:27:a7:
96:cf:d4:d7:3e:c7:1b:16:ce:92:22:2b:00:f8:fe:a4:f5:92:
6f:94:90:3b:eb:20:7e:e6:c7:14:2c:82:6a:bb:90:a3:8c:6f:
f1:4d:cf:50:2f:32:d0:e0:8a:17:47:81:44:3a:6e:3e:80:f1:
06:d5:1d:f0:20:0d:06:e5:0a:6e:00:e6:e7:4c:11:20:12:f2:
9d:13:a0:23:19:40:91:10:3b:18:37:90:70:63:46:e3:2d:f0:
59:fb:1b:89:86:39:16:44:f9:ba:31:d8:d6:8f:cb:9c:9f:1b:
00:51:60:fb:c0:4d:37:3c:4d:bf:36:a6:47:b2:d4:ec:c6:4d:
49:31:40:12:c4:04:57:15:e6:df:48:6d:c2:95:a1:4d:2b:65:
cb:3e:a7:cd:9e:4a:84:db:01:73:48:27:5c:d9:29:cc:0d:a9:
9b:bb:83:be:8e:12:79:3e:1e:8b:95:04:de:7b:9e:8d:3e:1c:
f8:27:4a:79:e6:14:85:9b:b9:c3:39:25:33:97:2f:8f:f4:c4:
81:fd:22:87:ae:93:71:4a:68:38:ab:85:dc:60:8e:6b:1b:6e:
29:95:a4:88:b3:b4:cd:7b:d7:17:40:6d:4e:cb:be:08:9e:e2:
14:7a:5f:6c
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYiUDhokmDsZo9YQdxcbwczDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NGNjYTg5OWVmNWJmNDIzN2YwZjZiZGQxNzc5MjIxYjIw
MDUyZjMwHhcNMjMwNjA3MDQxMjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzA1NGFmNDczZjU2NmQxYzYwYTllMDdlYjg3ZmU3OWI4MjAwMGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgL+vg16XvgB/lIpxGVxYkdw2DgR
EsnO1vQtkVipqQvC0jQO1N6xkN4ba0mJQFsJaHd76HYfqzX60fUdHFbOqGnFE+aq
X/1EcIGF7cQVHp4wJfuqDujEPxWcQ5o3tyzX50QSvTF3goMxTdUPoIsyrsrlkSsJ
7CQnwXCs246mzlN12ucZiHtCdiQGgxELBfW2LN3jrD7DS/OL4Qk6ik2fnMOmgcbh
+LaISdTXXe7ckbN/mOTJaq8XjSBKwXmOFRtMxZu9beKU6PAVjFo/r+45MO7x8pN6
QmkVwJ6k4pZnLtXwDGPp/YqYJLY4C+AKyTFqG0tb5gFXbr0Ssw6PRgA30wIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFEcFSvRz9WbRxgqeB+uH/nm4IAC0MB8GA1UdIwQY
MBaAFFdMyome9b9CN/D2vdF3kiGyAFLzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjB6S2laNzF2MEkzOFBhOTBYZVNJYklBVXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC85MzhhYmQtMTAxOS00ZTdhLWFhODIt
ZWUxMTI2YTI4MTk1LzEvUndWSzlIUDFadEhHQ3A0SDY0Zi1lYmdnQUxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC85MzhhYmQtMTAxOS00ZTdhLWFhODItZWUxMTI2YTI4MTk1
LzEvVjB6S2laNzF2MEkzOFBhOTBYZVNJYklBVXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQEUV/gMAwD
BAFS10IDBAFS10QDBAJS10gwDAMEAFLXTQMEAlLXUDAMAwQAUtdVAwQFUtdAAwQE
UtdwAwQGWZJAAwQCuU6IMA0EAgACMAcDBQMqAIhAMA0GCSqGSIb3DQEBCwUAA4IB
AQBE1aZEXDOHwxW4edeJPG2lJ6eWz9TXPscbFs6SIisA+P6k9ZJvlJA76yB+5scU
LIJqu5CjjG/xTc9QLzLQ4IoXR4FEOm4+gPEG1R3wIA0G5QpuAObnTBEgEvKdE6Aj
GUCREDsYN5BwY0bjLfBZ+xuJhjkWRPm6MdjWj8ucnxsAUWD7wE03PE2/NqZHstTs
xk1JMUASxARXFebfSG3ClaFNK2XLPqfNnkqE2wFzSCdc2SnMDambu4O+jhJ5Ph6L
lQTee56NPhz4J0p55hSFm7nDOSUzly+P9MSB/SKHrpNxSmg4q4XcYI5rG24plaSI
s7TNe9cXQG1Oy74InuIUel9s
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:28 2025 by rpki-client