Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/pN4WEKzDR5D9GqkgjKW9et0mZbU.roa
File: pN4WEKzDR5D9GqkgjKW9et0mZbU.roa (raw, json)
Hash identifier: MCh/zzZAJiOErIPlQm1Pz7jhPWClsUqQecHHHu4Gijs=
Subject key identifier: A4:DE:16:10:AC:C3:47:90:FD:1A:A9:20:8C:A5:BD:7A:DD:26:65:B5
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 019130D583434BCF11C4972DAC6C8CFBAF0C
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/pN4WEKzDR5D9GqkgjKW9et0mZbU.roa
Signing time: Thu 08 Aug 2024 07:13:04 +0000
ROA not before: Thu 08 Aug 2024 07:13:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3352
IP address blocks: 2.136.0.0/16 maxlen: 16
2.137.0.0/16 maxlen: 16
2.138.0.0/16 maxlen: 16
2.139.0.0/16 maxlen: 16
79.144.0.0/16 maxlen: 16
79.145.0.0/16 maxlen: 16
79.146.0.0/16 maxlen: 16
79.147.0.0/16 maxlen: 16
79.148.0.0/16 maxlen: 16
80.24.0.0/16 maxlen: 16
80.25.0.0/16 maxlen: 16
80.30.0.0/16 maxlen: 16
80.31.0.0/16 maxlen: 16
80.32.0.0/16 maxlen: 16
80.33.0.0/16 maxlen: 16
80.34.0.0/16 maxlen: 16
80.35.0.0/16 maxlen: 16
80.36.0.0/16 maxlen: 16
80.37.0.0/16 maxlen: 16
80.38.0.0/16 maxlen: 16
80.39.0.0/16 maxlen: 16
80.59.0.0/16 maxlen: 16
81.32.0.0/16 maxlen: 16
81.33.0.0/16 maxlen: 16
81.34.0.0/16 maxlen: 16
81.35.0.0/16 maxlen: 16
81.36.0.0/16 maxlen: 16
81.37.0.0/16 maxlen: 16
81.38.0.0/16 maxlen: 16
81.39.0.0/16 maxlen: 16
81.40.0.0/16 maxlen: 16
81.41.0.0/16 maxlen: 16
81.42.0.0/16 maxlen: 16
81.43.0.0/16 maxlen: 16
81.44.0.0/16 maxlen: 16
83.32.0.0/16 maxlen: 16
83.33.0.0/16 maxlen: 16
83.34.0.0/16 maxlen: 16
83.35.0.0/16 maxlen: 16
83.36.0.0/16 maxlen: 16
83.37.0.0/16 maxlen: 16
83.38.0.0/16 maxlen: 16
83.39.0.0/16 maxlen: 16
83.47.0.0/16 maxlen: 16
83.52.0.0/16 maxlen: 16
83.53.0.0/16 maxlen: 16
83.54.0.0/16 maxlen: 16
83.55.0.0/16 maxlen: 16
83.56.0.0/16 maxlen: 16
83.57.0.0/16 maxlen: 16
83.58.0.0/16 maxlen: 16
83.59.0.0/16 maxlen: 16
83.60.0.0/16 maxlen: 16
83.61.0.0/16 maxlen: 16
83.63.0.0/16 maxlen: 16
88.0.0.0/16 maxlen: 16
88.1.0.0/16 maxlen: 16
88.2.0.0/16 maxlen: 16
88.3.0.0/16 maxlen: 16
88.8.0.0/16 maxlen: 16
88.9.0.0/16 maxlen: 16
88.10.0.0/16 maxlen: 16
88.11.0.0/16 maxlen: 16
88.12.0.0/16 maxlen: 16
88.13.0.0/16 maxlen: 16
88.14.0.0/16 maxlen: 16
88.15.0.0/16 maxlen: 16
88.16.0.0/16 maxlen: 16
88.24.0.0/16 maxlen: 16
88.25.0.0/16 maxlen: 16
88.27.0.0/16 maxlen: 16
88.30.0.0/16 maxlen: 16
176.80.0.0/16 maxlen: 24
176.81.0.0/16 maxlen: 16
176.85.0.0/16 maxlen: 16
192.101.1.0/24 maxlen: 24
194.69.225.0/24 maxlen: 24
194.179.34.0/24 maxlen: 24
194.179.112.0/24 maxlen: 24
194.224.157.0/24 maxlen: 24
195.53.0.0/16 maxlen: 16
195.53.69.0/24 maxlen: 24
195.53.193.0/24 maxlen: 24
195.53.218.0/23 maxlen: 23
195.55.78.0/24 maxlen: 24
195.55.79.0/24 maxlen: 24
195.55.110.0/24 maxlen: 24
195.57.5.0/24 maxlen: 24
195.57.27.0/24 maxlen: 24
195.76.0.0/16 maxlen: 16
195.76.141.0/24 maxlen: 24
195.76.164.0/24 maxlen: 24
195.77.57.0/24 maxlen: 24
195.77.132.0/22 maxlen: 22
195.77.132.0/23 maxlen: 23
195.77.132.0/24 maxlen: 24
195.235.0.0/16 maxlen: 16
195.235.95.0/24 maxlen: 24
195.235.188.0/24 maxlen: 24
195.235.225.0/24 maxlen: 24
195.235.241.0/24 maxlen: 24
195.235.242.0/24 maxlen: 24
212.170.0.0/16 maxlen: 16
212.170.156.0/24 maxlen: 24
212.170.159.0/24 maxlen: 24
213.96.0.0/16 maxlen: 16
213.97.0.0/16 maxlen: 16
213.98.0.0/16 maxlen: 16
213.99.0.0/16 maxlen: 24
213.99.44.0/24 maxlen: 24
213.99.59.0/24 maxlen: 24
217.11.96.0/19 maxlen: 19
217.124.182.0/24 maxlen: 24
217.126.0.0/16 maxlen: 16
217.127.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:30:d5:83:43:4b:cf:11:c4:97:2d:ac:6c:8c:fb:af:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Aug 8 07:13:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4de1610acc34790fd1aa9208ca5bd7add2665b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:50:81:06:6c:38:b6:3e:6e:39:5c:ed:bc:69:
90:dc:60:d9:8a:91:eb:65:e2:27:48:79:3d:34:ef:
92:8c:b2:40:cd:48:01:2d:6d:c3:52:9c:a1:23:8f:
0d:61:fb:90:61:99:8c:2a:26:03:ef:3d:fa:e1:3b:
fb:15:ba:03:39:da:b2:e6:0c:a8:4d:df:8b:fe:de:
97:8a:b9:f2:c4:d9:52:f1:6a:3f:f6:57:1a:6b:54:
6f:b4:69:81:19:df:72:2f:e9:05:5a:8d:f7:b8:89:
f2:2e:3e:92:58:b6:9b:15:cc:b6:6d:de:4a:cf:e7:
3c:24:ae:22:63:d3:3b:8c:af:8a:e7:95:22:ce:db:
7a:c7:ae:33:7f:22:4a:f2:39:24:6e:23:5e:7e:d8:
42:8b:b0:a3:35:57:8d:bb:06:cf:93:ee:84:00:4f:
26:93:4a:7a:ea:ff:a0:4b:ee:17:58:66:16:10:19:
e8:7b:40:d2:25:d9:96:7e:cd:66:62:8c:75:a0:c9:
b2:ac:41:d3:e2:5c:f1:80:f9:c5:31:f7:28:92:fb:
d8:e0:c2:8a:9c:ba:8b:99:1e:4f:fb:e1:c2:bf:06:
c6:01:70:90:ed:96:96:1c:b1:e6:90:c1:b0:7e:cf:
89:73:75:05:05:06:2b:c7:1a:9b:5c:a1:fe:80:17:
b2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:DE:16:10:AC:C3:47:90:FD:1A:A9:20:8C:A5:BD:7A:DD:26:65:B5
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/pN4WEKzDR5D9GqkgjKW9et0mZbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.136.0.0/14
79.144.0.0-79.148.255.255
80.24.0.0/15
80.30.0.0-80.39.255.255
80.59.0.0/16
81.32.0.0-81.44.255.255
83.32.0.0/13
83.47.0.0/16
83.52.0.0-83.61.255.255
83.63.0.0/16
88.0.0.0/14
88.8.0.0-88.16.255.255
88.24.0.0/15
88.27.0.0/16
88.30.0.0/16
176.80.0.0/15
176.85.0.0/16
192.101.1.0/24
194.69.225.0/24
194.179.34.0/24
194.179.112.0/24
194.224.157.0/24
195.53.0.0/16
195.55.78.0/23
195.55.110.0/24
195.57.5.0/24
195.57.27.0/24
195.76.0.0/16
195.77.57.0/24
195.77.132.0/22
195.235.0.0/16
212.170.0.0/16
213.96.0.0/14
217.11.96.0/19
217.124.182.0/24
217.126.0.0/15
Signature Algorithm: sha256WithRSAEncryption
cf:b8:b9:47:52:7f:a9:be:a6:94:66:ee:a1:e5:b2:24:e1:c8:
14:d9:42:0c:6e:43:f1:7c:67:81:c9:8e:69:8a:6d:4c:71:c5:
a5:47:42:c0:06:1a:bb:90:41:35:4a:ad:2a:ba:90:ed:a2:1b:
dc:52:d1:87:62:84:fe:fe:71:3e:9f:74:f5:35:18:d3:58:5e:
a6:1d:4e:42:98:69:05:ec:fc:6e:76:83:fc:4f:0c:27:91:21:
93:34:06:3e:e9:bb:ab:02:6a:6c:60:50:8a:8f:c3:e1:a4:8a:
58:a2:e5:68:04:85:a8:f6:55:ab:ad:96:20:c8:97:02:8f:6f:
55:67:98:6b:5d:1f:49:8d:81:e2:61:21:2c:94:3e:27:6a:c1:
81:cf:03:3e:00:60:31:96:d4:6b:85:2e:e9:d1:df:a5:46:95:
21:25:78:06:7d:aa:7f:8c:ad:c8:28:f9:bb:a7:3b:6e:6b:1a:
91:7b:4a:e2:9e:20:42:23:e5:5f:bd:98:47:ec:7c:97:95:dc:
d2:ba:5c:57:c7:24:43:e2:89:f1:2a:87:84:38:60:9f:11:a9:
96:af:42:5d:db:1a:1d:83:8b:88:14:a8:32:e8:e9:96:c9:c7:
ee:d3:11:88:d5:29:d2:16:7d:fd:4d:73:86:15:1e:74:aa:b4:
91:c7:cf:8a
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAZEw1YNDS88RxJctrGyM+68MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjQwODA4MDcxMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGRlMTYxMGFjYzM0NzkwZmQxYWE5MjA4Y2E1YmQ3YWRkMjY2NWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1CBBmw4tj5uOVztvGmQ3GDZipHr
ZeInSHk9NO+SjLJAzUgBLW3DUpyhI48NYfuQYZmMKiYD7z364Tv7FboDOdqy5gyo
Td+L/t6XirnyxNlS8Wo/9lcaa1RvtGmBGd9yL+kFWo33uInyLj6SWLabFcy2bd5K
z+c8JK4iY9M7jK+K55Uiztt6x64zfyJK8jkkbiNefthCi7CjNVeNuwbPk+6EAE8m
k0p66v+gS+4XWGYWEBnoe0DSJdmWfs1mYox1oMmyrEHT4lzxgPnFMfcokvvY4MKK
nLqLmR5P++HCvwbGAXCQ7ZaWHLHmkMGwfs+Jc3UFBQYrxxqbXKH+gBeyxwIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFKTeFhCsw0eQ/RqpIIylvXrdJmW1MB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvcE40V0VLekRSNUQ5R3FrZ2pLVzlldDBtWmJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgesEAgABMIHkAwMC
AogwCgMDBE+QAwMAT5QDAwFQGDAKAwMBUB4DAwNQIAMDAFA7MAoDAwVRIAMDAFEs
AwMDUyADAwBTLzAKAwMCUzQDAwFTPAMDAFM/AwMCWAAwCgMDA1gIAwMAWBADAwFY
GAMDAFgbAwMAWB4DAwGwUAMDALBVAwQAwGUBAwQAwkXhAwQAwrMiAwQAwrNwAwQA
wuCdAwMAwzUDBAHDN04DBADDN24DBADDOQUDBADDORsDAwDDTAMEAMNNOQMEAsNN
hAMDAMPrAwMA1KoDAwLVYAMEBdkLYAMEANl8tgMDAdl+MA0GCSqGSIb3DQEBCwUA
A4IBAQDPuLlHUn+pvqaUZu6h5bIk4cgU2UIMbkPxfGeByY5pim1MccWlR0LABhq7
kEE1Sq0qupDtohvcUtGHYoT+/nE+n3T1NRjTWF6mHU5CmGkF7PxudoP8TwwnkSGT
NAY+6burAmpsYFCKj8PhpIpYouVoBIWo9lWrrZYgyJcCj29VZ5hrXR9JjYHiYSEs
lD4nasGBzwM+AGAxltRrhS7p0d+lRpUhJXgGfap/jK3IKPm7pztuaxqRe0riniBC
I+VfvZhH7HyXldzSulxXxyRD4onxKoeEOGCfEamWr0Jd2xodg4uIFKgy6OmWycfu
0xGI1SnSFn39TXOGFR50qrSRx8+K
-----END CERTIFICATE-----
Generated at Sun Jul 27 04:41:04 2025 by rpki-client