Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/FkeTsJXcuvUcfeZU8y9wpDqupsY.roa
File: FkeTsJXcuvUcfeZU8y9wpDqupsY.roa (raw, json)
Hash identifier: bwu0wu4hThCE2qG5vP01AiKURHFjNlcSPTMMsTt7wtc=
Subject key identifier: 16:47:93:B0:95:DC:BA:F5:1C:7D:E6:54:F3:2F:70:A4:3A:AE:A6:C6
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0189CF6F7EF1E015627B14EF6638317E5AB1
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/FkeTsJXcuvUcfeZU8y9wpDqupsY.roa
Signing time: Mon 07 Aug 2023 09:58:57 +0000
ROA not before: Mon 07 Aug 2023 09:58:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 45.130.200.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
188.241.214.0/24 maxlen: 24
93.115.255.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
89.35.155.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.230.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cf:6f:7e:f1:e0:15:62:7b:14:ef:66:38:31:7e:5a:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 7 09:58:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=164793b095dcbaf51c7de654f32f70a43aaea6c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0c:89:81:35:89:7e:61:f2:ff:39:f6:ec:28:
03:7a:dd:02:f0:0a:aa:e5:c4:76:f2:6c:0b:e4:16:
3f:a0:dc:a9:c1:27:d5:c1:4c:e1:4c:8e:26:5f:ce:
ff:2e:c6:d7:3e:53:0e:a1:1a:28:a1:48:87:57:d4:
c7:d4:6d:7f:0f:04:f0:bd:d5:66:30:5d:b4:b7:9d:
91:db:5d:33:60:49:bd:1b:45:4c:60:44:98:3f:20:
29:5c:94:db:df:c4:8c:14:e7:56:93:45:5e:e1:4f:
73:67:83:3b:1c:ef:f9:b6:8d:d0:20:ce:f6:a9:10:
70:2c:68:ca:c1:84:2e:f8:94:e9:54:dc:04:a4:67:
d9:90:a6:5c:40:13:7c:29:49:46:73:b2:3f:95:1d:
ff:15:81:34:53:84:70:00:f6:3f:b5:dc:f6:9e:f0:
10:7f:16:83:c3:62:b2:49:5d:f3:a1:50:5f:49:34:
7f:7b:d7:fd:c8:c5:ce:d7:b6:74:de:e3:ed:75:5d:
2d:35:23:c8:92:20:94:8a:12:a1:6f:bc:e7:81:05:
e1:ed:e3:90:70:03:fa:11:a6:51:29:b4:77:4c:10:
5f:8b:b6:91:bc:2d:2a:aa:7b:0b:35:ce:49:70:24:
89:2c:db:71:ef:ed:89:4b:7e:4e:4f:76:5f:58:9b:
94:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:47:93:B0:95:DC:BA:F5:1C:7D:E6:54:F3:2F:70:A4:3A:AE:A6:C6
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/FkeTsJXcuvUcfeZU8y9wpDqupsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.200.0/24
45.156.157.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/23
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.169.0-185.255.171.255
188.212.132.0/23
188.212.155.0/24
188.212.158.0/24
188.213.202.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.240.230.0/24
188.240.233.0/24
188.241.110.0/24
188.241.214.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
36:13:96:17:9b:7a:ac:dc:cb:75:36:b6:36:a9:35:f4:54:74:
dd:29:40:19:5d:f4:ea:c9:a3:37:97:13:e4:ed:ca:8d:6b:6d:
96:e1:7a:79:c0:63:31:c1:f8:48:15:5a:da:83:9b:7b:eb:63:
26:e9:b3:59:fb:b5:9e:4d:8c:98:b1:11:46:b6:69:67:1a:8a:
1f:92:1a:40:db:74:6b:95:25:ac:0d:44:5c:4d:3a:ec:4a:62:
cc:cc:4a:fa:da:58:e5:ec:56:09:72:0c:37:55:64:24:c7:b8:
5a:d7:80:0f:7d:ea:f1:b0:89:09:8e:8b:54:81:10:5a:50:97:
aa:97:5d:d3:b0:4b:24:52:cf:d9:aa:a3:3c:7a:ff:6c:1c:67:
39:66:02:14:97:3d:32:f2:2f:ae:0d:84:27:8e:e7:59:ee:06:
24:25:be:e5:eb:8c:8a:6a:f0:3c:21:10:e6:1c:0c:8c:84:6f:
6a:b3:ac:c0:a4:8c:17:08:6c:cc:18:f8:a6:91:57:85:9a:ac:
75:16:e9:0e:62:c6:b5:9d:79:8d:3c:8c:21:ac:e1:cb:d7:d1:
7d:27:74:96:29:96:f1:c2:47:8f:3d:a4:8a:40:24:21:c5:be:
2b:3e:4c:32:5f:2e:a6:f1:78:f8:b0:34:a0:47:b8:1c:f6:43:
6d:2e:ef:1d
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYnPb37x4BViexTvZjgxflqxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwODA3MDk1ODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjQ3OTNiMDk1ZGNiYWY1MWM3ZGU2NTRmMzJmNzBhNDNhYWVhNmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQyJgTWJfmHy/zn27CgDet0C8Aqq
5cR28mwL5BY/oNypwSfVwUzhTI4mX87/LsbXPlMOoRoooUiHV9TH1G1/DwTwvdVm
MF20t52R210zYEm9G0VMYESYPyApXJTb38SMFOdWk0Ve4U9zZ4M7HO/5to3QIM72
qRBwLGjKwYQu+JTpVNwEpGfZkKZcQBN8KUlGc7I/lR3/FYE0U4RwAPY/tdz2nvAQ
fxaDw2KySV3zoVBfSTR/e9f9yMXO17Z03uPtdV0tNSPIkiCUihKhb7zngQXh7eOQ
cAP6EaZRKbR3TBBfi7aRvC0qqnsLNc5JcCSJLNtx7+2JS35OT3ZfWJuUkQIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFBZHk7CV3Lr1HH3mVPMvcKQ6rqbGMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvRmtlVHNKWGN1dlVjZmVaVTh5OXdwRHF1cHNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAAt
gsgDBAAtnJ0DBAJX95QDBAFZIVQDBAFZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycwDAMEALn/qQMEArn/qAMEAbzUhAME
ALzUmwMEALzUngMEAbzVygMEALzW0QMEAbzw4AMEALzw4wMEALzw5gMEALzw6QME
ALzxbgMEALzx1gMEALzx8wMEAcEXgAMEAtXoXDANBgkqhkiG9w0BAQsFAAOCAQEA
NhOWF5t6rNzLdTa2Nqk19FR03SlAGV306smjN5cT5O3KjWttluF6ecBjMcH4SBVa
2oObe+tjJumzWfu1nk2MmLERRrZpZxqKH5IaQNt0a5UlrA1EXE067EpizMxK+tpY
5exWCXIMN1VkJMe4WteAD33q8bCJCY6LVIEQWlCXqpdd07BLJFLP2aqjPHr/bBxn
OWYCFJc9MvIvrg2EJ47nWe4GJCW+5euMimrwPCEQ5hwMjIRvarOswKSMFwhszBj4
ppFXhZqsdRbpDmLGtZ15jTyMIazhy9fRfSd0limW8cJHjz2kikAkIcW+Kz5MMl8u
pvF4+LA0oEe4HPZDbS7vHQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 01:00:59 2025 by rpki-client