Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/D2knqrMhiMnV-TgXoQIT29BRIt4.roa
File: D2knqrMhiMnV-TgXoQIT29BRIt4.roa (raw, json)
Hash identifier: mWxvbTYvFxW66iGditmTMTGTMS9Vn0MMXI7R9EY3h/A=
Subject key identifier: 0F:69:27:AA:B3:21:88:C9:D5:F9:38:17:A1:02:13:DB:D0:51:22:DE
Certificate issuer: /CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Certificate serial: 27449DA4
Authority key identifier: 65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/D2knqrMhiMnV-TgXoQIT29BRIt4.roa
Signing time: Wed 27 Apr 2022 17:11:42 +0000
ROA not before: Wed 27 Apr 2022 17:11:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50304
IP address blocks: 193.28.1.0/24 maxlen: 24
193.28.4.0/24 maxlen: 24
193.28.7.0/24 maxlen: 24
178.255.144.0/21 maxlen: 32
91.90.40.0/21 maxlen: 24
91.199.193.0/24 maxlen: 24
194.99.40.0/22 maxlen: 24
185.41.240.0/22 maxlen: 24
193.138.6.0/23 maxlen: 24
176.125.232.0/22 maxlen: 22
134.90.144.0/21 maxlen: 32
134.90.148.0/24 maxlen: 24
194.127.198.0/23 maxlen: 23
91.205.184.0/22 maxlen: 22
193.27.45.0/24 maxlen: 24
37.202.56.0/21 maxlen: 24
31.169.48.0/21 maxlen: 32
185.35.200.0/22 maxlen: 24
185.35.200.0/24 maxlen: 24
185.12.56.0/22 maxlen: 24
194.35.228.0/22 maxlen: 24
185.152.32.0/23 maxlen: 23
185.152.32.0/22 maxlen: 24
217.197.164.0/22 maxlen: 24
45.152.48.0/22 maxlen: 22
2a02:ed01::/32 maxlen: 32
2a02:ed00::/32 maxlen: 32
2a02:ed03::/32 maxlen: 32
2a02:ed04:100::/44 maxlen: 44
2a02:ed04:4700::/44 maxlen: 44
2a02:ed04:4600::/44 maxlen: 44
2a02:ed04:4500::/44 maxlen: 44
2a02:ed04:4400::/44 maxlen: 44
2a02:ed04:3400::/44 maxlen: 44
2a02:ed06::/32 maxlen: 32
2a02:20c8::/32 maxlen: 48
2a07:7d80::/29 maxlen: 29
2a04:8d40::/29 maxlen: 32
2a02:ed05::/32 maxlen: 32
2a02:ed00::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 658808228 (0x27449da4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Validity
Not Before: Apr 27 17:11:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f6927aab32188c9d5f93817a10213dbd05122de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:37:fa:68:7d:3e:67:cc:8d:a7:0e:c7:5e:0b:
ec:3e:48:8c:9a:63:0c:71:2a:66:f9:81:84:0f:17:
07:ea:38:8d:9b:58:69:39:66:8e:45:77:9e:fc:5f:
f6:b9:98:f3:52:40:bb:78:bb:25:aa:63:53:dc:e3:
ee:1f:3e:c9:37:95:4d:ae:8c:85:fe:25:36:89:96:
4e:0c:fe:32:ed:e0:79:6b:92:85:3c:5e:e1:3c:09:
b8:1f:27:2d:85:58:3f:18:e8:0f:85:82:62:e1:9c:
97:04:78:45:73:e5:e4:dc:c9:4e:e0:0d:b3:49:b5:
66:d9:b9:61:48:8f:c3:42:21:56:70:55:57:5a:99:
69:76:3a:0d:28:6f:b2:50:4f:db:bc:bf:70:44:44:
23:79:cc:73:07:67:4b:db:69:b8:97:0e:d8:ae:df:
a6:e9:5e:b0:1c:69:83:1f:b7:bc:64:76:96:80:b1:
4c:78:cf:f2:ad:8e:13:79:df:18:78:f3:6c:83:03:
cb:02:8a:90:12:de:e4:90:af:3f:94:11:52:76:7f:
02:ec:3a:04:54:41:67:ea:c5:e9:2c:4b:a9:3c:e6:
b1:28:77:a9:96:94:3c:34:07:2d:a2:42:14:f1:7c:
2a:6c:67:e2:5f:77:04:a0:e9:49:69:e8:6a:a2:51:
50:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:69:27:AA:B3:21:88:C9:D5:F9:38:17:A1:02:13:DB:D0:51:22:DE
X509v3 Authority Key Identifier:
keyid:65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/D2knqrMhiMnV-TgXoQIT29BRIt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.48.0/21
37.202.56.0/21
45.152.48.0/22
91.90.40.0/21
91.199.193.0/24
91.205.184.0/22
134.90.144.0/21
176.125.232.0/22
178.255.144.0/21
185.12.56.0/22
185.35.200.0/22
185.41.240.0/22
185.152.32.0/22
193.27.45.0/24
193.28.1.0/24
193.28.4.0/24
193.28.7.0/24
193.138.6.0/23
194.35.228.0/22
194.99.40.0/22
194.127.198.0/23
217.197.164.0/22
IPv6:
2a02:20c8::/32
2a02:ed00::/29
2a04:8d40::/29
2a07:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
5a:12:0f:79:11:91:a9:64:67:dd:fd:a5:c8:e8:bf:25:af:98:
b9:59:29:a3:c3:74:ad:43:aa:cd:49:03:42:7c:13:3b:f1:af:
58:cd:f4:51:2c:47:41:a0:73:bd:5d:96:26:d6:c2:9f:67:e4:
a0:d5:ac:fe:31:01:50:e1:d8:49:94:d9:4b:d6:b7:22:05:a8:
e1:59:e4:fc:66:08:e1:15:62:16:36:a9:6b:d7:96:c3:06:80:
fc:1e:37:24:7d:52:87:cb:d0:90:78:bd:af:8f:f8:ec:bc:b3:
4c:06:6c:cc:37:9a:86:eb:0c:14:96:36:9d:a2:14:a3:b7:f0:
de:46:d4:37:6a:f1:9f:e8:c4:0a:3b:0a:de:df:12:e5:fe:a2:
2d:43:65:79:7a:b2:78:86:d4:6e:87:b2:3f:4b:80:e7:98:7d:
05:81:3a:a8:10:96:65:5e:db:c6:20:30:c3:f6:62:5f:bb:8a:
13:b4:4e:eb:8b:25:ea:2e:e0:54:41:ac:e9:98:6f:b5:0d:4e:
0f:86:d6:53:ae:bf:dc:41:e0:92:f8:64:5c:14:7a:e9:54:43:
13:5e:41:2c:33:8e:46:34:95:7a:ac:97:a0:03:48:32:c2:ea:
01:bd:f5:bf:19:ee:5d:e0:c2:3c:2a:5c:a0:c1:93:7a:87:ce:
02:23:b8:00
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIEJ0SdpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NWJkY2ZmNzdiZjA2MGQ1ZGExMmRlNDVlMjA3MmUxY2ZmNDU2MGE3MB4XDTIyMDQy
NzE3MTE0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGY2OTI3YWFiMzIx
ODhjOWQ1ZjkzODE3YTEwMjEzZGJkMDUxMjJkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMY3+mh9PmfMjacOx14L7D5IjJpjDHEqZvmBhA8XB+o4jZtY
aTlmjkV3nvxf9rmY81JAu3i7JapjU9zj7h8+yTeVTa6Mhf4lNomWTgz+Mu3geWuS
hTxe4TwJuB8nLYVYPxjoD4WCYuGclwR4RXPl5NzJTuANs0m1Ztm5YUiPw0IhVnBV
V1qZaXY6DShvslBP27y/cEREI3nMcwdnS9tpuJcO2K7fpulesBxpgx+3vGR2loCx
THjP8q2OE3nfGHjzbIMDywKKkBLe5JCvP5QRUnZ/Auw6BFRBZ+rF6SxLqTzmsSh3
qZaUPDQHLaJCFPF8Kmxn4l93BKDpSWnoaqJRULkCAwEAAaOCArAwggKsMB0GA1Ud
DgQWBBQPaSeqsyGIydX5OBehAhPb0FEi3jAfBgNVHSMEGDAWgBRlvc/3e/Bg1doS
3kXiBy4c/0VgpzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1piM1A5M3Z3WU5YYUV0NUY0Z2N1SFA5RllLYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzEvMTk1ZjNkLWE4NTEtNDU1YS05YjBmLWQ3MGNkOTdmNDg1Ny8x
L0Qya25xck1oaU1uVi1UZ1hvUUlUMjlCUkl0NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEv
MTk1ZjNkLWE4NTEtNDU1YS05YjBmLWQ3MGNkOTdmNDg1Ny8xL1piM1A5M3Z3WU5Y
YUV0NUY0Z2N1SFA5RllLYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
xQYIKwYBBQUHAQcBAf8EgbUwgbIwgYsEAgABMIGEAwQDH6kwAwQDJco4AwQCLZgw
AwQDW1ooAwQAW8fBAwQCW824AwQDhlqQAwQCsH3oAwQDsv+QAwQCuQw4AwQCuSPI
AwQCuSnwAwQCuZggAwQAwRstAwQAwRwBAwQAwRwEAwQAwRwHAwQBwYoGAwQCwiPk
AwQCwmMoAwQBwn/GAwQC2cWkMCIEAgACMBwDBQAqAiDIAwUDKgLtAAMFAyoEjUAD
BQMqB32AMA0GCSqGSIb3DQEBCwUAA4IBAQBaEg95EZGpZGfd/aXI6L8lr5i5WSmj
w3StQ6rNSQNCfBM78a9YzfRRLEdBoHO9XZYm1sKfZ+Sg1az+MQFQ4dhJlNlL1rci
BajhWeT8ZgjhFWIWNqlr15bDBoD8HjckfVKHy9CQeL2vj/jsvLNMBmzMN5qG6wwU
ljadohSjt/DeRtQ3avGf6MQKOwre3xLl/qItQ2V5erJ4htRuh7I/S4DnmH0FgTqo
EJZlXtvGIDDD9mJfu4oTtE7riyXqLuBUQazpmG+1DU4PhtZTrr/cQeCS+GRcFHrp
VEMTXkEsM45GNJV6rJegA0gywuoBvfW/Ge5d4MI8KlygwZN6h84CI7gA
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:14 2025 by rpki-client