Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/k3MKhi-82-JMw0-Uv0WBRDRNYtw.roa
File: k3MKhi-82-JMw0-Uv0WBRDRNYtw.roa (raw, json)
Hash identifier: atXQkjFR4xd/KLrmIa1SB6QFgeX0PKndU+sWvq3yIRU=
Subject key identifier: 93:73:0A:86:2F:BC:DB:E2:4C:C3:4F:94:BF:45:81:44:34:4D:62:DC
Certificate issuer: /CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Certificate serial: 0185241D3917679055918AFA426491A2D5EA
Authority key identifier: 65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/k3MKhi-82-JMw0-Uv0WBRDRNYtw.roa
Signing time: Sun 18 Dec 2022 07:22:52 +0000
ROA not before: Sun 18 Dec 2022 07:22:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50304
IP address blocks: 193.28.1.0/24 maxlen: 24
193.28.4.0/24 maxlen: 24
193.28.7.0/24 maxlen: 24
178.255.144.0/21 maxlen: 32
91.90.40.0/21 maxlen: 24
91.199.193.0/24 maxlen: 24
194.99.40.0/22 maxlen: 24
185.41.240.0/22 maxlen: 24
193.138.6.0/23 maxlen: 24
176.125.232.0/22 maxlen: 22
134.90.144.0/21 maxlen: 32
134.90.148.0/24 maxlen: 24
194.127.198.0/23 maxlen: 23
194.127.199.0/24 maxlen: 24
91.205.184.0/22 maxlen: 22
193.27.45.0/24 maxlen: 24
37.202.56.0/21 maxlen: 24
31.169.48.0/21 maxlen: 32
185.35.200.0/22 maxlen: 24
185.35.200.0/24 maxlen: 24
185.12.56.0/22 maxlen: 24
194.35.228.0/22 maxlen: 24
185.152.32.0/23 maxlen: 23
185.152.32.0/22 maxlen: 24
217.197.164.0/22 maxlen: 24
45.152.48.0/22 maxlen: 22
2a02:ed01::/32 maxlen: 32
2a02:ed00::/32 maxlen: 32
2a02:ed03::/32 maxlen: 32
2a02:ed04:100::/44 maxlen: 44
2a02:ed04:4700::/44 maxlen: 44
2a02:ed04:4600::/44 maxlen: 44
2a02:ed04:4500::/44 maxlen: 44
2a02:ed04:4400::/44 maxlen: 44
2a02:ed04:3400::/44 maxlen: 44
2a02:ed04:3580::/44 maxlen: 44
2a02:ed06::/32 maxlen: 32
2a02:20c8::/32 maxlen: 48
2a07:7d80::/29 maxlen: 29
2a04:8d40::/29 maxlen: 32
2a02:ed05::/32 maxlen: 32
2a02:ed00::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:24:1d:39:17:67:90:55:91:8a:fa:42:64:91:a2:d5:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Validity
Not Before: Dec 18 07:22:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=93730a862fbcdbe24cc34f94bf458144344d62dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ca:be:b7:5d:cb:e6:a1:59:14:9e:91:cc:25:
54:a6:7f:bf:2b:a7:3c:d8:60:ae:aa:55:ad:55:d6:
dd:83:b5:aa:1a:9a:b5:7c:42:f4:f9:cb:91:5e:24:
fe:79:5a:73:0a:26:f9:36:73:62:80:cc:22:87:0a:
c7:57:57:73:45:97:e0:0c:3c:6a:8d:c6:2a:68:34:
a0:7e:e7:d7:2d:40:25:4f:9f:ff:42:9c:c6:79:d3:
5f:a6:61:48:0a:44:85:29:a2:dc:d5:c5:f9:1c:bd:
b7:50:a9:77:ff:0c:5d:38:dd:dc:1d:6f:ef:c9:f7:
6d:f0:af:f7:90:46:7e:47:a5:4d:9f:99:94:15:74:
bc:3d:5d:81:e6:ef:b4:64:47:01:b2:a8:db:e5:ce:
9f:4b:ac:7c:66:27:4b:3a:cc:3b:d9:7b:04:73:00:
f5:cc:1e:ab:0f:fa:93:c5:4d:c0:cd:46:27:59:e5:
81:2b:2c:70:77:5e:7e:1b:31:ba:3f:b6:a0:89:91:
6f:95:74:80:8e:f5:72:bf:6d:16:1f:f5:ba:01:f6:
e1:5f:ad:1f:13:3b:8a:d4:4d:68:9e:92:15:cc:f9:
88:18:43:9d:5c:a9:94:82:70:d3:a7:fc:bc:d9:45:
3a:5d:2a:bb:c1:e0:55:21:4e:5d:47:06:ef:6c:e5:
00:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:73:0A:86:2F:BC:DB:E2:4C:C3:4F:94:BF:45:81:44:34:4D:62:DC
X509v3 Authority Key Identifier:
keyid:65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/k3MKhi-82-JMw0-Uv0WBRDRNYtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.48.0/21
37.202.56.0/21
45.152.48.0/22
91.90.40.0/21
91.199.193.0/24
91.205.184.0/22
134.90.144.0/21
176.125.232.0/22
178.255.144.0/21
185.12.56.0/22
185.35.200.0/22
185.41.240.0/22
185.152.32.0/22
193.27.45.0/24
193.28.1.0/24
193.28.4.0/24
193.28.7.0/24
193.138.6.0/23
194.35.228.0/22
194.99.40.0/22
194.127.198.0/23
217.197.164.0/22
IPv6:
2a02:20c8::/32
2a02:ed00::/29
2a04:8d40::/29
2a07:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
94:e7:75:51:7b:c2:db:45:8b:9e:5a:aa:45:a0:1c:d8:53:c9:
f3:0d:cd:14:58:21:cf:d2:8a:c2:05:9f:55:3c:74:7d:12:bb:
31:3b:6e:93:b6:8e:91:69:4b:74:94:27:a8:ae:59:11:9b:71:
4d:22:94:2f:d2:b3:8a:97:47:57:d2:8c:de:68:12:07:54:ae:
c4:7d:2e:af:df:d8:70:00:8e:b1:a7:a5:ce:f6:eb:22:18:dc:
1e:6f:58:84:62:12:af:d4:a9:46:fc:a1:3d:57:54:6f:a3:d0:
11:b3:be:b7:39:56:78:0a:fb:90:7b:14:42:20:85:58:d7:73:
7a:63:9a:a8:a7:0c:f1:76:82:4a:0b:c2:f9:ee:63:20:c6:1d:
9f:32:48:44:27:b0:4a:cd:58:c6:90:71:e0:a1:92:0f:b0:4e:
3d:79:f2:87:19:0d:fe:de:3e:46:3a:88:58:9b:bc:20:93:19:
ba:0c:d0:30:73:32:b1:a5:d5:2d:de:2d:cb:4b:df:92:a4:a5:
4b:e6:38:ed:b9:ea:d7:b9:d1:57:7f:49:93:a1:49:1e:93:79:
d7:36:ac:47:f1:10:d5:b4:8f:c8:d2:09:8e:3d:b0:f1:80:a9:
70:3c:77:c2:a1:cc:db:e2:6d:b2:15:45:04:a4:5b:0d:2f:82:
21:77:b1:fd
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYUkHTkXZ5BVkYr6QmSRotXqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YmRjZmY3N2JmMDYwZDVkYTEyZGU0NWUyMDcyZTFjZmY0
NTYwYTcwHhcNMjIxMjE4MDcyMjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzczMGE4NjJmYmNkYmUyNGNjMzRmOTRiZjQ1ODE0NDM0NGQ2MmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8q+t13L5qFZFJ6RzCVUpn+/K6c8
2GCuqlWtVdbdg7WqGpq1fEL0+cuRXiT+eVpzCib5NnNigMwihwrHV1dzRZfgDDxq
jcYqaDSgfufXLUAlT5//QpzGedNfpmFICkSFKaLc1cX5HL23UKl3/wxdON3cHW/v
yfdt8K/3kEZ+R6VNn5mUFXS8PV2B5u+0ZEcBsqjb5c6fS6x8ZidLOsw72XsEcwD1
zB6rD/qTxU3AzUYnWeWBKyxwd15+GzG6P7agiZFvlXSAjvVyv20WH/W6AfbhX60f
EzuK1E1onpIVzPmIGEOdXKmUgnDTp/y82UU6XSq7weBVIU5dRwbvbOUAFwIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFJNzCoYvvNviTMNPlL9FgUQ0TWLcMB8GA1UdIwQY
MBaAFGW9z/d78GDV2hLeReIHLhz/RWCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYt
ZDcwY2Q5N2Y0ODU3LzEvazNNS2hpLTgyLUpNdzAtVXYwV0JSRFJOWXR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYtZDcwY2Q5N2Y0ODU3
LzEvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBiwQCAAEwgYQDBAMf
qTADBAMlyjgDBAItmDADBANbWigDBABbx8EDBAJbzbgDBAOGWpADBAKwfegDBAOy
/5ADBAK5DDgDBAK5I8gDBAK5KfADBAK5mCADBADBGy0DBADBHAEDBADBHAQDBADB
HAcDBAHBigYDBALCI+QDBALCYygDBAHCf8YDBALZxaQwIgQCAAIwHAMFACoCIMgD
BQMqAu0AAwUDKgSNQAMFAyoHfYAwDQYJKoZIhvcNAQELBQADggEBAJTndVF7wttF
i55aqkWgHNhTyfMNzRRYIc/SisIFn1U8dH0SuzE7bpO2jpFpS3SUJ6iuWRGbcU0i
lC/Ss4qXR1fSjN5oEgdUrsR9Lq/f2HAAjrGnpc726yIY3B5vWIRiEq/UqUb8oT1X
VG+j0BGzvrc5VngK+5B7FEIghVjXc3pjmqinDPF2gkoLwvnuYyDGHZ8ySEQnsErN
WMaQceChkg+wTj158ocZDf7ePkY6iFibvCCTGboM0DBzMrGl1S3eLctL35KkpUvm
OO256te50Vd/SZOhSR6Tedc2rEfxENW0j8jSCY49sPGAqXA8d8KhzNvibbIVRQSk
Ww0vgiF3sf0=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:00 2025 by rpki-client