Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/fhwXhy2AlcrZSisnXSD7OvyJiqc.roa
File: fhwXhy2AlcrZSisnXSD7OvyJiqc.roa (raw, json)
Hash identifier: tabjKAleEY79maHqsYVrTp7YuVDnpUIIsHspPt0H4R4=
Subject key identifier: 7E:1C:17:87:2D:80:95:CA:D9:4A:2B:27:5D:20:FB:3A:FC:89:8A:A7
Certificate issuer: /CN=2ef957aba2ef00352850e202464c71d33ca81448
Certificate serial: 35BA5C09
Authority key identifier: 2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/fhwXhy2AlcrZSisnXSD7OvyJiqc.roa
Signing time: Sat 01 Jan 2022 12:06:28 +0000
ROA not before: Sat 01 Jan 2022 12:06:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2072
IP address blocks: 193.51.165.0/24 maxlen: 24
195.83.166.0/24 maxlen: 24
193.50.0.0/24 maxlen: 24
193.50.2.0/24 maxlen: 24
193.50.1.0/24 maxlen: 24
193.54.195.0/24 maxlen: 24
193.51.128.128/25 maxlen: 25
193.54.225.0/24 maxlen: 24
195.221.157.0/24 maxlen: 24
195.221.159.0/24 maxlen: 24
195.221.158.0/24 maxlen: 24
195.221.160.0/24 maxlen: 24
195.221.162.0/24 maxlen: 24
195.221.161.0/24 maxlen: 24
195.83.222.0/24 maxlen: 24
195.83.221.0/24 maxlen: 24
195.83.223.0/24 maxlen: 24
193.50.68.0/24 maxlen: 24
193.50.67.0/24 maxlen: 24
193.49.22.0/24 maxlen: 24
193.50.201.0/24 maxlen: 24
193.51.128.56/29 maxlen: 29
194.57.241.0/24 maxlen: 24
194.57.241.0/26 maxlen: 26
193.51.66.0/24 maxlen: 24
193.51.65.0/24 maxlen: 24
193.51.128.48/29 maxlen: 29
193.49.163.0/24 maxlen: 24
194.57.183.0/24 maxlen: 24
194.199.85.0/24 maxlen: 24
194.199.84.0/24 maxlen: 24
194.199.83.0/24 maxlen: 24
194.199.86.0/24 maxlen: 24
194.199.88.0/24 maxlen: 24
194.199.87.0/24 maxlen: 24
194.199.90.0/24 maxlen: 24
194.199.89.0/24 maxlen: 24
2001:660:3020::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 901405705 (0x35ba5c09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ef957aba2ef00352850e202464c71d33ca81448
Validity
Not Before: Jan 1 12:06:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e1c17872d8095cad94a2b275d20fb3afc898aa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:0b:41:65:f4:df:1a:f6:38:db:3e:92:75:d7:
37:31:9c:93:91:e2:31:8e:46:40:36:8c:1e:6b:b5:
5c:23:c8:d7:30:8c:97:b8:62:2c:29:ec:78:0d:3f:
87:97:0e:2b:85:44:0b:8f:e3:ec:28:91:04:a5:e4:
78:33:be:f7:8a:b0:c7:2f:4d:b4:86:e0:57:c3:65:
43:6f:f9:14:6c:8d:dc:f5:c5:72:bf:05:27:73:f5:
fa:14:8e:73:a8:2e:b7:16:56:81:aa:0d:0e:d9:05:
46:29:94:0e:fb:32:83:d6:3a:9d:d5:85:6d:d5:d7:
5e:1a:82:4e:6b:b2:5f:11:b9:38:d1:11:fd:56:13:
b3:10:52:90:f0:ce:b0:b1:9c:bb:dd:4d:5b:29:af:
f5:53:41:e8:d3:eb:23:8d:8c:46:7c:1f:c9:9a:d0:
da:4f:58:73:86:6d:32:8f:0f:d0:07:a6:2b:23:4f:
40:6c:aa:f0:9a:26:92:6a:2e:8d:46:7d:32:17:25:
62:b1:a8:3d:d2:9d:53:0c:ba:ed:cb:4e:c8:b9:27:
78:f5:1c:e1:55:d6:9e:54:f2:3d:12:30:d1:f8:8d:
b9:7d:2f:17:49:70:52:e4:79:1d:88:91:05:05:d8:
6f:e6:d4:c7:e0:96:55:b2:0b:3e:bb:5c:04:66:76:
5b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:1C:17:87:2D:80:95:CA:D9:4A:2B:27:5D:20:FB:3A:FC:89:8A:A7
X509v3 Authority Key Identifier:
keyid:2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/fhwXhy2AlcrZSisnXSD7OvyJiqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.49.22.0/24
193.49.163.0/24
193.50.0.0-193.50.2.255
193.50.67.0-193.50.68.255
193.50.201.0/24
193.51.65.0-193.51.66.255
193.51.128.48/28
193.51.128.128/25
193.51.165.0/24
193.54.195.0/24
193.54.225.0/24
194.57.183.0/24
194.57.241.0/24
194.199.83.0-194.199.90.255
195.83.166.0/24
195.83.221.0-195.83.223.255
195.221.157.0-195.221.162.255
IPv6:
2001:660:3020::/48
Signature Algorithm: sha256WithRSAEncryption
0a:c5:59:49:4e:3c:15:a5:1d:c1:eb:54:b0:3c:bf:b1:c3:40:
59:53:fb:63:b9:9a:c7:9c:80:96:d1:2b:2c:b5:93:bc:94:87:
28:23:ef:a6:64:fb:39:0d:c8:2f:c6:0c:dd:b8:e8:8f:7a:4a:
cd:3a:66:c1:69:e5:b3:af:de:af:bb:21:d0:17:bf:93:27:1c:
64:14:3d:0c:4e:b4:c2:c7:5e:db:d5:4b:af:0e:da:d3:05:df:
79:f6:2d:1b:99:cf:28:20:d4:6e:f5:85:0c:88:19:f1:1b:4a:
80:f9:35:0a:22:5f:11:90:22:39:98:a7:3e:04:45:da:b6:ea:
90:54:53:db:79:ff:b2:42:82:53:16:20:00:c6:a5:1f:b7:ba:
b3:df:a3:41:6d:15:6c:c1:a6:6c:99:99:d1:f8:0a:a3:7c:0e:
89:a2:97:5a:5f:52:83:4e:dc:fa:bf:10:b3:be:a8:44:f8:f0:
97:ab:29:13:24:d9:6d:1e:f9:3a:1a:33:9b:69:53:ae:1f:42:
2b:e1:ad:9e:9e:5d:07:7e:2c:60:a2:71:0c:e4:b9:a1:24:fc:
60:5d:4b:05:17:ec:59:9f:19:90:c2:b5:db:92:ea:45:a3:98:
93:87:24:9a:7b:82:0e:73:4c:43:2a:e5:d9:63:bd:ca:cc:56:
5d:38:6a:a1
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIENbpcCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZWY5NTdhYmEyZWYwMDM1Mjg1MGUyMDI0NjRjNzFkMzNjYTgxNDQ4MB4XDTIyMDEw
MTEyMDYyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2UxYzE3ODcyZDgw
OTVjYWQ5NGEyYjI3NWQyMGZiM2FmYzg5OGFhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM4LQWX03xr2ONs+knXXNzGck5HiMY5GQDaMHmu1XCPI1zCM
l7hiLCnseA0/h5cOK4VEC4/j7CiRBKXkeDO+94qwxy9NtIbgV8NlQ2/5FGyN3PXF
cr8FJ3P1+hSOc6gutxZWgaoNDtkFRimUDvsyg9Y6ndWFbdXXXhqCTmuyXxG5ONER
/VYTsxBSkPDOsLGcu91NWymv9VNB6NPrI42MRnwfyZrQ2k9Yc4ZtMo8P0AemKyNP
QGyq8JomkmoujUZ9MhclYrGoPdKdUwy67ctOyLknePUc4VXWnlTyPRIw0fiNuX0v
F0lwUuR5HYiRBQXYb+bUx+CWVbILPrtcBGZ2W4cCAwEAAaOCArAwggKsMB0GA1Ud
DgQWBBR+HBeHLYCVytlKKyddIPs6/ImKpzAfBgNVHSMEGDAWgBQu+Verou8ANShQ
4gJGTHHTPKgUSDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0x2bFhxNkx2QURVb1VPSUNSa3h4MHp5b0ZFZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvYTU4NGU0LWNjZDQtNGM0Zi05ZDE2LTA0YTI3YzRkNTQ1My8x
L2Zod1hoeTJBbGNyWlNpc25YU0Q3T3Z5SmlxYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
YTU4NGU0LWNjZDQtNGM0Zi05ZDE2LTA0YTI3YzRkNTQ1My8xL0x2bFhxNkx2QURV
b1VPSUNSa3h4MHp5b0ZFZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
xQYIKwYBBQUHAQcBAf8EgbUwgbIwgZ4EAgABMIGXAwQAwTEWAwQAwTGjMAsDAwHB
MgMEAMEyAjAMAwQAwTJDAwQAwTJEAwQAwTLJMAwDBADBM0EDBADBM0IDBQTBM4Aw
AwUHwTOAgAMEAMEzpQMEAME2wwMEAME24QMEAMI5twMEAMI58TAMAwQAwsdTAwQA
wsdaAwQAw1OmMAwDBADDU90DBAXDU8AwDAMEAMPdnQMEAMPdojAPBAIAAjAJAwcA
IAEGYDAgMA0GCSqGSIb3DQEBCwUAA4IBAQAKxVlJTjwVpR3B61SwPL+xw0BZU/tj
uZrHnICW0SsstZO8lIcoI++mZPs5DcgvxgzduOiPekrNOmbBaeWzr96vuyHQF7+T
JxxkFD0MTrTCx17b1UuvDtrTBd959i0bmc8oINRu9YUMiBnxG0qA+TUKIl8RkCI5
mKc+BEXatuqQVFPbef+yQoJTFiAAxqUft7qz36NBbRVswaZsmZnR+AqjfA6Jopda
X1KDTtz6vxCzvqhE+PCXqykTJNltHvk6GjObaVOuH0Ir4a2enl0HfixgonEM5Lmh
JPxgXUsFF+xZnxmQwrXbkupFo5iThySae4IOc0xDKuXZY73KzFZdOGqh
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:55:12 2025 by rpki-client