Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/wkxaXMOsFBo1eP7fLxCDCetvl6w.roa
File: wkxaXMOsFBo1eP7fLxCDCetvl6w.roa (raw, json)
Hash identifier: ivQmFEFk30zjY5RUDL7ECjwV20z7LNRdErvwEYG2HKE=
Subject key identifier: C2:4C:5A:5C:C3:AC:14:1A:35:78:FE:DF:2F:10:83:09:EB:6F:97:AC
Certificate issuer: /CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Certificate serial: 0186164A3D7F20433BB9B9028C07EC20AC26
Authority key identifier: 99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/wkxaXMOsFBo1eP7fLxCDCetvl6w.roa
Signing time: Fri 03 Feb 2023 08:00:09 +0000
ROA not before: Fri 03 Feb 2023 08:00:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16333
IP address blocks: 185.2.188.0/22 maxlen: 22
217.16.64.0/19 maxlen: 19
217.16.64.0/20 maxlen: 20
217.16.80.0/20 maxlen: 20
217.16.88.0/22 maxlen: 22
217.16.87.0/24 maxlen: 24
212.110.80.0/21 maxlen: 21
212.110.88.0/22 maxlen: 22
146.255.69.0/24 maxlen: 24
146.255.86.0/24 maxlen: 24
185.80.164.0/22 maxlen: 22
185.100.244.0/22 maxlen: 22
85.30.64.0/19 maxlen: 19
85.30.64.0/21 maxlen: 21
85.30.64.0/18 maxlen: 18
85.30.72.0/22 maxlen: 22
78.157.4.0/24 maxlen: 24
78.157.3.0/24 maxlen: 24
78.157.2.0/24 maxlen: 24
78.157.1.0/24 maxlen: 24
78.157.0.0/24 maxlen: 24
78.157.9.0/24 maxlen: 24
78.157.8.0/24 maxlen: 24
78.157.7.0/24 maxlen: 24
78.157.6.0/24 maxlen: 24
78.157.5.0/24 maxlen: 24
109.69.40.0/21 maxlen: 21
79.126.128.0/18 maxlen: 18
79.126.128.0/17 maxlen: 17
5.32.178.0/23 maxlen: 23
185.89.244.0/22 maxlen: 22
5.32.180.0/24 maxlen: 24
5.32.182.0/24 maxlen: 24
212.110.64.0/23 maxlen: 23
79.126.192.0/18 maxlen: 18
78.157.24.0/24 maxlen: 24
78.157.23.0/24 maxlen: 24
78.157.22.0/24 maxlen: 24
78.157.21.0/24 maxlen: 24
78.157.20.0/24 maxlen: 24
78.157.31.0/24 maxlen: 24
78.157.30.0/24 maxlen: 24
78.157.29.0/24 maxlen: 24
78.157.28.0/24 maxlen: 24
78.157.27.0/24 maxlen: 24
78.157.26.0/24 maxlen: 24
78.157.25.0/24 maxlen: 24
31.11.68.0/22 maxlen: 22
31.11.64.0/18 maxlen: 19
31.11.72.0/21 maxlen: 21
31.11.80.0/21 maxlen: 21
31.11.88.0/21 maxlen: 21
185.5.4.0/22 maxlen: 22
89.31.152.0/21 maxlen: 21
31.11.96.0/21 maxlen: 21
31.11.104.0/21 maxlen: 21
31.11.112.0/21 maxlen: 21
217.196.192.0/20 maxlen: 20
31.11.120.0/21 maxlen: 21
212.158.176.0/20 maxlen: 24
85.30.80.0/22 maxlen: 22
85.30.92.0/22 maxlen: 22
85.30.96.0/19 maxlen: 19
85.30.96.0/22 maxlen: 22
85.30.101.0/24 maxlen: 24
85.30.104.0/22 maxlen: 22
85.30.112.0/24 maxlen: 24
85.30.110.0/24 maxlen: 24
85.30.120.0/21 maxlen: 21
85.30.119.0/24 maxlen: 24
95.128.186.0/24 maxlen: 24
2a01:5b8::/29 maxlen: 29
2a01:5b8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:16:4a:3d:7f:20:43:3b:b9:b9:02:8c:07:ec:20:ac:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Validity
Not Before: Feb 3 08:00:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c24c5a5cc3ac141a3578fedf2f108309eb6f97ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:31:e0:eb:1c:fc:79:67:b5:63:8c:af:01:2c:
b4:72:9d:9b:27:c0:f9:f3:fb:7f:0c:34:2b:12:36:
34:87:16:1a:a6:91:09:73:61:66:38:b8:db:35:b9:
6d:b9:d0:31:26:2c:c3:40:dd:44:88:dc:8f:18:9d:
35:06:be:d5:df:be:57:29:83:e1:20:c2:ce:bb:99:
32:15:e8:4b:3b:bc:21:83:59:e9:ec:a0:4e:b9:45:
a5:3e:2f:e4:29:14:d2:73:b3:fa:2d:28:06:86:07:
d5:b6:36:90:38:03:28:33:22:5f:1d:dd:27:15:c9:
e9:57:73:d1:88:82:f3:94:f8:be:d9:8c:ca:6e:c3:
b1:2b:f8:18:19:12:b9:52:94:aa:a5:2d:bb:0c:41:
de:bf:67:c5:46:df:95:f6:a3:fc:ce:08:49:c9:e2:
65:dc:54:3b:13:8a:83:86:56:a8:ab:58:05:3d:55:
24:d8:c2:52:92:c5:17:21:af:fa:e3:a1:41:7a:1e:
37:3a:af:6c:78:10:80:6a:0e:5d:04:08:5f:11:d0:
51:d6:c0:2c:df:09:22:50:0b:76:8a:29:0d:85:f8:
53:70:19:6e:30:14:4f:51:7e:5a:d8:bb:fd:89:69:
d7:60:f7:f1:aa:32:fa:16:b8:7b:4d:13:51:12:80:
05:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:4C:5A:5C:C3:AC:14:1A:35:78:FE:DF:2F:10:83:09:EB:6F:97:AC
X509v3 Authority Key Identifier:
keyid:99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/wkxaXMOsFBo1eP7fLxCDCetvl6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.32.178.0-5.32.180.255
5.32.182.0/24
31.11.64.0/18
78.157.0.0-78.157.9.255
78.157.20.0-78.157.31.255
79.126.128.0/17
85.30.64.0/18
89.31.152.0/21
95.128.186.0/24
109.69.40.0/21
146.255.69.0/24
146.255.86.0/24
185.2.188.0/22
185.5.4.0/22
185.80.164.0/22
185.89.244.0/22
185.100.244.0/22
212.110.64.0/23
212.110.80.0-212.110.91.255
212.158.176.0/20
217.16.64.0/19
217.196.192.0/20
IPv6:
2a01:5b8::/29
Signature Algorithm: sha256WithRSAEncryption
57:8c:89:91:d3:f8:75:44:b7:49:ee:89:03:d1:61:c6:68:c2:
63:58:b2:84:0f:a8:4e:cb:de:36:cc:a2:f1:f9:45:a0:27:7f:
55:94:28:32:cf:2f:95:fa:25:5c:b1:b0:d0:b3:e4:5b:29:ac:
c5:3e:af:b3:67:42:fb:18:2d:05:e7:2b:c5:3d:40:66:49:67:
2d:c5:a9:b4:b1:45:11:45:d2:0f:37:d4:0b:d1:41:d6:55:aa:
67:d5:51:f7:13:41:ba:a9:0b:e1:8d:d2:50:fa:36:bb:e2:6e:
62:3f:9c:b6:4c:82:7a:3d:73:26:6f:2a:02:46:6e:85:34:91:
4d:6c:4e:0e:ff:f9:f0:20:f7:71:62:3c:cc:9d:ce:00:74:91:
df:9b:e9:88:9e:3e:70:4b:0a:a7:ad:de:97:44:42:1e:65:e7:
8e:ca:81:74:95:d7:63:4e:dc:ea:c9:e9:c3:8c:b6:3a:48:a2:
38:49:fd:2c:e8:d4:be:26:c8:c4:fe:b4:92:2e:ef:09:1f:6a:
4e:75:38:12:a9:08:fb:c3:3a:65:27:10:78:6f:1e:27:cb:37:
b6:a0:ea:9d:9c:77:ea:cd:80:e7:99:44:4e:e7:a9:c7:88:d0:
9b:e5:92:a3:b5:83:79:f0:e5:6b:50:c8:66:12:99:49:de:a8:
c2:3f:bd:ff
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAYYWSj1/IEM7ubkCjAfsIKwmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZTcyMDlhOGM5YjE3NmZiZjYyM2VkZjNlZTBiODIwMDdm
YzJjNDAwHhcNMjMwMjAzMDgwMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjRjNWE1Y2MzYWMxNDFhMzU3OGZlZGYyZjEwODMwOWViNmY5N2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDHg6xz8eWe1Y4yvASy0cp2bJ8D5
8/t/DDQrEjY0hxYappEJc2FmOLjbNbltudAxJizDQN1EiNyPGJ01Br7V375XKYPh
IMLOu5kyFehLO7whg1np7KBOuUWlPi/kKRTSc7P6LSgGhgfVtjaQOAMoMyJfHd0n
FcnpV3PRiILzlPi+2YzKbsOxK/gYGRK5UpSqpS27DEHev2fFRt+V9qP8zghJyeJl
3FQ7E4qDhlaoq1gFPVUk2MJSksUXIa/646FBeh43Oq9seBCAag5dBAhfEdBR1sAs
3wkiUAt2iikNhfhTcBluMBRPUX5a2Lv9iWnXYPfxqjL6Frh7TRNREoAFHwIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFMJMWlzDrBQaNXj+3y8Qgwnrb5esMB8GA1UdIwQY
MBaAFJnnIJqMmxdvv2I+3z7guCAH/CxAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWVjZ21veWJGMi1fWWo3ZlB1QzRJQWY4TEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lZjU4NTYtYmJjMC00NWE0LTg5MWUt
YjJkY2MxODYzZThiLzEvd2t4YVhNT3NGQm8xZVA3Zkx4Q0RDZXR2bDZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lZjU4NTYtYmJjMC00NWE0LTg5MWUtYjJkY2MxODYzZThi
LzEvbWVjZ21veWJGMi1fWWo3ZlB1QzRJQWY4TEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBqgQCAAEwgaMwDAME
AQUgsgMEAAUgtAMEAAUgtgMEBh8LQDALAwMATp0DBAFOnQgwDAMEAk6dFAMEBU6d
AAMEB09+gAMEBlUeQAMEA1kfmAMEAF+AugMEA21FKAMEAJL/RQMEAJL/VgMEArkC
vAMEArkFBAMEArlQpAMEArlZ9AMEArlk9AMEAdRuQDAMAwQE1G5QAwQC1G5YAwQE
1J6wAwQF2RBAAwQE2cTAMA0EAgACMAcDBQMqAQW4MA0GCSqGSIb3DQEBCwUAA4IB
AQBXjImR0/h1RLdJ7okD0WHGaMJjWLKED6hOy942zKLx+UWgJ39VlCgyzy+V+iVc
sbDQs+RbKazFPq+zZ0L7GC0F5yvFPUBmSWctxam0sUURRdIPN9QL0UHWVapn1VH3
E0G6qQvhjdJQ+ja74m5iP5y2TIJ6PXMmbyoCRm6FNJFNbE4O//nwIPdxYjzMnc4A
dJHfm+mInj5wSwqnrd6XREIeZeeOyoF0lddjTtzqyenDjLY6SKI4Sf0s6NS+JsjE
/rSSLu8JH2pOdTgSqQj7wzplJxB4bx4nyze2oOqdnHfqzYDnmURO56nHiNCb5ZKj
tYN58OVrUMhmEplJ3qjCP73/
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:37:21 2025 by rpki-client