Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ffW3EfvyDB5W6NnCPTr-h5eiK20.roa
File: ffW3EfvyDB5W6NnCPTr-h5eiK20.roa (raw, json)
Hash identifier: buP5nIKpTUVHLUHgH7W4l8ozLN3su2zIs2mNzHmgs3s=
Subject key identifier: 7D:F5:B7:11:FB:F2:0C:1E:56:E8:D9:C2:3D:3A:FE:87:97:A2:2B:6D
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 42514BC0
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ffW3EfvyDB5W6NnCPTr-h5eiK20.roa
Signing time: Sat 01 Jan 2022 14:02:55 +0000
ROA not before: Sat 01 Jan 2022 14:02:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2119
IP address blocks: 194.132.108.0/23 maxlen: 23
193.183.3.0/24 maxlen: 24
194.68.126.0/24 maxlen: 24
194.71.248.0/21 maxlen: 21
194.68.56.0/23 maxlen: 23
192.71.158.0/24 maxlen: 24
194.68.99.0/24 maxlen: 24
194.14.129.0/24 maxlen: 24
193.183.92.0/24 maxlen: 24
192.176.161.0/24 maxlen: 24
193.183.93.0/24 maxlen: 24
193.183.104.0/24 maxlen: 24
193.181.187.0/24 maxlen: 24
192.121.30.0/24 maxlen: 24
193.183.118.0/24 maxlen: 24
193.183.68.0/23 maxlen: 23
193.183.79.0/24 maxlen: 24
192.165.65.0/24 maxlen: 24
193.180.112.0/23 maxlen: 23
193.180.114.0/24 maxlen: 24
192.71.5.0/24 maxlen: 24
192.165.86.0/24 maxlen: 24
192.121.172.0/24 maxlen: 24
192.121.101.0/24 maxlen: 24
193.234.68.0/23 maxlen: 23
193.180.104.0/21 maxlen: 21
192.71.97.0/24 maxlen: 24
192.36.37.0/24 maxlen: 24
193.234.220.0/23 maxlen: 23
193.181.0.0/24 maxlen: 24
193.234.237.0/24 maxlen: 24
194.71.140.0/23 maxlen: 23
192.71.41.0/24 maxlen: 24
192.71.40.0/24 maxlen: 24
194.103.50.0/24 maxlen: 24
192.121.192.0/24 maxlen: 24
194.71.83.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1112624064 (0x42514bc0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:02:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7df5b711fbf20c1e56e8d9c23d3afe8797a22b6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:1f:fa:3b:12:98:aa:f6:39:d7:62:8b:65:7d:
9f:9f:e9:8e:21:2d:44:12:2a:6b:91:03:09:74:b4:
2e:65:d5:ac:a8:c5:ad:18:57:35:9c:82:3a:23:1d:
15:a2:8e:2e:6a:72:ce:78:e5:45:e6:b5:49:19:df:
bb:8c:55:b3:6f:0c:31:a5:57:2a:b1:71:6d:a8:f1:
72:de:32:94:2d:cb:80:0d:c7:33:7d:2c:56:72:66:
6a:c2:84:84:b2:c8:9e:89:06:ea:d1:d9:11:82:4f:
2a:f0:7c:04:f5:33:84:79:6d:80:bd:51:0e:5a:09:
2a:d4:a0:d8:28:1d:6e:4e:ae:6e:21:d7:e9:1f:d5:
ff:77:86:5a:1b:7b:8b:24:bb:84:cc:0e:51:17:97:
77:2f:f3:9c:d6:78:00:e5:7d:4e:66:1b:2e:85:79:
04:19:61:d6:b1:f9:72:bb:af:ec:2f:9f:cb:e3:b1:
05:9e:0b:e7:3a:73:e7:f1:ce:87:d2:05:b5:68:ff:
56:1f:ad:62:02:5a:81:c1:cb:ea:24:13:35:25:01:
17:36:20:7e:f9:f3:61:2a:7d:13:af:81:d6:10:3f:
b4:4b:ac:45:9f:31:8c:33:8e:0f:15:39:80:ea:f4:
11:5a:c1:11:7f:6e:eb:fe:6d:a6:5c:d9:92:f4:22:
d7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:F5:B7:11:FB:F2:0C:1E:56:E8:D9:C2:3D:3A:FE:87:97:A2:2B:6D
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ffW3EfvyDB5W6NnCPTr-h5eiK20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.37.0/24
192.71.5.0/24
192.71.40.0/23
192.71.97.0/24
192.71.158.0/24
192.121.30.0/24
192.121.101.0/24
192.121.172.0/24
192.121.192.0/24
192.165.65.0/24
192.165.86.0/24
192.176.161.0/24
193.180.104.0-193.180.114.255
193.181.0.0/24
193.181.187.0/24
193.183.3.0/24
193.183.68.0/23
193.183.79.0/24
193.183.92.0/23
193.183.104.0/24
193.183.118.0/24
193.234.68.0/23
193.234.220.0/23
193.234.237.0/24
194.14.129.0/24
194.68.56.0/23
194.68.99.0/24
194.68.126.0/24
194.71.83.0/24
194.71.140.0/23
194.71.248.0/21
194.103.50.0/24
194.132.108.0/23
Signature Algorithm: sha256WithRSAEncryption
66:42:54:1d:07:f0:69:fe:53:21:aa:35:74:b7:35:0a:d2:59:
d9:9d:1d:18:32:31:e8:35:ff:fe:be:0e:e0:4e:f3:6e:47:e4:
e2:20:55:df:62:bb:cb:5e:7e:93:34:74:51:ea:4a:5b:46:46:
ce:55:85:3e:3e:b2:c1:98:a6:bf:98:24:7f:32:1e:e9:d2:74:
91:37:b5:d9:6f:9b:b3:88:7a:4f:d4:83:6f:b6:a8:ae:7b:45:
85:74:28:f3:e9:ce:af:34:64:a7:bd:db:db:b3:01:36:75:3c:
bc:84:3b:c1:34:9e:81:fb:34:97:81:1b:e9:00:e0:46:36:68:
96:d2:28:68:d0:53:51:5c:76:0d:47:2b:84:6f:c4:e6:a5:82:
f7:76:c4:4f:34:25:1b:20:77:13:9f:1f:65:f3:da:9b:5d:20:
2f:6b:24:dd:c5:0a:31:a7:0c:d4:0e:f9:ff:a4:6f:d7:4c:7b:
89:c5:31:c9:03:29:11:ed:98:09:82:22:36:ec:9e:76:9b:8f:
cd:fc:11:3c:45:e2:6b:e9:ab:53:b0:b5:0a:a6:60:b3:12:d0:
b7:91:38:ae:eb:19:5c:a0:d2:3c:36:26:c5:ff:08:aa:f5:ab:
c7:fe:79:6c:ea:b1:bc:91:f9:74:53:94:e9:3c:7a:e6:60:34:
92:62:50:e7
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIEQlFLwDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDI1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2RmNWI3MTFmYmYy
MGMxZTU2ZThkOWMyM2QzYWZlODc5N2EyMmI2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANgf+jsSmKr2Oddii2V9n5/pjiEtRBIqa5EDCXS0LmXVrKjF
rRhXNZyCOiMdFaKOLmpyznjlRea1SRnfu4xVs28MMaVXKrFxbajxct4ylC3LgA3H
M30sVnJmasKEhLLInokG6tHZEYJPKvB8BPUzhHltgL1RDloJKtSg2Cgdbk6ubiHX
6R/V/3eGWht7iyS7hMwOUReXdy/znNZ4AOV9TmYbLoV5BBlh1rH5cruv7C+fy+Ox
BZ4L5zpz5/HOh9IFtWj/Vh+tYgJagcHL6iQTNSUBFzYgfvnzYSp9E6+B1hA/tEus
RZ8xjDOODxU5gOr0EVrBEX9u6/5tplzZkvQi1yECAwEAAaOCAtYwggLSMB0GA1Ud
DgQWBBR99bcR+/IMHlbo2cI9Ov6Hl6IrbTAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L2ZmVzNFZnZ5REI1VzZObkNQVHItaDVlaUsyMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
6wYIKwYBBQUHAQcBAf8EgdswgdgwgdUEAgABMIHOAwQAwCQlAwQAwEcFAwQBwEco
AwQAwEdhAwQAwEeeAwQAwHkeAwQAwHllAwQAwHmsAwQAwHnAAwQAwKVBAwQAwKVW
AwQAwLChMAwDBAPBtGgDBADBtHIDBADBtQADBADBtbsDBADBtwMDBAHBt0QDBADB
t08DBAHBt1wDBADBt2gDBADBt3YDBAHB6kQDBAHB6twDBADB6u0DBADCDoEDBAHC
RDgDBADCRGMDBADCRH4DBADCR1MDBAHCR4wDBAPCR/gDBADCZzIDBAHChGwwDQYJ
KoZIhvcNAQELBQADggEBAGZCVB0H8Gn+UyGqNXS3NQrSWdmdHRgyMeg1//6+DuBO
825H5OIgVd9iu8tefpM0dFHqSltGRs5VhT4+ssGYpr+YJH8yHunSdJE3tdlvm7OI
ek/Ug2+2qK57RYV0KPPpzq80ZKe929uzATZ1PLyEO8E0noH7NJeBG+kA4EY2aJbS
KGjQU1Fcdg1HK4RvxOalgvd2xE80JRsgdxOfH2Xz2ptdIC9rJN3FCjGnDNQO+f+k
b9dMe4nFMckDKRHtmAmCIjbsnnabj838ETxF4mvpq1OwtQqmYLMS0LeROK7rGVyg
0jw2JsX/CKr1q8f+eWzqsbyR+XRTlOk8euZgNJJiUOc=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:19:51 2025 by rpki-client