Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/2fea18-fb62-4b95-9feb-9cf811e9fa7a/1/9cH40EbyG-b24KgaSZk5vTtHmBw.roa
File: 9cH40EbyG-b24KgaSZk5vTtHmBw.roa (raw, json)
Hash identifier: GvHhxspHGXbqPF5IvdcvorMt4lZnZ0YtoIIxPmt1u9I=
Subject key identifier: F5:C1:F8:D0:46:F2:1B:E6:F6:E0:A8:1A:49:99:39:BD:3B:47:98:1C
Certificate issuer: /CN=59919584033c3911a009bdde3183f6c60b2afcca
Certificate serial: 01870D85363AC748783D1721F54BE6B7EEA0
Authority key identifier: 59:91:95:84:03:3C:39:11:A0:09:BD:DE:31:83:F6:C6:0B:2A:FC:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WZGVhAM8ORGgCb3eMYP2xgsq_Mo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/2fea18-fb62-4b95-9feb-9cf811e9fa7a/1/9cH40EbyG-b24KgaSZk5vTtHmBw.roa
Signing time: Thu 23 Mar 2023 08:10:46 +0000
ROA not before: Thu 23 Mar 2023 08:10:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31115
IP address blocks: 178.19.152.0/21 maxlen: 24
178.19.156.0/24 maxlen: 24
62.97.32.0/19 maxlen: 19
62.97.32.0/20 maxlen: 20
62.97.45.0/24 maxlen: 24
62.97.48.0/20 maxlen: 20
130.255.144.0/21 maxlen: 21
130.255.144.0/22 maxlen: 22
130.255.144.0/24 maxlen: 24
91.187.201.0/24 maxlen: 24
91.187.208.0/20 maxlen: 20
91.187.217.0/24 maxlen: 24
178.19.144.0/20 maxlen: 24
178.19.144.0/21 maxlen: 21
94.126.56.0/21 maxlen: 21
94.126.56.0/22 maxlen: 22
94.126.60.0/22 maxlen: 22
185.11.192.0/22 maxlen: 24
195.134.176.0/21 maxlen: 24
130.255.150.0/24 maxlen: 24
130.255.148.0/22 maxlen: 22
130.255.149.0/24 maxlen: 24
31.171.136.0/21 maxlen: 21
31.171.136.0/22 maxlen: 22
31.171.140.0/24 maxlen: 24
31.171.140.0/22 maxlen: 22
194.150.162.0/23 maxlen: 23
91.187.192.0/20 maxlen: 20
91.187.192.0/19 maxlen: 19
91.187.199.0/24 maxlen: 24
5.172.64.0/19 maxlen: 19
2a01:9840::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0d:85:36:3a:c7:48:78:3d:17:21:f5:4b:e6:b7:ee:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59919584033c3911a009bdde3183f6c60b2afcca
Validity
Not Before: Mar 23 08:10:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5c1f8d046f21be6f6e0a81a499939bd3b47981c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:7e:0b:66:d0:82:8f:1f:a7:84:03:47:fb:a9:
c7:3f:fc:33:f8:c0:5b:b8:37:6f:eb:9b:69:7b:9e:
ff:76:ed:77:d1:07:88:2e:39:43:40:59:f5:53:f5:
e4:b9:ce:d1:5d:63:3b:2a:31:57:1b:97:f2:0a:a7:
e8:6f:ec:6e:ee:4d:98:b5:96:95:3e:78:0f:91:bb:
28:6e:4e:dc:0b:86:c4:14:54:34:b9:20:be:0f:dc:
90:a3:ac:b0:ef:27:96:44:4e:eb:31:c4:0d:c9:dd:
70:2d:9e:b1:12:09:0c:89:fe:bd:28:2b:30:32:67:
76:2d:de:34:b6:6b:89:b2:35:c2:b4:9c:6d:90:ae:
27:6b:8e:84:c7:a5:cf:16:15:a2:e0:d8:7b:83:46:
5b:75:dd:23:ab:7c:6f:3c:b3:68:15:42:79:d4:33:
3a:0d:02:5c:bf:4a:9c:16:2d:83:72:df:cc:ad:b6:
6d:c4:9a:c6:58:6d:39:e9:30:47:ab:bc:c5:f5:ae:
4f:60:3d:a9:ad:86:fe:8f:2e:54:ea:51:c1:9a:83:
d6:cc:91:f2:54:8e:08:4b:ce:21:a1:5a:f6:ca:9f:
cb:a0:7d:3a:62:eb:e2:44:c0:64:18:91:83:2d:ca:
51:dc:87:54:36:83:b8:7d:1c:3b:7d:39:5d:e0:1e:
56:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:C1:F8:D0:46:F2:1B:E6:F6:E0:A8:1A:49:99:39:BD:3B:47:98:1C
X509v3 Authority Key Identifier:
keyid:59:91:95:84:03:3C:39:11:A0:09:BD:DE:31:83:F6:C6:0B:2A:FC:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WZGVhAM8ORGgCb3eMYP2xgsq_Mo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2fea18-fb62-4b95-9feb-9cf811e9fa7a/1/9cH40EbyG-b24KgaSZk5vTtHmBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2fea18-fb62-4b95-9feb-9cf811e9fa7a/1/WZGVhAM8ORGgCb3eMYP2xgsq_Mo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.64.0/19
31.171.136.0/21
62.97.32.0/19
91.187.192.0/19
94.126.56.0/21
130.255.144.0/21
178.19.144.0/20
185.11.192.0/22
194.150.162.0/23
195.134.176.0/21
IPv6:
2a01:9840::/32
Signature Algorithm: sha256WithRSAEncryption
48:e7:63:7e:03:25:de:19:ca:a9:5a:08:b9:18:2c:c9:de:1b:
0b:fb:10:71:f7:bf:40:78:04:76:70:26:28:64:ae:ea:2c:93:
58:a7:52:25:c6:3d:d5:06:a6:df:aa:11:b5:fd:49:49:53:5d:
1d:6f:7a:87:b0:f1:d6:b7:26:4b:4d:53:ca:ab:5a:99:bf:64:
58:37:c1:f2:c5:d1:81:fa:b5:39:73:dc:52:55:31:5f:fb:0a:
86:fe:88:db:12:aa:f9:b0:30:fa:5f:fe:b5:a6:52:51:bd:62:
05:2a:5e:5f:b0:3f:51:f8:34:9b:52:1d:d2:95:fc:10:23:42:
25:db:19:b3:02:0d:49:67:8c:b0:24:7c:a3:c5:f8:03:32:b2:
10:d9:5d:3a:82:09:82:b1:44:e4:90:c5:b3:0c:75:31:c6:6b:
63:f1:42:8b:a3:0c:f8:2f:5c:dc:76:c3:c4:4c:12:05:b9:1a:
89:d3:77:de:81:a6:8d:14:43:e4:90:7d:5c:fc:c7:6a:9d:15:
c4:2c:b5:3b:48:ab:d1:fa:be:67:bc:83:c5:e8:a4:d3:5a:8d:
53:21:20:71:06:06:27:09:12:e5:2e:5f:05:52:c3:f7:28:00:
55:95:d7:f5:62:ab:93:5c:7b:a2:fa:d9:8c:10:cc:14:35:de:
dd:88:2e:41
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYcNhTY6x0h4PRch9Uvmt+6gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5OTE5NTg0MDMzYzM5MTFhMDA5YmRkZTMxODNmNmM2MGIy
YWZjY2EwHhcNMjMwMzIzMDgxMDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWMxZjhkMDQ2ZjIxYmU2ZjZlMGE4MWE0OTk5MzliZDNiNDc5ODFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlX4LZtCCjx+nhANH+6nHP/wz+MBb
uDdv65tpe57/du130QeILjlDQFn1U/Xkuc7RXWM7KjFXG5fyCqfob+xu7k2YtZaV
PngPkbsobk7cC4bEFFQ0uSC+D9yQo6yw7yeWRE7rMcQNyd1wLZ6xEgkMif69KCsw
Mmd2Ld40tmuJsjXCtJxtkK4na46Ex6XPFhWi4Nh7g0Zbdd0jq3xvPLNoFUJ51DM6
DQJcv0qcFi2Dct/MrbZtxJrGWG056TBHq7zF9a5PYD2prYb+jy5U6lHBmoPWzJHy
VI4IS84hoVr2yp/LoH06YuviRMBkGJGDLcpR3IdUNoO4fRw7fTld4B5WgwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFPXB+NBG8hvm9uCoGkmZOb07R5gcMB8GA1UdIwQY
MBaAFFmRlYQDPDkRoAm93jGD9sYLKvzKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1pHVmhBTThPUkdnQ2IzZU1ZUDJ4Z3NxX01vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yZmVhMTgtZmI2Mi00Yjk1LTlmZWIt
OWNmODExZTlmYTdhLzEvOWNINDBFYnlHLWIyNEtnYVNaazV2VHRIbUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yZmVhMTgtZmI2Mi00Yjk1LTlmZWItOWNmODExZTlmYTdh
LzEvV1pHVmhBTThPUkdnQ2IzZU1ZUDJ4Z3NxX01vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQFBaxAAwQD
H6uIAwQFPmEgAwQFW7vAAwQDXn44AwQDgv+QAwQEshOQAwQCuQvAAwQBwpaiAwQD
w4awMA0EAgACMAcDBQAqAZhAMA0GCSqGSIb3DQEBCwUAA4IBAQBI52N+AyXeGcqp
Wgi5GCzJ3hsL+xBx979AeAR2cCYoZK7qLJNYp1Ilxj3VBqbfqhG1/UlJU10db3qH
sPHWtyZLTVPKq1qZv2RYN8HyxdGB+rU5c9xSVTFf+wqG/ojbEqr5sDD6X/61plJR
vWIFKl5fsD9R+DSbUh3SlfwQI0Il2xmzAg1JZ4ywJHyjxfgDMrIQ2V06ggmCsUTk
kMWzDHUxxmtj8UKLowz4L1zcdsPETBIFuRqJ03fegaaNFEPkkH1c/MdqnRXELLU7
SKvR+r5nvIPF6KTTWo1TISBxBgYnCRLlLl8FUsP3KABVldf1YquTXHui+tmMEMwU
Nd7diC5B
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:52 2025 by rpki-client