Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/xbFIh46VjSQLRPr5wiAErXL6tw4.roa
File: xbFIh46VjSQLRPr5wiAErXL6tw4.roa (raw, json)
Hash identifier: dQ62dNmVn9C1M56w5KFgpw/UFM1arwjR/+SkokPCKYw=
Subject key identifier: C5:B1:48:87:8E:95:8D:24:0B:44:FA:F9:C2:20:04:AD:72:FA:B7:0E
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 07401A8F
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/xbFIh46VjSQLRPr5wiAErXL6tw4.roa
Signing time: Mon 20 Jun 2022 16:03:44 +0000
ROA not before: Mon 20 Jun 2022 16:03:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25211
IP address blocks: 94.26.79.0/24 maxlen: 24
94.26.90.0/24 maxlen: 24
94.26.28.0/24 maxlen: 24
94.26.29.0/24 maxlen: 24
185.96.253.0/24 maxlen: 24
185.96.252.0/24 maxlen: 24
185.96.255.0/24 maxlen: 24
94.26.76.0/24 maxlen: 24
94.26.78.0/24 maxlen: 24
94.26.77.0/24 maxlen: 24
91.92.33.0/24 maxlen: 24
78.159.130.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
78.159.128.0/24 maxlen: 24
91.92.35.0/24 maxlen: 24
78.159.129.0/24 maxlen: 24
78.159.137.0/24 maxlen: 24
91.92.40.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
78.159.138.0/24 maxlen: 24
91.92.44.0/24 maxlen: 24
93.152.205.0/24 maxlen: 24
91.92.41.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
78.159.136.0/24 maxlen: 24
78.159.139.0/24 maxlen: 24
91.92.46.0/24 maxlen: 24
93.152.213.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
91.92.47.0/24 maxlen: 24
91.92.45.0/24 maxlen: 24
91.92.50.0/24 maxlen: 24
91.92.51.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
91.92.53.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
91.92.52.0/24 maxlen: 24
78.159.152.0/22 maxlen: 22
78.159.149.0/24 maxlen: 24
78.159.150.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
78.159.158.0/24 maxlen: 24
93.152.225.0/24 maxlen: 24
93.152.226.0/24 maxlen: 24
93.152.224.0/24 maxlen: 24
78.159.157.0/24 maxlen: 24
93.152.230.0/24 maxlen: 24
45.141.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121641615 (0x7401a8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jun 20 16:03:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5b148878e958d240b44faf9c22004ad72fab70e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1f:70:59:4d:95:34:b6:96:d3:15:d6:43:eb:
cc:d6:b3:58:d9:66:f7:97:28:2d:1e:2d:a2:bb:cb:
58:51:6b:b1:f9:53:ba:d5:3f:37:ed:31:e5:d6:c6:
6f:03:86:ef:49:9a:ad:4d:af:87:8d:47:24:cf:bb:
6c:f6:77:90:23:41:89:f2:cd:c7:44:99:21:0c:a5:
17:2f:b7:5f:4a:7c:e2:3d:b9:75:73:ad:eb:a0:44:
a7:1a:5e:81:df:bf:57:7d:79:88:98:48:ea:ed:26:
4a:12:69:f4:35:3b:aa:99:05:c0:e9:c9:75:8d:72:
90:6c:27:1a:00:f6:a9:84:4c:fb:cd:ec:69:6f:3d:
e2:f1:df:13:55:af:b1:b6:2c:57:b8:f9:9c:1f:c5:
83:03:93:f1:77:75:ee:a4:78:fc:70:89:68:2c:b5:
a7:81:42:31:16:df:7d:bc:90:0b:42:14:85:3d:ad:
43:79:f4:26:5b:53:77:ee:0e:c4:f6:5b:c4:79:5d:
7a:5a:06:ae:28:17:4b:c3:23:d9:99:a7:03:a2:ff:
dd:82:56:6e:f0:8a:ab:46:05:a8:61:61:60:66:e0:
9d:42:f7:d2:13:25:52:dc:5f:bd:1f:4e:35:41:15:
8b:3e:f0:33:98:4f:4a:9e:3f:af:c8:76:7a:1d:2c:
e2:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:B1:48:87:8E:95:8D:24:0B:44:FA:F9:C2:20:04:AD:72:FA:B7:0E
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/xbFIh46VjSQLRPr5wiAErXL6tw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.234.0/24
78.159.128.0/22
78.159.136.0/22
78.159.149.0-78.159.150.255
78.159.152.0/22
78.159.157.0-78.159.158.255
91.92.33.0/24
91.92.35.0/24
91.92.40.0/21
91.92.49.0-91.92.53.255
93.152.205.0/24
93.152.209.0-93.152.210.255
93.152.213.0-93.152.215.255
93.152.220.0/23
93.152.224.0-93.152.226.255
93.152.230.0/24
94.26.28.0/23
94.26.76.0/22
94.26.90.0/24
185.96.252.0/23
185.96.255.0/24
Signature Algorithm: sha256WithRSAEncryption
20:f5:be:4a:88:82:09:4a:61:8c:5b:88:1f:ba:f8:2b:5c:25:
db:52:21:0e:8d:2d:e1:6d:97:47:ef:63:5d:a6:ed:ec:6b:b8:
d0:58:23:97:8f:88:10:dd:9f:12:05:d1:ee:f2:cf:f5:dc:42:
8c:c6:c6:73:75:87:2b:a7:7f:d2:aa:bb:68:cc:8c:e4:19:ca:
1f:02:b6:36:c2:a1:9a:bc:47:02:41:d2:d6:8d:f6:bc:0e:b1:
de:1f:b7:ff:27:fa:b0:7a:12:71:88:8d:c8:f6:58:6f:c4:06:
19:40:6a:ad:1a:e9:85:60:98:7f:f0:09:75:72:b8:f1:bf:f2:
af:16:2c:b6:63:24:c7:5e:27:2e:28:46:ef:8b:2e:8e:5d:81:
f9:7f:50:d5:e3:66:ff:63:a8:8c:95:97:55:8c:78:21:67:c3:
ea:ba:ec:ad:51:09:bf:92:7f:b9:f9:89:64:ff:37:13:5f:bd:
2f:6c:33:6d:01:74:fa:23:97:55:8f:9a:28:6c:a1:56:96:cd:
8e:4a:2a:2c:44:44:0e:5f:55:c3:03:4f:e9:2f:4c:b8:6e:96:
63:a3:96:af:57:6f:d2:6c:4a:00:71:71:3b:80:b3:f1:6f:7d:
8d:2d:e6:a7:af:fb:44:a8:84:b2:44:5e:ef:7d:0e:ad:dd:f7:
da:08:36:f0
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIEB0AajzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDFjYWE2OTM1OGY4Yzk4ZjdhNzE5ZjI1OTdkNWRhZGRiZDAwMThjMB4XDTIyMDYy
MDE2MDM0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzViMTQ4ODc4ZTk1
OGQyNDBiNDRmYWY5YzIyMDA0YWQ3MmZhYjcwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALIfcFlNlTS2ltMV1kPrzNazWNlm95coLR4torvLWFFrsflT
utU/N+0x5dbGbwOG70marU2vh41HJM+7bPZ3kCNBifLNx0SZIQylFy+3X0p84j25
dXOt66BEpxpegd+/V315iJhI6u0mShJp9DU7qpkFwOnJdY1ykGwnGgD2qYRM+83s
aW894vHfE1WvsbYsV7j5nB/FgwOT8Xd17qR4/HCJaCy1p4FCMRbffbyQC0IUhT2t
Q3n0JltTd+4OxPZbxHldeloGrigXS8Mj2ZmnA6L/3YJWbvCKq0YFqGFhYGbgnUL3
0hMlUtxfvR9ONUEViz7wM5hPSp4/r8h2eh0s4r0CAwEAAaOCArYwggKyMB0GA1Ud
DgQWBBTFsUiHjpWNJAtE+vnCIAStcvq3DjAfBgNVHSMEGDAWgBQtHKppNY+MmPen
GfJZfV2t29ABjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8x
L3hiRkloNDZWalNRTFJQcjV3aUFFclhMNnR3NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8xL0xSeXFhVFdQakpq
M3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
ywYIKwYBBQUHAQcBAf8EgbswgbgwgbUEAgABMIGuAwQALY3qAwQCTp+AAwQCTp+I
MAwDBABOn5UDBABOn5YDBAJOn5gwDAMEAE6fnQMEAE6fngMEAFtcIQMEAFtcIwME
A1tcKDAMAwQAW1wxAwQBW1w0AwQAXZjNMAwDBABdmNEDBABdmNIwDAMEAF2Y1QME
A12Y0AMEAV2Y3DAMAwQFXZjgAwQAXZjiAwQAXZjmAwQBXhocAwQCXhpMAwQAXhpa
AwQBuWD8AwQAuWD/MA0GCSqGSIb3DQEBCwUAA4IBAQAg9b5KiIIJSmGMW4gfuvgr
XCXbUiEOjS3hbZdH72Ndpu3sa7jQWCOXj4gQ3Z8SBdHu8s/13EKMxsZzdYcrp3/S
qrtozIzkGcofArY2wqGavEcCQdLWjfa8DrHeH7f/J/qwehJxiI3I9lhvxAYZQGqt
GumFYJh/8Al1crjxv/KvFiy2YyTHXicuKEbviy6OXYH5f1DV42b/Y6iMlZdVjHgh
Z8PquuytUQm/kn+5+Ylk/zcTX70vbDNtAXT6I5dVj5oobKFWls2OSiosREQOX1XD
A0/pL0y4bpZjo5avV2/SbEoAcXE7gLPxb32NLeanr/tEqISyRF7vfQ6t3ffaCDbw
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:25:26 2025 by rpki-client