Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/JWLiewmB8VQnwlWtIugW29GOzyQ.roa
File: JWLiewmB8VQnwlWtIugW29GOzyQ.roa (raw, json)
Hash identifier: 4B2cM1e3M/0trYBK5R37GTrIQejx3mNRxJeoJS7GpTs=
Subject key identifier: 25:62:E2:7B:09:81:F1:54:27:C2:55:AD:22:E8:16:DB:D1:8E:CF:24
Certificate issuer: /CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Certificate serial: 018BB2F75C7291109493C884AC08ACE500F1
Authority key identifier: DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/JWLiewmB8VQnwlWtIugW29GOzyQ.roa
Signing time: Thu 09 Nov 2023 07:23:57 +0000
ROA not before: Thu 09 Nov 2023 07:23:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25255
IP address blocks: 91.141.0.0/20 maxlen: 20
91.141.0.0/17 maxlen: 17
94.245.192.0/24 maxlen: 24
178.114.96.0/20 maxlen: 20
94.245.192.0/18 maxlen: 18
213.94.64.0/21 maxlen: 21
178.114.112.0/20 maxlen: 20
213.94.64.0/18 maxlen: 18
213.94.78.0/24 maxlen: 24
213.94.76.0/24 maxlen: 24
213.94.77.0/24 maxlen: 24
91.141.32.0/19 maxlen: 19
91.141.64.0/20 maxlen: 20
77.119.224.0/19 maxlen: 19
77.116.128.0/17 maxlen: 17
77.119.160.0/20 maxlen: 20
178.113.0.0/17 maxlen: 17
77.119.192.0/19 maxlen: 19
77.117.0.0/17 maxlen: 17
77.118.240.0/20 maxlen: 20
46.220.0.0/16 maxlen: 16
178.115.96.0/24 maxlen: 24
178.115.98.0/24 maxlen: 24
178.112.0.0/17 maxlen: 17
194.24.128.0/19 maxlen: 19
178.112.0.0/14 maxlen: 14
178.115.128.0/20 maxlen: 20
77.118.232.0/21 maxlen: 21
77.116.0.0/17 maxlen: 17
77.119.112.0/22 maxlen: 22
77.116.0.0/14 maxlen: 14
77.119.128.0/20 maxlen: 20
109.126.64.0/18 maxlen: 18
178.112.128.0/17 maxlen: 17
178.115.224.0/19 maxlen: 19
77.119.80.0/21 maxlen: 21
46.57.124.0/22 maxlen: 22
178.114.192.0/21 maxlen: 21
77.118.32.0/21 maxlen: 21
77.118.48.0/21 maxlen: 21
178.114.216.0/21 maxlen: 21
178.114.224.0/20 maxlen: 20
81.3.192.0/24 maxlen: 24
81.3.192.0/18 maxlen: 18
213.94.79.0/24 maxlen: 24
213.94.80.0/22 maxlen: 22
178.114.144.0/21 maxlen: 21
46.57.80.0/21 maxlen: 21
213.94.96.0/21 maxlen: 21
213.94.95.0/24 maxlen: 24
178.114.160.0/20 maxlen: 20
178.114.176.0/20 maxlen: 20
77.118.14.0/24 maxlen: 24
46.57.112.0/21 maxlen: 21
178.165.192.0/20 maxlen: 20
178.115.64.0/20 maxlen: 20
178.114.240.0/20 maxlen: 20
81.3.204.0/23 maxlen: 23
81.3.206.0/23 maxlen: 23
81.3.201.0/24 maxlen: 24
81.3.211.0/24 maxlen: 24
81.3.210.0/24 maxlen: 24
178.165.128.0/17 maxlen: 17
178.165.128.0/20 maxlen: 20
77.118.104.0/22 maxlen: 22
178.165.160.0/19 maxlen: 19
178.115.32.0/19 maxlen: 19
2a02:2861:d::/48 maxlen: 48
2a02:2864::/30 maxlen: 30
2a02:2861::/32 maxlen: 32
2a02:2861:e::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b2:f7:5c:72:91:10:94:93:c8:84:ac:08:ac:e5:00:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Validity
Not Before: Nov 9 07:23:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2562e27b0981f15427c255ad22e816dbd18ecf24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:5f:9a:f5:f8:36:84:cd:b9:01:56:a5:bf:09:
17:82:74:ed:26:53:88:f5:fa:ff:39:71:8a:c1:51:
56:9f:0d:7c:a4:15:63:8f:8f:a0:1d:c4:87:2f:f5:
34:b5:53:76:59:7f:35:da:5b:4d:7a:8c:9d:07:76:
0b:df:df:b6:b5:2a:11:1b:88:16:08:0d:1a:41:0f:
be:b6:e0:56:f2:0b:31:39:3c:70:93:eb:c6:bb:4f:
fb:b6:ba:6a:71:dd:14:6a:7b:e4:bd:79:02:07:bf:
95:c5:42:4e:c6:db:40:f4:f0:c4:10:82:58:14:cf:
88:f2:21:bb:f1:32:5a:e3:17:60:ae:0f:0e:a8:25:
6a:fa:cf:68:cf:93:ea:f4:8f:ff:11:b0:07:98:a9:
d7:4b:52:08:d1:b5:42:20:6e:61:be:25:13:19:bf:
22:59:ff:cf:72:e0:0c:3f:59:70:83:c1:df:ae:37:
8a:f3:7c:40:d4:ee:6b:ca:6e:da:94:37:96:cc:71:
cc:c5:6d:35:1b:8d:c2:56:14:7d:4b:c4:ae:75:5f:
34:0a:12:94:ce:da:11:8a:2c:98:be:93:37:e8:bc:
69:79:60:0a:e4:f9:3b:19:92:10:7b:75:5c:92:88:
53:09:5a:6c:a3:f8:15:8a:99:fb:a5:19:8f:56:61:
29:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:62:E2:7B:09:81:F1:54:27:C2:55:AD:22:E8:16:DB:D1:8E:CF:24
X509v3 Authority Key Identifier:
keyid:DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/JWLiewmB8VQnwlWtIugW29GOzyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.57.80.0/21
46.57.112.0/21
46.57.124.0/22
46.220.0.0/16
77.116.0.0/14
81.3.192.0/18
91.141.0.0/17
94.245.192.0/18
109.126.64.0/18
178.112.0.0/14
178.165.128.0/17
194.24.128.0/19
213.94.64.0/18
IPv6:
2a02:2861::/32
2a02:2864::/30
Signature Algorithm: sha256WithRSAEncryption
35:76:78:b0:93:6b:ef:a2:46:b1:3c:a0:5b:4b:58:ab:5a:7e:
a5:55:41:f6:09:2a:18:c0:79:ed:71:54:2f:82:77:57:e5:6a:
7e:d2:2d:20:c2:91:df:4a:0a:3d:7c:bd:fd:65:0a:9b:b9:d3:
dc:ca:87:95:b4:69:69:eb:60:38:db:16:f5:c3:7a:ad:8a:25:
6b:67:60:1a:aa:b6:7f:ed:68:2c:20:fa:6f:db:03:09:53:ff:
82:30:00:e6:d0:86:5d:30:01:a2:e3:38:11:a0:6a:79:34:95:
19:02:2d:69:6d:b4:5f:cc:da:9b:bd:00:cd:db:cd:06:ae:9d:
b1:73:a5:e9:1a:9f:3a:b3:c1:43:92:07:d1:b3:40:c3:42:fb:
99:c2:ad:e7:c6:b8:a9:1b:4e:ef:18:07:7f:77:08:34:9e:34:
da:2a:1e:a2:86:12:f5:51:5a:58:07:24:eb:91:0c:c6:1e:26:
a6:45:d2:08:2e:47:2e:29:52:b1:15:af:2b:83:40:01:07:44:
49:bb:65:e1:85:f1:c1:cd:29:d9:d1:61:16:07:57:5a:37:8a:
8a:3e:1d:98:d5:87:8f:18:ef:ff:3f:bb:3c:3d:f7:87:f4:8b:
34:ae:26:62:df:36:ef:fd:50:dd:8d:39:63:a4:18:39:4d:9d:
6d:94:32:dd
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYuy91xykRCUk8iErAis5QDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOWQxOTdmYmJlZTJhMWRjY2I0ZjU1NzIyYTgyMTBkMzEw
NWIwNDIwHhcNMjMxMTA5MDcyMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTYyZTI3YjA5ODFmMTU0MjdjMjU1YWQyMmU4MTZkYmQxOGVjZjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnV+a9fg2hM25AValvwkXgnTtJlOI
9fr/OXGKwVFWnw18pBVjj4+gHcSHL/U0tVN2WX812ltNeoydB3YL39+2tSoRG4gW
CA0aQQ++tuBW8gsxOTxwk+vGu0/7trpqcd0UanvkvXkCB7+VxUJOxttA9PDEEIJY
FM+I8iG78TJa4xdgrg8OqCVq+s9oz5Pq9I//EbAHmKnXS1II0bVCIG5hviUTGb8i
Wf/PcuAMP1lwg8HfrjeK83xA1O5rym7alDeWzHHMxW01G43CVhR9S8SudV80ChKU
ztoRiiyYvpM36LxpeWAK5Pk7GZIQe3VckohTCVpso/gVipn7pRmPVmEplQIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFCVi4nsJgfFUJ8JVrSLoFtvRjs8kMB8GA1UdIwQY
MBaAFNudGX+77iodzLT1VyKoIQ0xBbBCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMt
NGIyMzk1NmZiZDg2LzEvSldMaWV3bUI4VlFud2xXdEl1Z1cyOUdPenlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMtNGIyMzk1NmZiZDg2
LzEvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBRBAIAATBLAwQDLjlQAwQD
LjlwAwQCLjl8AwMALtwDAwJNdAMEBlEDwAMEB1uNAAMEBl71wAMEBm1+QAMDArJw
AwQHsqWAAwQFwhiAAwQG1V5AMBQEAgACMA4DBQAqAihhAwUCKgIoZDANBgkqhkiG
9w0BAQsFAAOCAQEANXZ4sJNr76JGsTygW0tYq1p+pVVB9gkqGMB57XFUL4J3V+Vq
ftItIMKR30oKPXy9/WUKm7nT3MqHlbRpaetgONsW9cN6rYola2dgGqq2f+1oLCD6
b9sDCVP/gjAA5tCGXTABouM4EaBqeTSVGQItaW20X8zam70AzdvNBq6dsXOl6Rqf
OrPBQ5IH0bNAw0L7mcKt58a4qRtO7xgHf3cINJ402ioeooYS9VFaWAck65EMxh4m
pkXSCC5HLilSsRWvK4NAAQdESbtl4YXxwc0p2dFhFgdXWjeKij4dmNWHjxjv/z+7
PD33h/SLNK4mYt827/1Q3Y05Y6QYOU2dbZQy3Q==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:02:45 2025 by rpki-client