Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/_KjeLlepY8yx2Sywv4xzzW6XIyc.roa
File: _KjeLlepY8yx2Sywv4xzzW6XIyc.roa (raw, json)
Hash identifier: cduw9Me09CVchXo/uXguGnjZnlDQreRwkotSrsCi+RA=
Subject key identifier: FC:A8:DE:2E:57:A9:63:CC:B1:D9:2C:B0:BF:8C:73:CD:6E:97:23:27
Certificate issuer: /CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Certificate serial: 38726781
Authority key identifier: D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/_KjeLlepY8yx2Sywv4xzzW6XIyc.roa
Signing time: Sat 01 Jan 2022 03:56:46 +0000
ROA not before: Sat 01 Jan 2022 03:56:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15580
IP address blocks: 194.127.64.0/24 maxlen: 24
194.127.67.0/24 maxlen: 24
194.127.65.0/24 maxlen: 24
194.127.66.0/24 maxlen: 24
194.127.74.0/24 maxlen: 24
194.127.75.0/24 maxlen: 24
194.127.72.0/24 maxlen: 24
194.127.73.0/24 maxlen: 24
194.127.76.0/24 maxlen: 24
194.127.80.0/20 maxlen: 20
194.127.81.0/24 maxlen: 24
194.127.88.0/24 maxlen: 24
194.127.89.0/24 maxlen: 24
194.127.9.224/27 maxlen: 27
194.127.9.64/27 maxlen: 27
193.194.10.0/23 maxlen: 23
193.194.10.0/24 maxlen: 24
193.194.11.0/24 maxlen: 24
193.194.6.0/23 maxlen: 23
193.194.12.0/22 maxlen: 22
194.127.4.0/24 maxlen: 24
194.127.3.0/24 maxlen: 24
194.127.1.0/24 maxlen: 24
194.127.2.0/24 maxlen: 24
194.127.0.0/18 maxlen: 18
194.127.5.0/24 maxlen: 24
194.127.9.0/24 maxlen: 24
194.127.11.0/24 maxlen: 24
194.127.10.0/24 maxlen: 24
194.127.17.0/24 maxlen: 24
194.127.12.0/24 maxlen: 24
194.127.15.0/24 maxlen: 24
194.127.13.0/24 maxlen: 24
194.127.14.0/24 maxlen: 24
194.127.24.0/23 maxlen: 23
194.127.19.0/24 maxlen: 24
194.127.22.0/24 maxlen: 24
194.127.23.0/24 maxlen: 24
194.127.20.0/24 maxlen: 24
194.127.21.0/24 maxlen: 24
194.127.31.0/24 maxlen: 24
194.127.26.0/24 maxlen: 24
194.127.26.0/23 maxlen: 23
194.127.29.0/24 maxlen: 24
194.127.27.0/24 maxlen: 24
194.127.28.0/24 maxlen: 24
2a01:6f8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 947021697 (0x38726781)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Validity
Not Before: Jan 1 03:56:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fca8de2e57a963ccb1d92cb0bf8c73cd6e972327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:df:c1:97:4b:df:a7:80:e0:f0:d1:d1:fd:e8:
7e:6a:c4:9a:1a:64:cd:79:a8:d3:b2:a1:5c:d7:73:
28:a1:7d:8b:6f:bc:ef:62:ce:c7:f4:e8:ed:93:57:
d7:2e:ed:05:72:85:fd:89:40:53:a9:5f:dd:97:d5:
0d:f9:33:a9:96:92:5b:7f:8e:79:90:eb:eb:c4:ae:
c3:7b:db:98:57:83:91:c8:7f:05:2f:b6:29:8d:58:
46:5e:32:5f:9f:04:6b:40:6d:f3:fa:05:4f:61:12:
a3:0e:81:77:b4:af:a1:9d:5c:78:f7:e1:53:b4:1d:
00:11:9c:c3:0b:55:a2:a4:21:c7:06:df:9c:ed:7e:
a5:7c:64:85:f9:98:77:20:56:7f:c9:58:b3:47:b4:
74:ae:13:f3:be:93:3f:98:af:9b:c1:47:dc:66:9f:
7d:18:a3:5e:66:3a:7e:c1:f3:cb:ff:87:ef:cf:f1:
0d:91:6e:2e:b8:6c:6c:a7:5c:6a:c6:72:d7:2c:0d:
e1:6d:94:24:6e:da:13:72:0f:3e:59:fd:de:af:cc:
63:4d:8b:d5:6c:e7:20:21:16:ef:80:08:b5:af:7b:
43:22:6f:55:41:be:56:ff:70:a7:f5:b7:82:7a:63:
85:c9:19:83:b9:55:82:17:41:85:52:3e:68:ec:63:
d8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:A8:DE:2E:57:A9:63:CC:B1:D9:2C:B0:BF:8C:73:CD:6E:97:23:27
X509v3 Authority Key Identifier:
keyid:D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/_KjeLlepY8yx2Sywv4xzzW6XIyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.194.6.0/23
193.194.10.0-193.194.15.255
194.127.0.0-194.127.67.255
194.127.72.0-194.127.76.255
194.127.80.0/20
IPv6:
2a01:6f8::/32
Signature Algorithm: sha256WithRSAEncryption
89:51:4f:58:be:bb:45:56:8b:86:39:b0:77:10:61:88:c3:c6:
4e:1d:cd:d5:85:50:e9:e2:ca:c3:26:c2:24:ae:89:3b:11:89:
bf:93:e0:c8:89:c6:8c:41:07:2e:7e:49:6c:a2:fc:b1:0f:3b:
b0:07:0b:00:67:60:14:75:19:5c:6e:8d:41:4d:ad:7a:ce:53:
5c:b2:3a:36:15:ac:ff:ca:ad:a7:8b:ba:3c:fb:61:ab:f1:5e:
e5:7a:5b:57:28:1c:a4:d6:80:a1:dd:48:1f:81:0c:78:11:89:
45:73:10:69:7c:38:40:da:80:ed:86:49:90:bc:a2:42:a0:7f:
37:98:c0:fe:28:74:55:96:93:98:ec:05:02:c6:5b:d8:6d:f4:
b2:e8:d3:27:b6:06:d2:53:d1:b2:64:25:cf:17:4e:6f:51:1c:
d5:c2:a5:c8:3b:62:e7:d0:50:6d:15:b4:84:fd:03:6b:ca:31:
ab:b2:f2:4b:48:8e:85:e1:af:0c:f5:b7:a2:80:5b:13:5d:7c:
d0:f2:5a:ea:df:36:d6:23:87:1c:b7:d0:c3:6c:aa:16:a6:10:
b7:45:e5:eb:df:78:32:d6:2f:a3:6b:43:f8:85:d0:04:60:45:
b2:d7:0e:eb:21:8e:a6:2e:50:f0:58:34:a1:f4:cf:80:4c:9b:
92:b5:f3:08
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIEOHJngTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MzFkZDFhNTE0ZDNhN2UzZGZkYjhiZmI3NWQ3ZDI0ZWQ5OGQ0NzlmMB4XDTIyMDEw
MTAzNTY0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmNhOGRlMmU1N2E5
NjNjY2IxZDkyY2IwYmY4YzczY2Q2ZTk3MjMyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPfwZdL36eA4PDR0f3ofmrEmhpkzXmo07KhXNdzKKF9i2+8
72LOx/To7ZNX1y7tBXKF/YlAU6lf3ZfVDfkzqZaSW3+OeZDr68Suw3vbmFeDkch/
BS+2KY1YRl4yX58Ea0Bt8/oFT2ESow6Bd7SvoZ1cePfhU7QdABGcwwtVoqQhxwbf
nO1+pXxkhfmYdyBWf8lYs0e0dK4T876TP5ivm8FH3GaffRijXmY6fsHzy/+H78/x
DZFuLrhsbKdcasZy1ywN4W2UJG7aE3IPPln93q/MY02L1WznICEW74AIta97QyJv
VUG+Vv9wp/W3gnpjhckZg7lVghdBhVI+aOxj2HkCAwEAAaOCAkcwggJDMB0GA1Ud
DgQWBBT8qN4uV6ljzLHZLLC/jHPNbpcjJzAfBgNVHSMEGDAWgBTTHdGlFNOn49/b
i/t119JO2Y1HnzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzB4M1JwUlRUcC1QZjI0djdkZGZTVHRtTlI1OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWUvZjI0NzhmLWM1MDMtNDJjMi05NGIyLWIxNjZhZTJlZjI4Ny8x
L19LamVMbGVwWTh5eDJTeXd2NHh6elc2WEl5Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWUv
ZjI0NzhmLWM1MDMtNDJjMi05NGIyLWIxNjZhZTJlZjI4Ny8xLzB4M1JwUlRUcC1Q
ZjI0djdkZGZTVHRtTlI1OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBd
BggrBgEFBQcBBwEB/wROMEwwOwQCAAEwNQMEAcHCBjAMAwQBwcIKAwQEwcIAMAsD
AwDCfwMEAsJ/QDAMAwQDwn9IAwQAwn9MAwQEwn9QMA0EAgACMAcDBQAqAQb4MA0G
CSqGSIb3DQEBCwUAA4IBAQCJUU9YvrtFVouGObB3EGGIw8ZOHc3VhVDp4srDJsIk
rok7EYm/k+DIicaMQQcufklsovyxDzuwBwsAZ2AUdRlcbo1BTa16zlNcsjo2Faz/
yq2ni7o8+2Gr8V7leltXKByk1oCh3UgfgQx4EYlFcxBpfDhA2oDthkmQvKJCoH83
mMD+KHRVlpOY7AUCxlvYbfSy6NMntgbSU9GyZCXPF05vURzVwqXIO2Ln0FBtFbSE
/QNryjGrsvJLSI6F4a8M9beigFsTXXzQ8lrq3zbWI4cct9DDbKoWphC3ReXr33gy
1i+ja0P4hdAEYEWy1w7rIY6mLlDwWDSh9M+ATJuStfMI
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:27:05 2025 by rpki-client