Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/26c0f9-24a4-46fd-8042-b72e5fef886a/1/7AoIY42bHJa9sA4UHYHeXMF7s7k.roa
File: 7AoIY42bHJa9sA4UHYHeXMF7s7k.roa (raw, json)
Hash identifier: CNboTMMI3Q51sAdgOVz3b5cSNOYVt3UaPS4jtABnYMA=
Subject key identifier: EC:0A:08:63:8D:9B:1C:96:BD:B0:0E:14:1D:81:DE:5C:C1:7B:B3:B9
Certificate issuer: /CN=27e711ce34026e57af3290c7de2cd21dc671e0fc
Certificate serial: 1A068A09
Authority key identifier: 27:E7:11:CE:34:02:6E:57:AF:32:90:C7:DE:2C:D2:1D:C6:71:E0:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J-cRzjQCblevMpDH3izSHcZx4Pw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/26c0f9-24a4-46fd-8042-b72e5fef886a/1/7AoIY42bHJa9sA4UHYHeXMF7s7k.roa
Signing time: Sat 01 Jan 2022 07:04:20 +0000
ROA not before: Sat 01 Jan 2022 07:04:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48173
IP address blocks: 79.174.136.0/21 maxlen: 24
79.174.144.0/21 maxlen: 24
185.68.124.0/22 maxlen: 24
94.198.56.0/21 maxlen: 24
5.39.240.0/21 maxlen: 24
46.231.176.0/21 maxlen: 24
194.13.68.0/23 maxlen: 24
212.45.104.0/21 maxlen: 24
194.11.188.0/22 maxlen: 24
5.179.200.0/21 maxlen: 24
5.179.208.0/21 maxlen: 24
194.9.184.0/22 maxlen: 24
5.179.216.0/21 maxlen: 24
5.179.224.0/21 maxlen: 24
5.179.232.0/21 maxlen: 24
194.9.216.0/22 maxlen: 24
5.179.240.0/21 maxlen: 24
5.179.248.0/21 maxlen: 24
80.82.200.0/21 maxlen: 24
46.23.232.0/21 maxlen: 24
194.13.124.0/22 maxlen: 24
194.13.136.0/22 maxlen: 24
194.15.76.0/22 maxlen: 24
194.11.248.0/22 maxlen: 24
194.13.232.0/22 maxlen: 24
2a03:7a40::/32 maxlen: 48
2a03:7c40::/32 maxlen: 48
2a03:8a40::/32 maxlen: 48
2a00:cd0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 436636169 (0x1a068a09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27e711ce34026e57af3290c7de2cd21dc671e0fc
Validity
Not Before: Jan 1 07:04:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ec0a08638d9b1c96bdb00e141d81de5cc17bb3b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:e5:9a:76:fd:a4:55:62:21:72:8f:ad:f7:be:
4d:a9:b2:40:b4:b4:8d:0b:b6:3f:89:46:1a:73:a7:
0d:e9:69:9f:2e:bb:82:6e:c6:8d:12:6d:a9:65:02:
a9:71:7a:19:9a:ed:fe:f7:1d:28:e7:97:6a:07:b1:
39:9b:fa:af:35:2d:f0:fb:ac:31:8d:9a:04:6e:8d:
36:82:bc:12:93:02:99:6f:0e:a2:84:3e:5d:18:ca:
fc:63:cc:4c:f8:7a:61:07:66:32:7c:df:6b:d1:a3:
92:2e:71:2c:59:85:40:29:05:7e:96:f8:0e:c0:b0:
26:f3:7d:42:4a:54:1a:ca:7a:ed:5a:d9:dd:e6:55:
7a:f5:be:3c:6f:9f:75:c6:3c:ac:3d:bf:e8:d5:e8:
3d:c2:95:cd:60:7f:c7:7c:78:94:df:d9:89:36:29:
a2:af:7c:95:96:a6:87:36:45:fc:6a:08:d6:e2:55:
0a:d3:d6:d1:c2:40:cb:57:10:90:fa:4d:78:1d:1b:
4d:91:88:cf:f2:20:a5:01:f2:6e:66:a8:d2:76:a0:
f4:af:88:87:95:aa:6a:78:5e:e8:ee:80:88:dc:3d:
41:0a:42:4e:7b:fa:40:e7:fa:a5:15:88:c9:5d:02:
62:1f:eb:f9:f2:25:1f:82:da:5c:a9:b0:8a:d6:28:
c5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:0A:08:63:8D:9B:1C:96:BD:B0:0E:14:1D:81:DE:5C:C1:7B:B3:B9
X509v3 Authority Key Identifier:
keyid:27:E7:11:CE:34:02:6E:57:AF:32:90:C7:DE:2C:D2:1D:C6:71:E0:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J-cRzjQCblevMpDH3izSHcZx4Pw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/26c0f9-24a4-46fd-8042-b72e5fef886a/1/7AoIY42bHJa9sA4UHYHeXMF7s7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/26c0f9-24a4-46fd-8042-b72e5fef886a/1/J-cRzjQCblevMpDH3izSHcZx4Pw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.240.0/21
5.179.200.0-5.179.255.255
46.23.232.0/21
46.231.176.0/21
79.174.136.0-79.174.151.255
80.82.200.0/21
94.198.56.0/21
185.68.124.0/22
194.9.184.0/22
194.9.216.0/22
194.11.188.0/22
194.11.248.0/22
194.13.68.0/23
194.13.124.0/22
194.13.136.0/22
194.13.232.0/22
194.15.76.0/22
212.45.104.0/21
IPv6:
2a00:cd0::/32
2a03:7a40::/32
2a03:7c40::/32
2a03:8a40::/32
Signature Algorithm: sha256WithRSAEncryption
ba:5b:99:f8:fc:df:0f:41:6d:38:69:14:59:10:e2:d6:f4:60:
27:77:40:64:6e:d0:33:7c:53:09:eb:b2:91:f7:0a:83:10:05:
aa:f8:06:c4:fd:01:31:35:7d:16:20:87:28:e4:60:f1:47:11:
30:08:0b:1e:2f:f8:db:46:c2:59:19:28:cd:37:1b:b2:f6:b9:
75:bb:4a:ad:f8:a7:e9:80:a0:0c:ab:40:91:a1:cd:4a:d3:07:
66:9f:08:91:a5:9c:b2:e7:c4:20:19:25:a2:be:0c:73:ba:08:
91:a9:19:e5:90:e3:26:bc:c2:ac:1e:b0:8f:e2:9e:1b:f9:e8:
52:c9:ee:83:a1:4a:5b:10:36:63:e0:d0:b8:f6:db:d9:de:53:
67:b2:b5:88:cd:7e:bc:ba:69:42:77:73:2a:22:11:47:58:66:
c8:2e:34:cf:ed:7a:70:f6:bb:3f:2d:cc:32:f7:a4:2a:29:64:
92:3c:21:21:4c:24:31:a6:13:6f:e2:19:c2:bc:7c:09:b3:42:
07:b7:a6:e4:c9:82:52:e6:ee:4e:71:8f:55:e6:f1:90:d2:ba:
88:c4:61:36:48:14:76:36:3d:dc:df:5f:12:bc:32:d5:08:a0:
4e:41:9a:95:2b:bb:3e:fb:2d:81:de:8a:6f:59:c5:3e:eb:89:
a7:d8:67:82
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIEGgaKCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
N2U3MTFjZTM0MDI2ZTU3YWYzMjkwYzdkZTJjZDIxZGM2NzFlMGZjMB4XDTIyMDEw
MTA3MDQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWMwYTA4NjM4ZDli
MWM5NmJkYjAwZTE0MWQ4MWRlNWNjMTdiYjNiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOblmnb9pFViIXKPrfe+TamyQLS0jQu2P4lGGnOnDelpny67
gm7GjRJtqWUCqXF6GZrt/vcdKOeXagexOZv6rzUt8PusMY2aBG6NNoK8EpMCmW8O
ooQ+XRjK/GPMTPh6YQdmMnzfa9Gjki5xLFmFQCkFfpb4DsCwJvN9QkpUGsp67VrZ
3eZVevW+PG+fdcY8rD2/6NXoPcKVzWB/x3x4lN/ZiTYpoq98lZamhzZF/GoI1uJV
CtPW0cJAy1cQkPpNeB0bTZGIz/IgpQHybmao0nag9K+Ih5Wqanhe6O6AiNw9QQpC
Tnv6QOf6pRWIyV0CYh/r+fIlH4LaXKmwitYoxc8CAwEAAaOCAqYwggKiMB0GA1Ud
DgQWBBTsCghjjZsclr2wDhQdgd5cwXuzuTAfBgNVHSMEGDAWgBQn5xHONAJuV68y
kMfeLNIdxnHg/DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0otY1J6alFDYmxldk1wREgzaXpTSGNaeDRQdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvMjZjMGY5LTI0YTQtNDZmZC04MDQyLWI3MmU1ZmVmODg2YS8x
LzdBb0lZNDJiSEphOXNBNFVIWUhlWE1GN3M3ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
MjZjMGY5LTI0YTQtNDZmZC04MDQyLWI3MmU1ZmVmODg2YS8xL0otY1J6alFDYmxl
dk1wREgzaXpTSGNaeDRQdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
uwYIKwYBBQUHAQcBAf8EgaswgagwgYEEAgABMHsDBAMFJ/AwCwMEAwWzyAMDAgWw
AwQDLhfoAwQDLuewMAwDBANProgDBANPrpADBANQUsgDBANexjgDBAK5RHwDBALC
CbgDBALCCdgDBALCC7wDBALCC/gDBAHCDUQDBALCDXwDBALCDYgDBALCDegDBALC
D0wDBAPULWgwIgQCAAIwHAMFACoADNADBQAqA3pAAwUAKgN8QAMFACoDikAwDQYJ
KoZIhvcNAQELBQADggEBALpbmfj83w9BbThpFFkQ4tb0YCd3QGRu0DN8UwnrspH3
CoMQBar4BsT9ATE1fRYghyjkYPFHETAICx4v+NtGwlkZKM03G7L2uXW7Sq34p+mA
oAyrQJGhzUrTB2afCJGlnLLnxCAZJaK+DHO6CJGpGeWQ4ya8wqwesI/inhv56FLJ
7oOhSlsQNmPg0Lj229neU2eytYjNfry6aUJ3cyoiEUdYZsguNM/tenD2uz8tzDL3
pCopZJI8ISFMJDGmE2/iGcK8fAmzQge3puTJglLm7k5xj1Xm8ZDSuojEYTZIFHY2
PdzfXxK8MtUIoE5BmpUruz77LYHeim9ZxT7riafYZ4I=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:43 2025 by rpki-client