Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/7cc0f6-74ef-423a-a696-4a2bf4ab199d/1/kqwFH88qVOaEWrQJ482xMo3T7gA.roa
File: kqwFH88qVOaEWrQJ482xMo3T7gA.roa (raw, json)
Hash identifier: cn/WwK3zZtbvj1uI9nEgumktjxAOAlWW7mrKDP447Gs=
Subject key identifier: 92:AC:05:1F:CF:2A:54:E6:84:5A:B4:09:E3:CD:B1:32:8D:D3:EE:00
Certificate issuer: /CN=26f36b5c6ca7a1698e7421a27e3d4a6b7648148d
Certificate serial: 01856B6E861726F8E92922400579127A25A5
Authority key identifier: 26:F3:6B:5C:6C:A7:A1:69:8E:74:21:A2:7E:3D:4A:6B:76:48:14:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JvNrXGynoWmOdCGifj1Ka3ZIFI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/7cc0f6-74ef-423a-a696-4a2bf4ab199d/1/kqwFH88qVOaEWrQJ482xMo3T7gA.roa
Signing time: Sun 01 Jan 2023 03:44:43 +0000
ROA not before: Sun 01 Jan 2023 03:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58243
IP address blocks: 207.89.65.0/24 maxlen: 24
207.89.66.0/23 maxlen: 23
207.89.67.0/24 maxlen: 24
207.89.64.0/18 maxlen: 18
207.89.68.0/24 maxlen: 24
207.89.70.0/23 maxlen: 23
207.89.78.0/23 maxlen: 23
207.89.74.0/23 maxlen: 23
207.89.76.0/24 maxlen: 24
207.89.77.0/24 maxlen: 24
207.89.72.0/23 maxlen: 23
207.89.72.0/22 maxlen: 22
207.89.80.0/23 maxlen: 23
207.89.80.0/20 maxlen: 20
207.89.82.0/24 maxlen: 24
207.89.83.0/24 maxlen: 24
207.89.86.0/23 maxlen: 23
207.89.88.0/22 maxlen: 22
207.89.92.0/24 maxlen: 24
207.89.92.0/22 maxlen: 22
207.89.96.0/20 maxlen: 20
207.89.96.0/19 maxlen: 24
207.89.112.0/20 maxlen: 20
5.61.176.0/20 maxlen: 20
5.61.176.0/21 maxlen: 21
5.61.184.0/23 maxlen: 23
5.61.186.0/24 maxlen: 24
5.61.187.0/24 maxlen: 24
5.61.188.0/23 maxlen: 23
5.61.190.0/23 maxlen: 23
5.61.190.0/24 maxlen: 24
5.61.132.0/22 maxlen: 24
5.61.128.0/18 maxlen: 18
5.61.128.0/19 maxlen: 19
5.61.128.0/20 maxlen: 20
5.61.128.0/23 maxlen: 23
5.61.130.0/23 maxlen: 23
5.61.130.0/24 maxlen: 24
5.61.131.0/24 maxlen: 24
5.61.134.0/23 maxlen: 23
5.61.136.0/21 maxlen: 24
5.61.138.0/23 maxlen: 23
5.61.140.0/22 maxlen: 22
5.61.144.0/24 maxlen: 24
5.61.145.0/24 maxlen: 24
5.61.144.0/20 maxlen: 24
5.61.149.0/24 maxlen: 24
5.61.150.0/24 maxlen: 24
5.61.151.0/24 maxlen: 24
5.61.152.0/22 maxlen: 22
5.61.146.0/24 maxlen: 24
5.61.147.0/24 maxlen: 24
5.61.148.0/24 maxlen: 24
5.61.156.0/24 maxlen: 24
5.61.157.0/24 maxlen: 24
5.61.158.0/23 maxlen: 23
5.61.160.0/24 maxlen: 24
5.61.160.0/19 maxlen: 19
5.61.160.0/20 maxlen: 20
5.61.163.0/24 maxlen: 24
5.61.164.0/24 maxlen: 24
5.61.164.0/22 maxlen: 22
5.61.165.0/24 maxlen: 24
5.61.168.0/23 maxlen: 23
5.61.168.0/21 maxlen: 21
5.61.166.0/23 maxlen: 23
5.61.170.0/23 maxlen: 23
5.61.172.0/22 maxlen: 22
185.78.252.0/22 maxlen: 22
207.89.64.0/24 maxlen: 24
207.89.64.0/19 maxlen: 19
207.89.64.0/20 maxlen: 20
2a01:5244::/30 maxlen: 30
2a01:5240::/29 maxlen: 29
2a01:5240::/30 maxlen: 30
2a01:5241::/39 maxlen: 39
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:6e:86:17:26:f8:e9:29:22:40:05:79:12:7a:25:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26f36b5c6ca7a1698e7421a27e3d4a6b7648148d
Validity
Not Before: Jan 1 03:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92ac051fcf2a54e6845ab409e3cdb1328dd3ee00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b0:d6:7d:70:a4:cf:07:9f:84:15:9a:eb:49:
a9:7d:13:1d:21:7a:65:98:e1:0f:22:f2:44:35:41:
0e:1f:08:48:4e:60:12:70:b7:93:f4:8e:e9:0b:0d:
cd:6d:a2:61:e5:0c:df:38:7f:18:73:e0:1c:c3:2d:
a5:eb:50:d1:cd:6e:2a:a7:3a:15:91:1d:9a:d9:81:
0c:f8:80:b9:24:ed:d1:33:85:61:01:36:9c:85:3c:
c8:c5:f0:f1:9b:15:57:8e:48:7e:cf:32:47:f6:68:
49:8e:dd:b4:44:21:b5:96:21:b0:d9:ec:1f:60:12:
fa:36:8a:26:c3:ed:43:6f:e4:6e:92:f0:f6:fa:be:
59:6a:f4:87:90:a5:65:aa:d7:5a:c3:0b:b4:c8:2b:
1d:32:4e:0f:87:c0:61:8d:44:f6:e2:88:cb:40:31:
64:68:8b:3d:97:d1:3c:42:05:74:d3:01:ea:d2:78:
3d:cc:af:5d:40:61:79:53:ef:80:d8:6a:7c:54:15:
89:49:9e:ec:30:4b:ec:6a:91:05:3c:7e:c4:c2:47:
94:eb:08:18:67:10:ad:0b:33:dc:d5:74:35:a9:e6:
a8:75:f2:66:3d:48:4a:f8:15:54:66:15:0e:2b:3b:
3c:b3:85:3c:e0:3c:f7:e4:bc:14:a4:72:ff:2e:75:
11:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:AC:05:1F:CF:2A:54:E6:84:5A:B4:09:E3:CD:B1:32:8D:D3:EE:00
X509v3 Authority Key Identifier:
keyid:26:F3:6B:5C:6C:A7:A1:69:8E:74:21:A2:7E:3D:4A:6B:76:48:14:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JvNrXGynoWmOdCGifj1Ka3ZIFI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/7cc0f6-74ef-423a-a696-4a2bf4ab199d/1/kqwFH88qVOaEWrQJ482xMo3T7gA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/7cc0f6-74ef-423a-a696-4a2bf4ab199d/1/JvNrXGynoWmOdCGifj1Ka3ZIFI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.128.0/18
185.78.252.0/22
207.89.64.0/18
IPv6:
2a01:5240::/29
Signature Algorithm: sha256WithRSAEncryption
8b:f9:39:9e:4a:33:22:23:37:50:02:27:91:4a:6f:0a:6d:fc:
53:84:56:a1:24:9a:f4:fc:15:62:43:bf:d0:b4:56:58:53:c4:
d9:03:b1:c2:87:5e:de:5a:e6:b3:12:2e:a3:d1:60:5f:54:c8:
87:b2:97:96:e0:ae:fc:74:d8:3b:76:d3:83:2a:ea:2e:06:23:
b0:a0:6f:13:e8:2e:d2:11:75:dd:8d:3f:bc:2a:92:a0:b9:5f:
47:6b:67:a0:ac:67:b7:75:8e:a6:72:05:68:50:6e:b0:a9:41:
2d:3c:3b:7a:b9:7e:8f:29:25:82:f9:f5:c9:7a:c9:78:ca:f5:
35:6f:55:db:a2:1c:1e:f3:e2:4e:b2:78:f5:7b:b2:ce:54:67:
2a:f4:58:b4:93:82:e6:62:67:91:3d:86:a9:5a:a0:58:3b:22:
4c:36:5a:28:ce:f1:ea:28:d5:0f:94:2a:9e:96:91:a7:39:5d:
b1:b4:3b:61:a8:dc:4b:78:c2:bb:54:a1:dd:5f:7d:b2:89:16:
83:36:c5:fa:a1:0f:fc:a4:93:8d:09:5a:af:6f:77:45:d7:3f:
50:51:62:f3:5f:46:cb:fa:06:3a:04:36:24:8c:6e:04:3e:52:
72:07:37:46:24:01:e2:6c:f5:91:a2:15:5f:63:34:95:cc:2c:
b7:89:e3:34
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVrboYXJvjpKSJABXkSeiWlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2ZjM2YjVjNmNhN2ExNjk4ZTc0MjFhMjdlM2Q0YTZiNzY0
ODE0OGQwHhcNMjMwMTAxMDM0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmFjMDUxZmNmMmE1NGU2ODQ1YWI0MDllM2NkYjEzMjhkZDNlZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7DWfXCkzwefhBWa60mpfRMdIXpl
mOEPIvJENUEOHwhITmAScLeT9I7pCw3NbaJh5QzfOH8Yc+Acwy2l61DRzW4qpzoV
kR2a2YEM+IC5JO3RM4VhATachTzIxfDxmxVXjkh+zzJH9mhJjt20RCG1liGw2ewf
YBL6Noomw+1Db+RukvD2+r5ZavSHkKVlqtdawwu0yCsdMk4Ph8BhjUT24ojLQDFk
aIs9l9E8QgV00wHq0ng9zK9dQGF5U++A2Gp8VBWJSZ7sMEvsapEFPH7EwkeU6wgY
ZxCtCzPc1XQ1qeaodfJmPUhK+BVUZhUOKzs8s4U84Dz35LwUpHL/LnUREQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJKsBR/PKlTmhFq0CePNsTKN0+4AMB8GA1UdIwQY
MBaAFCbza1xsp6FpjnQhon49Smt2SBSNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnZOclhHeW5vV21PZENHaWZqMUthM1pJRkkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS83Y2MwZjYtNzRlZi00MjNhLWE2OTYt
NGEyYmY0YWIxOTlkLzEva3F3Rkg4OHFWT2FFV3JRSjQ4MnhNbzNUN2dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS83Y2MwZjYtNzRlZi00MjNhLWE2OTYtNGEyYmY0YWIxOTlk
LzEvSnZOclhHeW5vV21PZENHaWZqMUthM1pJRkkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGBT2AAwQC
uU78AwQGz1lAMA0EAgACMAcDBQMqAVJAMA0GCSqGSIb3DQEBCwUAA4IBAQCL+Tme
SjMiIzdQAieRSm8KbfxThFahJJr0/BViQ7/QtFZYU8TZA7HCh17eWuazEi6j0WBf
VMiHspeW4K78dNg7dtODKuouBiOwoG8T6C7SEXXdjT+8KpKguV9Ha2egrGe3dY6m
cgVoUG6wqUEtPDt6uX6PKSWC+fXJesl4yvU1b1Xbohwe8+JOsnj1e7LOVGcq9Fi0
k4LmYmeRPYapWqBYOyJMNloozvHqKNUPlCqelpGnOV2xtDthqNxLeMK7VKHdX32y
iRaDNsX6oQ/8pJONCVqvb3dF1z9QUWLzX0bL+gY6BDYkjG4EPlJyBzdGJAHibPWR
ohVfYzSVzCy3ieM0
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:03 2025 by rpki-client