Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/ac567d-46d2-4081-94ef-eedf76077f09/1/ujwoZltJSLLwkrnbE87H3ebdZTg.roa
File: ujwoZltJSLLwkrnbE87H3ebdZTg.roa (raw, json)
Hash identifier: unGNXV4rUH1OOvmq6DaguMyF7+/cBDsRV+iMm+at4IM=
Subject key identifier: BA:3C:28:66:5B:49:48:B2:F0:92:B9:DB:13:CE:C7:DD:E6:DD:65:38
Certificate issuer: /CN=da6525de4aa6d0ca1ae7bd8ee1e35bfd269649bb
Certificate serial: 018677F73D4019B6A10C5AFFECBD7B781E99
Authority key identifier: DA:65:25:DE:4A:A6:D0:CA:1A:E7:BD:8E:E1:E3:5B:FD:26:96:49:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2mUl3kqm0Moa572O4eNb_SaWSbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/ac567d-46d2-4081-94ef-eedf76077f09/1/ujwoZltJSLLwkrnbE87H3ebdZTg.roa
Signing time: Wed 22 Feb 2023 07:12:17 +0000
ROA not before: Wed 22 Feb 2023 07:12:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49273
IP address blocks: 188.113.227.0/24 maxlen: 24
188.113.230.0/24 maxlen: 24
188.113.231.0/24 maxlen: 24
188.113.228.0/24 maxlen: 24
188.113.229.0/24 maxlen: 24
188.113.233.0/24 maxlen: 24
188.113.232.0/24 maxlen: 24
188.113.234.0/24 maxlen: 24
188.113.237.0/24 maxlen: 24
188.113.238.0/24 maxlen: 24
188.113.235.0/24 maxlen: 24
188.113.236.0/24 maxlen: 24
188.113.240.0/24 maxlen: 24
188.113.239.0/24 maxlen: 24
188.113.246.0/24 maxlen: 24
188.113.241.0/24 maxlen: 24
188.113.244.0/24 maxlen: 24
188.113.245.0/24 maxlen: 24
188.113.242.0/24 maxlen: 24
188.113.243.0/24 maxlen: 24
188.113.247.0/24 maxlen: 24
188.113.248.0/24 maxlen: 24
188.113.251.0/24 maxlen: 24
188.113.252.0/24 maxlen: 24
188.113.249.0/24 maxlen: 24
188.113.250.0/24 maxlen: 24
188.113.253.0/24 maxlen: 24
188.113.254.0/24 maxlen: 24
188.113.255.0/24 maxlen: 24
188.113.192.0/24 maxlen: 24
188.113.195.0/24 maxlen: 24
188.113.196.0/24 maxlen: 24
188.113.193.0/24 maxlen: 24
188.113.194.0/24 maxlen: 24
188.113.199.0/24 maxlen: 24
188.113.197.0/24 maxlen: 24
188.113.198.0/24 maxlen: 24
188.113.202.0/24 maxlen: 24
188.113.203.0/24 maxlen: 24
188.113.200.0/24 maxlen: 24
188.113.201.0/24 maxlen: 24
188.113.206.0/24 maxlen: 24
188.113.204.0/24 maxlen: 24
188.113.205.0/24 maxlen: 24
188.113.209.0/24 maxlen: 24
188.113.210.0/24 maxlen: 24
188.113.207.0/24 maxlen: 24
188.113.208.0/24 maxlen: 24
188.113.213.0/24 maxlen: 24
188.113.211.0/24 maxlen: 24
188.113.218.0/24 maxlen: 24
188.113.219.0/24 maxlen: 24
188.113.216.0/24 maxlen: 24
188.113.217.0/24 maxlen: 24
188.113.214.0/24 maxlen: 24
188.113.215.0/24 maxlen: 24
188.113.224.0/24 maxlen: 24
188.113.221.0/24 maxlen: 24
188.113.222.0/24 maxlen: 24
188.113.226.0/24 maxlen: 24
188.113.225.0/24 maxlen: 24
185.208.177.0/24 maxlen: 24
185.208.176.0/24 maxlen: 24
185.208.178.0/24 maxlen: 24
185.208.179.0/24 maxlen: 24
2a02:f7c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:77:f7:3d:40:19:b6:a1:0c:5a:ff:ec:bd:7b:78:1e:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da6525de4aa6d0ca1ae7bd8ee1e35bfd269649bb
Validity
Not Before: Feb 22 07:12:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba3c28665b4948b2f092b9db13cec7dde6dd6538
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b3:69:7c:9a:3b:9a:b9:8c:c5:19:52:bc:07:
c4:18:f0:7e:9f:30:5f:11:ad:e4:05:ee:b8:6a:b8:
b9:2c:65:66:4f:7f:22:65:9c:2f:88:93:9a:68:91:
be:fc:df:b6:ac:a5:59:a9:69:ae:06:58:06:d2:a1:
9e:87:58:22:74:dc:e7:dd:86:0b:c0:8f:35:3a:d8:
46:a1:0b:96:2d:ed:54:ec:96:34:96:23:92:bd:c2:
38:18:f4:14:c0:60:f3:b5:5a:6e:aa:24:88:58:27:
1e:a4:95:17:11:1b:62:91:ba:47:a5:6b:99:b3:e9:
7d:25:8a:84:8d:9e:ef:d4:27:f2:45:a6:b6:72:20:
8d:21:c0:43:fe:d5:72:67:39:ff:d7:8a:a1:72:6a:
37:0d:5f:5e:a6:32:27:59:6f:a8:05:0b:02:50:e9:
0c:1a:6d:28:c8:9d:2e:97:74:b9:60:fc:5a:2f:5b:
8e:60:f0:85:4d:2e:a1:5b:0b:08:db:f3:74:43:46:
10:27:09:9e:40:0c:41:f6:4f:5b:ed:eb:0d:86:43:
37:57:83:ab:cd:85:00:da:c7:80:e5:87:65:9d:43:
75:cb:97:74:c6:74:43:3f:38:6e:39:ca:1e:7d:5f:
29:47:f7:7b:70:6c:51:7e:08:2e:e6:2a:15:fe:33:
6b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:3C:28:66:5B:49:48:B2:F0:92:B9:DB:13:CE:C7:DD:E6:DD:65:38
X509v3 Authority Key Identifier:
keyid:DA:65:25:DE:4A:A6:D0:CA:1A:E7:BD:8E:E1:E3:5B:FD:26:96:49:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2mUl3kqm0Moa572O4eNb_SaWSbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/ac567d-46d2-4081-94ef-eedf76077f09/1/ujwoZltJSLLwkrnbE87H3ebdZTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/ac567d-46d2-4081-94ef-eedf76077f09/1/2mUl3kqm0Moa572O4eNb_SaWSbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.176.0/22
188.113.192.0-188.113.211.255
188.113.213.0-188.113.219.255
188.113.221.0-188.113.222.255
188.113.224.0/19
IPv6:
2a02:f7c0::/32
Signature Algorithm: sha256WithRSAEncryption
2a:bf:37:c3:52:5e:c0:c9:fd:33:3e:80:4f:3b:97:59:79:71:
88:58:ef:9e:46:f8:89:e7:ca:74:cd:99:a7:6e:c0:35:24:92:
52:dd:c1:5e:be:76:a1:0e:4d:e0:dd:d1:b8:51:24:cb:0a:5e:
4e:bd:74:20:89:d0:90:dd:7c:d9:ce:8f:f8:8e:5a:7f:26:5c:
51:47:34:90:75:71:4a:fc:ca:e6:4c:5a:f3:ee:a0:ba:b0:40:
11:14:4b:8d:5d:06:77:b0:28:1b:08:61:42:dd:27:21:fc:61:
e4:f2:33:7f:27:f7:42:90:6b:e8:45:fe:45:91:96:95:6a:8b:
86:35:cf:c4:87:35:72:6d:e6:9e:93:f3:c5:24:f8:4c:d5:58:
82:92:64:17:53:a7:dc:ee:db:23:25:51:71:22:9d:b3:2d:f7:
21:2d:97:a8:5a:fe:cf:60:29:3f:06:2c:a4:6b:16:6f:39:f7:
70:ee:d7:c0:f2:6c:37:aa:3d:2a:b2:16:eb:a4:ff:e0:7a:f9:
7e:4f:c9:16:8c:aa:68:a9:9f:91:a2:58:f4:9b:12:83:02:b7:
7e:a3:a2:b8:ff:37:11:33:10:bd:1e:bd:7e:e1:27:e9:b8:d7:
af:89:5a:e4:a0:7b:2c:60:9c:d9:4f:02:e0:d4:fe:a8:a9:58:
e2:89:7d:53
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYZ39z1AGbahDFr/7L17eB6ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNjUyNWRlNGFhNmQwY2ExYWU3YmQ4ZWUxZTM1YmZkMjY5
NjQ5YmIwHhcNMjMwMjIyMDcxMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTNjMjg2NjViNDk0OGIyZjA5MmI5ZGIxM2NlYzdkZGU2ZGQ2NTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7NpfJo7mrmMxRlSvAfEGPB+nzBf
Ea3kBe64ari5LGVmT38iZZwviJOaaJG+/N+2rKVZqWmuBlgG0qGeh1gidNzn3YYL
wI81OthGoQuWLe1U7JY0liOSvcI4GPQUwGDztVpuqiSIWCcepJUXERtikbpHpWuZ
s+l9JYqEjZ7v1CfyRaa2ciCNIcBD/tVyZzn/14qhcmo3DV9epjInWW+oBQsCUOkM
Gm0oyJ0ul3S5YPxaL1uOYPCFTS6hWwsI2/N0Q0YQJwmeQAxB9k9b7esNhkM3V4Or
zYUA2seA5YdlnUN1y5d0xnRDPzhuOcoefV8pR/d7cGxRfggu5ioV/jNruwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFLo8KGZbSUiy8JK52xPOx93m3WU4MB8GA1UdIwQY
MBaAFNplJd5KptDKGue9juHjW/0mlkm7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm1VbDNrcW0wTW9hNTcyTzRlTmJfU2FXU2JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9hYzU2N2QtNDZkMi00MDgxLTk0ZWYt
ZWVkZjc2MDc3ZjA5LzEvdWp3b1psdEpTTEx3a3JuYkU4N0gzZWJkWlRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9hYzU2N2QtNDZkMi00MDgxLTk0ZWYtZWVkZjc2MDc3ZjA5
LzEvMm1VbDNrcW0wTW9hNTcyTzRlTmJfU2FXU2JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQCudCwMAwD
BAa8ccADBAK8cdAwDAMEALxx1QMEArxx2DAMAwQAvHHdAwQAvHHeAwQFvHHgMA0E
AgACMAcDBQAqAvfAMA0GCSqGSIb3DQEBCwUAA4IBAQAqvzfDUl7Ayf0zPoBPO5dZ
eXGIWO+eRviJ58p0zZmnbsA1JJJS3cFevnahDk3g3dG4USTLCl5OvXQgidCQ3XzZ
zo/4jlp/JlxRRzSQdXFK/MrmTFrz7qC6sEARFEuNXQZ3sCgbCGFC3Sch/GHk8jN/
J/dCkGvoRf5FkZaVaouGNc/EhzVybeaek/PFJPhM1ViCkmQXU6fc7tsjJVFxIp2z
LfchLZeoWv7PYCk/BiykaxZvOfdw7tfA8mw3qj0qshbrpP/gevl+T8kWjKpoqZ+R
olj0mxKDArd+o6K4/zcRMxC9Hr1+4SfpuNeviVrkoHssYJzZTwLg1P6oqVjiiX1T
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:17:39 2025 by rpki-client