Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/U5_9WgpzDbcz6DJdE4hYRDStSmU.roa
File: U5_9WgpzDbcz6DJdE4hYRDStSmU.roa (raw, json)
Hash identifier: /ijykgLnkaZvPS/mk2idk6t1gLBuC+609zaNuWZT3nk=
Subject key identifier: 53:9F:FD:5A:0A:73:0D:B7:33:E8:32:5D:13:88:58:44:34:AD:4A:65
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 01881A5617F23BB8D8F7B779C574486E9451
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/U5_9WgpzDbcz6DJdE4hYRDStSmU.roa
Signing time: Sun 14 May 2023 12:57:09 +0000
ROA not before: Sun 14 May 2023 12:57:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49666
IP address blocks: 2.188.0.0/24 maxlen: 24
2.188.1.0/24 maxlen: 24
2.188.0.0/16 maxlen: 24
2.188.9.0/24 maxlen: 24
2.188.7.0/24 maxlen: 24
2.188.17.0/24 maxlen: 24
2.188.12.0/22 maxlen: 22
2.188.22.0/24 maxlen: 24
2.188.23.0/24 maxlen: 24
2.188.30.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
78.39.155.0/24 maxlen: 24
217.218.67.0/24 maxlen: 24
2.188.64.0/21 maxlen: 21
2.188.76.0/24 maxlen: 24
2.185.0.0/16 maxlen: 16
78.38.246.0/24 maxlen: 24
78.38.245.0/24 maxlen: 24
78.38.243.0/24 maxlen: 24
78.38.250.0/24 maxlen: 24
78.38.253.0/24 maxlen: 24
78.38.248.0/24 maxlen: 24
78.38.251.0/24 maxlen: 24
78.38.254.0/24 maxlen: 24
78.39.0.0/16 maxlen: 24
2.177.0.0/16 maxlen: 16
80.191.0.0/16 maxlen: 24
217.218.0.0/16 maxlen: 24
78.39.40.0/24 maxlen: 24
78.39.43.0/24 maxlen: 24
78.39.46.0/24 maxlen: 24
78.39.49.0/24 maxlen: 24
78.39.48.0/24 maxlen: 24
78.39.47.0/24 maxlen: 24
2.176.0.0/17 maxlen: 17
78.38.0.0/16 maxlen: 24
2.176.128.0/17 maxlen: 17
195.146.63.0/24 maxlen: 24
2.189.3.0/24 maxlen: 24
2.189.1.0/24 maxlen: 24
2.189.0.0/16 maxlen: 24
2.188.179.0/24 maxlen: 24
2.188.186.0/24 maxlen: 24
2.188.181.0/24 maxlen: 24
2.188.185.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
217.219.0.0/16 maxlen: 24
2.188.187.0/24 maxlen: 24
2.189.72.0/24 maxlen: 24
2.189.44.0/24 maxlen: 24
2.189.63.0/24 maxlen: 24
2001:4188:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1a:56:17:f2:3b:b8:d8:f7:b7:79:c5:74:48:6e:94:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: May 14 12:57:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=539ffd5a0a730db733e8325d1388584434ad4a65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a4:f7:26:b4:68:94:52:df:85:00:8d:0b:c4:
d4:60:ec:30:14:f1:1f:69:47:68:6a:d2:78:82:e8:
e2:cb:77:bd:21:e5:62:67:f4:8f:17:a1:66:b5:42:
46:50:76:ea:92:cb:b4:fb:95:44:73:5e:dd:73:85:
1f:67:44:b5:e9:4e:8d:1c:8d:d7:29:b1:d7:86:07:
3c:fd:d8:db:5a:7e:b8:d7:9d:52:c9:8d:55:98:d7:
6a:ab:c0:11:6a:af:dc:56:ce:19:5d:1b:14:40:14:
59:8d:c9:a9:cf:4c:a4:6d:a0:5e:7b:02:f1:17:60:
3c:d6:f6:43:bf:9f:98:3c:ca:eb:66:76:06:ce:8d:
bf:17:5d:d1:76:13:88:bf:b9:b8:7d:85:e1:6c:d5:
6e:3f:71:17:bb:6b:a9:91:a7:83:b0:3e:6d:af:3c:
0e:60:ff:74:f3:4e:85:43:f5:61:21:54:27:84:e3:
9e:29:ea:89:99:f9:e6:03:8e:ee:71:98:88:8d:36:
ff:f3:e4:5b:59:02:b8:81:ea:27:a4:41:54:6a:89:
35:dd:96:a7:da:45:00:4f:d5:11:00:44:ba:67:ed:
e1:13:97:c9:a6:a0:88:69:0b:dd:c6:ba:d4:bf:9e:
af:80:5e:a7:38:db:08:55:bc:0f:6e:13:3c:2c:f6:
25:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:9F:FD:5A:0A:73:0D:B7:33:E8:32:5D:13:88:58:44:34:AD:4A:65
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/U5_9WgpzDbcz6DJdE4hYRDStSmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.0.0/15
2.185.0.0/16
2.188.0.0/15
78.38.0.0/15
80.191.0.0/16
195.146.63.0/24
217.218.0.0/15
IPv6:
2001:4188:2::/48
Signature Algorithm: sha256WithRSAEncryption
a2:0f:47:2c:a6:c5:5b:e1:8a:be:08:9e:f0:36:5b:93:ae:97:
40:df:5b:4c:ba:80:3a:0b:8e:f8:e8:19:10:53:52:53:46:ce:
03:bd:92:57:db:a4:32:ec:b3:87:9e:d4:be:5b:1e:57:5e:21:
0a:3c:c2:f3:99:f7:bc:fd:85:13:07:dc:62:3f:ed:33:cc:7b:
51:da:6b:54:ce:66:bc:60:81:53:46:f1:ae:41:f7:3b:e5:fc:
1a:a4:91:20:ad:3f:8c:02:22:01:0a:20:70:34:af:65:f7:33:
90:f9:bf:d2:a7:1f:c6:07:d8:7c:01:e8:9c:0b:32:90:b3:57:
43:f4:34:2f:cb:1a:32:60:1d:b5:29:88:2a:e4:21:ba:4f:5c:
2f:af:4e:4f:65:f1:d0:c2:cc:da:c6:20:32:e9:cc:b9:b7:50:
80:f2:32:10:e4:ed:b6:2a:fd:36:a2:14:f9:1b:57:89:52:26:
0a:43:bf:03:cc:2b:46:05:03:45:27:e7:41:3e:b3:11:df:fe:
f5:cd:e1:62:8b:3f:13:d3:e3:8b:0b:d3:3d:b8:ca:d5:23:5f:
06:71:e5:09:a2:9c:96:f0:85:8c:2b:99:88:73:28:4e:19:92:
43:35:2c:85:73:d1:93:47:d8:a2:08:49:17:46:d6:c8:c4:43:
f4:60:ea:58
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYgaVhfyO7jY97d5xXRIbpRRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNTE0MTI1NzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzlmZmQ1YTBhNzMwZGI3MzNlODMyNWQxMzg4NTg0NDM0YWQ0YTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKT3JrRolFLfhQCNC8TUYOwwFPEf
aUdoatJ4gujiy3e9IeViZ/SPF6FmtUJGUHbqksu0+5VEc17dc4UfZ0S16U6NHI3X
KbHXhgc8/djbWn64151SyY1VmNdqq8ARaq/cVs4ZXRsUQBRZjcmpz0ykbaBeewLx
F2A81vZDv5+YPMrrZnYGzo2/F13RdhOIv7m4fYXhbNVuP3EXu2upkaeDsD5trzwO
YP90806FQ/VhIVQnhOOeKeqJmfnmA47ucZiIjTb/8+RbWQK4geonpEFUaok13Zan
2kUAT9URAES6Z+3hE5fJpqCIaQvdxrrUv56vgF6nONsIVbwPbhM8LPYlMwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFFOf/VoKcw23M+gyXROIWEQ0rUplMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvVTVfOVdncHpEYmN6NkRKZEU0aFlSRFN0U21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwMBArADAwAC
uQMDAQK8AwMBTiYDAwBQvwMEAMOSPwMDAdnaMA8EAgACMAkDBwAgAUGIAAIwDQYJ
KoZIhvcNAQELBQADggEBAKIPRyymxVvhir4InvA2W5Oul0DfW0y6gDoLjvjoGRBT
UlNGzgO9klfbpDLss4ee1L5bHldeIQo8wvOZ97z9hRMH3GI/7TPMe1Haa1TOZrxg
gVNG8a5B9zvl/BqkkSCtP4wCIgEKIHA0r2X3M5D5v9KnH8YH2HwB6JwLMpCzV0P0
NC/LGjJgHbUpiCrkIbpPXC+vTk9l8dDCzNrGIDLpzLm3UIDyMhDk7bYq/TaiFPkb
V4lSJgpDvwPMK0YFA0Un50E+sxHf/vXN4WKLPxPT44sL0z24ytUjXwZx5QminJbw
hYwrmYhzKE4ZkkM1LIVz0ZNH2KIISRdG1sjEQ/Rg6lg=
-----END CERTIFICATE-----
Generated at Sun May 11 13:47:03 2025 by rpki-client