Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/XO3rx082kbu-V2xn52pZ7X_yFIQ.roa
File: XO3rx082kbu-V2xn52pZ7X_yFIQ.roa (raw, json)
Hash identifier: J2Q/4JFmGu6OrUMtiC7GttAUVzckzT3PMRGbOJHfHO0=
Subject key identifier: 5C:ED:EB:C7:4F:36:91:BB:BE:57:6C:67:E7:6A:59:ED:7F:F2:14:84
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018B5907F696FDBF7C79AF062C98065BBC39
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/XO3rx082kbu-V2xn52pZ7X_yFIQ.roa
Signing time: Sun 22 Oct 2023 20:16:15 +0000
ROA not before: Sun 22 Oct 2023 20:16:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48159
IP address blocks: 2.188.1.0/24 maxlen: 24
2.188.0.0/24 maxlen: 24
2.188.22.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
78.39.240.0/24 maxlen: 24
78.39.149.0/24 maxlen: 24
78.39.150.0/24 maxlen: 24
78.39.151.0/24 maxlen: 24
78.39.156.0/24 maxlen: 24
78.39.153.0/24 maxlen: 24
78.39.155.0/24 maxlen: 24
80.191.56.0/24 maxlen: 24
217.218.67.0/24 maxlen: 24
2.185.18.0/24 maxlen: 24
2.185.40.0/21 maxlen: 21
2.188.64.0/21 maxlen: 21
2.188.76.0/24 maxlen: 24
2.185.0.0/20 maxlen: 20
2.185.0.0/16 maxlen: 16
78.38.243.0/24 maxlen: 24
78.38.246.0/24 maxlen: 24
78.38.251.0/24 maxlen: 24
78.38.250.0/24 maxlen: 24
78.38.248.0/24 maxlen: 24
78.38.254.0/24 maxlen: 24
78.39.0.0/16 maxlen: 24
2.177.0.0/16 maxlen: 16
2.191.0.0/16 maxlen: 16
80.191.0.0/16 maxlen: 16
217.218.0.0/16 maxlen: 24
2.181.0.0/16 maxlen: 24
78.39.43.0/24 maxlen: 24
78.39.40.0/24 maxlen: 24
78.39.51.0/24 maxlen: 24
78.39.47.0/24 maxlen: 24
78.39.50.0/24 maxlen: 24
78.39.46.0/24 maxlen: 24
78.39.49.0/24 maxlen: 24
78.39.48.0/24 maxlen: 24
78.39.55.0/24 maxlen: 24
78.39.58.0/24 maxlen: 24
78.39.54.0/24 maxlen: 24
78.39.57.0/24 maxlen: 24
78.39.53.0/24 maxlen: 24
78.39.56.0/24 maxlen: 24
78.39.59.0/24 maxlen: 24
78.39.62.0/23 maxlen: 24
217.219.236.0/22 maxlen: 22
78.38.0.0/16 maxlen: 24
78.38.160.0/19 maxlen: 19
2.176.128.0/17 maxlen: 17
2.185.164.0/24 maxlen: 24
2.185.160.0/19 maxlen: 19
2.188.179.0/24 maxlen: 24
2.185.88.0/22 maxlen: 22
217.219.0.0/16 maxlen: 24
2.188.185.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
2.188.187.0/24 maxlen: 24
2.182.0.0/16 maxlen: 24
2.189.68.0/24 maxlen: 24
2.189.72.0/24 maxlen: 24
2.189.42.0/24 maxlen: 24
2.189.43.0/24 maxlen: 24
2.189.56.0/24 maxlen: 24
2.189.58.0/24 maxlen: 24
2.182.128.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:59:07:f6:96:fd:bf:7c:79:af:06:2c:98:06:5b:bc:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Oct 22 20:16:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cedebc74f3691bbbe576c67e76a59ed7ff21484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:58:af:1d:b1:ec:97:b4:8d:d0:9f:c1:e6:2f:
af:7e:2d:32:b4:a1:d9:ce:51:07:e2:72:6b:ce:59:
be:37:4d:41:da:af:32:54:e2:6a:df:80:99:e6:94:
bf:0f:10:28:ad:e2:79:0c:16:55:6c:c6:c4:7d:1b:
ba:95:27:3d:2f:18:78:78:22:d2:44:33:c4:b7:a3:
cf:50:48:e2:d5:5e:12:b2:5d:20:07:6e:03:90:ef:
60:7e:e3:1f:82:f6:22:6e:89:ac:d9:18:4c:d0:34:
a9:4d:94:cf:54:a2:b9:50:51:6d:1f:3a:2f:d1:18:
56:f6:b6:f4:e9:44:a8:db:a7:ea:39:2e:95:60:19:
87:4b:05:8a:2e:c0:3c:11:73:00:5a:47:a3:e9:52:
3c:11:63:fe:46:8b:e3:fd:a1:01:ad:2e:cd:72:95:
65:8b:aa:41:40:08:32:56:3f:9d:e2:03:a6:60:c3:
af:6c:5c:15:af:19:c5:2e:3b:dc:bd:ca:0a:0c:81:
c4:85:32:ea:f7:1e:a5:96:52:88:a3:67:2a:a8:f1:
a5:8a:41:a7:55:f2:c6:b8:83:80:52:7c:11:49:b6:
c6:ef:84:9c:dd:e1:5f:3a:74:36:f3:64:7b:11:e2:
7f:81:c7:4d:c2:e7:55:88:78:cb:f5:a5:39:fa:f8:
59:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:ED:EB:C7:4F:36:91:BB:BE:57:6C:67:E7:6A:59:ED:7F:F2:14:84
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/XO3rx082kbu-V2xn52pZ7X_yFIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.128.0-2.177.255.255
2.181.0.0-2.182.255.255
2.185.0.0/16
2.188.0.0/23
2.188.22.0/24
2.188.28.0/24
2.188.64.0/21
2.188.76.0/24
2.188.179.0/24
2.188.184.0/23
2.188.187.0/24
2.189.42.0/23
2.189.56.0/24
2.189.58.0/24
2.189.68.0/24
2.189.72.0/24
2.191.0.0/16
78.38.0.0/15
80.191.0.0/16
217.218.0.0/15
Signature Algorithm: sha256WithRSAEncryption
84:e7:42:ec:cc:b1:6e:c6:66:71:e0:b5:e1:bb:e3:52:c9:15:
e2:6e:0a:91:33:de:f6:f9:9b:58:f9:01:eb:d2:08:47:43:c5:
03:fd:3b:18:1b:93:f2:be:fc:19:8a:fb:2a:99:c0:92:35:20:
f6:1c:91:c7:7b:07:3f:79:13:fa:fd:e8:35:67:98:b5:69:75:
e6:c2:8d:60:7f:e8:b7:b8:81:52:f9:7f:3c:6b:ee:f9:43:93:
fc:3d:cb:7d:9a:a7:a1:25:2f:65:97:57:32:5f:6a:a3:ab:3c:
63:b0:dd:7d:77:3d:1a:c6:c7:85:3b:a1:25:3a:b2:7e:74:00:
b7:e8:61:c3:14:0c:70:e2:d7:81:04:4d:43:8b:7d:b1:cf:f7:
3e:a2:8c:31:66:f4:63:82:e0:83:9c:9d:f4:d0:90:73:40:e0:
d5:10:03:bf:08:d9:6e:f8:3d:33:25:1f:65:2d:63:0b:17:1b:
23:c4:34:7f:25:d3:be:c0:d4:b0:c8:d4:d5:84:57:f1:93:d4:
04:09:81:cc:bf:7a:ab:ae:45:65:93:ff:9d:02:53:89:f4:30:
22:bc:8d:41:6d:16:0b:14:b1:07:19:45:f2:b5:8d:7d:66:3e:
8c:aa:cb:47:f2:3a:3b:ca:e2:14:b1:c7:d6:a6:cf:73:07:50:
81:33:39:82
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYtZB/aW/b98ea8GLJgGW7w5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMxMDIyMjAxNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2VkZWJjNzRmMzY5MWJiYmU1NzZjNjdlNzZhNTllZDdmZjIxNDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllivHbHsl7SN0J/B5i+vfi0ytKHZ
zlEH4nJrzlm+N01B2q8yVOJq34CZ5pS/DxAoreJ5DBZVbMbEfRu6lSc9Lxh4eCLS
RDPEt6PPUEji1V4Ssl0gB24DkO9gfuMfgvYiboms2RhM0DSpTZTPVKK5UFFtHzov
0RhW9rb06USo26fqOS6VYBmHSwWKLsA8EXMAWkej6VI8EWP+Rovj/aEBrS7NcpVl
i6pBQAgyVj+d4gOmYMOvbFwVrxnFLjvcvcoKDIHEhTLq9x6lllKIo2cqqPGlikGn
VfLGuIOAUnwRSbbG74Sc3eFfOnQ282R7EeJ/gcdNwudViHjL9aU5+vhZkQIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFFzt68dPNpG7vldsZ+dqWe1/8hSEMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvWE8zcngwODJrYnUtVjJ4bjUycFo3WF95RklRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYAwCwME
BwKwgAMDAQKwMAoDAwACtQMDAAK2AwMAArkDBAECvAADBAACvBYDBAACvBwDBAMC
vEADBAACvEwDBAACvLMDBAECvLgDBAACvLsDBAECvSoDBAACvTgDBAACvToDBAAC
vUQDBAACvUgDAwACvwMDAU4mAwMAUL8DAwHZ2jANBgkqhkiG9w0BAQsFAAOCAQEA
hOdC7MyxbsZmceC14bvjUskV4m4KkTPe9vmbWPkB69IIR0PFA/07GBuT8r78GYr7
KpnAkjUg9hyRx3sHP3kT+v3oNWeYtWl15sKNYH/ot7iBUvl/PGvu+UOT/D3LfZqn
oSUvZZdXMl9qo6s8Y7DdfXc9GsbHhTuhJTqyfnQAt+hhwxQMcOLXgQRNQ4t9sc/3
PqKMMWb0Y4Lgg5yd9NCQc0Dg1RADvwjZbvg9MyUfZS1jCxcbI8Q0fyXTvsDUsMjU
1YRX8ZPUBAmBzL96q65FZZP/nQJTifQwIryNQW0WCxSxBxlF8rWNfWY+jKrLR/I6
O8riFLHH1qbPcwdQgTM5gg==
-----END CERTIFICATE-----
Generated at Sat May 10 05:18:27 2025 by rpki-client