Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/e9e087-e768-44d8-9ec8-88e4466915f8/1/7FKJbj1p1k61IWf5yNtWLT-eZlQ.roa
File: 7FKJbj1p1k61IWf5yNtWLT-eZlQ.roa (raw, json)
Hash identifier: pXi6gQ6MV0XmdxVnOQmnZIewyk4+y/XtHFKyTzdcEQE=
Subject key identifier: EC:52:89:6E:3D:69:D6:4E:B5:21:67:F9:C8:DB:56:2D:3F:9E:66:54
Certificate issuer: /CN=595b243a7233e571c3c173eb8249111906326019
Certificate serial: 01872B49CC890B74E63013FCC1254CCDF679
Authority key identifier: 59:5B:24:3A:72:33:E5:71:C3:C1:73:EB:82:49:11:19:06:32:60:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WVskOnIz5XHDwXPrgkkRGQYyYBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/e9e087-e768-44d8-9ec8-88e4466915f8/1/7FKJbj1p1k61IWf5yNtWLT-eZlQ.roa
Signing time: Wed 29 Mar 2023 02:54:29 +0000
ROA not before: Wed 29 Mar 2023 02:54:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39824
IP address blocks: 79.134.37.0/24 maxlen: 24
79.134.32.0/22 maxlen: 24
79.134.38.0/23 maxlen: 24
79.134.42.0/23 maxlen: 24
79.134.41.0/24 maxlen: 24
79.134.40.0/24 maxlen: 24
46.36.132.0/22 maxlen: 24
46.36.130.0/23 maxlen: 24
46.36.128.0/23 maxlen: 24
46.36.144.0/23 maxlen: 24
46.36.146.0/23 maxlen: 24
46.36.148.0/22 maxlen: 24
46.36.159.0/24 maxlen: 24
46.36.158.0/24 maxlen: 24
46.36.156.0/23 maxlen: 24
185.103.168.0/23 maxlen: 24
81.88.144.0/21 maxlen: 24
185.103.184.0/23 maxlen: 24
185.103.186.0/23 maxlen: 24
81.88.152.0/22 maxlen: 24
212.45.82.0/23 maxlen: 24
212.45.80.0/23 maxlen: 24
212.45.85.0/24 maxlen: 24
212.45.84.0/24 maxlen: 24
212.45.88.0/22 maxlen: 24
212.45.86.0/23 maxlen: 24
212.45.94.0/23 maxlen: 24
62.84.36.0/22 maxlen: 24
62.84.40.0/23 maxlen: 24
62.84.44.0/23 maxlen: 24
62.84.48.0/20 maxlen: 24
185.102.119.0/24 maxlen: 24
80.249.142.0/23 maxlen: 24
109.239.44.0/22 maxlen: 24
185.98.88.0/22 maxlen: 24
213.232.218.0/23 maxlen: 24
213.232.220.0/22 maxlen: 24
213.232.224.0/24 maxlen: 24
185.106.156.0/23 maxlen: 24
213.232.246.0/23 maxlen: 24
213.232.242.0/23 maxlen: 24
185.98.76.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2b:49:cc:89:0b:74:e6:30:13:fc:c1:25:4c:cd:f6:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=595b243a7233e571c3c173eb8249111906326019
Validity
Not Before: Mar 29 02:54:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec52896e3d69d64eb52167f9c8db562d3f9e6654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0b:60:7f:ed:ab:e0:db:e8:d2:3e:03:cf:4a:
75:d3:c3:4a:4e:b0:00:b1:f2:3f:32:e3:78:1d:ba:
46:71:1c:b8:ea:6e:fc:de:87:b3:5d:e3:68:99:c1:
ae:cd:64:8c:3b:16:ed:4d:27:a2:04:6c:a4:82:d6:
c1:23:61:a4:1f:b8:4d:00:1e:41:48:90:d6:4d:73:
4e:bd:19:7b:0f:cb:0f:ec:5f:42:38:d0:30:f0:cb:
52:5a:89:97:75:8c:27:a0:b9:5c:84:a3:04:af:1b:
65:e1:e9:37:78:98:ab:ad:21:e8:ba:9a:bd:68:de:
0e:31:1d:d3:8c:d2:cb:99:30:87:33:4f:d1:37:c8:
18:73:ef:f1:8f:14:8b:49:e6:19:45:d3:a1:7a:30:
c6:66:21:0a:9b:90:ac:db:3f:47:15:68:10:d2:c9:
86:10:73:22:85:9c:d1:d2:4d:60:1e:93:00:66:2a:
de:68:55:1c:25:42:0b:ae:1f:d1:46:f0:54:39:c7:
cf:25:e0:85:19:bc:dd:28:4c:ea:00:76:46:b8:b0:
99:8a:ec:a8:f0:6e:bd:0a:4b:aa:ee:83:ee:ca:2e:
93:52:d6:30:2d:00:fa:f1:65:fe:96:c3:c4:19:b2:
25:24:66:2e:57:7a:7a:54:4d:12:10:1d:d6:4d:a6:
70:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:52:89:6E:3D:69:D6:4E:B5:21:67:F9:C8:DB:56:2D:3F:9E:66:54
X509v3 Authority Key Identifier:
keyid:59:5B:24:3A:72:33:E5:71:C3:C1:73:EB:82:49:11:19:06:32:60:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WVskOnIz5XHDwXPrgkkRGQYyYBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/e9e087-e768-44d8-9ec8-88e4466915f8/1/7FKJbj1p1k61IWf5yNtWLT-eZlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/e9e087-e768-44d8-9ec8-88e4466915f8/1/WVskOnIz5XHDwXPrgkkRGQYyYBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.128.0/21
46.36.144.0/21
46.36.156.0/22
62.84.36.0-62.84.41.255
62.84.44.0/23
62.84.48.0/20
79.134.32.0/22
79.134.37.0-79.134.43.255
80.249.142.0/23
81.88.144.0-81.88.155.255
109.239.44.0/22
185.98.76.0/22
185.98.88.0/22
185.102.119.0/24
185.103.168.0/23
185.103.184.0/22
185.106.156.0/23
212.45.80.0-212.45.91.255
212.45.94.0/23
213.232.218.0-213.232.224.255
213.232.242.0/23
213.232.246.0/23
Signature Algorithm: sha256WithRSAEncryption
95:f4:f4:20:70:6e:5b:92:9a:32:b1:87:0f:4e:05:5e:3e:48:
fc:69:bd:8f:87:64:f4:3c:1e:11:ce:37:d0:90:bf:ff:50:86:
f7:26:09:16:ab:21:cc:59:c5:ce:d8:de:7f:70:85:ca:c0:82:
92:b6:e8:e9:fe:63:f2:b8:36:f3:33:f5:75:5c:12:2a:32:44:
58:33:96:0b:7d:17:a8:d3:39:f1:dd:79:a3:3c:a6:59:0f:65:
86:fe:2a:9d:d3:17:3f:48:ef:dd:01:80:de:6c:a2:71:1f:fa:
b1:e0:2e:62:19:74:25:ff:3c:a7:5c:08:a5:b9:49:a8:5e:d1:
ea:2e:73:70:92:9d:33:bf:d2:1d:5f:93:f5:83:c0:8a:3d:15:
9d:29:ac:7c:78:14:70:5a:6c:8c:1f:9c:13:31:5b:a9:d1:d6:
77:57:13:c5:59:a2:c1:99:82:05:30:12:3e:02:a0:6f:96:d3:
6c:84:33:23:27:6b:0c:6e:f8:ff:97:f0:d2:24:60:d3:fe:87:
40:96:20:c2:d3:f2:a0:7c:66:1d:f2:f4:f7:4f:64:c8:22:31:
01:1d:99:cd:4a:d8:91:94:99:96:b5:bb:36:39:10:05:2d:e1:
77:8d:42:c9:9e:a3:02:95:f7:84:95:f7:ff:d1:b1:80:40:3a:
77:ff:c7:18
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYcrScyJC3TmMBP8wSVMzfZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NWIyNDNhNzIzM2U1NzFjM2MxNzNlYjgyNDkxMTE5MDYz
MjYwMTkwHhcNMjMwMzI5MDI1NDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzUyODk2ZTNkNjlkNjRlYjUyMTY3ZjljOGRiNTYyZDNmOWU2NjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAtgf+2r4Nvo0j4Dz0p108NKTrAA
sfI/MuN4HbpGcRy46m783oezXeNomcGuzWSMOxbtTSeiBGykgtbBI2GkH7hNAB5B
SJDWTXNOvRl7D8sP7F9CONAw8MtSWomXdYwnoLlchKMErxtl4ek3eJirrSHoupq9
aN4OMR3TjNLLmTCHM0/RN8gYc+/xjxSLSeYZRdOhejDGZiEKm5Cs2z9HFWgQ0smG
EHMihZzR0k1gHpMAZireaFUcJUILrh/RRvBUOcfPJeCFGbzdKEzqAHZGuLCZiuyo
8G69Ckuq7oPuyi6TUtYwLQD68WX+lsPEGbIlJGYuV3p6VE0SEB3WTaZwfQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFOxSiW49adZOtSFn+cjbVi0/nmZUMB8GA1UdIwQY
MBaAFFlbJDpyM+Vxw8Fz64JJERkGMmAZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1Zza09uSXo1WEhEd1hQcmdra1JHUVl5WUJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9lOWUwODctZTc2OC00NGQ4LTllYzgt
ODhlNDQ2NjkxNWY4LzEvN0ZLSmJqMXAxazYxSVdmNXlOdFdMVC1lWmxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9lOWUwODctZTc2OC00NGQ4LTllYzgtODhlNDQ2NjkxNWY4
LzEvV1Zza09uSXo1WEhEd1hQcmdra1JHUVl5WUJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAMu
JIADBAMuJJADBAIuJJwwDAMEAj5UJAMEAT5UKAMEAT5ULAMEBD5UMAMEAk+GIDAM
AwQAT4YlAwQCT4YoAwQBUPmOMAwDBARRWJADBAJRWJgDBAJt7ywDBAK5YkwDBAK5
YlgDBAC5ZncDBAG5Z6gDBAK5Z7gDBAG5apwwDAMEBNQtUAMEAtQtWAMEAdQtXjAM
AwQB1ejaAwQA1ejgAwQB1ejyAwQB1ej2MA0GCSqGSIb3DQEBCwUAA4IBAQCV9PQg
cG5bkpoysYcPTgVePkj8ab2Ph2T0PB4RzjfQkL//UIb3JgkWqyHMWcXO2N5/cIXK
wIKStujp/mPyuDbzM/V1XBIqMkRYM5YLfReo0znx3XmjPKZZD2WG/iqd0xc/SO/d
AYDebKJxH/qx4C5iGXQl/zynXAiluUmoXtHqLnNwkp0zv9IdX5P1g8CKPRWdKax8
eBRwWmyMH5wTMVup0dZ3VxPFWaLBmYIFMBI+AqBvltNshDMjJ2sMbvj/l/DSJGDT
/odAliDC0/KgfGYd8vT3T2TIIjEBHZnNStiRlJmWtbs2ORAFLeF3jULJnqMClfeE
lff/0bGAQDp3/8cY
-----END CERTIFICATE-----
Generated at Sat May 3 08:33:02 2025 by rpki-client