Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/6Fc2HHMBcI6n3p48Oe5da7x88yA.roa
File: 6Fc2HHMBcI6n3p48Oe5da7x88yA.roa (raw, json)
Hash identifier: glLA9Pt4ouSiQ2IXpN6NyumbCy1qoR84g38wuq6NuiQ=
Subject key identifier: E8:57:36:1C:73:01:70:8E:A7:DE:9E:3C:39:EE:5D:6B:BC:7C:F3:20
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018785B6C8DBD49C1539A5A1ED0CCDDEB4F7
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/6Fc2HHMBcI6n3p48Oe5da7x88yA.roa
Signing time: Sat 15 Apr 2023 16:19:21 +0000
ROA not before: Sat 15 Apr 2023 16:19:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 2.188.225.0/24 maxlen: 24
2.188.224.0/20 maxlen: 20
2.188.232.0/23 maxlen: 23
2.188.234.0/24 maxlen: 24
2.188.236.0/23 maxlen: 23
2.188.240.0/20 maxlen: 20
2.188.164.0/22 maxlen: 22
2.188.160.0/22 maxlen: 22
2.188.165.0/24 maxlen: 24
2.188.161.0/24 maxlen: 24
2.188.192.0/19 maxlen: 19
2.188.212.0/23 maxlen: 23
2.188.60.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:85:b6:c8:db:d4:9c:15:39:a5:a1:ed:0c:cd:de:b4:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Apr 15 16:19:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e857361c7301708ea7de9e3c39ee5d6bbc7cf320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:4d:d6:ae:04:16:8d:38:28:c9:16:03:b6:ad:
4f:e1:07:88:9d:64:40:3e:71:ee:b0:da:73:90:fd:
e9:04:12:0a:a1:25:67:9d:d7:d8:67:7c:9d:3f:08:
21:3a:0b:92:91:5b:9d:31:16:13:0c:7c:0d:c8:a9:
b4:c2:aa:06:9d:07:db:ca:df:58:7e:71:3b:32:20:
1e:89:f5:59:9f:ae:c1:cb:7d:21:99:67:dd:e0:0d:
88:0c:84:2b:01:81:8b:b0:74:13:ec:9e:56:33:38:
21:f2:24:77:2c:50:cb:9a:a3:48:b8:d3:88:09:78:
07:de:e7:24:39:37:a0:26:35:dc:03:25:89:69:fb:
6e:5e:cb:d1:fe:21:eb:10:1d:d3:df:87:c6:93:a1:
96:76:13:92:6e:65:eb:a0:e4:18:53:14:5b:da:f8:
c8:6e:72:06:b6:62:3d:9b:01:2a:7c:9d:29:05:62:
68:a2:21:05:83:22:e5:22:67:35:03:48:7d:61:85:
ca:b0:ca:3d:02:98:b6:d4:df:3a:db:d5:7a:65:54:
12:a2:5e:ba:86:64:34:2b:62:15:dc:51:f6:4d:07:
51:4c:f7:ae:3a:02:4c:9d:ac:85:15:3c:b6:98:7e:
7b:f6:5a:c5:d3:b4:78:81:e9:8e:97:c2:16:36:48:
68:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:57:36:1C:73:01:70:8E:A7:DE:9E:3C:39:EE:5D:6B:BC:7C:F3:20
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/6Fc2HHMBcI6n3p48Oe5da7x88yA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.60.0/22
2.188.160.0/21
2.188.192.0/18
Signature Algorithm: sha256WithRSAEncryption
96:52:87:53:a0:b9:17:79:d3:08:30:d2:c7:2e:0e:07:dc:97:
f7:b9:67:9c:d1:02:5a:69:92:e6:ea:16:90:40:c1:ae:70:e6:
43:d2:cb:3a:0b:9d:7a:24:b2:ba:17:0e:64:e7:ec:e6:e0:c4:
7a:d7:c7:be:59:9e:22:9a:4d:f6:da:44:c0:05:ff:6b:aa:d4:
d7:55:64:49:bd:57:77:c1:ec:d4:e2:fc:14:d9:b0:79:c0:2a:
2b:60:ab:e8:bd:d9:5a:b0:48:71:6f:9f:29:76:f3:2b:76:96:
99:f8:35:bb:44:96:eb:48:80:99:1e:c5:c2:6f:7b:39:d3:49:
27:66:ee:bc:ba:b9:bf:e1:82:80:5e:55:03:57:11:18:5e:13:
e3:f7:7f:3b:81:6e:81:5a:b1:dd:60:ba:fa:e1:40:ff:5e:5d:
15:08:ee:74:f0:2d:a1:7c:8c:cb:c3:a1:50:6e:ef:82:b3:d2:
cd:da:c5:21:2b:0f:bc:29:f6:95:07:37:e2:07:23:ef:b9:39:
01:57:9d:93:89:be:76:46:26:a2:5d:d6:10:e0:60:9f:3f:c2:
66:42:fb:92:e6:22:10:19:74:f3:8a:ce:eb:68:5b:d4:72:12:
8c:77:76:1e:f4:2b:6e:e7:0d:c3:91:c8:f4:cd:30:b3:fb:fb:
da:3c:4c:a7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYeFtsjb1JwVOaWh7QzN3rT3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNDE1MTYxOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODU3MzYxYzczMDE3MDhlYTdkZTllM2MzOWVlNWQ2YmJjN2NmMzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyU3WrgQWjTgoyRYDtq1P4QeInWRA
PnHusNpzkP3pBBIKoSVnndfYZ3ydPwghOguSkVudMRYTDHwNyKm0wqoGnQfbyt9Y
fnE7MiAeifVZn67By30hmWfd4A2IDIQrAYGLsHQT7J5WMzgh8iR3LFDLmqNIuNOI
CXgH3uckOTegJjXcAyWJaftuXsvR/iHrEB3T34fGk6GWdhOSbmXroOQYUxRb2vjI
bnIGtmI9mwEqfJ0pBWJooiEFgyLlImc1A0h9YYXKsMo9Api21N8629V6ZVQSol66
hmQ0K2IV3FH2TQdRTPeuOgJMnayFFTy2mH579lrF07R4gemOl8IWNkhoPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOhXNhxzAXCOp96ePDnuXWu8fPMgMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvNkZjMkhITUJjSTZuM3A0OE9lNWRhN3g4OHlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCArw8AwQD
ArygAwQGArzAMA0GCSqGSIb3DQEBCwUAA4IBAQCWUodToLkXedMIMNLHLg4H3Jf3
uWec0QJaaZLm6haQQMGucOZD0ss6C516JLK6Fw5k5+zm4MR618e+WZ4imk322kTA
Bf9rqtTXVWRJvVd3wezU4vwU2bB5wCorYKvovdlasEhxb58pdvMrdpaZ+DW7RJbr
SICZHsXCb3s500knZu68urm/4YKAXlUDVxEYXhPj9387gW6BWrHdYLr64UD/Xl0V
CO508C2hfIzLw6FQbu+Cs9LN2sUhKw+8KfaVBzfiByPvuTkBV52Tib52RiaiXdYQ
4GCfP8JmQvuS5iIQGXTzis7raFvUchKMd3Ye9Ctu5w3Dkcj0zTCz+/vaPEyn
-----END CERTIFICATE-----
Generated at Thu May 1 17:09:44 2025 by rpki-client