Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/JSLbIEJQ-NmDDvIV6fpVnIO-kew.roa
File: JSLbIEJQ-NmDDvIV6fpVnIO-kew.roa (raw, json)
Hash identifier: GedKFu7UIAtl3eXzKwnVzZ1NQ9S8cfmFmArID3jG524=
Subject key identifier: 25:22:DB:20:42:50:F8:D9:83:0E:F2:15:E9:FA:55:9C:83:BE:91:EC
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 01881A64BCAE4AA1213A969C71F7CC089C93
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/JSLbIEJQ-NmDDvIV6fpVnIO-kew.roa
Signing time: Sun 14 May 2023 13:13:09 +0000
ROA not before: Sun 14 May 2023 13:13:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49666
IP address blocks: 2.188.0.0/24 maxlen: 24
2.188.1.0/24 maxlen: 24
2.188.0.0/16 maxlen: 24
2.188.9.0/24 maxlen: 24
2.188.7.0/24 maxlen: 24
2.188.17.0/24 maxlen: 24
2.188.12.0/22 maxlen: 22
2.188.22.0/24 maxlen: 24
2.188.23.0/24 maxlen: 24
2.188.30.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
78.39.155.0/24 maxlen: 24
217.218.67.0/24 maxlen: 24
2.188.64.0/21 maxlen: 21
2.188.76.0/24 maxlen: 24
2.185.0.0/16 maxlen: 16
78.38.246.0/24 maxlen: 24
78.38.245.0/24 maxlen: 24
78.38.243.0/24 maxlen: 24
78.38.250.0/24 maxlen: 24
78.38.253.0/24 maxlen: 24
78.38.248.0/24 maxlen: 24
78.38.251.0/24 maxlen: 24
78.38.254.0/24 maxlen: 24
78.39.0.0/16 maxlen: 24
2.177.0.0/16 maxlen: 16
80.191.0.0/16 maxlen: 24
217.218.0.0/16 maxlen: 24
78.39.40.0/24 maxlen: 24
78.39.43.0/24 maxlen: 24
78.39.50.0/24 maxlen: 24
78.39.46.0/24 maxlen: 24
78.39.49.0/24 maxlen: 24
78.39.48.0/24 maxlen: 24
78.39.47.0/24 maxlen: 24
78.39.51.0/24 maxlen: 24
78.39.54.0/24 maxlen: 24
78.39.58.0/24 maxlen: 24
78.39.53.0/24 maxlen: 24
78.39.57.0/24 maxlen: 24
78.39.56.0/24 maxlen: 24
78.39.55.0/24 maxlen: 24
78.39.59.0/24 maxlen: 24
2.176.0.0/17 maxlen: 17
78.38.0.0/16 maxlen: 24
2.176.128.0/17 maxlen: 17
195.146.63.0/24 maxlen: 24
2.189.3.0/24 maxlen: 24
2.189.1.0/24 maxlen: 24
2.189.0.0/16 maxlen: 24
2.188.179.0/24 maxlen: 24
2.188.186.0/24 maxlen: 24
2.188.181.0/24 maxlen: 24
2.188.185.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
217.219.0.0/16 maxlen: 24
2.188.187.0/24 maxlen: 24
2.189.72.0/24 maxlen: 24
2.189.44.0/24 maxlen: 24
2.189.63.0/24 maxlen: 24
2001:4188:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1a:64:bc:ae:4a:a1:21:3a:96:9c:71:f7:cc:08:9c:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: May 14 13:13:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2522db204250f8d9830ef215e9fa559c83be91ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:84:ec:5f:e1:95:ca:41:6e:0b:8c:f5:33:d5:
4d:05:b1:85:17:3a:ad:3a:fe:3c:b7:c8:b0:94:30:
80:3d:99:18:69:b4:83:d6:9c:0d:27:19:71:ba:cd:
02:b6:f9:be:cb:74:7e:ce:88:51:f5:aa:ee:3c:c8:
c9:5a:75:d1:43:2d:3e:ec:c3:a6:27:e6:95:c8:16:
6c:ee:90:f7:c0:a6:f0:25:82:55:b4:34:45:98:4c:
6a:dc:f8:42:2e:b3:fc:dc:77:8c:79:c6:18:c8:24:
e7:ca:14:bb:08:01:e6:41:7a:7d:d9:34:57:f2:54:
f2:47:0d:10:0d:2e:75:cf:bc:f4:06:3a:c9:69:2e:
97:93:a0:b3:27:05:79:8f:6a:db:38:ed:1d:e6:30:
fb:a8:ef:50:80:d3:c3:58:5c:5e:87:9d:34:d2:63:
70:df:f0:41:24:60:2b:ee:62:af:62:c6:12:14:a3:
47:1c:0e:37:62:3a:ff:a2:a7:56:2d:32:ec:79:5e:
1c:4b:23:f9:05:03:f1:3d:87:10:4e:93:7f:df:72:
47:5b:61:14:01:8a:86:b5:68:06:cf:ef:17:4b:53:
db:6d:76:9a:24:28:31:3e:50:d6:66:50:b2:18:3b:
e8:a4:7d:3f:b0:3b:7a:70:03:6d:af:34:c2:80:ef:
c3:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:22:DB:20:42:50:F8:D9:83:0E:F2:15:E9:FA:55:9C:83:BE:91:EC
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/JSLbIEJQ-NmDDvIV6fpVnIO-kew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.0.0/15
2.185.0.0/16
2.188.0.0/15
78.38.0.0/15
80.191.0.0/16
195.146.63.0/24
217.218.0.0/15
IPv6:
2001:4188:2::/48
Signature Algorithm: sha256WithRSAEncryption
8f:26:2d:2b:75:e1:c4:da:f5:99:ed:da:2e:7c:d2:4d:13:87:
b4:69:b9:cc:71:1f:3d:48:76:14:1b:b8:df:e7:9f:b6:5f:df:
c0:fa:4c:95:a2:de:73:4b:0a:2d:10:9c:fd:29:d0:41:b7:ef:
4c:79:48:f7:80:f7:19:30:d9:b4:e6:e4:cf:8b:12:55:17:aa:
c6:54:af:c3:4c:6d:77:19:1c:6c:42:a0:9b:3d:3b:63:12:9a:
3f:29:cb:72:ce:4c:75:44:42:1c:93:69:4e:6e:38:1b:2d:56:
2b:b2:9e:f5:12:7c:d3:4a:33:4b:5b:f9:49:79:2a:62:05:52:
6b:28:b9:5f:ee:99:5c:24:83:62:65:8a:36:c6:26:cb:f8:e9:
f9:38:67:80:9f:9f:99:92:05:bb:f2:67:e6:73:63:05:69:c3:
a5:de:c3:82:9f:c8:d6:1c:c9:f3:4b:a5:15:19:12:f6:b3:c5:
3d:d4:26:39:ad:49:bf:30:50:9f:af:50:85:79:29:94:0f:46:
52:aa:b7:4c:6a:a3:93:8f:ae:93:c1:1f:0d:6d:90:06:2c:86:
23:3d:f2:b6:e2:0c:cb:90:4e:58:09:b6:5a:4a:d3:7b:54:a9:
10:61:b1:37:ad:61:37:38:18:43:22:62:65:99:bf:09:c8:75:
3d:85:ef:7a
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYgaZLyuSqEhOpaccffMCJyTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNTE0MTMxMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTIyZGIyMDQyNTBmOGQ5ODMwZWYyMTVlOWZhNTU5YzgzYmU5MWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuITsX+GVykFuC4z1M9VNBbGFFzqt
Ov48t8iwlDCAPZkYabSD1pwNJxlxus0Ctvm+y3R+zohR9aruPMjJWnXRQy0+7MOm
J+aVyBZs7pD3wKbwJYJVtDRFmExq3PhCLrP83HeMecYYyCTnyhS7CAHmQXp92TRX
8lTyRw0QDS51z7z0BjrJaS6Xk6CzJwV5j2rbOO0d5jD7qO9QgNPDWFxeh5000mNw
3/BBJGAr7mKvYsYSFKNHHA43Yjr/oqdWLTLseV4cSyP5BQPxPYcQTpN/33JHW2EU
AYqGtWgGz+8XS1PbbXaaJCgxPlDWZlCyGDvopH0/sDt6cANtrzTCgO/DhwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFCUi2yBCUPjZgw7yFen6VZyDvpHsMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvSlNMYklFSlEtTm1ERHZJVjZmcFZuSU8ta2V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwMBArADAwAC
uQMDAQK8AwMBTiYDAwBQvwMEAMOSPwMDAdnaMA8EAgACMAkDBwAgAUGIAAIwDQYJ
KoZIhvcNAQELBQADggEBAI8mLSt14cTa9Znt2i580k0Th7RpucxxHz1IdhQbuN/n
n7Zf38D6TJWi3nNLCi0QnP0p0EG370x5SPeA9xkw2bTm5M+LElUXqsZUr8NMbXcZ
HGxCoJs9O2MSmj8py3LOTHVEQhyTaU5uOBstViuynvUSfNNKM0tb+Ul5KmIFUmso
uV/umVwkg2JlijbGJsv46fk4Z4Cfn5mSBbvyZ+ZzYwVpw6Xew4KfyNYcyfNLpRUZ
EvazxT3UJjmtSb8wUJ+vUIV5KZQPRlKqt0xqo5OPrpPBHw1tkAYshiM98rbiDMuQ
TlgJtlpK03tUqRBhsTetYTc4GEMiYmWZvwnIdT2F73o=
-----END CERTIFICATE-----
Generated at Sun Jun 15 13:03:57 2025 by rpki-client