Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/NLzB549EruIfoKHPuoWlKIRtVqo.roa
File: NLzB549EruIfoKHPuoWlKIRtVqo.roa (raw, json)
Hash identifier: 7OCEtBPqHbA/ZXG/I5LMIiE1HkDbqwyLvCL7JFwHFL0=
Subject key identifier: 34:BC:C1:E7:8F:44:AE:E2:1F:A0:A1:CF:BA:85:A5:28:84:6D:56:AA
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 01881A4B19B89AFAA730E7ACE7E85913B676
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/NLzB549EruIfoKHPuoWlKIRtVqo.roa
Signing time: Sun 14 May 2023 12:45:09 +0000
ROA not before: Sun 14 May 2023 12:45:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48159
IP address blocks: 2.188.1.0/24 maxlen: 24
2.188.0.0/24 maxlen: 24
2.188.22.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
78.39.240.0/24 maxlen: 24
78.39.149.0/24 maxlen: 24
78.39.150.0/24 maxlen: 24
78.39.151.0/24 maxlen: 24
80.191.56.0/24 maxlen: 24
217.219.236.0/22 maxlen: 22
78.38.0.0/16 maxlen: 24
217.218.67.0/24 maxlen: 24
2.185.18.0/24 maxlen: 24
2.185.40.0/21 maxlen: 21
78.38.160.0/19 maxlen: 19
2.188.64.0/21 maxlen: 21
2.188.76.0/24 maxlen: 24
2.176.128.0/17 maxlen: 17
2.185.0.0/20 maxlen: 20
2.185.0.0/16 maxlen: 16
78.38.246.0/24 maxlen: 24
78.38.251.0/24 maxlen: 24
78.38.250.0/24 maxlen: 24
78.38.248.0/24 maxlen: 24
78.38.254.0/24 maxlen: 24
78.39.0.0/16 maxlen: 24
2.185.164.0/24 maxlen: 24
2.185.160.0/19 maxlen: 19
2.188.179.0/24 maxlen: 24
2.185.88.0/22 maxlen: 22
217.219.0.0/16 maxlen: 24
2.188.185.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
2.188.187.0/24 maxlen: 24
2.177.0.0/16 maxlen: 16
2.189.68.0/24 maxlen: 24
2.189.72.0/24 maxlen: 24
2.191.0.0/16 maxlen: 16
80.191.0.0/16 maxlen: 16
217.218.0.0/16 maxlen: 24
2.189.42.0/24 maxlen: 24
2.189.43.0/24 maxlen: 24
2.189.56.0/24 maxlen: 24
2.189.58.0/24 maxlen: 24
2.182.128.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1a:4b:19:b8:9a:fa:a7:30:e7:ac:e7:e8:59:13:b6:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: May 14 12:45:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34bcc1e78f44aee21fa0a1cfba85a528846d56aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:59:f4:ea:da:ac:ed:f7:79:8e:e6:6c:49:26:
fe:93:0e:3e:f1:d0:7f:62:47:10:86:f1:91:13:83:
a8:6a:b5:1c:95:a9:50:9a:1e:b8:b8:e5:be:6d:cd:
71:47:3e:36:6e:7e:c5:8d:86:c0:93:43:cb:62:75:
68:cc:e0:01:fd:25:cb:6d:e6:30:36:f3:73:ce:d5:
bf:f8:d7:10:6a:18:ef:66:d4:d9:fd:6f:11:aa:49:
7d:58:10:45:56:4c:b8:f2:47:83:f8:36:28:a6:30:
e3:df:60:1c:c9:6a:d9:7e:07:a1:40:07:bb:40:11:
5a:bd:20:9a:aa:a8:d8:cc:1f:02:82:07:d7:84:96:
ad:af:e1:40:ec:94:dd:85:35:53:95:c9:c8:00:33:
fd:bc:61:65:25:35:fe:09:49:46:94:03:9c:8e:d4:
ed:82:c7:61:b1:4b:12:05:e4:1b:7d:40:e7:25:9b:
9e:22:10:4a:db:70:c5:48:2d:bc:95:3b:20:49:ce:
4b:4b:1b:c7:08:23:de:63:9f:9c:51:b0:ee:43:93:
fd:75:d8:1e:5b:37:ce:d5:ec:ce:c2:d2:40:75:b3:
65:96:b8:cd:97:98:c4:34:28:cc:01:f8:e8:76:88:
38:b1:20:11:6d:e6:44:b6:c9:5e:7e:f4:a2:a2:92:
81:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:BC:C1:E7:8F:44:AE:E2:1F:A0:A1:CF:BA:85:A5:28:84:6D:56:AA
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/NLzB549EruIfoKHPuoWlKIRtVqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.128.0-2.177.255.255
2.182.128.0/21
2.185.0.0/16
2.188.0.0/23
2.188.22.0/24
2.188.28.0/24
2.188.64.0/21
2.188.76.0/24
2.188.179.0/24
2.188.184.0/23
2.188.187.0/24
2.189.42.0/23
2.189.56.0/24
2.189.58.0/24
2.189.68.0/24
2.189.72.0/24
2.191.0.0/16
78.38.0.0/15
80.191.0.0/16
217.218.0.0/15
Signature Algorithm: sha256WithRSAEncryption
14:ac:9b:53:17:1e:ad:c2:e1:ed:dd:16:b0:1e:2f:b4:de:56:
1e:18:c5:c8:04:2c:6a:d6:47:da:e6:29:2b:46:99:a5:8d:76:
e9:2e:e1:a0:26:49:db:f9:05:dd:98:fe:82:b5:6e:4a:9b:fd:
ca:fe:d8:1f:6d:e2:70:e0:e4:d2:8b:2d:b2:47:cc:0c:5a:26:
16:50:5b:0f:b9:50:40:ed:a2:d3:81:99:e1:7f:cc:73:49:e1:
84:ac:d1:d2:08:d1:aa:3b:30:25:47:07:f0:94:4a:c0:58:f0:
49:8e:d6:7c:1b:79:40:6c:91:a2:c5:29:4b:30:7a:14:40:e7:
f1:6f:a7:9d:f9:df:f8:bd:dd:ea:d5:0a:b2:83:11:a4:05:cd:
6e:99:d7:2b:b1:d0:04:6a:b1:bd:f9:63:e1:8b:c4:9f:11:f9:
a1:87:1f:fa:44:d3:bc:84:f4:4b:ab:4e:3a:d4:9f:c7:99:0c:
95:07:26:66:77:8b:ef:98:fd:28:fc:dd:6e:22:9f:77:0d:ed:
aa:e1:d5:43:c8:04:20:4b:8a:33:52:3c:b4:3f:06:6a:da:f2:
0b:e1:59:28:c3:f3:19:ea:91:e1:86:a7:f3:bb:f5:0f:64:e4:
9d:39:3d:ed:83:be:b2:80:92:4e:2b:9e:0c:b7:05:fa:d2:2e:
c7:e0:63:92
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYgaSxm4mvqnMOes5+hZE7Z2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNTE0MTI0NTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGJjYzFlNzhmNDRhZWUyMWZhMGExY2ZiYTg1YTUyODg0NmQ1NmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqln06tqs7fd5juZsSSb+kw4+8dB/
YkcQhvGRE4OoarUclalQmh64uOW+bc1xRz42bn7FjYbAk0PLYnVozOAB/SXLbeYw
NvNzztW/+NcQahjvZtTZ/W8Rqkl9WBBFVky48keD+DYopjDj32AcyWrZfgehQAe7
QBFavSCaqqjYzB8CggfXhJatr+FA7JTdhTVTlcnIADP9vGFlJTX+CUlGlAOcjtTt
gsdhsUsSBeQbfUDnJZueIhBK23DFSC28lTsgSc5LSxvHCCPeY5+cUbDuQ5P9ddge
WzfO1ezOwtJAdbNllrjNl5jENCjMAfjodog4sSARbeZEtslefvSiopKBNQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFDS8weePRK7iH6Chz7qFpSiEbVaqMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvTkx6QjU0OUVydUlmb0tIUHVvV2xLSVJ0VnFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwejALAwQH
ArCAAwMBArADBAMCtoADAwACuQMEAQK8AAMEAAK8FgMEAAK8HAMEAwK8QAMEAAK8
TAMEAAK8swMEAQK8uAMEAAK8uwMEAQK9KgMEAAK9OAMEAAK9OgMEAAK9RAMEAAK9
SAMDAAK/AwMBTiYDAwBQvwMDAdnaMA0GCSqGSIb3DQEBCwUAA4IBAQAUrJtTFx6t
wuHt3RawHi+03lYeGMXIBCxq1kfa5ikrRpmljXbpLuGgJknb+QXdmP6CtW5Km/3K
/tgfbeJw4OTSiy2yR8wMWiYWUFsPuVBA7aLTgZnhf8xzSeGErNHSCNGqOzAlRwfw
lErAWPBJjtZ8G3lAbJGixSlLMHoUQOfxb6ed+d/4vd3q1QqygxGkBc1umdcrsdAE
arG9+WPhi8SfEfmhhx/6RNO8hPRLq0461J/HmQyVByZmd4vvmP0o/N1uIp93De2q
4dVDyAQgS4ozUjy0PwZq2vIL4Vkow/MZ6pHhhqfzu/UPZOSdOT3tg76ygJJOK54M
twX60i7H4GOS
-----END CERTIFICATE-----
Generated at Thu May 1 15:02:43 2025 by rpki-client