Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/eD-Q-VepsllJYEv9s-kFrC_wDP0.roa
File: eD-Q-VepsllJYEv9s-kFrC_wDP0.roa (raw, json)
Hash identifier: HjApF+nvigwZ09plHx4MtIvoa6KkG+qxcoF71AM/30E=
Subject key identifier: 78:3F:90:F9:57:A9:B2:59:49:60:4B:FD:B3:E9:05:AC:2F:F0:0C:FD
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018819E0E78E96122445818EBE9A9787A426
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/eD-Q-VepsllJYEv9s-kFrC_wDP0.roa
Signing time: Sun 14 May 2023 10:49:09 +0000
ROA not before: Sun 14 May 2023 10:49:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 2.188.40.0/21 maxlen: 24
2.189.160.0/21 maxlen: 24
2.189.168.0/21 maxlen: 24
2.188.72.0/22 maxlen: 24
2.188.225.0/24 maxlen: 24
2.188.224.0/20 maxlen: 24
2.188.232.0/23 maxlen: 23
2.188.234.0/24 maxlen: 24
2.188.236.0/23 maxlen: 23
2.188.240.0/20 maxlen: 24
2.188.164.0/22 maxlen: 22
2.188.160.0/22 maxlen: 22
2.188.165.0/24 maxlen: 24
2.188.161.0/24 maxlen: 24
2.188.160.0/21 maxlen: 24
2.188.176.0/23 maxlen: 23
2.188.192.0/19 maxlen: 24
2.189.80.0/21 maxlen: 24
2.189.88.0/21 maxlen: 24
78.39.40.0/24 maxlen: 24
78.39.43.0/24 maxlen: 24
78.39.50.0/24 maxlen: 24
78.39.46.0/24 maxlen: 24
78.39.49.0/24 maxlen: 24
78.39.48.0/24 maxlen: 24
78.39.51.0/24 maxlen: 24
78.39.47.0/24 maxlen: 24
78.39.58.0/24 maxlen: 24
78.39.54.0/24 maxlen: 24
78.39.57.0/24 maxlen: 24
78.39.53.0/24 maxlen: 24
78.39.56.0/24 maxlen: 24
78.39.55.0/24 maxlen: 24
2.189.48.0/21 maxlen: 24
2.189.64.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:19:e0:e7:8e:96:12:24:45:81:8e:be:9a:97:87:a4:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: May 14 10:49:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=783f90f957a9b25949604bfdb3e905ac2ff00cfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:75:ba:0a:e9:64:51:3d:01:69:af:d5:bc:1d:
ee:2e:3d:21:f3:64:cb:4b:35:e8:11:72:49:d7:5a:
66:60:3f:bb:d6:cd:d6:63:9a:5b:34:a4:83:c0:85:
10:20:e2:2f:55:16:29:5a:98:13:f6:3c:ac:30:7d:
a4:3f:83:b9:87:59:9e:80:c4:49:16:bf:51:49:95:
c7:2c:3c:00:44:4c:c9:cd:cd:0e:4d:a2:71:ba:e1:
14:3c:af:a1:b3:54:c6:64:96:39:78:95:e4:95:83:
4b:d6:d9:b4:33:eb:c2:f4:a9:31:be:30:a2:49:1a:
e2:b9:f4:95:95:a5:27:af:36:38:f7:ee:77:fe:86:
87:aa:0b:e6:4a:7c:09:68:b4:fb:a7:12:7b:4b:83:
57:9a:61:51:fa:66:0a:b5:38:ef:3f:ef:11:56:da:
3b:d8:7e:08:7e:4f:8b:10:cb:7d:62:88:ba:f4:68:
2e:2f:03:8b:fc:e0:c7:cf:83:18:c2:79:7c:83:0c:
83:d0:83:50:7a:9b:db:2f:72:e1:b4:de:c8:d0:1d:
a8:56:78:38:86:15:04:c5:3d:ae:cf:75:16:55:d0:
2f:a9:35:69:e3:11:41:12:3d:30:b4:29:4c:dc:5e:
42:5a:3a:25:82:7b:86:8f:73:9f:a8:83:66:44:ac:
34:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:3F:90:F9:57:A9:B2:59:49:60:4B:FD:B3:E9:05:AC:2F:F0:0C:FD
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/eD-Q-VepsllJYEv9s-kFrC_wDP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.40.0/21
2.188.72.0/22
2.188.160.0/21
2.188.176.0/23
2.188.192.0/18
2.189.48.0/21
2.189.64.0/22
2.189.80.0/20
2.189.160.0/20
78.39.40.0/24
78.39.43.0/24
78.39.46.0-78.39.51.255
78.39.53.0-78.39.58.255
Signature Algorithm: sha256WithRSAEncryption
62:89:bf:01:82:f6:ac:d7:fa:ab:84:eb:ec:7e:62:1f:ee:25:
0a:7f:2e:9b:ca:ce:88:a8:d5:b5:e5:b3:a6:0d:0b:e4:63:6d:
c3:f1:a0:08:17:14:9a:43:a3:bd:01:ec:8e:fc:84:67:03:9e:
f8:3f:2a:d2:ac:85:0d:f6:55:49:40:e7:50:43:41:2b:3c:f3:
6c:0d:ba:77:ef:02:3f:44:b2:12:03:76:93:96:63:e4:0a:26:
47:73:1f:51:05:1e:bb:2d:38:a3:f2:b9:d5:2d:dd:23:e4:2a:
70:66:09:69:a6:51:f1:63:e2:8b:74:dd:45:22:0b:22:38:27:
aa:0c:c5:9f:60:84:22:07:17:a8:67:91:0a:78:65:01:ef:ad:
c8:5d:83:fb:df:e8:15:a9:c2:02:09:d2:78:ea:ac:07:96:33:
a3:51:4f:2a:4e:e2:5e:53:09:7a:ba:91:6c:5d:27:88:1c:df:
b1:a8:b6:5f:2e:7d:d7:ea:57:92:12:6c:05:70:b6:dd:a8:f0:
f0:0c:07:19:d2:13:fa:6c:46:1b:c8:4d:b3:ac:f5:95:b0:a1:
94:0d:40:de:13:32:fd:44:7e:f8:25:db:b6:ba:df:8c:a3:80:
f5:55:2d:94:06:d1:93:0f:0a:dd:0d:3b:85:1c:b7:11:12:e0:
98:cd:5f:63
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYgZ4OeOlhIkRYGOvpqXh6QmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNTE0MTA0OTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODNmOTBmOTU3YTliMjU5NDk2MDRiZmRiM2U5MDVhYzJmZjAwY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3W6CulkUT0Baa/VvB3uLj0h82TL
SzXoEXJJ11pmYD+71s3WY5pbNKSDwIUQIOIvVRYpWpgT9jysMH2kP4O5h1megMRJ
Fr9RSZXHLDwAREzJzc0OTaJxuuEUPK+hs1TGZJY5eJXklYNL1tm0M+vC9KkxvjCi
SRriufSVlaUnrzY49+53/oaHqgvmSnwJaLT7pxJ7S4NXmmFR+mYKtTjvP+8RVto7
2H4Ifk+LEMt9Yoi69GguLwOL/ODHz4MYwnl8gwyD0INQepvbL3LhtN7I0B2oVng4
hhUExT2uz3UWVdAvqTVp4xFBEj0wtClM3F5CWjolgnuGj3OfqINmRKw0JwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFHg/kPlXqbJZSWBL/bPpBawv8Az9MB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvZUQtUS1WZXBzbGxKWUV2OXMta0ZyQ193RFAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQDArwoAwQC
ArxIAwQDArygAwQBArywAwQGArzAAwQDAr0wAwQCAr1AAwQEAr1QAwQEAr2gAwQA
TicoAwQATicrMAwDBAFOJy4DBAJOJzAwDAMEAE4nNQMEAE4nOjANBgkqhkiG9w0B
AQsFAAOCAQEAYom/AYL2rNf6q4Tr7H5iH+4lCn8um8rOiKjVteWzpg0L5GNtw/Gg
CBcUmkOjvQHsjvyEZwOe+D8q0qyFDfZVSUDnUENBKzzzbA26d+8CP0SyEgN2k5Zj
5AomR3MfUQUeuy04o/K51S3dI+QqcGYJaaZR8WPii3TdRSILIjgnqgzFn2CEIgcX
qGeRCnhlAe+tyF2D+9/oFanCAgnSeOqsB5Yzo1FPKk7iXlMJerqRbF0niBzfsai2
Xy591+pXkhJsBXC23ajw8AwHGdIT+mxGG8hNs6z1lbChlA1A3hMy/UR++CXbtrrf
jKOA9VUtlAbRkw8K3Q07hRy3ERLgmM1fYw==
-----END CERTIFICATE-----
Generated at Sun Jun 15 02:51:38 2025 by rpki-client