Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/bUjclaQkkrRyfmlt3EqYDQgD_C8.roa
File: bUjclaQkkrRyfmlt3EqYDQgD_C8.roa (raw, json)
Hash identifier: 5pMdbMRp2nJgYCqABGGN4RDcW32wBEjFX3wbTRpFdqM=
Subject key identifier: 6D:48:DC:95:A4:24:92:B4:72:7E:69:6D:DC:4A:98:0D:08:03:FC:2F
Certificate issuer: /CN=237f7db033314c473cda194e0df79f1c375da3f4
Certificate serial: 018A92890DB9C3AFF2E51D6E44629D1965AB
Authority key identifier: 23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/bUjclaQkkrRyfmlt3EqYDQgD_C8.roa
Signing time: Thu 14 Sep 2023 07:12:50 +0000
ROA not before: Thu 14 Sep 2023 07:12:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3225
IP address blocks: 91.140.216.0/22 maxlen: 24
91.140.221.0/24 maxlen: 24
91.140.220.0/24 maxlen: 24
91.140.224.0/22 maxlen: 24
91.140.224.0/24 maxlen: 24
91.140.222.0/24 maxlen: 24
91.140.223.0/24 maxlen: 24
91.140.226.0/24 maxlen: 24
91.140.233.0/24 maxlen: 24
91.140.228.0/22 maxlen: 24
91.140.232.0/24 maxlen: 24
91.140.240.0/24 maxlen: 24
91.140.235.0/24 maxlen: 24
91.140.234.0/24 maxlen: 24
91.140.238.0/24 maxlen: 24
91.140.239.0/24 maxlen: 24
91.140.236.0/24 maxlen: 24
91.140.237.0/24 maxlen: 24
91.140.242.0/24 maxlen: 24
91.140.241.0/24 maxlen: 24
91.140.246.0/24 maxlen: 24
91.140.244.0/22 maxlen: 24
91.140.248.0/22 maxlen: 24
91.140.248.0/24 maxlen: 24
91.140.249.0/24 maxlen: 24
91.140.252.0/22 maxlen: 24
91.140.252.0/24 maxlen: 24
91.140.253.0/24 maxlen: 24
91.140.250.0/24 maxlen: 24
91.140.251.0/24 maxlen: 24
91.140.255.0/24 maxlen: 24
91.140.254.0/24 maxlen: 24
185.16.4.0/22 maxlen: 22
91.140.164.0/22 maxlen: 24
91.140.160.0/22 maxlen: 24
91.140.172.0/22 maxlen: 24
94.187.224.0/19 maxlen: 24
91.140.180.0/22 maxlen: 24
94.187.232.0/22 maxlen: 22
91.140.192.0/22 maxlen: 24
94.187.228.0/22 maxlen: 22
91.140.188.0/22 maxlen: 24
94.187.236.0/22 maxlen: 22
91.140.196.0/22 maxlen: 24
94.187.240.0/22 maxlen: 24
91.140.200.0/22 maxlen: 24
91.140.201.0/24 maxlen: 24
91.140.203.0/24 maxlen: 24
91.140.204.0/22 maxlen: 24
94.187.244.0/22 maxlen: 22
91.140.202.0/24 maxlen: 24
94.187.252.0/22 maxlen: 24
91.140.212.0/22 maxlen: 24
91.140.207.0/24 maxlen: 24
94.187.248.0/22 maxlen: 22
91.140.208.0/22 maxlen: 24
91.140.128.0/17 maxlen: 24
91.140.128.0/22 maxlen: 24
91.140.132.0/22 maxlen: 24
91.140.140.0/22 maxlen: 24
91.140.152.0/22 maxlen: 24
91.140.148.0/22 maxlen: 24
194.54.241.0/24 maxlen: 24
194.54.244.0/22 maxlen: 22
194.54.243.0/24 maxlen: 24
194.54.248.0/22 maxlen: 22
194.54.252.0/22 maxlen: 22
194.54.192.0/19 maxlen: 24
194.54.192.0/18 maxlen: 18
194.54.194.0/23 maxlen: 23
194.54.196.0/22 maxlen: 22
194.54.204.0/22 maxlen: 22
194.54.200.0/22 maxlen: 22
194.54.202.0/24 maxlen: 24
194.54.209.0/24 maxlen: 24
194.54.208.0/22 maxlen: 22
194.54.208.0/24 maxlen: 24
194.54.212.0/22 maxlen: 22
194.54.216.0/22 maxlen: 22
194.54.224.0/19 maxlen: 19
194.54.220.0/24 maxlen: 24
194.54.220.0/22 maxlen: 22
194.54.224.0/22 maxlen: 22
194.54.232.0/22 maxlen: 22
194.54.228.0/22 maxlen: 22
194.54.234.0/24 maxlen: 24
194.54.236.0/22 maxlen: 22
194.54.240.0/22 maxlen: 24
2a01:7780::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:92:89:0d:b9:c3:af:f2:e5:1d:6e:44:62:9d:19:65:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=237f7db033314c473cda194e0df79f1c375da3f4
Validity
Not Before: Sep 14 07:12:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d48dc95a42492b4727e696ddc4a980d0803fc2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7f:f6:bf:83:f5:3a:c9:00:0f:6b:61:dc:46:
cc:88:e7:76:18:46:ba:7e:69:8d:18:90:43:bc:39:
9e:56:24:be:1e:c4:8c:9c:0d:f2:dc:31:b1:a6:80:
6a:d1:ae:28:a0:02:65:b8:c1:1e:8a:a2:a7:74:81:
b9:bd:ca:e0:35:00:5c:6c:4c:fe:ae:3f:15:92:bf:
6f:81:11:39:f0:3f:0a:25:ea:b4:8a:c1:d4:82:ef:
75:bf:9c:7e:9e:c6:bb:e1:b5:10:05:41:0b:78:47:
16:5f:27:96:87:e1:04:0c:bb:c6:d2:77:ab:76:31:
b2:90:ae:f2:cf:44:7b:84:8e:6c:da:f4:ae:b7:71:
32:a8:f7:45:19:9b:36:3e:5d:e6:4d:cb:ac:a2:5c:
2d:bd:b8:53:2a:09:03:b0:95:7c:32:66:85:cc:d5:
19:24:b7:a5:42:77:0e:90:05:09:b0:80:2d:4d:bd:
e0:e5:0c:ce:96:eb:0d:61:2e:4a:32:02:ad:ad:f0:
f2:c1:f0:61:a7:db:46:8f:71:11:0b:2c:a3:8c:93:
cb:15:8c:34:f3:c1:16:ec:a0:3c:a9:e6:55:c0:39:
21:ca:1e:09:cb:bd:56:fd:79:f4:16:e9:cc:80:7a:
b5:b5:46:18:fe:97:c3:18:63:77:59:d2:a4:3e:7f:
4e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:48:DC:95:A4:24:92:B4:72:7E:69:6D:DC:4A:98:0D:08:03:FC:2F
X509v3 Authority Key Identifier:
keyid:23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/bUjclaQkkrRyfmlt3EqYDQgD_C8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/I399sDMxTEc82hlODfefHDddo_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.140.128.0/17
94.187.224.0/19
185.16.4.0/22
194.54.192.0/18
IPv6:
2a01:7780::/32
Signature Algorithm: sha256WithRSAEncryption
1b:66:4b:b5:e9:19:02:d1:49:08:fb:ed:2b:c7:62:88:b8:85:
f1:9b:11:cc:fe:30:bf:b9:46:7e:9e:4f:3f:17:36:e1:d7:db:
aa:b2:9d:3a:a7:41:d0:ea:f9:2e:fe:8b:df:b2:80:99:91:a8:
81:cb:93:1b:ac:cf:4a:ee:d6:4c:98:fe:7a:9f:49:1c:1a:5b:
99:f9:72:a0:51:87:8d:fe:03:98:27:e9:17:a8:af:c2:89:58:
36:66:b5:33:5e:75:dd:17:d5:b5:00:34:14:35:a1:0d:88:94:
59:14:f3:d3:07:20:2b:ed:72:20:0e:15:cb:ba:ad:a3:2c:0c:
c1:3c:4a:0d:1c:68:6f:42:9f:da:dc:bf:04:54:c2:4a:14:bf:
a8:de:3f:56:3f:d5:aa:4a:01:e2:13:7f:b1:69:c7:df:0b:75:
5a:82:6d:7e:f7:3d:1a:60:62:70:60:67:6f:42:5e:c5:6b:55:
a9:6b:86:92:00:2c:d3:79:05:0d:c4:75:bc:32:8a:9f:62:82:
ad:74:ac:29:5e:fc:67:5b:2a:88:28:08:b0:bb:37:d1:a7:33:
a3:05:5a:39:af:59:f9:c9:56:55:77:65:30:17:4b:af:d9:56:
4e:fe:5c:ad:dc:58:14:a0:dc:8b:d5:fd:53:f0:1b:1a:1b:59:
68:85:0f:c7
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYqSiQ25w6/y5R1uRGKdGWWrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzN2Y3ZGIwMzMzMTRjNDczY2RhMTk0ZTBkZjc5ZjFjMzc1
ZGEzZjQwHhcNMjMwOTE0MDcxMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDQ4ZGM5NWE0MjQ5MmI0NzI3ZTY5NmRkYzRhOTgwZDA4MDNmYzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3/2v4P1OskAD2th3EbMiOd2GEa6
fmmNGJBDvDmeViS+HsSMnA3y3DGxpoBq0a4ooAJluMEeiqKndIG5vcrgNQBcbEz+
rj8Vkr9vgRE58D8KJeq0isHUgu91v5x+nsa74bUQBUELeEcWXyeWh+EEDLvG0ner
djGykK7yz0R7hI5s2vSut3EyqPdFGZs2Pl3mTcusolwtvbhTKgkDsJV8MmaFzNUZ
JLelQncOkAUJsIAtTb3g5QzOlusNYS5KMgKtrfDywfBhp9tGj3ERCyyjjJPLFYw0
88EW7KA8qeZVwDkhyh4Jy71W/Xn0FunMgHq1tUYY/pfDGGN3WdKkPn9OzQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFG1I3JWkJJK0cn5pbdxKmA0IA/wvMB8GA1UdIwQY
MBaAFCN/fbAzMUxHPNoZTg33nxw3XaP0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTM5OXNETXhURWM4MmhsT0RmZWZIRGRkb19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9lZWY1NTctMGUxMC00MGNlLWE0OGYt
ZWUwNjAzOTQ5ZjkzLzEvYlVqY2xhUWtrclJ5Zm1sdDNFcVlEUWdEX0M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9lZWY1NTctMGUxMC00MGNlLWE0OGYtZWUwNjAzOTQ5Zjkz
LzEvSTM5OXNETXhURWM4MmhsT0RmZWZIRGRkb19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQHW4yAAwQF
XrvgAwQCuRAEAwQGwjbAMA0EAgACMAcDBQAqAXeAMA0GCSqGSIb3DQEBCwUAA4IB
AQAbZku16RkC0UkI++0rx2KIuIXxmxHM/jC/uUZ+nk8/Fzbh19uqsp06p0HQ6vku
/ovfsoCZkaiBy5MbrM9K7tZMmP56n0kcGluZ+XKgUYeN/gOYJ+kXqK/CiVg2ZrUz
XnXdF9W1ADQUNaENiJRZFPPTByAr7XIgDhXLuq2jLAzBPEoNHGhvQp/a3L8EVMJK
FL+o3j9WP9WqSgHiE3+xacffC3Vagm1+9z0aYGJwYGdvQl7Fa1Wpa4aSACzTeQUN
xHW8MoqfYoKtdKwpXvxnWyqIKAiwuzfRpzOjBVo5r1n5yVZVd2UwF0uv2VZO/lyt
3FgUoNyL1f1T8BsaG1lohQ/H
-----END CERTIFICATE-----
Generated at Sun Jun 15 22:00:24 2025 by rpki-client