Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/aLJqtg5KdgloR3G_vLkbwuJ-nJY.roa
File: aLJqtg5KdgloR3G_vLkbwuJ-nJY.roa (raw, json)
Hash identifier: 2DqvD4dk+TMD+8KssUeEgf7HZy4PJ8t43lOM01wrDn8=
Subject key identifier: 68:B2:6A:B6:0E:4A:76:09:68:47:71:BF:BC:B9:1B:C2:E2:7E:9C:96
Certificate issuer: /CN=1f46f57735a4e63dbef848ee0d9d199e215f8304
Certificate serial: 1838B788
Authority key identifier: 1F:46:F5:77:35:A4:E6:3D:BE:F8:48:EE:0D:9D:19:9E:21:5F:83:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/aLJqtg5KdgloR3G_vLkbwuJ-nJY.roa
Signing time: Sat 01 Jan 2022 10:01:33 +0000
ROA not before: Sat 01 Jan 2022 10:01:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24940
IP address blocks: 142.132.128.0/17 maxlen: 24
168.119.0.0/16 maxlen: 24
162.55.0.0/16 maxlen: 24
65.109.0.0/16 maxlen: 24
49.13.0.0/16 maxlen: 24
116.203.0.0/16 maxlen: 24
88.198.0.0/16 maxlen: 24
5.161.0.0/16 maxlen: 24
116.202.0.0/16 maxlen: 24
159.69.0.0/16 maxlen: 24
188.40.0.0/16 maxlen: 24
88.99.0.0/16 maxlen: 24
91.107.128.0/17 maxlen: 24
5.75.128.0/17 maxlen: 24
95.217.0.0/16 maxlen: 24
128.140.0.0/17 maxlen: 24
65.108.0.0/16 maxlen: 24
49.12.0.0/16 maxlen: 24
213.133.96.0/19 maxlen: 24
94.130.0.0/16 maxlen: 24
85.10.192.0/18 maxlen: 24
46.4.0.0/16 maxlen: 24
178.63.0.0/16 maxlen: 24
157.90.0.0/16 maxlen: 24
65.21.0.0/16 maxlen: 24
135.181.0.0/16 maxlen: 24
188.34.128.0/17 maxlen: 24
23.88.0.0/17 maxlen: 24
185.12.64.0/22 maxlen: 24
95.216.0.0/16 maxlen: 24
78.46.0.0/15 maxlen: 24
213.239.192.0/18 maxlen: 24
195.201.0.0/16 maxlen: 24
5.9.0.0/16 maxlen: 24
176.9.0.0/16 maxlen: 24
167.233.0.0/16 maxlen: 24
2a01:4f8::/32 maxlen: 48
2a01:4ff:ff01::/48 maxlen: 48
2a01:4f9::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 406370184 (0x1838b788)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f46f57735a4e63dbef848ee0d9d199e215f8304
Validity
Not Before: Jan 1 10:01:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68b26ab60e4a7609684771bfbcb91bc2e27e9c96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1a:16:05:bb:76:b7:05:70:19:c2:5b:2c:14:
0c:07:64:7b:0b:b4:0e:72:ed:fa:81:27:7e:23:2a:
e3:90:1d:c3:87:05:31:e2:e3:1f:75:57:b1:b8:ce:
2e:42:8e:aa:46:18:07:a0:aa:94:22:5d:22:56:65:
12:c4:9e:4e:e5:a0:d8:34:78:a0:72:a0:21:73:16:
14:9e:93:e6:d6:a4:ba:67:e7:b4:fd:e2:df:26:f0:
c7:15:6a:15:dd:ab:2a:0b:a6:24:0e:49:39:41:fc:
73:b2:35:f5:bb:25:5e:d3:c5:58:11:d0:45:14:42:
90:a6:27:5d:fa:df:58:39:80:1b:2e:c8:d4:d0:67:
0b:ba:a9:f2:58:fb:d9:c6:9f:f0:03:a0:5c:3f:4e:
49:70:20:4d:15:c4:18:fb:7d:c3:3c:4e:3b:29:6d:
cd:ef:1c:12:41:b9:01:c4:f6:66:93:e9:6b:03:00:
a8:64:69:b1:44:1f:e5:2b:bf:fa:29:85:b6:12:a4:
90:b8:4f:93:d9:8f:32:0e:dd:ff:db:1e:90:fc:ad:
c9:31:b7:cd:5d:9a:fa:49:57:e2:d1:a4:bf:ac:ce:
ad:a0:ef:7d:8e:c0:e0:9f:f4:66:98:60:04:0a:ba:
3e:57:db:22:fc:2e:68:72:1c:29:d0:b0:33:36:4f:
b0:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B2:6A:B6:0E:4A:76:09:68:47:71:BF:BC:B9:1B:C2:E2:7E:9C:96
X509v3 Authority Key Identifier:
keyid:1F:46:F5:77:35:A4:E6:3D:BE:F8:48:EE:0D:9D:19:9E:21:5F:83:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/aLJqtg5KdgloR3G_vLkbwuJ-nJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.9.0.0/16
5.75.128.0/17
5.161.0.0/16
23.88.0.0/17
46.4.0.0/16
49.12.0.0/15
65.21.0.0/16
65.108.0.0/15
78.46.0.0/15
85.10.192.0/18
88.99.0.0/16
88.198.0.0/16
91.107.128.0/17
94.130.0.0/16
95.216.0.0/15
116.202.0.0/15
128.140.0.0/17
135.181.0.0/16
142.132.128.0/17
157.90.0.0/16
159.69.0.0/16
162.55.0.0/16
167.233.0.0/16
168.119.0.0/16
176.9.0.0/16
178.63.0.0/16
185.12.64.0/22
188.34.128.0/17
188.40.0.0/16
195.201.0.0/16
213.133.96.0/19
213.239.192.0/18
IPv6:
2a01:4f8::/31
2a01:4ff:ff01::/48
Signature Algorithm: sha256WithRSAEncryption
15:6b:47:a8:54:79:c7:e2:27:54:3c:a8:e7:42:d5:d6:af:18:
a4:b8:ce:ea:f3:81:c2:1a:6a:0d:45:8d:2b:68:07:2e:77:fe:
fa:05:de:7f:9e:a5:29:03:2b:a8:19:af:50:0c:ae:5a:21:97:
26:fa:f6:85:76:2b:ec:06:a5:96:1e:32:ed:09:30:e3:25:45:
47:a1:be:83:8e:80:ef:a7:6f:95:a4:a8:57:b1:1e:49:8f:99:
74:b7:19:7d:90:08:b9:f1:74:de:ee:30:74:35:e4:55:46:58:
16:24:82:1d:b6:6f:f9:40:b3:60:ea:2e:e4:72:ce:76:30:9a:
8a:a5:6b:2c:4d:01:9e:df:58:d4:b6:60:ad:3d:a3:28:87:24:
cf:8f:4a:3b:29:47:33:39:ac:15:fa:a9:fd:6a:20:f4:1d:02:
68:ab:b1:2f:8f:87:13:21:03:67:f9:d2:99:3c:b0:75:bd:19:
9a:d0:47:e1:af:36:d4:de:6c:8d:2d:8b:a3:f5:22:a1:22:c5:
a0:4b:37:e0:c4:7a:bb:74:05:ae:e8:3f:66:66:d1:c0:fd:ad:
f3:6c:b2:65:c0:f7:85:cc:a0:1c:c7:44:f7:bf:71:e1:99:94:
e2:58:42:a2:ef:31:47:f4:46:d2:47:93:7d:3d:82:d5:b9:19:
c7:db:f7:f3
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgIEGDi3iDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjQ2ZjU3NzM1YTRlNjNkYmVmODQ4ZWUwZDlkMTk5ZTIxNWY4MzA0MB4XDTIyMDEw
MTEwMDEzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjhiMjZhYjYwZTRh
NzYwOTY4NDc3MWJmYmNiOTFiYzJlMjdlOWM5NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALkaFgW7drcFcBnCWywUDAdkewu0DnLt+oEnfiMq45Adw4cF
MeLjH3VXsbjOLkKOqkYYB6CqlCJdIlZlEsSeTuWg2DR4oHKgIXMWFJ6T5takumfn
tP3i3ybwxxVqFd2rKgumJA5JOUH8c7I19bslXtPFWBHQRRRCkKYnXfrfWDmAGy7I
1NBnC7qp8lj72caf8AOgXD9OSXAgTRXEGPt9wzxOOyltze8cEkG5AcT2ZpPpawMA
qGRpsUQf5Su/+imFthKkkLhPk9mPMg7d/9sekPytyTG3zV2a+klX4tGkv6zOraDv
fY7A4J/0ZphgBAq6PlfbIvwuaHIcKdCwMzZPsMECAwEAAaOCAsowggLGMB0GA1Ud
DgQWBBRosmq2Dkp2CWhHcb+8uRvC4n6cljAfBgNVHSMEGDAWgBQfRvV3NaTmPb74
SO4NnRmeIV+DBDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gwYjFkeldrNWoyLS1FanVEWjBabmlGZmd3US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTMvMTA3MjY2LWFiNTEtNDYyYi05ZmMyLWE3Yzk4OThlZWNiYy8x
L2FMSnF0ZzVLZGdsb1IzR192TGtid3VKLW5KWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMv
MTA3MjY2LWFiNTEtNDYyYi05ZmMyLWE3Yzk4OThlZWNiYy8xL0gwYjFkeldrNWoy
LS1FanVEWjBabmlGZmd3US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
3wYIKwYBBQUHAQcBAf8Egc8wgcwwgbEEAgABMIGqAwMABQkDBAcFS4ADAwAFoQME
BxdYAAMDAC4EAwMBMQwDAwBBFQMDAUFsAwMBTi4DBAZVCsADAwBYYwMDAFjGAwQH
W2uAAwMAXoIDAwFf2AMDAXTKAwQHgIwAAwMAh7UDBAeOhIADAwCdWgMDAJ9FAwMA
ojcDAwCn6QMDAKh3AwMAsAkDAwCyPwMEArkMQAMEB7wigAMDALwoAwMAw8kDBAXV
hWADBAbV78AwFgQCAAIwEAMFASoBBPgDBwAqAQT//wEwDQYJKoZIhvcNAQELBQAD
ggEBABVrR6hUecfiJ1Q8qOdC1davGKS4zurzgcIaag1FjStoBy53/voF3n+epSkD
K6gZr1AMrlohlyb69oV2K+wGpZYeMu0JMOMlRUehvoOOgO+nb5WkqFexHkmPmXS3
GX2QCLnxdN7uMHQ15FVGWBYkgh22b/lAs2DqLuRyznYwmoqlayxNAZ7fWNS2YK09
oyiHJM+PSjspRzM5rBX6qf1qIPQdAmirsS+PhxMhA2f50pk8sHW9GZrQR+GvNtTe
bI0ti6P1IqEixaBLN+DEert0Ba7oP2Zm0cD9rfNssmXA94XMoBzHRPe/ceGZlOJY
QqLvMUf0RtJHk309gtW5Gcfb9/M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:56 2024 by rpki-client on console-fra.rpki-client.org