Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/05wwq8iSw6liVirlfbGgBFso5Sk.roa
File: 05wwq8iSw6liVirlfbGgBFso5Sk.roa (raw, json)
Hash identifier: c4wKCXXTPC11I61Zv3XCuI8oWgESLZwWCFh7k8879cA=
Subject key identifier: D3:9C:30:AB:C8:92:C3:A9:62:56:2A:E5:7D:B1:A0:04:5B:28:E5:29
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01850AEA20D6DAE9A4475DB40C2306D2B265
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/05wwq8iSw6liVirlfbGgBFso5Sk.roa
Signing time: Tue 13 Dec 2022 09:56:34 +0000
ROA not before: Tue 13 Dec 2022 09:56:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 22
45.88.139.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.13.188.0/24 maxlen: 24
45.94.168.0/22 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.38.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0a:ea:20:d6:da:e9:a4:47:5d:b4:0c:23:06:d2:b2:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 13 09:56:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d39c30abc892c3a962562ae57db1a0045b28e529
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e4:0d:ba:d0:78:45:4b:79:aa:3d:87:fa:b7:
eb:99:ab:39:76:32:25:c4:3e:af:d9:1e:1d:dd:6f:
32:b5:77:de:f2:c5:df:2f:3d:14:1c:40:4a:aa:d3:
f8:14:1b:ff:08:ae:de:10:b5:01:2b:d4:59:a7:80:
20:5a:1e:2e:32:fd:f8:7a:cd:a9:d0:59:53:32:3c:
5a:7e:9a:ab:60:ce:69:67:01:32:6c:53:69:9e:65:
7a:18:76:e3:8d:77:1a:c5:c2:d4:71:a1:36:02:56:
ae:29:ef:9e:2e:a9:40:2c:a2:57:0c:08:a7:31:6d:
c9:67:f2:12:06:53:36:b0:79:29:9c:f1:9d:b0:89:
5b:c7:87:16:95:6c:a1:c4:31:f2:76:8a:ea:34:31:
b6:dc:90:07:e2:6f:c2:e7:66:38:59:ca:fe:26:76:
0a:f9:fd:c7:19:db:a6:99:83:70:78:60:62:92:c5:
75:fc:05:f4:1a:06:64:38:43:fa:2c:d5:96:11:86:
75:73:46:17:1f:89:aa:0d:e9:47:51:9c:b3:ea:85:
71:85:7e:b7:ea:88:9b:93:ff:d5:62:ed:b5:1e:cf:
20:98:4a:51:7b:81:6a:70:02:69:f4:9d:2e:63:51:
e7:60:6f:50:d5:e7:6f:fc:81:1e:37:60:b3:20:84:
d3:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:9C:30:AB:C8:92:C3:A9:62:56:2A:E5:7D:B1:A0:04:5B:28:E5:29
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/05wwq8iSw6liVirlfbGgBFso5Sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.13.188.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/23
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/23
77.83.38.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
01:33:d7:2d:a8:8f:b4:99:4e:27:96:72:ad:05:89:c1:f6:2f:
65:44:42:da:f3:07:b6:f9:64:29:b6:b8:98:bb:2d:69:ff:8b:
6f:ad:e9:6d:b5:4b:e0:c8:82:f7:74:8b:6a:0e:23:1e:63:cf:
bb:72:cc:ad:6b:57:84:93:e3:b5:bd:37:ed:b8:fe:15:8a:94:
14:21:81:08:d7:9d:18:5f:07:37:a1:de:3a:a1:8c:d3:09:ec:
a3:e2:de:20:df:3a:db:a8:a2:f8:0b:24:5e:f8:f7:88:53:5b:
29:b1:f4:5a:f9:df:29:20:f5:d3:1b:16:06:eb:a9:7c:da:b6:
0d:b0:63:24:62:1c:5b:1e:d9:a0:f9:e9:45:90:7e:65:2f:4f:
7c:a8:63:2a:07:66:1d:7b:23:20:1a:71:81:c1:5a:b8:d7:2c:
7b:4c:f7:7d:c8:9b:99:91:de:04:2c:9e:7e:3f:dd:c5:28:f5:
9a:6c:49:6e:e8:6d:45:12:ce:05:f6:32:1c:07:78:e5:71:cf:
a2:3d:c9:66:2a:46:90:9c:08:1d:9d:15:71:80:a4:c1:3d:92:
44:8b:08:47:5f:07:5a:7e:a8:96:45:38:66:6d:aa:8e:00:bf:
b1:5d:41:5c:94:0c:cb:c5:27:0d:55:fe:73:78:bd:e9:50:58:
05:14:5e:5a
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYUK6iDW2umkR120DCMG0rJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMjEzMDk1NjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzljMzBhYmM4OTJjM2E5NjI1NjJhZTU3ZGIxYTAwNDViMjhlNTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeQNutB4RUt5qj2H+rfrmas5djIl
xD6v2R4d3W8ytXfe8sXfLz0UHEBKqtP4FBv/CK7eELUBK9RZp4AgWh4uMv34es2p
0FlTMjxafpqrYM5pZwEybFNpnmV6GHbjjXcaxcLUcaE2AlauKe+eLqlALKJXDAin
MW3JZ/ISBlM2sHkpnPGdsIlbx4cWlWyhxDHydorqNDG23JAH4m/C52Y4Wcr+JnYK
+f3HGdummYNweGBiksV1/AX0GgZkOEP6LNWWEYZ1c0YXH4mqDelHUZyz6oVxhX63
6oibk//VYu21Hs8gmEpRe4FqcAJp9J0uY1HnYG9Q1edv/IEeN2CzIITT/QIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFNOcMKvIksOpYlYq5X2xoARbKOUpMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMDV3d3E4aVN3NmxpVmlybGZiR2dCRnNvNVNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBjQQCAAEwgYYDBAIC
OGwDBAAFtVcDBAAtCR0DBAAtDbwDBAItUXADBAAtWIgDBAEtWIoDBAItXqgwDAME
AC2EtQMEAy2EsAMEAS2Q1AMEAE1TJgMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgME
AsEe8AMEAME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAjAwUAKgFx
IAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEB
AAEz1y2oj7SZTieWcq0FicH2L2VEQtrzB7b5ZCm2uJi7LWn/i2+t6W21S+DIgvd0
i2oOIx5jz7tyzK1rV4ST47W9N+24/hWKlBQhgQjXnRhfBzeh3jqhjNMJ7KPi3iDf
OtuoovgLJF7494hTWymx9Fr53ykg9dMbFgbrqXzatg2wYyRiHFse2aD56UWQfmUv
T3yoYyoHZh17IyAacYHBWrjXLHtM933Im5mR3gQsnn4/3cUo9ZpsSW7obUUSzgX2
MhwHeOVxz6I9yWYqRpCcCB2dFXGApME9kkSLCEdfB1p+qJZFOGZtqo4Av7FdQVyU
DMvFJw1V/nN4velQWAUUXlo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org