Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/c9f33b-2f1b-4a11-a21d-9a6bd011f8f6/1/pU-BPsEPl1goX7xqjsAfbDIn1Uc.roa
File: pU-BPsEPl1goX7xqjsAfbDIn1Uc.roa (raw, json)
Hash identifier: OdqfAX8vgBXSbwxrXKOc3b/6B3iED1r+sKa0FL+qjyo=
Subject key identifier: A5:4F:81:3E:C1:0F:97:58:28:5F:BC:6A:8E:C0:1F:6C:32:27:D5:47
Certificate issuer: /CN=aef1eefaa757d38eb104fa4cba4d962b72e52b52
Certificate serial: 4483E3C8
Authority key identifier: AE:F1:EE:FA:A7:57:D3:8E:B1:04:FA:4C:BA:4D:96:2B:72:E5:2B:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rvHu-qdX046xBPpMuk2WK3LlK1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/c9f33b-2f1b-4a11-a21d-9a6bd011f8f6/1/pU-BPsEPl1goX7xqjsAfbDIn1Uc.roa
Signing time: Sat 01 Jan 2022 03:53:16 +0000
ROA not before: Sat 01 Jan 2022 03:53:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29222
IP address blocks: 193.134.250.0/24 maxlen: 24
84.16.64.0/19 maxlen: 24
45.157.188.0/22 maxlen: 24
185.177.60.0/22 maxlen: 24
185.176.224.0/22 maxlen: 24
193.128.7.0/24 maxlen: 24
128.65.192.0/21 maxlen: 24
185.74.68.0/22 maxlen: 24
193.111.233.0/24 maxlen: 24
185.125.24.0/22 maxlen: 24
193.134.93.0/24 maxlen: 24
93.88.240.0/20 maxlen: 24
185.181.160.0/22 maxlen: 24
185.172.100.0/22 maxlen: 24
195.15.192.0/18 maxlen: 24
83.166.128.0/19 maxlen: 24
2001:1600::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1149494216 (0x4483e3c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aef1eefaa757d38eb104fa4cba4d962b72e52b52
Validity
Not Before: Jan 1 03:53:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a54f813ec10f9758285fbc6a8ec01f6c3227d547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:61:18:d7:19:c8:fa:3e:49:8e:0f:09:b3:ea:
ed:ec:89:d2:1a:44:04:88:b4:0c:b0:00:21:c1:ff:
04:a2:e9:cd:f8:71:e4:6d:db:c0:c5:d1:fe:a7:5a:
a7:11:35:76:88:ee:f8:2c:01:a3:19:03:2f:0a:8b:
82:f0:db:c8:58:4e:ef:61:21:1c:c7:43:5f:0b:02:
a9:db:a7:33:eb:9f:41:22:13:26:5b:36:27:57:64:
d5:5a:97:65:3a:28:90:19:94:45:25:2d:84:b9:71:
17:04:97:3b:67:b3:a8:a4:d8:2d:63:af:0b:e0:a0:
99:e8:ec:7a:33:8c:da:3d:eb:bd:a5:2b:59:6d:3d:
a3:7a:27:6b:3c:28:93:b3:29:5a:5b:8c:a4:af:c9:
66:99:35:aa:3d:72:67:a2:25:a9:d8:5c:a8:a8:fd:
82:22:33:ee:4b:95:4f:18:56:30:b8:ab:27:32:59:
35:fd:49:97:55:18:fa:c5:4d:c8:fa:1e:ca:62:93:
c7:b5:8d:55:4c:1b:4e:59:a7:c8:48:c1:23:0b:a1:
70:44:c1:07:bd:cc:86:2d:0a:ce:ab:3e:e7:dc:f5:
7b:68:4c:8c:ef:68:8b:e3:84:c2:00:dc:0c:0b:b0:
1b:bc:c7:e7:08:20:0f:cd:b6:42:92:d7:54:1b:22:
f2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:4F:81:3E:C1:0F:97:58:28:5F:BC:6A:8E:C0:1F:6C:32:27:D5:47
X509v3 Authority Key Identifier:
keyid:AE:F1:EE:FA:A7:57:D3:8E:B1:04:FA:4C:BA:4D:96:2B:72:E5:2B:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rvHu-qdX046xBPpMuk2WK3LlK1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/c9f33b-2f1b-4a11-a21d-9a6bd011f8f6/1/pU-BPsEPl1goX7xqjsAfbDIn1Uc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/c9f33b-2f1b-4a11-a21d-9a6bd011f8f6/1/rvHu-qdX046xBPpMuk2WK3LlK1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.188.0/22
83.166.128.0/19
84.16.64.0/19
93.88.240.0/20
128.65.192.0/21
185.74.68.0/22
185.125.24.0/22
185.172.100.0/22
185.176.224.0/22
185.177.60.0/22
185.181.160.0/22
193.111.233.0/24
193.128.7.0/24
193.134.93.0/24
193.134.250.0/24
195.15.192.0/18
IPv6:
2001:1600::/29
Signature Algorithm: sha256WithRSAEncryption
90:67:49:cf:3b:6c:1d:67:9a:25:da:5c:a9:66:cf:49:19:ee:
62:f4:b9:a6:d3:ab:3b:da:03:8b:97:cb:38:e4:93:40:11:a0:
20:ba:63:9a:08:05:93:fd:b1:e1:e6:19:39:63:b6:b6:0e:b1:
0e:11:2e:31:34:75:f6:fb:48:21:2e:11:cb:01:ca:db:41:73:
7c:c7:b5:e5:b5:83:e4:67:7f:5a:54:ec:ca:ac:09:bb:2f:ce:
2d:b2:52:58:28:11:9f:ac:ab:89:7d:a4:96:61:96:73:62:84:
a3:87:ef:f3:e7:11:00:72:62:2b:da:d3:27:df:9a:64:cd:12:
38:2e:d5:79:22:59:0b:48:82:cb:6a:9a:ae:5c:71:3d:11:37:
70:83:12:b0:83:ed:14:07:91:5b:33:4a:f0:95:1d:f4:36:5c:
73:4e:79:fc:98:5b:fe:e5:ea:fc:8a:e1:3a:45:b2:e3:cb:fb:
2d:75:6d:03:4c:74:8a:f1:bd:48:01:83:41:d7:99:23:fe:2b:
94:d1:fe:65:09:25:7b:46:2a:d5:44:88:f8:8e:a4:54:fa:bb:
8e:b2:aa:01:09:86:53:40:79:b0:98:15:85:b5:6c:71:59:65:
0a:88:f4:c5:c8:90:15:a7:35:96:38:45:41:39:38:d3:d3:15:
cc:55:af:0c
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgIERIPjyDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZWYxZWVmYWE3NTdkMzhlYjEwNGZhNGNiYTRkOTYyYjcyZTUyYjUyMB4XDTIyMDEw
MTAzNTMxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTU0ZjgxM2VjMTBm
OTc1ODI4NWZiYzZhOGVjMDFmNmMzMjI3ZDU0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJthGNcZyPo+SY4PCbPq7eyJ0hpEBIi0DLAAIcH/BKLpzfhx
5G3bwMXR/qdapxE1doju+CwBoxkDLwqLgvDbyFhO72EhHMdDXwsCqdunM+ufQSIT
Jls2J1dk1VqXZTookBmURSUthLlxFwSXO2ezqKTYLWOvC+CgmejsejOM2j3rvaUr
WW09o3onazwok7MpWluMpK/JZpk1qj1yZ6IlqdhcqKj9giIz7kuVTxhWMLirJzJZ
Nf1Jl1UY+sVNyPoeymKTx7WNVUwbTlmnyEjBIwuhcETBB73Mhi0Kzqs+59z1e2hM
jO9oi+OEwgDcDAuwG7zH5wggD822QpLXVBsi8ocCAwEAAaOCAnMwggJvMB0GA1Ud
DgQWBBSlT4E+wQ+XWChfvGqOwB9sMifVRzAfBgNVHSMEGDAWgBSu8e76p1fTjrEE
+ky6TZYrcuUrUjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3J2SHUtcWRYMDQ2eEJQcE11azJXSzNMbEsxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzcvYzlmMzNiLTJmMWItNGExMS1hMjFkLTlhNmJkMDExZjhmNi8x
L3BVLUJQc0VQbDFnb1g3eHFqc0FmYkRJbjFVYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcv
YzlmMzNiLTJmMWItNGExMS1hMjFkLTlhNmJkMDExZjhmNi8xL3J2SHUtcWRYMDQ2
eEJQcE11azJXSzNMbEsxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
iAYIKwYBBQUHAQcBAf8EeTB3MGYEAgABMGADBAItnbwDBAVTpoADBAVUEEADBARd
WPADBAOAQcADBAK5SkQDBAK5fRgDBAK5rGQDBAK5sOADBAK5sTwDBAK5taADBADB
b+kDBADBgAcDBADBhl0DBADBhvoDBAbDD8AwDQQCAAIwBwMFAyABFgAwDQYJKoZI
hvcNAQELBQADggEBAJBnSc87bB1nmiXaXKlmz0kZ7mL0uabTqzvaA4uXyzjkk0AR
oCC6Y5oIBZP9seHmGTljtrYOsQ4RLjE0dfb7SCEuEcsByttBc3zHteW1g+Rnf1pU
7MqsCbsvzi2yUlgoEZ+sq4l9pJZhlnNihKOH7/PnEQByYiva0yffmmTNEjgu1Xki
WQtIgstqmq5ccT0RN3CDErCD7RQHkVszSvCVHfQ2XHNOefyYW/7l6vyK4TpFsuPL
+y11bQNMdIrxvUgBg0HXmSP+K5TR/mUJJXtGKtVEiPiOpFT6u46yqgEJhlNAebCY
FYW1bHFZZQqI9MXIkBWnNZY4RUE5ONPTFcxVrww=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:30 2024 by rpki-client on console-fra.rpki-client.org