Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/CIHs2ayue0IHu93cdXjNaiBu85w.roa
File: CIHs2ayue0IHu93cdXjNaiBu85w.roa (raw, json)
Hash identifier: vT7b9ROdYdgMAOh2U4k0lxdSDkD+xqVg+aug4elIFUA=
Subject key identifier: 08:81:EC:D9:AC:AE:7B:42:07:BB:DD:DC:75:78:CD:6A:20:6E:F3:9C
Certificate issuer: /CN=ff40d8a2ea9676369e6e817679490e4e505c89f3
Certificate serial: 0BF51BBA
Authority key identifier: FF:40:D8:A2:EA:96:76:36:9E:6E:81:76:79:49:0E:4E:50:5C:89:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0DYouqWdjaeboF2eUkOTlBcifM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/CIHs2ayue0IHu93cdXjNaiBu85w.roa
Signing time: Mon 13 Jun 2022 10:34:56 +0000
ROA not before: Mon 13 Jun 2022 10:34:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35612
IP address blocks: 146.241.240.0/20 maxlen: 20
84.33.64.0/20 maxlen: 20
146.241.176.0/20 maxlen: 20
146.241.192.0/20 maxlen: 20
78.134.0.0/17 maxlen: 17
146.241.208.0/20 maxlen: 20
185.11.20.0/22 maxlen: 22
146.241.224.0/20 maxlen: 20
84.33.128.0/18 maxlen: 18
84.33.128.0/19 maxlen: 20
216.247.128.0/18 maxlen: 18
84.33.160.0/19 maxlen: 20
84.33.64.0/18 maxlen: 20
147.53.128.0/17 maxlen: 17
88.149.128.0/17 maxlen: 17
49.236.0.0/20 maxlen: 20
49.236.0.0/18 maxlen: 18
146.241.16.0/20 maxlen: 20
49.236.16.0/20 maxlen: 20
146.241.32.0/20 maxlen: 20
128.116.128.0/17 maxlen: 17
49.236.32.0/20 maxlen: 20
146.241.48.0/20 maxlen: 20
49.236.48.0/20 maxlen: 20
146.241.64.0/20 maxlen: 20
77.32.0.0/17 maxlen: 17
77.32.0.0/20 maxlen: 20
212.124.160.0/19 maxlen: 19
77.32.16.0/20 maxlen: 20
77.32.32.0/20 maxlen: 20
146.241.0.0/20 maxlen: 20
146.241.0.0/16 maxlen: 22
77.32.48.0/20 maxlen: 20
146.241.128.0/20 maxlen: 20
88.147.64.0/20 maxlen: 20
146.241.144.0/20 maxlen: 20
5.157.96.0/19 maxlen: 19
146.241.160.0/20 maxlen: 20
146.241.80.0/20 maxlen: 20
88.147.0.0/17 maxlen: 17
81.174.0.0/18 maxlen: 18
146.241.96.0/20 maxlen: 20
146.241.112.0/20 maxlen: 20
88.147.32.0/19 maxlen: 20
2001:4c90::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 200612794 (0xbf51bba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff40d8a2ea9676369e6e817679490e4e505c89f3
Validity
Not Before: Jun 13 10:34:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0881ecd9acae7b4207bbdddc7578cd6a206ef39c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:16:c5:50:13:0b:c2:aa:7f:2c:b6:c2:45:5d:
b4:17:c2:a8:97:6e:87:63:20:24:4d:86:ac:08:50:
d8:5b:be:77:7d:ca:04:c4:e6:b5:17:c5:ee:fd:63:
ab:3b:97:f4:17:15:f3:6b:82:9e:74:ab:ed:c0:9a:
ad:45:82:bd:ab:3f:e9:90:69:cd:e4:a3:af:78:80:
ac:ba:5a:f8:88:c0:f2:4d:0f:89:77:65:fb:9c:8e:
6b:c2:1f:19:bc:9c:e9:ff:47:3d:f7:63:74:82:0c:
ca:b1:6c:20:e9:d7:ec:4a:06:0b:a3:5e:d5:33:76:
db:b9:d9:e6:9e:e7:0e:9a:46:99:b4:46:c7:3b:f8:
73:f4:9c:5b:98:3f:44:fb:c4:8f:c0:cf:5a:7f:45:
e2:99:e5:ed:de:c2:ab:75:c6:4d:99:2b:5f:5b:32:
fc:1a:ed:6e:a7:f7:31:08:d0:31:29:8c:67:79:99:
98:60:ed:9c:0d:fa:c9:69:ea:4e:a2:48:df:6b:45:
91:65:9c:72:5b:4d:45:d7:24:bf:af:73:63:dd:7d:
98:47:e1:dc:05:ef:63:6e:23:e3:55:b0:02:98:1d:
3e:1f:8b:bc:ad:2d:96:e3:18:97:89:c9:d6:1a:65:
3e:4d:00:34:1c:3b:c7:ea:3d:83:f6:4d:72:51:34:
0a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:81:EC:D9:AC:AE:7B:42:07:BB:DD:DC:75:78:CD:6A:20:6E:F3:9C
X509v3 Authority Key Identifier:
keyid:FF:40:D8:A2:EA:96:76:36:9E:6E:81:76:79:49:0E:4E:50:5C:89:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0DYouqWdjaeboF2eUkOTlBcifM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/CIHs2ayue0IHu93cdXjNaiBu85w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/_0DYouqWdjaeboF2eUkOTlBcifM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.96.0/19
49.236.0.0/18
77.32.0.0/17
78.134.0.0/17
81.174.0.0/18
84.33.64.0-84.33.191.255
88.147.0.0/17
88.149.128.0/17
128.116.128.0/17
146.241.0.0/16
147.53.128.0/17
185.11.20.0/22
212.124.160.0/19
216.247.128.0/18
IPv6:
2001:4c90::/29
Signature Algorithm: sha256WithRSAEncryption
6e:17:21:5f:67:90:9a:27:bd:71:b8:3f:47:0b:92:15:80:49:
4e:a9:67:35:c0:ae:e1:f5:ad:b8:9c:4c:63:d7:27:57:35:6d:
8e:db:74:a2:90:ac:9c:e9:44:5b:57:6c:98:59:55:bb:88:c5:
54:40:58:13:43:c8:35:3e:05:28:8e:e6:d4:92:2c:5c:96:61:
27:04:85:02:45:78:34:5a:c8:e4:fb:26:9b:a5:86:55:6f:52:
dd:11:d6:b0:82:af:39:c0:3a:6f:cb:a6:1b:0a:5d:7f:03:9b:
12:e2:67:bc:7d:b4:41:06:64:ac:fb:b2:1e:37:34:0b:e7:9c:
cc:08:94:da:35:5a:65:e9:fe:bb:41:49:d4:c1:ee:76:96:0d:
48:69:f5:c8:47:3a:15:09:bc:a8:23:1b:ab:bb:c8:19:33:48:
3b:64:de:a5:61:f2:78:a9:86:0e:ab:b2:1a:2c:3f:68:31:e2:
cd:ab:c8:8f:f1:ae:e4:c4:6a:eb:a0:b0:0e:9a:20:13:df:80:
85:61:a0:16:e5:1a:5f:95:c5:03:d4:8f:5c:eb:de:c2:31:58:
55:b5:48:d4:18:0c:b5:52:b4:5b:b6:01:b9:ab:78:0d:35:f7:
70:1c:b2:c3:63:9e:c6:03:81:fc:72:8d:cd:8a:38:6a:d1:ba:
d3:57:57:a7
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIEC/UbujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZjQwZDhhMmVhOTY3NjM2OWU2ZTgxNzY3OTQ5MGU0ZTUwNWM4OWYzMB4XDTIyMDYx
MzEwMzQ1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDg4MWVjZDlhY2Fl
N2I0MjA3YmJkZGRjNzU3OGNkNmEyMDZlZjM5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANkWxVATC8Kqfyy2wkVdtBfCqJduh2MgJE2GrAhQ2Fu+d33K
BMTmtRfF7v1jqzuX9BcV82uCnnSr7cCarUWCvas/6ZBpzeSjr3iArLpa+IjA8k0P
iXdl+5yOa8IfGbyc6f9HPfdjdIIMyrFsIOnX7EoGC6Ne1TN227nZ5p7nDppGmbRG
xzv4c/ScW5g/RPvEj8DPWn9F4pnl7d7Cq3XGTZkrX1sy/Brtbqf3MQjQMSmMZ3mZ
mGDtnA36yWnqTqJI32tFkWWccltNRdckv69zY919mEfh3AXvY24j41WwApgdPh+L
vK0tluMYl4nJ1hplPk0ANBw7x+o9g/ZNclE0CsMCAwEAAaOCAm4wggJqMB0GA1Ud
DgQWBBQIgezZrK57Qge73dx1eM1qIG7znDAfBgNVHSMEGDAWgBT/QNii6pZ2Np5u
gXZ5SQ5OUFyJ8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L18wRFlvdXFXZGphZWJvRjJlVWtPVGxCY2lmTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvN2FiZjNjLTI5ZjMtNDNjOC05NzhlLWIwNTBjMTEyOTEyNi8x
L0NJSHMyYXl1ZTBJSHU5M2NkWGpOYWlCdTg1dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
N2FiZjNjLTI5ZjMtNDNjOC05NzhlLWIwNTBjMTEyOTEyNi8xL18wRFlvdXFXZGph
ZWJvRjJlVWtPVGxCY2lmTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
gwYIKwYBBQUHAQcBAf8EdDByMGEEAgABMFsDBAUFnWADBAYx7AADBAdNIAADBAdO
hgADBAZRrgAwDAMEBlQhQAMEBlQhgAMEB1iTAAMEB1iVgAMEB4B0gAMDAJLxAwQH
kzWAAwQCuQsUAwQF1HygAwQG2PeAMA0EAgACMAcDBQMgAUyQMA0GCSqGSIb3DQEB
CwUAA4IBAQBuFyFfZ5CaJ71xuD9HC5IVgElOqWc1wK7h9a24nExj1ydXNW2O23Si
kKyc6URbV2yYWVW7iMVUQFgTQ8g1PgUojubUkixclmEnBIUCRXg0Wsjk+yabpYZV
b1LdEdawgq85wDpvy6YbCl1/A5sS4me8fbRBBmSs+7IeNzQL55zMCJTaNVpl6f67
QUnUwe52lg1IafXIRzoVCbyoIxuru8gZM0g7ZN6lYfJ4qYYOq7IaLD9oMeLNq8iP
8a7kxGrroLAOmiAT34CFYaAW5RpflcUD1I9c697CMVhVtUjUGAy1UrRbtgG5q3gN
NfdwHLLDY57GA4H8co3Nijhq0brTV1en
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:46 2024 by rpki-client on console-ams.rpki-client.org