Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/xIpzCahADKvJ3L63F2qgBV3dcsk.roa
File: xIpzCahADKvJ3L63F2qgBV3dcsk.roa (raw, json)
Hash identifier: mX7P15Q5+7JORrR9PmMdONeCZNxT7CbnFUKQCr+PTtc=
Subject key identifier: C4:8A:73:09:A8:40:0C:AB:C9:DC:BE:B7:17:6A:A0:05:5D:DD:72:C9
Certificate issuer: /CN=ab91d5262561a9dd713dfa39163dec849fee4636
Certificate serial: 3AF8B13C
Authority key identifier: AB:91:D5:26:25:61:A9:DD:71:3D:FA:39:16:3D:EC:84:9F:EE:46:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/xIpzCahADKvJ3L63F2qgBV3dcsk.roa
Signing time: Sat 01 Jan 2022 05:02:03 +0000
ROA not before: Sat 01 Jan 2022 05:02:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2119
IP address blocks: 195.134.32.0/19 maxlen: 19
77.16.0.0/14 maxlen: 14
80.212.0.0/15 maxlen: 15
134.47.0.0/16 maxlen: 16
193.212.0.0/14 maxlen: 14
2.148.0.0/14 maxlen: 14
84.202.0.0/16 maxlen: 16
87.252.64.0/19 maxlen: 19
130.67.0.0/16 maxlen: 16
62.16.128.0/17 maxlen: 17
46.66.0.0/15 maxlen: 15
82.116.64.0/19 maxlen: 19
148.123.0.0/16 maxlen: 16
82.164.0.0/16 maxlen: 16
85.164.0.0/14 maxlen: 14
193.160.192.0/22 maxlen: 22
193.160.196.0/22 maxlen: 22
84.53.0.0/18 maxlen: 18
193.160.200.0/22 maxlen: 22
194.248.0.0/16 maxlen: 16
148.120.0.0/15 maxlen: 15
212.251.128.0/17 maxlen: 17
46.9.0.0/16 maxlen: 16
62.92.0.0/16 maxlen: 16
46.156.0.0/15 maxlen: 15
31.45.0.0/17 maxlen: 17
62.128.224.0/19 maxlen: 19
176.75.0.0/16 maxlen: 16
144.193.0.0/16 maxlen: 16
194.143.0.0/17 maxlen: 17
62.102.160.0/19 maxlen: 19
37.200.0.0/18 maxlen: 18
185.4.172.0/22 maxlen: 22
146.172.0.0/16 maxlen: 16
83.108.0.0/15 maxlen: 15
95.34.0.0/16 maxlen: 16
217.148.144.0/20 maxlen: 20
62.249.160.0/19 maxlen: 19
217.199.32.0/19 maxlen: 19
109.189.0.0/16 maxlen: 16
37.253.0.0/16 maxlen: 16
148.118.0.0/15 maxlen: 15
88.88.0.0/13 maxlen: 13
212.17.128.0/19 maxlen: 19
148.122.0.0/16 maxlen: 16
212.4.32.0/19 maxlen: 19
213.142.64.0/19 maxlen: 19
62.209.64.0/18 maxlen: 18
109.179.0.0/16 maxlen: 16
78.158.224.0/19 maxlen: 19
2a02:a38::/32 maxlen: 32
2a02:2120::/30 maxlen: 30
2001:4600::/24 maxlen: 24
2a02:2640::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 989376828 (0x3af8b13c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab91d5262561a9dd713dfa39163dec849fee4636
Validity
Not Before: Jan 1 05:02:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c48a7309a8400cabc9dcbeb7176aa0055ddd72c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:59:7a:3a:67:8d:99:31:88:4f:d3:ed:e5:dd:
42:ca:07:37:d7:b6:dd:19:18:68:77:f0:6f:6f:05:
bd:e9:d3:ce:ad:65:91:bc:cf:ec:97:ac:ce:de:6f:
b5:f2:16:a6:e9:69:8f:f8:48:5f:77:6f:69:3d:20:
f4:ab:2f:89:bf:94:77:71:22:59:9f:bc:2f:7d:5d:
d0:e7:23:31:60:dc:6a:b8:da:3e:c9:ec:9c:d7:73:
34:59:da:8c:d9:2f:8c:d9:99:70:d4:14:f5:c7:97:
dd:1b:59:af:32:da:0f:ac:31:47:34:ac:1c:fb:a0:
0a:3f:d1:0d:ce:1d:84:57:92:62:8a:a9:07:24:c2:
37:c0:25:72:4c:a8:91:3d:1b:8e:ca:37:0f:33:b6:
da:fd:39:8b:14:b7:99:b1:3a:29:ef:03:14:8d:41:
18:2e:03:e5:83:24:2b:da:2a:62:9c:d0:6c:f1:a8:
d8:45:66:32:7c:84:a4:1f:10:6b:ba:40:50:b6:0c:
5b:7e:53:1a:00:2f:8d:51:a0:dc:44:16:c8:11:d6:
af:32:ef:01:50:f8:71:19:e4:48:a1:f6:93:52:c4:
60:43:d7:fe:35:f8:70:38:79:d5:63:ac:64:76:81:
99:f3:99:a1:9b:7a:97:8c:20:7a:f3:5e:43:d5:96:
13:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:8A:73:09:A8:40:0C:AB:C9:DC:BE:B7:17:6A:A0:05:5D:DD:72:C9
X509v3 Authority Key Identifier:
keyid:AB:91:D5:26:25:61:A9:DD:71:3D:FA:39:16:3D:EC:84:9F:EE:46:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/xIpzCahADKvJ3L63F2qgBV3dcsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.148.0.0/14
31.45.0.0/17
37.200.0.0/18
37.253.0.0/16
46.9.0.0/16
46.66.0.0/15
46.156.0.0/15
62.16.128.0/17
62.92.0.0/16
62.102.160.0/19
62.128.224.0/19
62.209.64.0/18
62.249.160.0/19
77.16.0.0/14
78.158.224.0/19
80.212.0.0/15
82.116.64.0/19
82.164.0.0/16
83.108.0.0/15
84.53.0.0/18
84.202.0.0/16
85.164.0.0/14
87.252.64.0/19
88.88.0.0/13
95.34.0.0/16
109.179.0.0/16
109.189.0.0/16
130.67.0.0/16
134.47.0.0/16
144.193.0.0/16
146.172.0.0/16
148.118.0.0-148.123.255.255
176.75.0.0/16
185.4.172.0/22
193.160.192.0-193.160.203.255
193.212.0.0/14
194.143.0.0/17
194.248.0.0/16
195.134.32.0/19
212.4.32.0/19
212.17.128.0/19
212.251.128.0/17
213.142.64.0/19
217.148.144.0/20
217.199.32.0/19
IPv6:
2001:4600::/24
2a02:a38::/32
2a02:2120::/30
2a02:2640::/32
Signature Algorithm: sha256WithRSAEncryption
19:06:72:41:cd:3c:a3:e6:76:72:73:cd:50:d2:c2:8e:9e:6f:
f5:07:88:a8:be:54:2e:4a:3b:42:c8:bf:30:f2:97:67:cd:bc:
33:db:83:6f:24:1f:fc:1e:0a:60:70:a3:12:1f:96:d6:40:f7:
0c:9a:92:6b:89:da:9c:42:8a:3f:53:50:56:81:63:66:f8:4d:
b8:ea:a1:00:a8:f2:51:e0:1f:bf:c2:db:5c:bd:ed:8e:b3:6a:
43:64:69:99:7e:c8:53:03:c3:a6:24:a6:01:53:7c:d8:e1:4d:
ac:10:55:e0:d8:fb:ce:a0:6f:7c:9f:2f:c0:36:cb:1e:f5:85:
28:fd:3b:dd:3c:3b:ef:26:51:8e:7f:3b:22:d8:82:fc:8e:c0:
92:d0:a0:0a:0e:37:42:65:45:f4:6f:a6:d2:4a:cf:e6:f5:9b:
6e:53:1c:cd:dc:d1:33:95:c7:3a:c1:c3:10:dd:c4:8b:a1:e1:
f2:a2:1e:86:d8:0a:97:ef:5d:ba:6c:7c:25:67:61:8e:c2:7a:
8e:8f:dd:ad:a0:b4:ac:e1:f4:43:be:77:13:de:f1:76:f9:10:
08:6b:3b:67:28:87:86:30:5a:b6:b6:b3:8e:fc:04:8d:50:88:
be:7e:20:97:c9:32:96:33:9a:01:c7:ef:f9:d0:ad:d6:b3:3a:
19:ff:55:83
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgIEOvixPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjkxZDUyNjI1NjFhOWRkNzEzZGZhMzkxNjNkZWM4NDlmZWU0NjM2MB4XDTIyMDEw
MTA1MDIwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzQ4YTczMDlhODQw
MGNhYmM5ZGNiZWI3MTc2YWEwMDU1ZGRkNzJjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKhZejpnjZkxiE/T7eXdQsoHN9e23RkYaHfwb28FvenTzq1l
kbzP7Jeszt5vtfIWpulpj/hIX3dvaT0g9Ksvib+Ud3EiWZ+8L31d0OcjMWDcarja
PsnsnNdzNFnajNkvjNmZcNQU9ceX3RtZrzLaD6wxRzSsHPugCj/RDc4dhFeSYoqp
ByTCN8AlckyokT0bjso3DzO22v05ixS3mbE6Ke8DFI1BGC4D5YMkK9oqYpzQbPGo
2EVmMnyEpB8Qa7pAULYMW35TGgAvjVGg3EQWyBHWrzLvAVD4cRnkSKH2k1LEYEPX
/jX4cDh51WOsZHaBmfOZoZt6l4wgevNeQ9WWEwkCAwEAAaOCAzUwggMxMB0GA1Ud
DgQWBBTEinMJqEAMq8ncvrcXaqAFXd1yyTAfBgNVHSMEGDAWgBSrkdUmJWGp3XE9
+jkWPeyEn+5GNjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3E1SFZKaVZocWQxeFBmbzVGajNzaEpfdVJqWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvOTFlODgyLWJhOGEtNDRjNS05YjBkLTI3NTI0MmFhNjc3NS8x
L3hJcHpDYWhBREt2SjNMNjNGMnFnQlYzZGNzay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
OTFlODgyLWJhOGEtNDRjNS05YjBkLTI3NTI0MmFhNjc3NS8xL3E1SFZKaVZocWQx
eFBmbzVGajNzaEpfdVJqWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AUkGCCsGAQUFBwEHAQH/BIIBODCCATQwggENBAIAATCCAQUDAwIClAMEBx8tAAME
BiXIAAMDACX9AwMALgkDAwEuQgMDAS6cAwQHPhCAAwMAPlwDBAU+ZqADBAU+gOAD
BAY+0UADBAU++aADAwJNEAMEBU6e4AMDAVDUAwQFUnRAAwMAUqQDAwFTbAMEBlQ1
AAMDAFTKAwMCVaQDBAVX/EADAwNYWAMDAF8iAwMAbbMDAwBtvQMDAIJDAwMAhi8D
AwCQwQMDAJKsMAoDAwGUdgMDApR4AwMAsEsDBAK5BKwwDAMEBsGgwAMEAsGgyAMD
AsHUAwQHwo8AAwMAwvgDBAXDhiADBAXUBCADBAXUEYADBAfU+4ADBAXVjkADBATZ
lJADBAXZxyAwIQQCAAIwGwMEACABRgMFACoCCjgDBQIqAiEgAwUAKgImQDANBgkq
hkiG9w0BAQsFAAOCAQEAGQZyQc08o+Z2cnPNUNLCjp5v9QeIqL5ULko7Qsi/MPKX
Z828M9uDbyQf/B4KYHCjEh+W1kD3DJqSa4nanEKKP1NQVoFjZvhNuOqhAKjyUeAf
v8LbXL3tjrNqQ2RpmX7IUwPDpiSmAVN82OFNrBBV4Nj7zqBvfJ8vwDbLHvWFKP07
3Tw77yZRjn87ItiC/I7AktCgCg43QmVF9G+m0krP5vWbblMczdzRM5XHOsHDEN3E
i6Hh8qIehtgKl+9dumx8JWdhjsJ6jo/draC0rOH0Q753E97xdvkQCGs7ZyiHhjBa
trazjvwEjVCIvn4gl8kyljOaAcfv+dCt1rM6Gf9Vgw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:25 2024 by rpki-client on console-fra.rpki-client.org