Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/051035-200d-41e8-adf1-d33f08f3a48d/1/ajqxBZLOGkXmS6hBtfZ6Hn2uZTg.roa
File: ajqxBZLOGkXmS6hBtfZ6Hn2uZTg.roa (raw, json)
Hash identifier: PfTE3oS5hAgjSQIvFtNv3q6yz/E6BwPzHHJuQ9jPeZE=
Subject key identifier: 6A:3A:B1:05:92:CE:1A:45:E6:4B:A8:41:B5:F6:7A:1E:7D:AE:65:38
Certificate issuer: /CN=e2110acce33ac85011ca8c22d2001666e45b9377
Certificate serial: 0D969E25
Authority key identifier: E2:11:0A:CC:E3:3A:C8:50:11:CA:8C:22:D2:00:16:66:E4:5B:93:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4hEKzOM6yFARyowi0gAWZuRbk3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/051035-200d-41e8-adf1-d33f08f3a48d/1/ajqxBZLOGkXmS6hBtfZ6Hn2uZTg.roa
Signing time: Sat 01 Jan 2022 09:06:17 +0000
ROA not before: Sat 01 Jan 2022 09:06:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34762
IP address blocks: 188.211.170.0/23 maxlen: 24
87.238.160.0/21 maxlen: 24
89.36.74.0/23 maxlen: 24
188.93.152.0/21 maxlen: 24
77.73.96.0/21 maxlen: 24
5.134.0.0/21 maxlen: 24
194.150.225.0/24 maxlen: 24
194.150.224.0/23 maxlen: 23
194.150.224.0/24 maxlen: 24
188.208.36.0/23 maxlen: 24
178.208.32.0/19 maxlen: 24
79.174.128.0/21 maxlen: 24
217.19.224.0/20 maxlen: 24
217.19.228.0/22 maxlen: 24
217.19.232.0/23 maxlen: 24
217.19.234.0/23 maxlen: 24
195.13.56.0/23 maxlen: 24
195.13.56.0/24 maxlen: 24
37.72.160.0/21 maxlen: 24
176.62.160.0/20 maxlen: 24
31.193.176.0/21 maxlen: 24
83.217.80.0/20 maxlen: 24
89.42.54.0/23 maxlen: 24
185.86.16.0/22 maxlen: 24
188.93.96.0/21 maxlen: 24
194.26.24.0/24 maxlen: 24
77.241.80.0/20 maxlen: 24
77.241.83.0/24 maxlen: 24
77.241.87.0/24 maxlen: 24
77.241.95.0/24 maxlen: 24
185.2.52.0/22 maxlen: 24
77.241.93.0/24 maxlen: 24
195.234.184.0/24 maxlen: 24
93.115.168.0/23 maxlen: 23
185.18.8.0/22 maxlen: 24
94.176.98.0/23 maxlen: 24
89.44.166.0/23 maxlen: 24
217.21.176.0/20 maxlen: 24
217.21.176.0/21 maxlen: 24
217.21.179.0/24 maxlen: 24
217.21.184.0/22 maxlen: 24
217.21.188.0/22 maxlen: 24
83.217.64.0/19 maxlen: 24
83.217.64.0/20 maxlen: 20
193.111.95.0/24 maxlen: 24
62.182.56.0/21 maxlen: 21
88.151.240.0/21 maxlen: 24
194.165.51.0/24 maxlen: 24
193.239.210.0/23 maxlen: 24
195.47.215.0/24 maxlen: 24
31.14.50.0/23 maxlen: 24
185.162.28.0/22 maxlen: 24
37.148.176.0/21 maxlen: 24
185.111.196.0/22 maxlen: 24
2a07:ca80::/29 maxlen: 64
2a00:1c98::/32 maxlen: 64
2a02:d08::/32 maxlen: 64
2a00:7000::/32 maxlen: 64
2a03:a800::/32 maxlen: 32
2a00:1c98:fff0::/44 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 227974693 (0xd969e25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2110acce33ac85011ca8c22d2001666e45b9377
Validity
Not Before: Jan 1 09:06:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a3ab10592ce1a45e64ba841b5f67a1e7dae6538
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:4d:72:5c:61:ba:1b:73:6b:b7:c1:fa:82:7b:
c3:0a:7f:52:47:0e:76:c3:78:ec:3b:f2:70:cd:0d:
28:b2:e5:14:58:7e:b5:49:25:84:fe:28:d6:c8:4d:
aa:b1:13:db:49:4c:ed:8f:65:32:51:89:3e:62:84:
fb:6b:20:e4:84:49:c6:7c:05:8d:9e:ff:84:2c:b9:
a3:59:7d:5b:80:f8:e3:a3:20:8e:ca:80:33:f4:67:
53:18:74:90:ba:63:e8:63:65:e9:c3:9c:5b:5d:a0:
20:eb:1e:80:4f:bc:8b:74:7a:a7:06:89:23:7e:24:
2f:79:b6:95:e0:79:0d:a7:ae:23:70:e2:75:c1:51:
b9:32:e0:b1:6a:c9:bf:c6:d9:91:0c:e5:bf:9b:10:
84:e3:12:e2:8b:f1:9c:21:5e:2c:1c:2c:5a:b7:45:
d6:eb:27:cb:35:07:25:84:80:30:6e:5b:b1:d5:7a:
e1:71:03:0e:9d:ec:84:02:bc:d8:c9:af:b8:ea:a8:
1f:1c:0d:96:d1:5d:ca:9b:17:d7:da:c2:99:ac:bb:
ca:35:39:d3:3f:3f:34:d3:17:8e:d9:22:20:0c:81:
13:94:52:9f:89:b3:87:da:e1:ce:61:88:ad:57:4a:
b4:19:69:61:3b:87:e7:93:39:14:df:4b:7c:8d:a6:
ac:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:3A:B1:05:92:CE:1A:45:E6:4B:A8:41:B5:F6:7A:1E:7D:AE:65:38
X509v3 Authority Key Identifier:
keyid:E2:11:0A:CC:E3:3A:C8:50:11:CA:8C:22:D2:00:16:66:E4:5B:93:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4hEKzOM6yFARyowi0gAWZuRbk3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/051035-200d-41e8-adf1-d33f08f3a48d/1/ajqxBZLOGkXmS6hBtfZ6Hn2uZTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/051035-200d-41e8-adf1-d33f08f3a48d/1/4hEKzOM6yFARyowi0gAWZuRbk3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.0.0/21
31.14.50.0/23
31.193.176.0/21
37.72.160.0/21
37.148.176.0/21
62.182.56.0/21
77.73.96.0/21
77.241.80.0/20
79.174.128.0/21
83.217.64.0/19
87.238.160.0/21
88.151.240.0/21
89.36.74.0/23
89.42.54.0/23
89.44.166.0/23
93.115.168.0/23
94.176.98.0/23
176.62.160.0/20
178.208.32.0/19
185.2.52.0/22
185.18.8.0/22
185.86.16.0/22
185.111.196.0/22
185.162.28.0/22
188.93.96.0/21
188.93.152.0/21
188.208.36.0/23
188.211.170.0/23
193.111.95.0/24
193.239.210.0/23
194.26.24.0/24
194.150.224.0/23
194.165.51.0/24
195.13.56.0/23
195.47.215.0/24
195.234.184.0/24
217.19.224.0/20
217.21.176.0/20
IPv6:
2a00:1c98::/32
2a00:7000::/32
2a02:d08::/32
2a03:a800::/32
2a07:ca80::/29
Signature Algorithm: sha256WithRSAEncryption
6e:6e:84:78:82:f8:e6:bd:f6:fc:2b:2d:8a:fb:a4:f3:12:b5:
fc:47:be:e8:06:c2:c3:23:9e:92:da:ef:10:dd:d4:30:73:aa:
b7:f9:59:24:76:d2:3c:d7:3a:51:0c:f2:4c:7a:12:92:d2:c3:
b5:0b:a3:9a:a1:af:78:ee:55:c0:d6:f2:c9:a6:46:10:76:ad:
52:cd:1f:e2:d8:8d:79:95:a7:33:ec:44:f8:f1:d6:e4:a0:69:
35:d4:4f:48:75:12:b1:c8:ab:d2:1b:2c:25:f5:b6:c1:27:4f:
3b:c9:c4:4b:97:39:74:a9:8f:e2:82:82:57:80:dd:74:41:b9:
aa:b6:0a:3e:6c:2c:ce:1d:88:76:b3:61:0f:84:ca:63:4f:db:
92:96:12:63:d9:d1:15:33:ac:79:fb:01:24:e2:a1:41:38:b2:
a8:a6:ec:d0:f4:0e:30:76:7b:6e:53:3a:d4:fb:96:03:7c:2f:
40:d0:94:0f:7e:98:6e:b4:5f:20:7b:3c:4f:59:24:c7:c7:a2:
e8:33:b8:ab:34:63:72:3a:5d:cc:77:79:52:e4:60:da:30:ff:
bf:ea:dd:72:6b:e4:60:97:f2:87:1b:4e:6b:73:5b:52:c1:f4:
38:5f:9b:6d:4c:16:1c:f7:a6:86:df:15:39:10:22:18:89:8e:
df:05:df:8f
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgIEDZaeJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MjExMGFjY2UzM2FjODUwMTFjYThjMjJkMjAwMTY2NmU0NWI5Mzc3MB4XDTIyMDEw
MTA5MDYxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmEzYWIxMDU5MmNl
MWE0NWU2NGJhODQxYjVmNjdhMWU3ZGFlNjUzODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL9Nclxhuhtza7fB+oJ7wwp/UkcOdsN47DvycM0NKLLlFFh+
tUklhP4o1shNqrET20lM7Y9lMlGJPmKE+2sg5IRJxnwFjZ7/hCy5o1l9W4D446Mg
jsqAM/RnUxh0kLpj6GNl6cOcW12gIOsegE+8i3R6pwaJI34kL3m2leB5DaeuI3Di
dcFRuTLgsWrJv8bZkQzlv5sQhOMS4ovxnCFeLBwsWrdF1usnyzUHJYSAMG5bsdV6
4XEDDp3shAK82MmvuOqoHxwNltFdypsX19rCmay7yjU50z8/NNMXjtkiIAyBE5RS
n4mzh9rhzmGIrVdKtBlpYTuH55M5FN9LfI2mrLcCAwEAAaOCAxowggMWMB0GA1Ud
DgQWBBRqOrEFks4aReZLqEG19noefa5lODAfBgNVHSMEGDAWgBTiEQrM4zrIUBHK
jCLSABZm5FuTdzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRoRUt6T002eUZBUnlvd2kwZ0FXWnVSYmszYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDQvMDUxMDM1LTIwMGQtNDFlOC1hZGYxLWQzM2YwOGYzYTQ4ZC8x
L2FqcXhCWkxPR2tYbVM2aEJ0Zlo2SG4ydVpUZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQv
MDUxMDM1LTIwMGQtNDFlOC1hZGYxLWQzM2YwOGYzYTQ4ZC8xLzRoRUt6T002eUZB
Unlvd2kwZ0FXWnVSYmszYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AS4GCCsGAQUFBwEHAQH/BIIBHTCCARkwgesEAgABMIHkAwQDBYYAAwQBHw4yAwQD
H8GwAwQDJUigAwQDJZSwAwQDPrY4AwQDTUlgAwQETfFQAwQDT66AAwQFU9lAAwQD
V+6gAwQDWJfwAwQBWSRKAwQBWSo2AwQBWSymAwQBXXOoAwQBXrBiAwQEsD6gAwQF
stAgAwQCuQI0AwQCuRIIAwQCuVYQAwQCuW/EAwQCuaIcAwQDvF1gAwQDvF2YAwQB
vNAkAwQBvNOqAwQAwW9fAwQBwe/SAwQAwhoYAwQBwpbgAwQAwqUzAwQBww04AwQA
wy/XAwQAw+q4AwQE2RPgAwQE2RWwMCkEAgACMCMDBQAqAByYAwUAKgBwAAMFACoC
DQgDBQAqA6gAAwUDKgfKgDANBgkqhkiG9w0BAQsFAAOCAQEAbm6EeIL45r32/Cst
ivuk8xK1/Ee+6AbCwyOektrvEN3UMHOqt/lZJHbSPNc6UQzyTHoSktLDtQujmqGv
eO5VwNbyyaZGEHatUs0f4tiNeZWnM+xE+PHW5KBpNdRPSHUSscir0hssJfW2wSdP
O8nES5c5dKmP4oKCV4DddEG5qrYKPmwszh2IdrNhD4TKY0/bkpYSY9nRFTOsefsB
JOKhQTiyqKbs0PQOMHZ7blM61PuWA3wvQNCUD36YbrRfIHs8T1kkx8ei6DO4qzRj
cjpdzHd5UuRg2jD/v+rdcmvkYJfyhxtOa3NbUsH0OF+bbUwWHPemht8VORAiGImO
3wXfjw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:01:33 2025 by rpki-client