Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/CgYwlaBTn94oPIpT_pHoJCDrh1c.roa
File: CgYwlaBTn94oPIpT_pHoJCDrh1c.roa (raw, json)
Hash identifier: WRsLuxQ9KuLFj/2TCq3lNf6ZrB+/obfxhXH7Uy71n/o=
Subject key identifier: 0A:06:30:95:A0:53:9F:DE:28:3C:8A:53:FE:91:E8:24:20:EB:87:57
Certificate issuer: /CN=5324defbaade93e998e13a942029dd593b8b2ea3
Certificate serial: 01851B87CBC64A48C874F7731AB0DF81B0CE
Authority key identifier: 53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/CgYwlaBTn94oPIpT_pHoJCDrh1c.roa
Signing time: Fri 16 Dec 2022 15:22:42 +0000
ROA not before: Fri 16 Dec 2022 15:22:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197328
IP address blocks: 167.160.11.0/24 maxlen: 24
162.222.88.0/24 maxlen: 24
167.160.13.0/24 maxlen: 24
5.255.57.0/24 maxlen: 24
5.255.62.0/24 maxlen: 24
5.255.61.0/24 maxlen: 24
5.255.63.0/24 maxlen: 24
185.150.2.0/24 maxlen: 24
167.160.27.0/24 maxlen: 24
185.165.47.0/24 maxlen: 24
91.92.112.0/23 maxlen: 23
185.4.225.0/24 maxlen: 24
185.4.224.0/23 maxlen: 23
185.4.227.0/24 maxlen: 24
107.150.172.0/24 maxlen: 24
107.150.177.0/24 maxlen: 24
185.212.172.0/24 maxlen: 24
185.212.173.0/24 maxlen: 24
185.212.175.0/24 maxlen: 24
23.252.66.0/24 maxlen: 24
185.162.72.0/23 maxlen: 23
2a07:5140::/29 maxlen: 29
2a06:4b40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1b:87:cb:c6:4a:48:c8:74:f7:73:1a:b0:df:81:b0:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5324defbaade93e998e13a942029dd593b8b2ea3
Validity
Not Before: Dec 16 15:22:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a063095a0539fde283c8a53fe91e82420eb8757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ed:d8:c7:73:8e:9d:2c:8a:8f:02:0f:12:83:
7b:f2:2a:d0:eb:7c:9a:98:b4:47:e7:21:2f:7a:25:
d5:d9:c0:ce:61:80:36:6e:b9:2a:73:2e:a0:b8:84:
56:93:db:ed:18:e0:6b:24:7f:de:5e:5d:45:b8:b2:
c6:c7:d4:81:f6:55:88:38:7f:2b:11:be:16:28:b6:
2e:62:d9:cd:48:69:85:e2:e5:bd:44:92:dd:f0:6f:
de:8b:86:47:d3:30:20:d2:3b:bb:d5:fb:ce:97:c9:
ac:b7:ff:70:5c:db:95:20:83:28:01:16:c7:30:7e:
5f:4e:2e:60:21:a6:ba:00:bc:92:9e:50:3f:ce:61:
09:28:c2:10:ca:36:4e:4e:e7:41:79:0a:a8:5a:6c:
c6:a2:93:bf:4e:8d:8b:24:6e:c6:79:a1:8a:e7:06:
e5:ed:12:10:49:04:e9:fd:40:2d:a5:88:10:07:97:
f8:4e:1a:7c:0e:74:b2:45:18:f8:38:a5:fc:9c:f8:
3f:42:cc:6f:69:6a:c6:9d:db:92:a6:4a:73:19:c9:
6a:24:c9:54:1f:62:fa:07:66:3e:2c:06:61:9f:d0:
16:62:c1:65:50:15:60:4c:d6:99:9a:16:09:5e:95:
9f:a9:50:e9:e8:a4:e8:c5:c4:2c:96:64:b3:1a:5a:
f1:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:06:30:95:A0:53:9F:DE:28:3C:8A:53:FE:91:E8:24:20:EB:87:57
X509v3 Authority Key Identifier:
keyid:53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/CgYwlaBTn94oPIpT_pHoJCDrh1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.57.0/24
5.255.61.0-5.255.63.255
23.252.66.0/24
91.92.112.0/23
107.150.172.0/24
107.150.177.0/24
162.222.88.0/24
167.160.11.0/24
167.160.13.0/24
167.160.27.0/24
185.4.224.0/23
185.4.227.0/24
185.150.2.0/24
185.162.72.0/23
185.165.47.0/24
185.212.172.0/23
185.212.175.0/24
IPv6:
2a06:4b40::/29
2a07:5140::/29
Signature Algorithm: sha256WithRSAEncryption
98:36:c4:43:01:c5:12:9c:7e:4f:c4:e0:24:36:3c:d8:dd:c3:
ef:b1:29:0c:7d:69:5f:8c:ac:f9:0f:ec:09:e8:bc:e7:ac:fe:
47:49:5a:30:80:91:bd:13:54:b6:8e:71:02:0d:00:2b:60:a8:
71:27:f0:e1:2b:d2:ef:42:54:00:07:43:f1:f3:8a:b0:a4:94:
ed:33:76:e6:5a:e1:e6:2a:56:10:80:bd:c8:5b:cf:f7:a8:1b:
b8:ce:84:15:a1:2e:cc:b6:54:1a:e4:61:b2:8f:99:86:35:db:
ce:7f:ee:4b:88:26:bc:89:cc:ed:a5:e5:28:e7:d1:14:0c:a1:
eb:0d:99:d2:e3:30:f1:dd:5a:4a:db:54:62:6a:41:01:cb:72:
f1:5a:05:63:66:3e:5b:db:e2:c2:61:da:aa:3d:0f:36:90:c8:
86:85:87:48:03:89:af:05:f9:25:13:33:89:f6:8b:37:03:17:
f4:3b:6f:a2:b3:da:64:0d:fe:95:3e:21:12:37:c1:f9:4c:e7:
8d:c3:2c:5a:e2:92:f3:36:03:bd:4c:bd:50:01:2f:3c:24:52:
68:70:ad:41:2e:a3:69:e3:7e:35:15:26:31:46:0c:4f:49:4b:
3e:f2:d9:7c:54:63:5a:c4:cf:c6:19:01:fa:97:76:09:87:ec:
b5:ef:95:f4
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYUbh8vGSkjIdPdzGrDfgbDOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMjRkZWZiYWFkZTkzZTk5OGUxM2E5NDIwMjlkZDU5M2I4
YjJlYTMwHhcNMjIxMjE2MTUyMjQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTA2MzA5NWEwNTM5ZmRlMjgzYzhhNTNmZTkxZTgyNDIwZWI4NzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxe3Yx3OOnSyKjwIPEoN78irQ63ya
mLRH5yEveiXV2cDOYYA2brkqcy6guIRWk9vtGOBrJH/eXl1FuLLGx9SB9lWIOH8r
Eb4WKLYuYtnNSGmF4uW9RJLd8G/ei4ZH0zAg0ju71fvOl8mst/9wXNuVIIMoARbH
MH5fTi5gIaa6ALySnlA/zmEJKMIQyjZOTudBeQqoWmzGopO/To2LJG7GeaGK5wbl
7RIQSQTp/UAtpYgQB5f4Thp8DnSyRRj4OKX8nPg/QsxvaWrGnduSpkpzGclqJMlU
H2L6B2Y+LAZhn9AWYsFlUBVgTNaZmhYJXpWfqVDp6KToxcQslmSzGlrxwwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFAoGMJWgU5/eKDyKU/6R6CQg64dXMB8GA1UdIwQY
MBaAFFMk3vuq3pPpmOE6lCAp3Vk7iy6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2Qt
MzNiNzQ1OTk3NWUwLzEvQ2dZd2xhQlRuOTRvUElwVF9wSG9KQ0RyaDFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2QtMzNiNzQ1OTk3NWUw
LzEvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDB0BAIAATBuAwQABf85
MAwDBAAF/z0DBAYF/wADBAAX/EIDBAFbXHADBABrlqwDBABrlrEDBACi3lgDBACn
oAsDBACnoA0DBACnoBsDBAG5BOADBAC5BOMDBAC5lgIDBAG5okgDBAC5pS8DBAG5
1KwDBAC51K8wFAQCAAIwDgMFAyoGS0ADBQMqB1FAMA0GCSqGSIb3DQEBCwUAA4IB
AQCYNsRDAcUSnH5PxOAkNjzY3cPvsSkMfWlfjKz5D+wJ6LznrP5HSVowgJG9E1S2
jnECDQArYKhxJ/DhK9LvQlQAB0Px84qwpJTtM3bmWuHmKlYQgL3IW8/3qBu4zoQV
oS7MtlQa5GGyj5mGNdvOf+5LiCa8icztpeUo59EUDKHrDZnS4zDx3VpK21RiakEB
y3LxWgVjZj5b2+LCYdqqPQ82kMiGhYdIA4mvBfklEzOJ9os3Axf0O2+is9pkDf6V
PiESN8H5TOeNwyxa4pLzNgO9TL1QAS88JFJocK1BLqNp4341FSYxRgxPSUs+8tl8
VGNaxM/GGQH6l3YJh+y175X0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:19 2024 by rpki-client on console-fra.rpki-client.org