Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/H324gHBT0xrlsQ_72L7_YGVpXdo.roa
File: H324gHBT0xrlsQ_72L7_YGVpXdo.roa (raw, json)
Hash identifier: 3xuVKSOsI/dBEhn7AAjGIS3eC2xukvV5URk0fHaxxWg=
Subject key identifier: 1F:7D:B8:80:70:53:D3:1A:E5:B1:0F:FB:D8:BE:FF:60:65:69:5D:DA
Certificate issuer: /CN=5324defbaade93e998e13a942029dd593b8b2ea3
Certificate serial: 1AD50A23
Authority key identifier: 53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/H324gHBT0xrlsQ_72L7_YGVpXdo.roa
Signing time: Mon 14 Mar 2022 12:41:03 +0000
ROA not before: Mon 14 Mar 2022 12:41:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59447
IP address blocks: 198.55.29.0/24 maxlen: 24
198.55.28.0/24 maxlen: 24
198.55.31.0/24 maxlen: 24
198.55.30.0/24 maxlen: 24
185.4.225.0/24 maxlen: 24
23.252.67.0/24 maxlen: 24
23.252.68.0/24 maxlen: 24
23.252.71.0/24 maxlen: 24
23.252.75.0/24 maxlen: 24
23.252.76.0/24 maxlen: 24
23.252.79.0/24 maxlen: 24
185.161.110.0/24 maxlen: 24
162.218.177.0/24 maxlen: 24
162.218.176.0/24 maxlen: 24
162.218.179.0/24 maxlen: 24
185.161.111.0/24 maxlen: 24
162.218.178.0/24 maxlen: 24
167.160.1.0/24 maxlen: 24
167.160.0.0/24 maxlen: 24
167.160.2.0/24 maxlen: 24
167.160.4.0/24 maxlen: 24
167.160.3.0/24 maxlen: 24
162.222.90.0/24 maxlen: 24
162.222.89.0/24 maxlen: 24
167.160.10.0/24 maxlen: 24
167.160.17.0/24 maxlen: 24
167.160.13.0/24 maxlen: 24
167.160.12.0/24 maxlen: 24
167.160.16.0/24 maxlen: 24
167.160.19.0/24 maxlen: 24
167.160.21.0/24 maxlen: 24
167.160.28.0/24 maxlen: 24
167.160.30.0/24 maxlen: 24
167.160.29.0/24 maxlen: 24
107.150.163.0/24 maxlen: 24
107.150.162.0/24 maxlen: 24
107.150.164.0/24 maxlen: 24
107.150.166.0/24 maxlen: 24
107.150.167.0/24 maxlen: 24
107.150.168.0/24 maxlen: 24
107.150.169.0/24 maxlen: 24
107.150.172.0/24 maxlen: 24
107.150.171.0/24 maxlen: 24
107.150.173.0/24 maxlen: 24
107.150.175.0/24 maxlen: 24
185.212.174.0/24 maxlen: 24
2a07:5140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 450169379 (0x1ad50a23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5324defbaade93e998e13a942029dd593b8b2ea3
Validity
Not Before: Mar 14 12:41:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f7db8807053d31ae5b10ffbd8beff6065695dda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:ac:58:64:79:7e:19:3b:f3:60:79:c6:e7:f0:
e2:31:81:97:00:bb:f7:2d:7a:44:ca:a5:ea:ca:84:
3b:ec:2b:19:22:e4:1f:c1:f3:6f:a6:1b:37:fe:1e:
13:bc:07:1c:c4:43:f3:48:ae:e7:b1:61:26:b2:d0:
15:bb:f6:5c:e1:d8:ae:d8:f1:25:7a:10:27:fe:7f:
bd:92:df:b9:a2:ac:c0:37:3d:ed:f4:0a:61:7d:a8:
b6:8b:51:ee:8b:17:e7:ea:48:0e:71:6a:58:ec:9e:
18:1c:b9:61:fc:c6:6f:30:8c:15:0b:8f:41:69:6e:
18:12:5c:ce:c7:6d:5b:0d:5a:e0:8b:47:ea:c9:7e:
0d:6c:e4:81:25:0f:16:a9:77:f6:01:56:e1:c0:ed:
33:56:87:56:a0:9a:47:d3:c7:74:18:8b:db:71:57:
bf:ab:b6:5c:4c:3d:ff:5c:a9:63:69:cb:fd:95:de:
57:23:61:d2:71:4d:58:c6:c1:b2:20:6b:cf:b1:b7:
a5:21:38:d6:79:95:81:89:23:9d:2f:c4:d7:d4:72:
d0:46:cf:3a:18:f5:32:dc:a5:ed:19:6e:f0:5c:21:
34:dc:ac:20:f8:1c:1a:c8:f4:7e:8a:c9:e8:53:7a:
14:f1:5e:f2:4e:43:06:0d:7d:99:ae:38:c8:76:37:
99:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:7D:B8:80:70:53:D3:1A:E5:B1:0F:FB:D8:BE:FF:60:65:69:5D:DA
X509v3 Authority Key Identifier:
keyid:53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/H324gHBT0xrlsQ_72L7_YGVpXdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.252.67.0-23.252.68.255
23.252.71.0/24
23.252.75.0-23.252.76.255
23.252.79.0/24
107.150.162.0-107.150.164.255
107.150.166.0-107.150.169.255
107.150.171.0-107.150.173.255
107.150.175.0/24
162.218.176.0/22
162.222.89.0-162.222.90.255
167.160.0.0-167.160.4.255
167.160.10.0/24
167.160.12.0/23
167.160.16.0/23
167.160.19.0/24
167.160.21.0/24
167.160.28.0-167.160.30.255
185.4.225.0/24
185.161.110.0/23
185.212.174.0/24
198.55.28.0/22
IPv6:
2a07:5140::/29
Signature Algorithm: sha256WithRSAEncryption
1b:db:29:30:a5:e4:aa:6d:94:34:09:2b:9d:aa:4a:91:28:09:
87:24:5b:ed:5d:8a:af:36:22:22:66:b5:95:41:db:ba:51:5c:
4f:f0:8a:d1:04:56:c2:7d:5c:e6:03:fb:e3:99:d8:ff:05:28:
f4:19:8b:7a:a9:06:0a:35:7e:24:13:7b:e5:0d:3c:b8:28:de:
5d:3a:f5:8c:e9:22:2a:1e:2b:15:fe:79:cc:8d:40:51:10:2c:
f8:f8:e6:2d:1d:cb:d0:74:f1:0d:42:b9:9a:19:aa:78:62:42:
63:ad:9c:88:9e:60:14:8b:ff:51:37:39:b7:f5:ec:02:1b:ce:
0b:2c:ff:bf:81:d9:e8:e6:f9:ed:16:54:bd:07:b8:7f:e6:2d:
57:63:81:37:80:59:77:ca:dc:ab:50:f1:35:f7:a5:a5:d3:a3:
e5:bd:07:8a:4d:ab:a9:f6:bd:49:71:9e:07:7a:88:ce:e1:70:
3b:2c:fa:62:15:6c:2c:92:68:51:0a:20:25:c4:95:3e:af:f0:
45:81:c7:8f:ae:b7:bb:4c:62:a8:22:99:63:49:fb:45:63:8b:
2a:d1:b7:84:1a:83:5e:ef:c3:46:d7:ab:3c:18:ae:ea:13:55:
39:69:57:66:5d:27:62:5c:41:55:4a:bd:e6:cf:13:9a:69:38:
5e:47:7a:7c
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIEGtUKIzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MzI0ZGVmYmFhZGU5M2U5OThlMTNhOTQyMDI5ZGQ1OTNiOGIyZWEzMB4XDTIyMDMx
NDEyNDEwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWY3ZGI4ODA3MDUz
ZDMxYWU1YjEwZmZiZDhiZWZmNjA2NTY5NWRkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOmsWGR5fhk782B5xufw4jGBlwC79y16RMql6sqEO+wrGSLk
H8Hzb6YbN/4eE7wHHMRD80iu57FhJrLQFbv2XOHYrtjxJXoQJ/5/vZLfuaKswDc9
7fQKYX2ototR7osX5+pIDnFqWOyeGBy5YfzGbzCMFQuPQWluGBJczsdtWw1a4ItH
6sl+DWzkgSUPFql39gFW4cDtM1aHVqCaR9PHdBiL23FXv6u2XEw9/1ypY2nL/ZXe
VyNh0nFNWMbBsiBrz7G3pSE41nmVgYkjnS/E19Ry0EbPOhj1Mtyl7Rlu8FwhNNys
IPgcGsj0forJ6FN6FPFe8k5DBg19ma44yHY3mRUCAwEAAaOCAtQwggLQMB0GA1Ud
DgQWBBQffbiAcFPTGuWxD/vYvv9gZWld2jAfBgNVHSMEGDAWgBRTJN77qt6T6Zjh
OpQgKd1ZO4suozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1V5VGUtNnJlay1tWTRUcVVJQ25kV1R1TExxTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGEvMjk0ZTg0LWNmYzUtNDVhNC1hNWNkLTMzYjc0NTk5NzVlMC8x
L0gzMjRnSEJUMHhybHNRXzcyTDdfWUdWcFhkby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEv
Mjk0ZTg0LWNmYzUtNDVhNC1hNWNkLTMzYjc0NTk5NzVlMC8xL1V5VGUtNnJlay1t
WTRUcVVJQ25kV1R1TExxTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
6QYIKwYBBQUHAQcBAf8EgdkwgdYwgcQEAgABMIG9MAwDBAAX/EMDBAAX/EQDBAAX
/EcwDAMEABf8SwMEABf8TAMEABf8TzAMAwQBa5aiAwQAa5akMAwDBAFrlqYDBAFr
lqgwDAMEAGuWqwMEAWuWrAMEAGuWrwMEAqLasDAMAwQAot5ZAwQAot5aMAsDAwWn
oAMEAKegBAMEAKegCgMEAaegDAMEAaegEAMEAKegEwMEAKegFTAMAwQCp6AcAwQA
p6AeAwQAuQThAwQBuaFuAwQAudSuAwQCxjccMA0EAgACMAcDBQMqB1FAMA0GCSqG
SIb3DQEBCwUAA4IBAQAb2ykwpeSqbZQ0CSudqkqRKAmHJFvtXYqvNiIiZrWVQdu6
UVxP8IrRBFbCfVzmA/vjmdj/BSj0GYt6qQYKNX4kE3vlDTy4KN5dOvWM6SIqHisV
/nnMjUBRECz4+OYtHcvQdPENQrmaGap4YkJjrZyInmAUi/9RNzm39ewCG84LLP+/
gdno5vntFlS9B7h/5i1XY4E3gFl3ytyrUPE196Wl06PlvQeKTaup9r1JcZ4HeojO
4XA7LPpiFWwskmhRCiAlxJU+r/BFgcePrre7TGKoIpljSftFY4sq0beEGoNe78NG
16s8GK7qE1U5aVdmXSdiXEFVSr3mzxOaaTheR3p8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:19 2024 by rpki-client on console-fra.rpki-client.org