Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/gOMYqSgGXKICP_JIQwT6ozU2VDI.roa
File: gOMYqSgGXKICP_JIQwT6ozU2VDI.roa (raw, json)
Hash identifier: wkXKblsb1JrHN8kF1ZcJUa9r5yTUZgei2UWsLA5kDBk=
Subject key identifier: 80:E3:18:A9:28:06:5C:A2:02:3F:F2:48:43:04:FA:A3:35:36:54:32
Certificate issuer: /CN=5324defbaade93e998e13a942029dd593b8b2ea3
Certificate serial: 1A2E0F02
Authority key identifier: 53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/gOMYqSgGXKICP_JIQwT6ozU2VDI.roa
Signing time: Sat 01 Jan 2022 12:55:17 +0000
ROA not before: Sat 01 Jan 2022 12:55:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59447
IP address blocks: 198.55.29.0/24 maxlen: 24
198.55.28.0/24 maxlen: 24
198.55.31.0/24 maxlen: 24
198.55.30.0/24 maxlen: 24
23.252.67.0/24 maxlen: 24
23.252.68.0/24 maxlen: 24
23.252.71.0/24 maxlen: 24
23.252.75.0/24 maxlen: 24
23.252.76.0/24 maxlen: 24
23.252.79.0/24 maxlen: 24
185.161.110.0/24 maxlen: 24
162.218.177.0/24 maxlen: 24
162.218.176.0/24 maxlen: 24
162.218.179.0/24 maxlen: 24
185.161.111.0/24 maxlen: 24
162.218.178.0/24 maxlen: 24
167.160.1.0/24 maxlen: 24
167.160.0.0/24 maxlen: 24
167.160.2.0/24 maxlen: 24
167.160.4.0/24 maxlen: 24
167.160.3.0/24 maxlen: 24
162.222.90.0/24 maxlen: 24
162.222.89.0/24 maxlen: 24
167.160.10.0/24 maxlen: 24
167.160.17.0/24 maxlen: 24
167.160.12.0/24 maxlen: 24
167.160.16.0/24 maxlen: 24
167.160.19.0/24 maxlen: 24
167.160.21.0/24 maxlen: 24
167.160.28.0/24 maxlen: 24
167.160.30.0/24 maxlen: 24
167.160.29.0/24 maxlen: 24
107.150.163.0/24 maxlen: 24
107.150.162.0/24 maxlen: 24
107.150.164.0/24 maxlen: 24
107.150.166.0/24 maxlen: 24
107.150.167.0/24 maxlen: 24
107.150.168.0/24 maxlen: 24
107.150.169.0/24 maxlen: 24
107.150.172.0/24 maxlen: 24
107.150.171.0/24 maxlen: 24
107.150.173.0/24 maxlen: 24
107.150.175.0/24 maxlen: 24
185.212.174.0/24 maxlen: 24
2a07:5140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 439226114 (0x1a2e0f02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5324defbaade93e998e13a942029dd593b8b2ea3
Validity
Not Before: Jan 1 12:55:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=80e318a928065ca2023ff2484304faa335365432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:81:a4:05:25:34:47:0a:d2:eb:73:07:46:5e:
02:66:7b:43:8d:2b:f9:36:e7:af:af:f6:69:91:3c:
3a:3b:e6:0b:86:ad:52:a9:0b:ec:e5:d4:d6:37:b1:
a2:a6:34:d1:31:4b:97:52:bc:0f:79:50:c2:e9:d1:
c1:a8:e8:fe:d7:3b:a4:15:d1:32:d2:81:21:fc:df:
2c:ea:d2:49:73:a5:af:ac:bd:0e:5b:c6:cd:fe:6e:
d9:15:52:5b:a2:5e:f2:24:15:1f:1c:29:71:f1:2f:
66:9e:96:2c:3f:d2:69:e8:17:f5:cc:0a:4e:34:17:
45:71:60:50:27:f7:62:a0:6d:7f:51:17:46:c7:4e:
5f:7d:96:62:51:8a:af:56:0e:21:68:51:b5:c6:df:
c9:0c:25:4d:6f:9f:2e:66:7b:12:c1:a8:dc:19:a3:
d5:01:3d:1c:56:af:2b:d7:99:2b:60:b5:95:70:e4:
35:4a:05:72:64:3a:a9:95:46:60:86:6f:d6:ae:de:
5d:c6:76:64:68:17:c5:d2:8e:7f:b4:77:6e:28:4a:
7f:40:06:d4:60:d7:be:75:d0:0a:bf:6c:49:79:e0:
13:cf:e2:4c:59:f1:74:56:77:f3:b1:13:a4:d4:7f:
d6:3e:b1:32:ea:f3:ee:d9:18:9f:88:5c:be:8e:64:
98:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:E3:18:A9:28:06:5C:A2:02:3F:F2:48:43:04:FA:A3:35:36:54:32
X509v3 Authority Key Identifier:
keyid:53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/gOMYqSgGXKICP_JIQwT6ozU2VDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.252.67.0-23.252.68.255
23.252.71.0/24
23.252.75.0-23.252.76.255
23.252.79.0/24
107.150.162.0-107.150.164.255
107.150.166.0-107.150.169.255
107.150.171.0-107.150.173.255
107.150.175.0/24
162.218.176.0/22
162.222.89.0-162.222.90.255
167.160.0.0-167.160.4.255
167.160.10.0/24
167.160.12.0/24
167.160.16.0/23
167.160.19.0/24
167.160.21.0/24
167.160.28.0-167.160.30.255
185.161.110.0/23
185.212.174.0/24
198.55.28.0/22
IPv6:
2a07:5140::/29
Signature Algorithm: sha256WithRSAEncryption
42:b0:cf:bc:d9:ab:45:e7:9b:ba:f9:1d:3e:be:3f:02:85:11:
01:26:ba:3b:a1:81:21:f9:09:bf:1a:48:0b:55:32:db:9f:7f:
5e:e5:bb:e0:90:6f:23:9d:1b:5e:82:9b:84:2b:d3:c1:3b:ea:
bc:84:39:e0:c7:f4:f3:84:58:63:9a:d2:54:bb:e2:b4:c4:b8:
9a:ea:21:68:f3:53:7f:be:ef:b7:91:71:31:14:bb:f5:e5:5e:
87:19:2c:67:40:08:70:4e:96:f3:bd:9f:16:8f:34:71:3e:27:
d3:44:00:07:d8:96:25:5b:a3:83:2c:e9:c0:40:d7:7a:3c:04:
ed:b5:54:4f:a5:e0:47:0a:9e:f5:72:5c:d7:49:37:0d:44:fd:
6f:6f:05:25:32:c7:b8:66:80:13:4d:54:26:dd:75:68:61:b0:
34:13:96:3f:12:3e:74:b6:1b:2d:9f:22:59:6f:66:e6:5f:93:
22:ba:4b:f4:ef:a6:50:50:e4:71:b0:09:e7:49:0d:25:4c:18:
84:3d:ae:3e:bf:11:15:7c:12:ad:dc:6b:85:f7:09:82:2e:60:
23:e1:1e:09:03:12:18:0b:b9:38:bf:d3:63:cd:85:74:0b:15:
c0:27:28:fb:39:b0:2f:4f:5e:9e:5f:cd:ba:2c:2d:c1:d7:59:
e2:b3:a8:82
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgIEGi4PAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MzI0ZGVmYmFhZGU5M2U5OThlMTNhOTQyMDI5ZGQ1OTNiOGIyZWEzMB4XDTIyMDEw
MTEyNTUxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODBlMzE4YTkyODA2
NWNhMjAyM2ZmMjQ4NDMwNGZhYTMzNTM2NTQzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMGBpAUlNEcK0utzB0ZeAmZ7Q40r+Tbnr6/2aZE8OjvmC4at
UqkL7OXU1jexoqY00TFLl1K8D3lQwunRwajo/tc7pBXRMtKBIfzfLOrSSXOlr6y9
DlvGzf5u2RVSW6Je8iQVHxwpcfEvZp6WLD/SaegX9cwKTjQXRXFgUCf3YqBtf1EX
RsdOX32WYlGKr1YOIWhRtcbfyQwlTW+fLmZ7EsGo3Bmj1QE9HFavK9eZK2C1lXDk
NUoFcmQ6qZVGYIZv1q7eXcZ2ZGgXxdKOf7R3bihKf0AG1GDXvnXQCr9sSXngE8/i
TFnxdFZ387ETpNR/1j6xMurz7tkYn4hcvo5kmDECAwEAAaOCAs4wggLKMB0GA1Ud
DgQWBBSA4xipKAZcogI/8khDBPqjNTZUMjAfBgNVHSMEGDAWgBRTJN77qt6T6Zjh
OpQgKd1ZO4suozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1V5VGUtNnJlay1tWTRUcVVJQ25kV1R1TExxTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGEvMjk0ZTg0LWNmYzUtNDVhNC1hNWNkLTMzYjc0NTk5NzVlMC8x
L2dPTVlxU2dHWEtJQ1BfSklRd1Q2b3pVMlZESS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEv
Mjk0ZTg0LWNmYzUtNDVhNC1hNWNkLTMzYjc0NTk5NzVlMC8xL1V5VGUtNnJlay1t
WTRUcVVJQ25kV1R1TExxTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
4wYIKwYBBQUHAQcBAf8EgdMwgdAwgb4EAgABMIG3MAwDBAAX/EMDBAAX/EQDBAAX
/EcwDAMEABf8SwMEABf8TAMEABf8TzAMAwQBa5aiAwQAa5akMAwDBAFrlqYDBAFr
lqgwDAMEAGuWqwMEAWuWrAMEAGuWrwMEAqLasDAMAwQAot5ZAwQAot5aMAsDAwWn
oAMEAKegBAMEAKegCgMEAKegDAMEAaegEAMEAKegEwMEAKegFTAMAwQCp6AcAwQA
p6AeAwQBuaFuAwQAudSuAwQCxjccMA0EAgACMAcDBQMqB1FAMA0GCSqGSIb3DQEB
CwUAA4IBAQBCsM+82atF55u6+R0+vj8ChREBJro7oYEh+Qm/GkgLVTLbn39e5bvg
kG8jnRtegpuEK9PBO+q8hDngx/TzhFhjmtJUu+K0xLia6iFo81N/vu+3kXExFLv1
5V6HGSxnQAhwTpbzvZ8WjzRxPifTRAAH2JYlW6ODLOnAQNd6PATttVRPpeBHCp71
clzXSTcNRP1vbwUlMse4ZoATTVQm3XVoYbA0E5Y/Ej50thstnyJZb2bmX5Miukv0
76ZQUORxsAnnSQ0lTBiEPa4+vxEVfBKt3GuF9wmCLmAj4R4JAxIYC7k4v9NjzYV0
CxXAJyj7ObAvT16eX826LC3B11nis6iC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:09 2024 by rpki-client on console-ams.rpki-client.org