Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/3iXaFl70T6A3wj3-SYDobTu-ZEc.roa
File: 3iXaFl70T6A3wj3-SYDobTu-ZEc.roa (raw, json)
Hash identifier: xBobBbcm2xh/8RuzbUgKIe9eqH3xD6zZigtxuz3/uww=
Subject key identifier: DE:25:DA:16:5E:F4:4F:A0:37:C2:3D:FE:49:80:E8:6D:3B:BE:64:47
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0185160A54D2CD69E0AD0DEB30A6F7BB821C
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/3iXaFl70T6A3wj3-SYDobTu-ZEc.roa
Signing time: Thu 15 Dec 2022 13:47:33 +0000
ROA not before: Thu 15 Dec 2022 13:47:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57169
IP address blocks: 37.235.50.0/23 maxlen: 23
37.235.48.0/20 maxlen: 20
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
91.132.94.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.30.0/24 maxlen: 24
2a03:f80:56::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f87:ffff::/48 maxlen: 48
2a03:f80::/29 maxlen: 29
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:16:0a:54:d2:cd:69:e0:ad:0d:eb:30:a6:f7:bb:82:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Dec 15 13:47:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de25da165ef44fa037c23dfe4980e86d3bbe6447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:35:98:ea:3c:bc:3b:9b:e1:1e:4e:5b:69:9f:
45:f7:b7:6c:b7:7d:85:4c:a1:dc:ca:42:b3:c7:84:
ed:3e:24:f7:a8:bd:cb:c3:31:17:69:75:a1:5a:86:
aa:1e:b6:8b:3e:87:50:3f:3e:8d:93:38:37:17:b1:
c2:30:b1:7c:c0:59:15:13:a5:d7:e3:66:91:1e:4f:
3a:e8:fb:90:77:52:08:85:5f:92:f0:04:2d:9f:9f:
9f:36:76:ca:fd:ac:48:a1:93:b6:ea:2f:38:bf:79:
5b:0c:2e:83:32:2e:54:16:60:b2:d9:51:f1:7f:f1:
4f:07:a8:da:c1:43:3b:14:f1:c2:d5:fc:0a:c7:23:
09:c1:e2:49:e4:9e:53:a3:b4:9d:29:8f:49:8c:04:
c7:1f:b0:a6:13:0d:55:be:aa:80:d8:d9:38:18:ee:
44:35:4e:5c:2a:79:b2:90:1f:5e:22:d8:cf:a9:27:
e0:4c:bc:dc:9a:11:19:56:8b:3f:e9:0a:52:bc:e9:
33:8d:85:cd:0b:d3:95:28:df:71:d1:de:97:74:56:
27:60:b8:5d:a4:e6:ab:b5:43:91:55:a6:66:2b:03:
ab:a1:7c:96:02:5d:90:b6:9c:a5:b2:fa:ef:cb:bf:
25:4b:62:7e:43:ef:34:04:46:8c:18:4a:f3:81:32:
48:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:25:DA:16:5E:F4:4F:A0:37:C2:3D:FE:49:80:E8:6D:3B:BE:64:47
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/3iXaFl70T6A3wj3-SYDobTu-ZEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.48.0/20
83.243.120.0/24
89.31.123.0/24
91.132.94.0/24
91.227.204.0/23
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.209.0-158.255.212.255
185.26.237.0/24
IPv6:
2a03:f80::/29
Signature Algorithm: sha256WithRSAEncryption
33:e2:fe:ab:cc:e3:15:c3:1e:f4:d3:f7:1f:d7:f6:fd:50:dd:
44:97:4e:f6:8a:d2:a0:74:51:f7:6b:94:4d:73:35:bf:8a:f3:
91:18:2d:f9:a7:44:26:76:e4:02:ad:d1:e2:d8:31:9e:f7:14:
e4:d3:5a:3d:6a:b2:e8:8c:bb:c3:f7:91:8b:2a:34:e9:d4:ef:
6f:74:c2:4b:49:59:8e:28:80:e8:a6:bb:e5:b3:9e:89:98:9b:
1f:3d:93:2d:3c:59:88:c0:51:a5:ed:ba:ec:57:9b:b7:4a:41:
25:6b:ef:a1:43:f3:30:f5:6f:78:61:c4:9b:5c:ac:f3:a9:35:
80:e8:0b:3e:2f:6f:b9:27:da:3a:3e:12:4e:ec:cc:f3:70:57:
85:b7:28:eb:9b:76:67:f9:06:0d:49:1f:1b:91:f9:3a:22:2a:
98:01:df:a0:17:e0:89:bf:78:14:7c:9a:ee:39:8d:7d:9a:0b:
c4:fd:a8:88:5e:60:b7:db:93:2b:6e:c5:6c:ae:a4:9e:01:0b:
88:06:f9:5c:72:ca:8b:9d:99:4c:05:c8:57:d1:2b:0d:7e:03:
87:fa:32:af:17:65:6d:b3:5a:55:d9:bc:a4:bc:1c:77:bd:ff:
30:30:9b:96:09:8a:4d:48:be:ee:72:83:e1:40:96:46:4a:7c:
b0:6b:4b:21
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYUWClTSzWngrQ3rMKb3u4IcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjIxMjE1MTM0NzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTI1ZGExNjVlZjQ0ZmEwMzdjMjNkZmU0OTgwZTg2ZDNiYmU2NDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDWY6jy8O5vhHk5baZ9F97dst32F
TKHcykKzx4TtPiT3qL3LwzEXaXWhWoaqHraLPodQPz6Nkzg3F7HCMLF8wFkVE6XX
42aRHk866PuQd1IIhV+S8AQtn5+fNnbK/axIoZO26i84v3lbDC6DMi5UFmCy2VHx
f/FPB6jawUM7FPHC1fwKxyMJweJJ5J5To7SdKY9JjATHH7CmEw1VvqqA2Nk4GO5E
NU5cKnmykB9eItjPqSfgTLzcmhEZVos/6QpSvOkzjYXNC9OVKN9x0d6XdFYnYLhd
pOartUORVaZmKwOroXyWAl2Qtpylsvrvy78lS2J+Q+80BEaMGErzgTJIaQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFN4l2hZe9E+gN8I9/kmA6G07vmRHMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvM2lYYUZsNzBUNkEzd2ozLVNZRG9iVHUtWkVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGAwQEJeswAwQA
U/N4AwQAWR97AwQAW4ReAwQBW+PMMAwDBAOVmpgDBACVmpwDBAWX7AAwDAMEAJ7/
0QMEAJ7/1AMEALka7TANBAIAAjAHAwUDKgMPgDANBgkqhkiG9w0BAQsFAAOCAQEA
M+L+q8zjFcMe9NP3H9f2/VDdRJdO9orSoHRR92uUTXM1v4rzkRgt+adEJnbkAq3R
4tgxnvcU5NNaPWqy6Iy7w/eRiyo06dTvb3TCS0lZjiiA6Ka75bOeiZibHz2TLTxZ
iMBRpe267Febt0pBJWvvoUPzMPVveGHEm1ys86k1gOgLPi9vuSfaOj4STuzM83BX
hbco65t2Z/kGDUkfG5H5OiIqmAHfoBfgib94FHya7jmNfZoLxP2oiF5gt9uTK27F
bK6kngELiAb5XHLKi52ZTAXIV9ErDX4Dh/oyrxdlbbNaVdm8pLwcd73/MDCblgmK
TUi+7nKD4UCWRkp8sGtLIQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:09 2023 by rpki-client on console-fra.rpki-client.org