Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/5fsTfrmzEn9DJgxcPhqOotHVp-I.roa
File: 5fsTfrmzEn9DJgxcPhqOotHVp-I.roa (raw, json)
Hash identifier: biO5Xd8Hz7ygXbqbttS33ygqrEiE8iKmpVAgo3i/4nU=
Subject key identifier: E5:FB:13:7E:B9:B3:12:7F:43:26:0C:5C:3E:1A:8E:A2:D1:D5:A7:E2
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 45023E00
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/5fsTfrmzEn9DJgxcPhqOotHVp-I.roa
Signing time: Fri 01 Jul 2022 16:00:25 +0000
ROA not before: Fri 01 Jul 2022 16:00:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 37.235.48.0/24 maxlen: 24
89.31.120.0/24 maxlen: 24
89.31.121.0/24 maxlen: 24
91.132.92.0/24 maxlen: 24
91.132.95.0/24 maxlen: 24
158.255.208.0/24 maxlen: 24
158.255.213.0/24 maxlen: 24
158.255.214.0/24 maxlen: 24
158.255.215.0/24 maxlen: 24
185.26.239.0/24 maxlen: 24
149.154.157.0/24 maxlen: 24
149.154.158.0/24 maxlen: 24
149.154.159.0/24 maxlen: 24
151.236.15.0/24 maxlen: 24
151.236.16.0/24 maxlen: 24
151.236.17.0/24 maxlen: 24
151.236.18.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.21.0/24 maxlen: 24
151.236.22.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
103.57.248.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.251.0/24 maxlen: 24
2a03:f80:65::/48 maxlen: 48
2a03:f80:45::/48 maxlen: 48
2a03:f80:40::/48 maxlen: 48
2a03:f80:39::/48 maxlen: 48
2a03:f80:33::/48 maxlen: 48
2a03:f80:4416::/48 maxlen: 48
2a03:f80:971::/48 maxlen: 48
2a03:f80:47::/48 maxlen: 48
2a03:f80:49::/48 maxlen: 48
2a03:f80:852::/48 maxlen: 48
2a03:f80:32::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:81::/48 maxlen: 48
2a03:f80:381::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1157774848 (0x45023e00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jul 1 16:00:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e5fb137eb9b3127f43260c5c3e1a8ea2d1d5a7e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:af:76:f6:77:02:29:d2:01:a3:44:a4:cb:f9:
9c:64:f3:71:0a:31:ca:d2:66:9f:4c:3d:cc:f8:b4:
6e:66:95:fd:ea:34:fc:a9:a5:f5:a8:0f:cd:69:f0:
80:fd:70:77:22:d7:a5:e9:1f:77:68:91:c9:ae:11:
62:0c:4f:fe:3a:a9:e6:6d:68:86:1e:c0:3f:84:ce:
13:b0:49:85:18:7e:f3:ce:01:3a:f6:b9:97:32:fc:
bb:93:d0:5f:6e:7d:a3:98:81:05:f7:1a:57:14:90:
1c:6a:7f:6e:99:a5:32:b4:be:cc:9a:46:14:4e:af:
6d:c2:80:1d:26:c4:8e:00:58:91:65:0c:20:10:0a:
9a:8e:71:77:02:c7:ba:f7:ec:60:7b:2d:c3:ec:49:
38:92:26:eb:bf:12:63:0c:04:21:a8:92:91:33:4c:
e5:de:bb:43:af:2b:60:46:ae:72:df:01:2b:55:f0:
1d:7d:fc:06:e6:84:54:ae:b1:e0:59:e6:20:f3:fd:
20:27:6c:72:5a:d8:cf:00:b2:ea:5d:55:09:04:c9:
e4:ce:5b:0a:d1:e8:9b:99:99:18:bb:3b:c2:f5:d6:
d5:07:4d:b2:bc:7f:e0:5b:c1:8b:3d:d1:37:63:e1:
38:e9:f9:48:ce:71:2e:98:f3:85:f2:ac:09:c6:4c:
c5:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:FB:13:7E:B9:B3:12:7F:43:26:0C:5C:3E:1A:8E:A2:D1:D5:A7:E2
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/5fsTfrmzEn9DJgxcPhqOotHVp-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.48.0/24
46.183.187.0/24
89.31.120.0/23
91.132.92.0/24
91.132.95.0/24
103.57.248.0/23
103.57.251.0/24
149.154.157.0-149.154.159.255
151.236.15.0-151.236.18.255
151.236.20.0-151.236.22.255
151.236.25.0/24
158.255.208.0/24
158.255.213.0-158.255.215.255
185.26.239.0/24
IPv6:
2a03:f80:32::/47
2a03:f80:39::/48
2a03:f80:40::/48
2a03:f80:45::/48
2a03:f80:47::-2a03:f80:49:ffff:ffff:ffff:ffff:ffff
2a03:f80:61::/48
2a03:f80:65::/48
2a03:f80:81::/48
2a03:f80:381::/48
2a03:f80:852::/48
2a03:f80:971::/48
2a03:f80:4416::/48
Signature Algorithm: sha256WithRSAEncryption
48:db:16:78:70:de:7b:0c:50:85:b4:b0:e8:34:83:3c:f1:2c:
47:e3:e0:16:52:fa:d6:b1:ff:70:65:86:8e:f3:83:64:b4:63:
1d:52:d5:d6:d7:00:1e:d8:cb:21:d7:c5:40:97:65:b0:a6:c5:
a6:72:1b:15:36:f7:31:47:9b:98:b5:46:38:12:a2:e7:4e:f5:
11:16:59:f3:fd:26:ec:df:39:35:34:d1:57:05:e5:aa:ae:39:
94:78:b8:dd:4f:b0:b5:0b:a4:b9:4b:8b:f8:70:f5:1e:e8:37:
bc:62:33:01:cc:a4:76:32:6a:e7:db:59:ea:1d:20:b3:f4:93:
9b:0e:89:e8:ce:2c:3b:51:ab:c8:e6:a3:49:bd:bb:d9:e0:72:
ec:ec:5c:8e:3c:83:0d:46:fd:65:42:94:99:28:40:0d:c7:a8:
4e:f4:dd:5c:3f:d8:5e:8e:34:0c:ef:2f:3a:7d:3e:81:fa:37:
f1:73:cf:87:53:e4:77:0f:49:0c:6c:82:5c:ef:08:db:f2:fc:
27:2f:2a:08:1d:41:af:2a:0d:cd:37:fb:8a:18:1f:90:40:b0:
b0:5b:04:e5:67:cc:8f:01:1e:8f:42:26:10:d3:d9:d5:f5:18:
0e:2e:67:21:d2:42:6e:74:75:14:e6:69:60:36:57:8b:8b:8d:
0f:c4:e3:ad
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgIERQI+ADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjE3YjQ3MmM4NDFjMWQ2ODU1MGEyNGYxOTM2ZDI5Y2M2YzI4ZjZhMB4XDTIyMDcw
MTE2MDAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTVmYjEzN2ViOWIz
MTI3ZjQzMjYwYzVjM2UxYThlYTJkMWQ1YTdlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKivdvZ3AinSAaNEpMv5nGTzcQoxytJmn0w9zPi0bmaV/eo0
/Kml9agPzWnwgP1wdyLXpekfd2iRya4RYgxP/jqp5m1ohh7AP4TOE7BJhRh+884B
Ova5lzL8u5PQX259o5iBBfcaVxSQHGp/bpmlMrS+zJpGFE6vbcKAHSbEjgBYkWUM
IBAKmo5xdwLHuvfsYHstw+xJOJIm678SYwwEIaiSkTNM5d67Q68rYEauct8BK1Xw
HX38BuaEVK6x4FnmIPP9ICdsclrYzwCy6l1VCQTJ5M5bCtHom5mZGLs7wvXW1QdN
srx/4FvBiz3RN2PhOOn5SM5xLpjzhfKsCcZMxVMCAwEAAaOCAvowggL2MB0GA1Ud
DgQWBBTl+xN+ubMSf0MmDFw+Go6i0dWn4jAfBgNVHSMEGDAWgBTSF7RyyEHB1oVQ
ok8ZNtKcxsKPajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBoZTBjc2hCd2RhRlVLSlBHVGJTbk1iQ2oyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvMjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8x
LzVmc1Rmcm16RW45REpneGNQaHFPb3RIVnAtSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
MjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8xLzBoZTBjc2hCd2Rh
RlVLSlBHVGJTbk1iQ2oyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AQ4GCCsGAQUFBwEHAQH/BIH+MIH7MHoEAgABMHQDBAAl6zADBAAut7sDBAFZH3gD
BABbhFwDBABbhF8DBAFnOfgDBABnOfswDAMEAJWanQMEBZWagDAMAwQAl+wPAwQA
l+wSMAwDBAKX7BQDBACX7BYDBACX7BkDBACe/9AwDAMEAJ7/1QMEA57/0AMEALka
7zB9BAIAAjB3AwcBKgMPgAAyAwcAKgMPgAA5AwcAKgMPgABAAwcAKgMPgABFMBID
BwAqAw+AAEcDBwEqAw+AAEgDBwAqAw+AAGEDBwAqAw+AAGUDBwAqAw+AAIEDBwAq
Aw+AA4EDBwAqAw+ACFIDBwAqAw+ACXEDBwAqAw+ARBYwDQYJKoZIhvcNAQELBQAD
ggEBAEjbFnhw3nsMUIW0sOg0gzzxLEfj4BZS+tax/3Blho7zg2S0Yx1S1dbXAB7Y
yyHXxUCXZbCmxaZyGxU29zFHm5i1RjgSoudO9REWWfP9JuzfOTU00VcF5aquOZR4
uN1PsLULpLlLi/hw9R7oN7xiMwHMpHYyaufbWeodILP0k5sOiejOLDtRq8jmo0m9
u9ngcuzsXI48gw1G/WVClJkoQA3HqE703Vw/2F6ONAzvLzp9PoH6N/Fzz4dT5HcP
SQxsglzvCNvy/CcvKggdQa8qDc03+4oYH5BAsLBbBOVnzI8BHo9CJhDT2dX1GA4u
ZyHSQm50dRTmaWA2V4uLjQ/E460=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:58 2023 by rpki-client on console-ams.rpki-client.org