Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/Wit3l6L0uBAWUbo4_OZ5Inr1hgs.roa
File: Wit3l6L0uBAWUbo4_OZ5Inr1hgs.roa (raw, json)
Hash identifier: WvmTsrUg/0DfJLswJOos+QWV/m7b9CnLA3T5YuU+XuU=
Subject key identifier: 5A:2B:77:97:A2:F4:B8:10:16:51:BA:38:FC:E6:79:22:7A:F5:86:0B
Certificate issuer: /CN=43015654082578c4946cd27be1e89a3dd7562fa4
Certificate serial: 01853AB4082D08ED4F2460F9C4981DF15A84
Authority key identifier: 43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/Wit3l6L0uBAWUbo4_OZ5Inr1hgs.roa
Signing time: Thu 22 Dec 2022 16:39:15 +0000
ROA not before: Thu 22 Dec 2022 16:39:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49981
IP address blocks: 217.23.0.0/20 maxlen: 20
185.132.132.0/22 maxlen: 22
185.184.192.0/22 maxlen: 22
185.183.32.0/22 maxlen: 22
185.182.192.0/22 maxlen: 22
185.182.192.0/24 maxlen: 24
62.112.8.0/22 maxlen: 24
185.165.240.0/22 maxlen: 22
185.21.60.0/22 maxlen: 22
185.21.63.0/24 maxlen: 24
45.14.132.0/22 maxlen: 22
178.218.196.0/22 maxlen: 22
80.79.4.0/22 maxlen: 22
185.100.232.0/22 maxlen: 22
185.185.48.0/22 maxlen: 22
185.185.51.0/24 maxlen: 24
185.185.50.0/24 maxlen: 24
91.232.105.0/24 maxlen: 24
185.132.176.0/22 maxlen: 22
89.38.96.0/22 maxlen: 22
45.82.64.0/22 maxlen: 22
193.200.164.0/24 maxlen: 24
93.190.136.0/21 maxlen: 22
93.190.140.0/22 maxlen: 22
91.229.23.0/24 maxlen: 24
185.173.160.0/22 maxlen: 22
185.2.80.0/22 maxlen: 22
185.177.124.0/22 maxlen: 22
178.132.0.0/21 maxlen: 21
185.180.220.0/22 maxlen: 22
89.39.104.0/22 maxlen: 22
185.191.0.0/22 maxlen: 22
2.59.168.0/22 maxlen: 22
194.88.104.0/22 maxlen: 22
212.8.240.0/24 maxlen: 24
212.8.242.0/23 maxlen: 23
109.236.80.0/20 maxlen: 20
212.8.252.0/23 maxlen: 23
212.8.248.0/23 maxlen: 23
212.8.250.0/24 maxlen: 24
185.172.88.0/22 maxlen: 22
2a00:7c82::/32 maxlen: 32
2a00:7c81::/32 maxlen: 32
2a00:7c83::/32 maxlen: 32
2a00:7c80::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3a:b4:08:2d:08:ed:4f:24:60:f9:c4:98:1d:f1:5a:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43015654082578c4946cd27be1e89a3dd7562fa4
Validity
Not Before: Dec 22 16:39:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a2b7797a2f4b8101651ba38fce679227af5860b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3a:57:79:08:19:d4:32:e6:90:e2:3f:21:85:
be:0b:63:f2:4a:92:6e:2e:6e:29:0b:f1:cb:0a:06:
0f:29:70:10:17:b2:eb:aa:f3:93:ac:9a:19:7b:c1:
b6:b6:e4:eb:7a:db:40:93:ff:dd:c8:11:b4:2e:86:
80:be:03:f2:c6:39:33:c3:1e:0c:02:ea:3f:94:ef:
71:f3:35:e1:48:0c:6b:12:31:41:7e:a9:0a:8b:8f:
64:fd:8b:4f:79:4a:64:07:dd:b9:5c:f2:9b:54:06:
1d:03:f5:82:cf:b5:00:3b:db:bf:68:b2:11:8b:63:
24:93:48:b5:34:63:6d:7b:06:7b:12:f9:d3:c7:a7:
38:c8:ac:6b:5a:70:7f:e5:67:4e:d7:b9:52:fc:ba:
1e:b6:6d:38:a6:33:e9:43:2e:f3:6a:4c:20:36:71:
99:59:67:53:58:5b:f7:0e:58:13:dd:e2:c4:c9:d7:
69:a6:62:7d:d9:e7:c9:92:42:87:44:f7:74:18:96:
4f:8f:9d:92:f6:c0:d8:54:fd:76:ed:4b:c6:70:f8:
22:60:9d:f0:b1:5d:40:6a:a4:08:f9:33:5a:b5:f5:
ec:dc:18:b1:4e:76:b1:7a:c3:59:bc:0a:22:a6:6d:
52:b9:3c:2a:d5:bd:14:9f:60:56:be:ea:73:2e:a0:
9f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:2B:77:97:A2:F4:B8:10:16:51:BA:38:FC:E6:79:22:7A:F5:86:0B
X509v3 Authority Key Identifier:
keyid:43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/Wit3l6L0uBAWUbo4_OZ5Inr1hgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.168.0/22
45.14.132.0/22
45.82.64.0/22
62.112.8.0/22
80.79.4.0/22
89.38.96.0/22
89.39.104.0/22
91.229.23.0/24
91.232.105.0/24
93.190.136.0/21
109.236.80.0/20
178.132.0.0/21
178.218.196.0/22
185.2.80.0/22
185.21.60.0/22
185.100.232.0/22
185.132.132.0/22
185.132.176.0/22
185.165.240.0/22
185.172.88.0/22
185.173.160.0/22
185.177.124.0/22
185.180.220.0/22
185.182.192.0/22
185.183.32.0/22
185.184.192.0/22
185.185.48.0/22
185.191.0.0/22
193.200.164.0/24
194.88.104.0/22
212.8.240.0/24
212.8.242.0/23
212.8.248.0-212.8.250.255
212.8.252.0/23
217.23.0.0/20
IPv6:
2a00:7c80::/29
Signature Algorithm: sha256WithRSAEncryption
a8:c5:2f:b0:26:31:d2:0f:90:7b:ef:38:22:ac:0b:22:50:8c:
a5:dc:03:fd:f7:39:27:2a:f6:d5:f8:1b:77:4d:11:fb:df:5c:
a9:cd:14:63:b6:7e:35:5f:c6:2d:cf:08:14:66:28:0e:92:ac:
9a:29:4d:86:58:81:82:f6:ec:95:44:4c:3a:a1:65:d9:33:5f:
36:9c:d6:5f:b3:3f:30:75:56:8b:71:46:1b:67:f4:d6:66:6a:
49:0d:f6:7a:5a:1d:8a:52:72:17:8d:20:ed:ac:34:6c:97:63:
e0:12:f1:c9:d8:06:c1:d0:f1:79:83:e0:bb:d8:bc:5b:22:b5:
31:ea:29:a6:b5:55:1a:a4:a0:86:2c:e2:e9:d9:be:1d:9c:96:
ca:41:85:4e:58:21:1a:2f:78:8d:56:af:7b:f0:c0:e7:16:6b:
f0:60:b6:b8:71:8e:ac:00:a7:bc:c1:a7:40:7e:3e:e2:51:fb:
c7:cd:c2:5f:76:62:3b:84:0c:f4:fc:36:80:32:32:bb:1d:38:
b9:26:8f:0e:91:95:b7:58:01:42:5f:1c:4f:11:c0:07:82:97:
05:7c:c6:8d:c7:90:58:82:a5:92:9d:d9:6d:1f:9b:af:45:35:
40:1c:68:06:fa:fc:27:f5:ba:bf:d6:58:63:c3:f2:34:f3:b2:
1b:0c:03:16
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgISAYU6tAgtCO1PJGD5xJgd8VqEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDE1NjU0MDgyNTc4YzQ5NDZjZDI3YmUxZTg5YTNkZDc1
NjJmYTQwHhcNMjIxMjIyMTYzOTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTJiNzc5N2EyZjRiODEwMTY1MWJhMzhmY2U2NzkyMjdhZjU4NjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTpXeQgZ1DLmkOI/IYW+C2PySpJu
Lm4pC/HLCgYPKXAQF7LrqvOTrJoZe8G2tuTrettAk//dyBG0LoaAvgPyxjkzwx4M
Auo/lO9x8zXhSAxrEjFBfqkKi49k/YtPeUpkB925XPKbVAYdA/WCz7UAO9u/aLIR
i2Mkk0i1NGNtewZ7EvnTx6c4yKxrWnB/5WdO17lS/Loetm04pjPpQy7zakwgNnGZ
WWdTWFv3DlgT3eLEyddppmJ92efJkkKHRPd0GJZPj52S9sDYVP127UvGcPgiYJ3w
sV1AaqQI+TNatfXs3BixTnaxesNZvAoipm1SuTwq1b0Un2BWvupzLqCfWwIDAQAB
o4IC8jCCAu4wHQYDVR0OBBYEFFord5ei9LgQFlG6OPzmeSJ69YYLMB8GA1UdIwQY
MBaAFEMBVlQIJXjElGzSe+Homj3XVi+kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdGV1ZBZ2xlTVNVYk5KNzRlaWFQZGRXTDZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jMjdmYTYtYjJiMC00ZGNiLWE4OTkt
MTAzMGNkYmU2YmQ0LzEvV2l0M2w2TDB1QkFXVWJvNF9PWjVJbnIxaGdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jMjdmYTYtYjJiMC00ZGNiLWE4OTktMTAzMGNkYmU2YmQ0
LzEvUXdGV1ZBZ2xlTVNVYk5KNzRlaWFQZGRXTDZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBgYIKwYBBQUHAQcBAf8EgfYwgfMwgeEEAgABMIHaAwQC
AjuoAwQCLQ6EAwQCLVJAAwQCPnAIAwQCUE8EAwQCWSZgAwQCWSdoAwQAW+UXAwQA
W+hpAwQDXb6IAwQEbexQAwQDsoQAAwQCstrEAwQCuQJQAwQCuRU8AwQCuWToAwQC
uYSEAwQCuYSwAwQCuaXwAwQCuaxYAwQCua2gAwQCubF8AwQCubTcAwQCubbAAwQC
ubcgAwQCubjAAwQCubkwAwQCub8AAwQAwcikAwQCwlhoAwQA1AjwAwQB1AjyMAwD
BAPUCPgDBADUCPoDBAHUCPwDBATZFwAwDQQCAAIwBwMFAyoAfIAwDQYJKoZIhvcN
AQELBQADggEBAKjFL7AmMdIPkHvvOCKsCyJQjKXcA/33OScq9tX4G3dNEfvfXKnN
FGO2fjVfxi3PCBRmKA6SrJopTYZYgYL27JVETDqhZdkzXzac1l+zPzB1VotxRhtn
9NZmakkN9npaHYpScheNIO2sNGyXY+AS8cnYBsHQ8XmD4LvYvFsitTHqKaa1VRqk
oIYs4unZvh2clspBhU5YIRoveI1Wr3vwwOcWa/BgtrhxjqwAp7zBp0B+PuJR+8fN
wl92YjuEDPT8NoAyMrsdOLkmjw6RlbdYAUJfHE8RwAeClwV8xo3HkFiCpZKd2W0f
m69FNUAcaAb6/Cf1ur/WWGPD8jTzshsMAxY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:59 2024 by rpki-client on console-fra.rpki-client.org