Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/97ViQ_jX8XHfQ_2mDe3Hw5duWnk.roa
File: 97ViQ_jX8XHfQ_2mDe3Hw5duWnk.roa (raw, json)
Hash identifier: Jp39PSjUv5lcIAf6+FMc2UfZSurz1FZx5zIc9Wd4jcA=
Subject key identifier: F7:B5:62:43:F8:D7:F1:71:DF:43:FD:A6:0D:ED:C7:C3:97:6E:5A:79
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0185630C81D78976CBADFD9B5E0D69C5D029
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/97ViQ_jX8XHfQ_2mDe3Hw5duWnk.roa
Signing time: Fri 30 Dec 2022 12:40:42 +0000
ROA not before: Fri 30 Dec 2022 12:40:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 22
45.88.139.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.13.188.0/24 maxlen: 24
45.94.168.0/22 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
85.209.123.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.38.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:63:0c:81:d7:89:76:cb:ad:fd:9b:5e:0d:69:c5:d0:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 30 12:40:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f7b56243f8d7f171df43fda60dedc7c3976e5a79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ae:86:78:c4:04:97:52:ff:73:8d:b0:97:3b:
71:47:74:1b:3d:31:b7:ab:8a:e2:a3:f6:8a:3f:d5:
ee:49:31:44:32:fa:84:cc:a4:69:da:90:ef:ba:21:
9c:e0:3a:7e:06:85:e4:95:49:48:84:7b:34:07:15:
c0:0b:a3:af:3b:68:3b:5e:8a:5a:a8:43:98:93:ae:
5e:2e:4e:07:c5:94:8c:41:f6:1d:0c:ef:b4:e6:6b:
bf:94:de:0b:f7:3a:6f:49:81:90:23:4f:82:d4:9c:
0a:06:e5:1a:29:89:fd:6d:cd:65:00:71:ef:28:d2:
4e:02:90:71:65:a9:a3:be:fe:4d:a1:5b:52:95:1a:
f1:99:27:40:7e:ff:d8:26:63:5d:93:b0:e6:60:df:
a9:40:a5:ee:9b:6d:df:66:d0:ba:23:42:90:c7:0d:
b4:53:4d:44:30:67:06:b7:10:d9:af:32:6a:bb:a6:
59:04:2a:05:f7:9a:f4:ca:68:21:5e:60:8d:f2:51:
ae:b4:10:33:46:f4:fc:5a:01:8d:de:e0:5f:46:a2:
aa:d6:c9:cf:ff:a2:c0:02:85:06:63:65:e6:37:da:
cf:9c:dd:64:ac:27:9e:b7:f4:90:bc:72:75:12:d0:
75:27:78:85:1a:9c:1b:bc:b1:c6:30:45:97:85:c7:
54:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:B5:62:43:F8:D7:F1:71:DF:43:FD:A6:0D:ED:C7:C3:97:6E:5A:79
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/97ViQ_jX8XHfQ_2mDe3Hw5duWnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.13.188.0/24
45.81.112.0/22
45.88.136.0/24
45.88.139.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.38.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
59:d4:c8:5c:97:7a:52:9f:75:c8:f3:78:d2:0e:1f:8f:a1:f9:
2d:56:2c:b9:1d:bb:b5:97:f5:16:1d:ac:ec:45:a4:b7:d7:37:
6e:f2:5c:e4:b4:21:1c:64:c1:a1:a7:9f:c5:34:35:03:8e:4b:
38:91:6e:9c:e4:a1:96:d7:57:c8:0f:c1:23:fc:7d:c1:40:85:
f7:2d:b1:8d:9c:74:5e:3c:18:6a:e5:ba:d6:e7:6d:c0:d3:47:
d9:0d:17:37:c4:d1:58:ee:04:b6:38:29:bd:2c:b3:54:87:c2:
3b:43:41:f7:24:c6:c6:b8:f5:a7:71:97:bf:91:ca:5f:8c:c9:
9f:e3:91:35:94:60:59:e5:43:94:bf:44:6e:7e:3f:3e:e9:75:
48:be:83:b8:42:ec:21:ab:48:31:7a:3a:9c:d6:a8:e0:b4:17:
3e:27:e6:6f:0d:24:b5:83:4e:2d:9f:46:a1:63:03:4c:59:b9:
1b:af:6f:f9:3e:74:2c:36:1e:93:4b:8f:7d:16:33:cd:b8:71:
a2:21:1e:2b:1c:f5:d6:ee:04:71:9f:1a:c1:2c:2f:b9:66:32:
6e:66:87:86:a1:41:97:a2:b9:2d:b6:23:26:e2:ef:dd:aa:a1:
a5:5b:ed:2e:0f:b2:95:01:11:c4:3f:55:95:9e:dc:b6:aa:7d:
10:5e:ea:44
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYVjDIHXiXbLrf2bXg1pxdApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMjMwMTI0MDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2I1NjI0M2Y4ZDdmMTcxZGY0M2ZkYTYwZGVkYzdjMzk3NmU1YTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoa6GeMQEl1L/c42wlztxR3QbPTG3
q4rio/aKP9XuSTFEMvqEzKRp2pDvuiGc4Dp+BoXklUlIhHs0BxXAC6OvO2g7Xopa
qEOYk65eLk4HxZSMQfYdDO+05mu/lN4L9zpvSYGQI0+C1JwKBuUaKYn9bc1lAHHv
KNJOApBxZamjvv5NoVtSlRrxmSdAfv/YJmNdk7DmYN+pQKXum23fZtC6I0KQxw20
U01EMGcGtxDZrzJqu6ZZBCoF95r0ymghXmCN8lGutBAzRvT8WgGN3uBfRqKq1snP
/6LAAoUGY2XmN9rPnN1krCeet/SQvHJ1EtB1J3iFGpwbvLHGMEWXhcdUYQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFPe1YkP41/Fx30P9pg3tx8OXblp5MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvOTdWaVFfalg4WEhmUV8ybURlM0h3NWR1V25rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBjQQCAAEwgYYDBAIC
OGwDBAAFtVcDBAAtCR0DBAAtDbwDBAItUXADBAAtWIgDBAAtWIsDBAItXqgwDAME
AC2EtQMEAy2EsAMEAC2Q1AMEAE1TJgMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgME
AsEe8AMEAME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAjAwUAKgFx
IAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEB
AFnUyFyXelKfdcjzeNIOH4+h+S1WLLkdu7WX9RYdrOxFpLfXN27yXOS0IRxkwaGn
n8U0NQOOSziRbpzkoZbXV8gPwSP8fcFAhfctsY2cdF48GGrlutbnbcDTR9kNFzfE
0VjuBLY4Kb0ss1SHwjtDQfckxsa49adxl7+Ryl+MyZ/jkTWUYFnlQ5S/RG5+Pz7p
dUi+g7hC7CGrSDF6OpzWqOC0Fz4n5m8NJLWDTi2fRqFjA0xZuRuvb/k+dCw2HpNL
j30WM824caIhHisc9dbuBHGfGsEsL7lmMm5mh4ahQZeiuS22Iybi792qoaVb7S4P
spUBEcQ/VZWe3LaqfRBe6kQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org