Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ChdH0LRhT7TZpql4e-FhpLfmpVA.roa
File: ChdH0LRhT7TZpql4e-FhpLfmpVA.roa (raw, json)
Hash identifier: uY0Meo77zcxxiBJZXPAKUPpOxcdh4x/EDFAneF2fVbA=
Subject key identifier: 0A:17:47:D0:B4:61:4F:B4:D9:A6:A9:78:7B:E1:61:A4:B7:E6:A5:50
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01847A95BBB559FCCCE62745D0C1D82355CF
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ChdH0LRhT7TZpql4e-FhpLfmpVA.roa
Signing time: Tue 15 Nov 2022 09:19:04 +0000
ROA not before: Tue 15 Nov 2022 09:19:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 22
45.88.139.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.94.168.0/22 maxlen: 24
194.15.52.0/23 maxlen: 23
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
85.209.123.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
85.209.121.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
77.83.38.0/23 maxlen: 24
193.30.241.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.38.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7a:95:bb:b5:59:fc:cc:e6:27:45:d0:c1:d8:23:55:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 15 09:19:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a1747d0b4614fb4d9a6a9787be161a4b7e6a550
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:92:0e:db:fa:b9:73:1d:dd:6d:8d:72:72:0d:
ad:2f:d4:09:e9:ff:79:f4:57:9c:b0:c4:96:e4:25:
16:8c:f9:c4:75:ee:05:1f:4b:90:d0:c1:32:d2:49:
a8:3b:ec:71:cd:3b:86:4f:b0:07:53:4a:47:ac:8a:
cc:a6:7a:a4:53:6a:30:48:51:32:49:0f:4f:17:78:
97:f8:78:f3:7f:96:c9:f8:38:36:85:e5:29:45:e4:
a6:f0:03:13:bb:66:51:16:2e:c7:42:a6:de:18:2c:
64:a2:f2:15:3f:02:69:cf:94:5a:a9:c1:2b:e5:6c:
6b:e9:ed:3d:63:03:66:f6:64:bc:4b:2c:aa:b8:51:
0f:1c:85:a1:4a:68:0c:55:54:37:03:ce:cb:57:91:
e9:9a:8a:ce:c7:84:07:61:bc:ef:f7:13:77:f2:c6:
51:7a:03:df:b0:26:80:54:64:a0:ae:12:72:df:b2:
38:4b:bd:7d:7c:8c:b7:ca:f5:21:a3:8a:fd:ad:48:
30:83:3c:b5:22:5e:38:ee:15:73:c0:92:a3:72:3f:
d5:2a:5c:54:5c:6f:19:c4:33:44:33:96:85:66:38:
8a:b5:66:f0:92:52:7e:50:e6:13:0c:08:06:c6:0f:
6b:9f:cf:dc:e7:73:b0:19:0b:3b:84:e0:ab:ff:cc:
49:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:17:47:D0:B4:61:4F:B4:D9:A6:A9:78:7B:E1:61:A4:B7:E6:A5:50
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ChdH0LRhT7TZpql4e-FhpLfmpVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.139.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/23
77.83.38.0/23
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.15.52.0/23
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
af:1d:58:47:c2:11:50:dd:ef:73:45:10:fb:be:cd:e3:bd:58:
60:e8:79:1f:93:b3:89:9f:12:b9:38:4e:9e:ba:32:bf:22:38:
3e:bf:25:e9:97:cc:00:96:b4:a4:79:31:f2:84:2f:ec:a7:89:
bc:9d:4b:92:e9:0f:a8:d6:c3:58:5f:89:88:7b:19:ab:68:ae:
9e:54:23:2a:16:34:18:b2:ba:b1:a0:75:0b:74:11:4f:b2:16:
11:75:9d:c2:84:11:1e:e1:f7:f4:4b:66:aa:09:35:de:05:e5:
99:a8:6e:9e:14:09:f4:38:ce:d9:2f:d9:0f:76:fd:8f:c6:50:
58:d4:2c:d8:d4:1f:bf:4b:7b:26:50:35:3f:ce:c2:ec:78:40:
89:0c:05:6e:d4:5e:bb:11:f7:3b:93:89:ad:16:f1:78:bb:e8:
c3:6c:02:72:4d:55:6f:19:29:53:ee:51:ef:44:48:4b:c3:de:
4c:93:17:b5:da:cb:05:ec:8c:24:2a:bc:c7:56:4a:56:40:5a:
b3:9c:8a:41:95:b4:07:a3:21:06:b0:2b:f8:bc:b4:5e:69:5c:
1f:13:25:81:95:d5:0f:ca:41:6a:9c:62:51:0b:85:66:32:c6:
7d:74:ba:ef:31:b2:e6:4c:b1:96:4b:fe:1a:12:38:04:09:da:
df:69:66:58
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYR6lbu1WfzM5idF0MHYI1XPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMTE1MDkxOTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTE3NDdkMGI0NjE0ZmI0ZDlhNmE5Nzg3YmUxNjFhNGI3ZTZhNTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpIO2/q5cx3dbY1ycg2tL9QJ6f95
9FecsMSW5CUWjPnEde4FH0uQ0MEy0kmoO+xxzTuGT7AHU0pHrIrMpnqkU2owSFEy
SQ9PF3iX+Hjzf5bJ+Dg2heUpReSm8AMTu2ZRFi7HQqbeGCxkovIVPwJpz5RaqcEr
5Wxr6e09YwNm9mS8SyyquFEPHIWhSmgMVVQ3A87LV5HpmorOx4QHYbzv9xN38sZR
egPfsCaAVGSgrhJy37I4S719fIy3yvUho4r9rUgwgzy1Il447hVzwJKjcj/VKlxU
XG8ZxDNEM5aFZjiKtWbwklJ+UOYTDAgGxg9rn8/c53OwGQs7hOCr/8xJVwIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFAoXR9C0YU+02aapeHvhYaS35qVQMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvQ2hkSDBMUmhUN1RacHFsNGUtRmhwTGZtcFZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBjQQCAAEwgYYDBAIC
OGwDBAAFtVcDBAAtCR0DBAItUXADBAAtWIgDBAAtWIsDBAItXqgwDAMEAC2EtQME
Ay2EsAMEAS2Q1AMEAU1TJgMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgMEAsEe8AME
AME5KwMEAcIPNAMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAjAwUAKgFx
IAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEB
AK8dWEfCEVDd73NFEPu+zeO9WGDoeR+Ts4mfErk4Tp66Mr8iOD6/JemXzACWtKR5
MfKEL+ynibydS5LpD6jWw1hfiYh7Gatorp5UIyoWNBiyurGgdQt0EU+yFhF1ncKE
ER7h9/RLZqoJNd4F5Zmobp4UCfQ4ztkv2Q92/Y/GUFjULNjUH79LeyZQNT/Owux4
QIkMBW7UXrsR9zuTia0W8Xi76MNsAnJNVW8ZKVPuUe9ESEvD3kyTF7XaywXsjCQq
vMdWSlZAWrOcikGVtAejIQawK/i8tF5pXB8TJYGV1Q/KQWqcYlELhWYyxn10uu8x
suZMsZZL/hoSOAQJ2t9pZlg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:20 2023 by rpki-client on console-ams.rpki-client.org