Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/EDEMvtlBlwz4ocbeo-zNCYq5jAw.roa
File: EDEMvtlBlwz4ocbeo-zNCYq5jAw.roa (raw, json)
Hash identifier: COAiQ+7q0TSvA1H8UnkoROZHA/pbsAy8oLzNknlpxiE=
Subject key identifier: 10:31:0C:BE:D9:41:97:0C:F8:A1:C6:DE:A3:EC:CD:09:8A:B9:8C:0C
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01840E42DC012F2C857C7868E0992B12ED9B
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/EDEMvtlBlwz4ocbeo-zNCYq5jAw.roa
Signing time: Tue 25 Oct 2022 08:29:33 +0000
ROA not before: Tue 25 Oct 2022 08:29:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62206
IP address blocks: 45.151.2.0/24 maxlen: 24
45.151.0.0/23 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
194.15.52.0/23 maxlen: 23
77.83.39.0/24 maxlen: 24
77.83.38.0/23 maxlen: 23
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.13.191.0/24 maxlen: 24
45.94.168.0/22 maxlen: 24
45.144.215.0/24 maxlen: 24
45.144.214.0/23 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
193.30.243.0/24 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
85.209.121.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
45.138.180.0/22 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0e:42:dc:01:2f:2c:85:7c:78:68:e0:99:2b:12:ed:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 25 08:29:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=10310cbed941970cf8a1c6dea3eccd098ab98c0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:cb:99:ce:c4:d0:8c:a7:cc:5d:97:69:7c:19:
3a:3a:6e:8c:f8:7c:3c:04:0a:79:5a:fe:e5:da:50:
6e:f8:82:97:3a:d1:18:ce:50:a7:e1:81:ef:cb:bc:
2a:3a:35:3a:c1:04:4e:43:7c:42:88:99:91:ff:cc:
80:07:e3:62:e7:1d:c5:7f:3b:56:17:1c:ea:fb:ee:
97:e2:9a:c9:f2:66:91:23:0c:18:01:44:0f:57:b0:
56:f0:55:30:e1:4b:c8:67:2a:ae:27:ad:83:0c:1c:
98:87:a2:5a:9b:8f:d3:a1:fb:1d:70:69:ce:fb:40:
fd:d0:85:84:5f:6d:97:ea:a8:9b:52:1c:7a:90:d4:
94:6b:c3:99:0c:e9:12:3b:eb:6e:a6:87:76:36:d7:
11:c1:0e:23:a9:b8:02:22:b9:5c:e5:f1:64:bf:c1:
9e:b1:9a:06:fe:7d:85:1f:cd:d8:ae:4c:3a:98:58:
d3:00:b3:ac:81:0d:09:6a:44:74:88:93:4e:e2:0c:
62:90:82:38:f8:43:9b:4b:86:cb:bf:ef:be:06:6d:
f7:a5:dc:96:81:8c:e3:e0:80:dd:fa:81:5d:43:ff:
22:8c:26:b3:52:88:43:33:32:4b:6d:ad:9d:17:93:
94:7d:2b:87:b0:59:46:19:2f:e1:43:95:21:bf:2d:
6c:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:31:0C:BE:D9:41:97:0C:F8:A1:C6:DE:A3:EC:CD:09:8A:B9:8C:0C
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/EDEMvtlBlwz4ocbeo-zNCYq5jAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.13.191.0/24
45.81.112.0/22
45.88.139.0/24
45.94.168.0/22
45.132.181.0/24
45.138.180.0/22
45.144.212.0/22
45.151.0.0-45.151.2.255
77.83.37.0-77.83.39.255
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.41.0/24
193.57.43.0/24
194.15.52.0/23
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
22:93:b9:83:78:01:f5:33:ca:9c:91:15:5a:2d:3a:e7:72:42:
bf:41:98:68:4e:55:bd:5f:e3:8d:5c:9a:24:c7:35:e1:cd:0d:
51:68:7c:c9:60:cd:e3:07:e1:da:82:c9:fb:0b:78:aa:bb:53:
92:07:4b:5f:c5:8f:3c:46:62:2d:0c:cc:8b:fb:33:42:0d:41:
c8:2b:d4:06:aa:59:c6:fd:05:1a:56:9b:2d:56:0b:b8:97:71:
59:bc:57:22:41:90:ee:8d:0c:df:86:a9:57:65:da:d4:3c:98:
dd:ac:cc:de:92:71:1e:9c:ad:c7:21:fa:09:50:38:d4:12:eb:
3f:86:7f:d7:04:cf:28:3a:85:fb:b7:f3:a8:bb:ad:0e:c2:52:
93:92:be:6e:b0:90:fb:85:71:40:8a:64:35:c1:00:38:e5:85:
df:a8:78:51:af:07:dc:00:ab:87:e3:f4:6a:01:ce:15:88:f8:
37:2a:6e:08:e0:74:44:6a:96:42:4b:50:10:49:11:10:4c:55:
0b:18:e1:b6:59:86:e7:57:38:35:13:0a:d7:22:a2:af:87:9d:
ae:fa:de:20:aa:ed:11:81:1d:60:12:fa:ec:3a:04:43:aa:a8:
41:70:6d:39:89:31:96:62:7b:93:13:88:4b:8f:22:5b:d4:a2:
ac:a9:b8:94
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAYQOQtwBLyyFfHho4JkrEu2bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMDI1MDgyOTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDMxMGNiZWQ5NDE5NzBjZjhhMWM2ZGVhM2VjY2QwOThhYjk4YzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsuZzsTQjKfMXZdpfBk6Om6M+Hw8
BAp5Wv7l2lBu+IKXOtEYzlCn4YHvy7wqOjU6wQROQ3xCiJmR/8yAB+Ni5x3FfztW
Fxzq++6X4prJ8maRIwwYAUQPV7BW8FUw4UvIZyquJ62DDByYh6Jam4/TofsdcGnO
+0D90IWEX22X6qibUhx6kNSUa8OZDOkSO+tupod2NtcRwQ4jqbgCIrlc5fFkv8Ge
sZoG/n2FH83Yrkw6mFjTALOsgQ0JakR0iJNO4gxikII4+EObS4bLv+++Bm33pdyW
gYzj4IDd+oFdQ/8ijCazUohDMzJLba2dF5OUfSuHsFlGGS/hQ5Uhvy1suwIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFBAxDL7ZQZcM+KHG3qPszQmKuYwMMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvRURFTXZ0bEJsd3o0b2NiZW8tek5DWXE1akF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCBpgQCAAEwgZ8DBAIC
OGwDBAAFtVcDBAAtCR0DBAAtDb8DBAItUXADBAAtWIsDBAItXqgDBAAthLUDBAIt
irQDBAItkNQwCwMDAC2XAwQALZcCMAwDBABNUyUDBANNUyADBAJV0XgDBAG5K/gD
BAC5K/sDBAG5yD4DBALBHvADBADBOSkDBADBOSsDBAHCDzQDBALC8mADBADDPhgD
BALDsVwDBALD07wwKQQCAAIwIwMFACoBcSADBQMqB5IAAwUDKgylgAMFAyoQ38AD
BQMqEQWAMA0GCSqGSIb3DQEBCwUAA4IBAQAik7mDeAH1M8qckRVaLTrnckK/QZho
TlW9X+ONXJokxzXhzQ1RaHzJYM3jB+Hagsn7C3iqu1OSB0tfxY88RmItDMyL+zNC
DUHIK9QGqlnG/QUaVpstVgu4l3FZvFciQZDujQzfhqlXZdrUPJjdrMzeknEenK3H
IfoJUDjUEus/hn/XBM8oOoX7t/Oou60OwlKTkr5usJD7hXFAimQ1wQA45YXfqHhR
rwfcAKuH4/RqAc4ViPg3Km4I4HREapZCS1AQSREQTFULGOG2WYbnVzg1EwrXIqKv
h52u+t4gqu0RgR1gEvrsOgRDqqhBcG05iTGWYnuTE4hLjyJb1KKsqbiU
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org