Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/UeMvPeuG67IpBtb4PDpxnL8TvlY.roa
File: UeMvPeuG67IpBtb4PDpxnL8TvlY.roa (raw, json)
Hash identifier: JquCbz34Z8ejO9hnbJQEawThlI9f7mPZkDWIGoDg/GI=
Subject key identifier: 51:E3:2F:3D:EB:86:EB:B2:29:06:D6:F8:3C:3A:71:9C:BF:13:BE:56
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0183FB0A2FC2971C80E7B8A72928D2580ACD
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/UeMvPeuG67IpBtb4PDpxnL8TvlY.roa
Signing time: Fri 21 Oct 2022 14:54:52 +0000
ROA not before: Fri 21 Oct 2022 14:54:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62206
IP address blocks: 45.151.2.0/24 maxlen: 24
45.151.0.0/23 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
194.15.52.0/23 maxlen: 23
77.83.39.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.137.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.13.191.0/24 maxlen: 24
45.94.168.0/22 maxlen: 24
45.144.215.0/24 maxlen: 24
45.144.214.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
85.209.120.0/24 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
85.209.121.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
45.138.180.0/22 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fb:0a:2f:c2:97:1c:80:e7:b8:a7:29:28:d2:58:0a:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 21 14:54:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=51e32f3deb86ebb22906d6f83c3a719cbf13be56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:e2:1c:83:66:d7:67:32:37:e2:53:ee:b6:0f:
aa:a5:9f:12:e3:11:a7:be:79:a9:1f:d3:d8:7a:60:
37:7f:9f:4f:71:74:25:f0:fc:76:fd:40:a4:fe:69:
88:ed:d8:01:7d:28:84:5b:9e:28:65:e7:84:fa:a5:
b2:73:ec:27:c0:f2:8b:82:6e:52:d4:33:4c:28:79:
4e:ba:19:5a:7d:96:44:23:d0:0b:93:b1:09:81:0d:
f0:16:d4:96:08:28:14:6a:d8:7b:5d:c7:79:44:f7:
ad:9d:4b:49:23:fc:94:a6:82:6e:cd:f0:7a:07:55:
c9:6f:80:5f:f3:b7:6a:5d:02:d0:7c:de:f7:97:fd:
e7:db:ff:e8:c7:ec:41:1c:a7:08:32:51:9a:9e:7b:
ae:39:6b:03:1a:74:a2:44:25:da:9f:5c:d7:97:81:
ab:db:2c:8e:f2:86:33:d4:20:98:3c:9d:6d:e3:27:
0a:e8:5b:19:c0:45:76:d2:47:4f:49:f4:f5:57:31:
b7:30:1d:9b:02:96:3e:98:ff:17:2e:3f:39:4c:3a:
5b:b5:a2:5c:49:ed:39:ec:9e:fc:c0:44:89:9d:3c:
8b:55:1f:25:a7:a8:6f:38:05:c4:e9:11:02:d2:c8:
41:70:74:1a:89:c6:02:fa:8a:16:22:db:4f:ac:13:
a1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:E3:2F:3D:EB:86:EB:B2:29:06:D6:F8:3C:3A:71:9C:BF:13:BE:56
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/UeMvPeuG67IpBtb4PDpxnL8TvlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.13.191.0/24
45.81.112.0/22
45.88.136.0/23
45.88.139.0/24
45.94.168.0/22
45.132.181.0/24
45.138.180.0/22
45.144.212.0/22
45.151.0.0-45.151.2.255
77.83.37.0-77.83.39.255
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.41.0/24
193.57.43.0/24
194.15.52.0/23
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
b3:3e:cb:a6:3a:83:9a:45:d0:b0:5e:00:b4:5f:af:cd:83:0f:
a3:7d:5e:a6:f8:6b:3b:46:f8:32:c8:6d:db:9c:5a:31:b1:34:
31:b6:ef:3c:80:6b:7f:ac:5b:4f:7d:98:e7:31:70:5c:58:27:
7c:e7:18:06:c9:5f:d4:01:38:d2:ff:89:1c:58:a8:57:26:e0:
9c:06:d3:a9:c0:b0:2f:aa:d3:03:37:77:03:c3:ad:b3:69:d1:
9a:7c:a4:22:02:fe:fe:af:c8:2f:fc:2a:f0:f8:42:80:a9:a6:
89:a0:d2:fc:9a:d5:af:23:53:7d:1e:b2:5b:db:96:5c:03:f0:
fb:67:e1:16:3c:ad:21:ac:cc:fc:22:d7:c7:39:c2:b5:84:38:
96:6b:b2:2f:ea:8d:ee:45:b5:c4:52:3b:94:42:15:b8:59:f8:
73:09:80:07:91:9b:4c:a4:1b:ee:28:36:3d:78:79:34:8b:6b:
1c:3a:1f:aa:94:5b:20:ad:9a:68:7f:7b:c4:ee:93:9b:75:72:
e2:fc:ad:36:f0:39:3a:58:53:ff:70:61:2e:07:58:a7:bc:35:
b5:c7:2a:22:cb:49:2b:96:d5:ba:49:c0:64:52:16:3e:ba:85:
59:63:11:fd:78:50:d0:d6:62:d1:60:e4:17:a3:66:8d:22:b1:
26:dd:86:f8
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAYP7Ci/ClxyA57inKSjSWArNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMDIxMTQ1NDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWUzMmYzZGViODZlYmIyMjkwNmQ2ZjgzYzNhNzE5Y2JmMTNiZTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7uIcg2bXZzI34lPutg+qpZ8S4xGn
vnmpH9PYemA3f59PcXQl8Px2/UCk/mmI7dgBfSiEW54oZeeE+qWyc+wnwPKLgm5S
1DNMKHlOuhlafZZEI9ALk7EJgQ3wFtSWCCgUath7Xcd5RPetnUtJI/yUpoJuzfB6
B1XJb4Bf87dqXQLQfN73l/3n2//ox+xBHKcIMlGannuuOWsDGnSiRCXan1zXl4Gr
2yyO8oYz1CCYPJ1t4ycK6FsZwEV20kdPSfT1VzG3MB2bApY+mP8XLj85TDpbtaJc
Se057J78wESJnTyLVR8lp6hvOAXE6REC0shBcHQaicYC+ooWIttPrBOhGwIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFFHjLz3rhuuyKQbW+Dw6cZy/E75WMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvVWVNdlBldUc2N0lwQnRiNFBEcHhuTDhUdmxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCBrAQCAAEwgaUDBAIC
OGwDBAAFtVcDBAAtCR0DBAAtDb8DBAItUXADBAEtWIgDBAAtWIsDBAItXqgDBAAt
hLUDBAItirQDBAItkNQwCwMDAC2XAwQALZcCMAwDBABNUyUDBANNUyADBAJV0XgD
BAG5K/gDBAC5K/sDBAG5yD4DBALBHvADBADBOSkDBADBOSsDBAHCDzQDBALC8mAD
BADDPhgDBALDsVwDBALD07wwKQQCAAIwIwMFACoBcSADBQMqB5IAAwUDKgylgAMF
AyoQ38ADBQMqEQWAMA0GCSqGSIb3DQEBCwUAA4IBAQCzPsumOoOaRdCwXgC0X6/N
gw+jfV6m+Gs7RvgyyG3bnFoxsTQxtu88gGt/rFtPfZjnMXBcWCd85xgGyV/UATjS
/4kcWKhXJuCcBtOpwLAvqtMDN3cDw62zadGafKQiAv7+r8gv/Crw+EKAqaaJoNL8
mtWvI1N9HrJb25ZcA/D7Z+EWPK0hrMz8ItfHOcK1hDiWa7Iv6o3uRbXEUjuUQhW4
WfhzCYAHkZtMpBvuKDY9eHk0i2scOh+qlFsgrZpof3vE7pObdXLi/K028Dk6WFP/
cGEuB1invDW1xyoiy0krltW6ScBkUhY+uoVZYxH9eFDQ1mLRYOQXo2aNIrEm3Yb4
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:32 2023 by rpki-client on console-fra.rpki-client.org