Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/lOLqLNqg5HNqxCRhWtStSuVqJn4.roa
File: lOLqLNqg5HNqxCRhWtStSuVqJn4.roa (raw, json)
Hash identifier: u9wNzx7Tj/1DfQv6/TZjaWuo1h8GRA4Hdo7Wii5jPv0=
Subject key identifier: 94:E2:EA:2C:DA:A0:E4:73:6A:C4:24:61:5A:D4:AD:4A:E5:6A:26:7E
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0185159F35EECA90143D4F2D83B72948C956
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/lOLqLNqg5HNqxCRhWtStSuVqJn4.roa
Signing time: Thu 15 Dec 2022 11:50:33 +0000
ROA not before: Thu 15 Dec 2022 11:50:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 22
45.88.139.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.13.188.0/24 maxlen: 24
45.94.168.0/22 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.38.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:15:9f:35:ee:ca:90:14:3d:4f:2d:83:b7:29:48:c9:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 15 11:50:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94e2ea2cdaa0e4736ac424615ad4ad4ae56a267e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:89:eb:ea:72:68:7a:58:3a:21:49:02:3d:bb:
f6:31:59:cb:5c:1a:5b:ec:d2:76:72:a0:36:b8:63:
73:d8:78:ad:c5:a2:4d:d8:84:e6:c7:ad:c5:85:0c:
13:20:2a:c7:ea:cb:8c:2e:eb:74:2f:f7:8c:48:d0:
82:5f:76:b0:a5:74:29:41:50:de:99:cb:98:2a:45:
d1:59:f0:05:e2:b2:c2:09:b6:1f:1e:81:ce:b9:a2:
fe:41:bc:9b:44:e5:14:54:08:58:ce:07:fd:27:8a:
47:cb:b8:ef:82:ae:ae:a9:dd:24:87:49:48:45:81:
29:81:2e:a2:e1:b0:ef:5a:a5:f0:26:51:48:a3:16:
a0:b0:0c:17:86:d4:98:02:22:f7:23:ee:91:1c:f5:
dc:e7:94:fa:66:38:07:39:2d:9f:1b:ba:f9:c7:c8:
e9:90:f9:bd:9b:44:48:8d:76:2a:fa:9f:29:50:43:
fb:16:c9:92:39:ef:33:85:4c:ad:77:13:99:05:1f:
7d:63:43:ed:ca:78:9b:16:55:24:6d:7f:e7:c9:03:
bc:bd:da:0e:74:0e:cc:70:23:d9:4c:74:a0:3e:16:
49:d0:78:15:46:b7:e5:02:9b:82:9b:d2:ec:56:ac:
6b:65:2b:67:1b:76:c4:47:91:77:23:aa:5a:3f:8c:
1e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:E2:EA:2C:DA:A0:E4:73:6A:C4:24:61:5A:D4:AD:4A:E5:6A:26:7E
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/lOLqLNqg5HNqxCRhWtStSuVqJn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.13.188.0/24
45.81.112.0/22
45.88.136.0/24
45.88.139.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/23
77.83.38.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
00:cb:e4:50:bd:16:88:a9:ce:d7:67:e1:bb:75:bf:c9:4b:fe:
bc:94:b9:10:77:72:f1:57:16:a0:34:95:a9:5c:a8:67:7b:63:
44:91:ff:60:de:d6:d1:ba:00:be:92:3b:f7:55:52:a6:11:e4:
c0:dd:52:9b:d6:0b:aa:c4:41:12:9d:98:4f:47:71:dc:71:a0:
d5:69:40:ac:5b:c6:a7:18:99:93:a2:73:a3:c7:76:78:ca:ca:
dc:0a:13:c5:a1:73:21:c7:86:f3:4a:e7:4f:0f:98:c4:ad:5b:
23:80:71:32:de:64:ff:9f:87:ce:dd:73:ab:ce:b4:40:ec:2b:
e3:81:e7:20:58:d2:d0:ba:16:09:f9:7d:be:08:a8:00:ff:99:
64:3c:d7:3a:c8:50:61:82:4f:1b:9e:f9:f1:d3:b6:d4:0f:14:
2b:6a:2f:ed:ec:a2:c8:00:6b:ef:78:4f:79:d8:7e:f4:81:46:
b4:1d:4c:fc:e8:4a:13:3d:40:c0:99:a4:70:b7:a4:e5:c5:47:
ce:48:ae:2a:f7:30:4a:67:df:64:0f:60:a6:ac:be:93:5e:f9:
5f:a9:42:1d:d6:2b:ea:84:96:45:22:74:b8:d4:36:f6:65:6c:
5a:16:10:dc:11:2c:26:f8:45:4e:f7:0e:e8:a9:8b:99:02:f4:
4c:f3:88:50
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYUVnzXuypAUPU8tg7cpSMlWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMjE1MTE1MDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGUyZWEyY2RhYTBlNDczNmFjNDI0NjE1YWQ0YWQ0YWU1NmEyNjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg4nr6nJoelg6IUkCPbv2MVnLXBpb
7NJ2cqA2uGNz2HitxaJN2ITmx63FhQwTICrH6suMLut0L/eMSNCCX3awpXQpQVDe
mcuYKkXRWfAF4rLCCbYfHoHOuaL+QbybROUUVAhYzgf9J4pHy7jvgq6uqd0kh0lI
RYEpgS6i4bDvWqXwJlFIoxagsAwXhtSYAiL3I+6RHPXc55T6ZjgHOS2fG7r5x8jp
kPm9m0RIjXYq+p8pUEP7FsmSOe8zhUytdxOZBR99Y0PtynibFlUkbX/nyQO8vdoO
dA7McCPZTHSgPhZJ0HgVRrflApuCm9LsVqxrZStnG3bER5F3I6paP4weLwIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFJTi6izaoORzasQkYVrUrUrlaiZ+MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvbE9McUxOcWc1SE5xeENSaFd0U3RTdVZxSm40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBjQQCAAEwgYYDBAIC
OGwDBAAFtVcDBAAtCR0DBAAtDbwDBAItUXADBAAtWIgDBAAtWIsDBAItXqgwDAME
AC2EtQMEAy2EsAMEAS2Q1AMEAE1TJgMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgME
AsEe8AMEAME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAjAwUAKgFx
IAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEB
AADL5FC9Foipztdn4bt1v8lL/ryUuRB3cvFXFqA0lalcqGd7Y0SR/2De1tG6AL6S
O/dVUqYR5MDdUpvWC6rEQRKdmE9HcdxxoNVpQKxbxqcYmZOic6PHdnjKytwKE8Wh
cyHHhvNK508PmMStWyOAcTLeZP+fh87dc6vOtEDsK+OB5yBY0tC6Fgn5fb4IqAD/
mWQ81zrIUGGCTxue+fHTttQPFCtqL+3sosgAa+94T3nYfvSBRrQdTPzoShM9QMCZ
pHC3pOXFR85Irir3MEpn32QPYKasvpNe+V+pQh3WK+qElkUidLjUNvZlbFoWENwR
LCb4RU73Duipi5kC9EzziFA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org