Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/w_IufvDIwCp4THjxN5J5xJltDvg.roa
File: w_IufvDIwCp4THjxN5J5xJltDvg.roa (raw, json)
Hash identifier: YS3OJVN0vXaleZz+H2sUJX8wRR2ZTJvfZ25QEq9HbXw=
Subject key identifier: C3:F2:2E:7E:F0:C8:C0:2A:78:4C:78:F1:37:92:79:C4:99:6D:0E:F8
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0183A42BEFFD415FA7FF25D8E46B7004A974
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/w_IufvDIwCp4THjxN5J5xJltDvg.roa
Signing time: Tue 04 Oct 2022 18:04:46 +0000
ROA not before: Tue 04 Oct 2022 18:04:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62206
IP address blocks: 45.151.2.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.137.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.13.191.0/24 maxlen: 24
45.144.215.0/24 maxlen: 24
45.144.214.0/24 maxlen: 24
194.15.52.0/23 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
85.209.120.0/24 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
85.209.121.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.38.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a4:2b:ef:fd:41:5f:a7:ff:25:d8:e4:6b:70:04:a9:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 4 18:04:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c3f22e7ef0c8c02a784c78f1379279c4996d0ef8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:27:e5:2b:a6:16:a7:e3:d6:b4:ba:1d:bb:88:
3c:a7:ba:4a:5d:f5:f3:f0:9f:d1:94:95:80:8a:2b:
85:20:c9:c0:58:59:e3:df:6e:d5:29:2d:1d:16:04:
b3:55:db:e4:d6:f2:bd:d5:7f:7c:f0:56:a7:da:3e:
b2:6f:31:d7:3d:9c:62:57:07:ac:16:43:10:17:fc:
df:e1:7c:05:56:04:83:b7:f9:a8:3c:f2:1c:aa:fc:
69:0e:8e:dc:e7:02:d6:81:a4:4a:6c:16:3f:0c:bf:
aa:23:45:45:d1:2a:c7:22:a3:a3:1a:83:c9:f7:ec:
49:03:91:44:f2:49:f0:b5:ff:df:bc:1a:d9:1a:3f:
f9:1c:fd:28:06:02:bf:77:1a:56:7d:28:57:59:f4:
be:28:ed:ec:dd:3e:63:67:ae:0f:fa:6c:5a:84:3d:
f4:95:3f:23:09:1a:c3:33:48:e3:22:1e:2d:29:0f:
83:bd:9d:3b:70:6f:0b:d0:b5:ca:2b:1a:8d:fa:e4:
dc:0d:32:df:80:c6:a0:d2:e8:a4:2d:ce:50:89:4d:
4c:2a:54:c6:19:0f:63:1b:e9:69:c3:c5:4b:2a:ec:
38:46:61:9c:6a:8f:f7:49:8a:fb:ca:a6:50:fb:9a:
c9:35:45:8d:ce:4b:88:92:8c:98:a2:fd:80:73:63:
a8:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:F2:2E:7E:F0:C8:C0:2A:78:4C:78:F1:37:92:79:C4:99:6D:0E:F8
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/w_IufvDIwCp4THjxN5J5xJltDvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.13.191.0/24
45.81.112.0/22
45.88.136.0/23
45.88.139.0/24
45.132.181.0/24
45.144.212.0/24
45.144.214.0/23
45.151.2.0/24
77.83.37.0-77.83.38.255
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.41.0/24
193.57.43.0/24
194.15.52.0/23
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.190.0/24
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
5d:ce:3c:3d:db:f3:f1:6c:fc:f9:4f:41:de:6b:81:38:75:1a:
da:d1:1e:2b:d8:bf:e6:58:84:59:4d:b6:f3:85:d6:55:cf:54:
71:33:c4:f7:d9:54:b7:f4:e0:e3:62:69:df:9c:b4:d8:f9:63:
b8:aa:67:d7:f6:dc:f1:ea:39:da:de:15:3a:a2:cf:5e:a6:12:
ca:25:64:bf:fd:fe:5e:bf:12:8a:03:24:12:45:18:78:94:1a:
5d:87:4d:8e:ad:ac:62:9c:b0:93:b5:7d:af:e4:ef:db:eb:94:
e5:79:03:81:e0:61:53:d6:ec:b3:03:df:09:4b:26:b3:5e:af:
b1:cc:2d:c2:e0:5f:71:3f:af:5d:19:bd:ec:9e:23:5c:0c:6e:
3f:61:73:75:35:6a:c1:a3:36:af:56:c8:a9:19:44:e2:72:4d:
53:90:47:84:05:b0:cc:b4:08:ec:03:0f:e5:f9:35:1e:1a:63:
1c:4b:65:dc:4f:cb:d4:05:58:4b:1c:20:2b:11:6e:7c:58:c8:
66:15:2b:16:c5:20:cb:bc:e2:cc:4b:6c:b5:90:db:10:61:22:
e2:55:23:1c:24:d9:9b:c2:c6:e8:09:9d:79:87:24:ec:fb:8c:
74:7e:e3:ab:5a:6e:e1:a9:fc:c2:b3:fc:a7:6b:53:55:22:7b:
7a:94:ea:89
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgISAYOkK+/9QV+n/yXY5GtwBKl0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMDA0MTgwNDQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2YyMmU3ZWYwYzhjMDJhNzg0Yzc4ZjEzNzkyNzljNDk5NmQwZWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiflK6YWp+PWtLodu4g8p7pKXfXz
8J/RlJWAiiuFIMnAWFnj327VKS0dFgSzVdvk1vK91X988Fan2j6ybzHXPZxiVwes
FkMQF/zf4XwFVgSDt/moPPIcqvxpDo7c5wLWgaRKbBY/DL+qI0VF0SrHIqOjGoPJ
9+xJA5FE8knwtf/fvBrZGj/5HP0oBgK/dxpWfShXWfS+KO3s3T5jZ64P+mxahD30
lT8jCRrDM0jjIh4tKQ+DvZ07cG8L0LXKKxqN+uTcDTLfgMag0uikLc5QiU1MKlTG
GQ9jG+lpw8VLKuw4RmGcao/3SYr7yqZQ+5rJNUWNzkuIkoyYov2Ac2OokwIDAQAB
o4ICxTCCAsEwHQYDVR0OBBYEFMPyLn7wyMAqeEx48TeSecSZbQ74MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvd19JdWZ2REl3Q3A0VEhqeE41SjV4Smx0RHZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHaBggrBgEFBQcBBwEB/wSByjCBxzCBmQQCAAEwgZIDBAAF
tVcDBAAtCR0DBAAtDb8DBAItUXADBAEtWIgDBAAtWIsDBAAthLUDBAAtkNQDBAEt
kNYDBAAtlwIwDAMEAE1TJQMEAE1TJgMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgME
AsEe8AMEAME5KQMEAME5KwMEAcIPNAMEAsLyYAMEAMM+GAMEAsOxXAMEAMPTvjAp
BAIAAjAjAwUAKgFxIAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZI
hvcNAQELBQADggEBAF3OPD3b8/Fs/PlPQd5rgTh1GtrRHivYv+ZYhFlNtvOF1lXP
VHEzxPfZVLf04ONiad+ctNj5Y7iqZ9f23PHqOdreFTqiz16mEsolZL/9/l6/EooD
JBJFGHiUGl2HTY6trGKcsJO1fa/k79vrlOV5A4HgYVPW7LMD3wlLJrNer7HMLcLg
X3E/r10ZveyeI1wMbj9hc3U1asGjNq9WyKkZROJyTVOQR4QFsMy0COwDD+X5NR4a
YxxLZdxPy9QFWEscICsRbnxYyGYVKxbFIMu84sxLbLWQ2xBhIuJVIxwk2ZvCxugJ
nXmHJOz7jHR+46tabuGp/MKz/KdrU1Uie3qU6ok=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:33 2023 by rpki-client on console-fra.rpki-client.org