Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/zqFMW4c2EeYFAvVtZrtdCiL4UHY.roa
File: zqFMW4c2EeYFAvVtZrtdCiL4UHY.roa (raw, json)
Hash identifier: PmMTN1XQi6oc6ff5bXtoYHQlWWe61RgNko5u5usxtIE=
Subject key identifier: CE:A1:4C:5B:87:36:11:E6:05:02:F5:6D:66:BB:5D:0A:22:F8:50:76
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 084A0856
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/zqFMW4c2EeYFAvVtZrtdCiL4UHY.roa
Signing time: Thu 21 Apr 2022 11:17:02 +0000
ROA not before: Thu 21 Apr 2022 11:17:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62206
IP address blocks: 45.151.2.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.137.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.13.188.0/24 maxlen: 24
45.13.191.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.144.215.0/24 maxlen: 24
45.144.214.0/24 maxlen: 24
194.15.52.0/23 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/24 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
85.209.121.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139069526 (0x84a0856)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 21 11:17:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cea14c5b873611e60502f56d66bb5d0a22f85076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:54:ea:c0:3a:03:23:65:5e:3c:14:46:82:69:
c0:15:88:3a:b0:7e:ed:31:29:f4:16:91:55:a6:fe:
0c:cc:82:f4:0e:a4:9a:e6:a4:f0:5f:5a:39:0b:1d:
e7:aa:fa:7c:03:ed:e6:7f:87:31:ed:63:30:8b:c6:
5e:26:a2:54:17:f7:b8:18:5a:7f:7e:c8:e3:ec:20:
02:1e:1c:b4:9e:f2:27:88:9a:96:67:4f:20:f7:6b:
6e:cc:fd:57:23:65:d3:d4:a1:dd:69:67:dd:0c:fe:
f6:42:93:65:d9:80:1a:79:a4:ca:64:ba:65:78:37:
0e:cf:a6:67:ff:ab:9d:85:08:68:b9:c7:0b:ec:2e:
41:ac:f8:ca:83:cd:a1:23:08:9d:51:f5:67:31:90:
74:e1:9e:df:02:1c:bb:c3:39:32:5e:ed:06:03:1e:
ef:f2:16:21:04:f4:c6:2a:a0:df:06:b7:a9:70:40:
a8:6c:ac:8c:6c:02:f3:ed:bf:e0:8d:24:26:7e:a9:
c4:cc:07:37:46:66:1d:12:0e:7b:39:9b:ae:92:8d:
f7:45:56:82:55:a4:65:47:4f:57:88:50:6b:1d:32:
42:07:3b:f5:8d:d4:02:69:94:7f:98:63:6c:c3:6d:
5f:ac:2a:41:22:21:3a:45:8b:90:20:71:70:ed:87:
fe:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:A1:4C:5B:87:36:11:E6:05:02:F5:6D:66:BB:5D:0A:22:F8:50:76
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/zqFMW4c2EeYFAvVtZrtdCiL4UHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.29.0/24
45.13.188.0/23
45.13.191.0/24
45.88.136.0/22
45.132.181.0/24
45.144.212.0/22
45.151.2.0/24
77.83.37.0-77.83.39.255
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/24
193.30.240.0/22
193.57.41.0/24
193.57.43.0/24
194.15.52.0/23
194.242.96.0/22
195.62.24.0/24
195.177.92.0/23
195.177.95.0/24
195.211.190.0/24
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
86:08:15:d5:74:7f:8d:19:c5:d6:93:e9:e6:b4:9a:37:92:34:
ef:9f:a8:a8:ed:94:56:d8:a1:08:66:e8:1e:1a:0b:d8:f6:ca:
f6:c5:f3:1a:b8:63:cd:9b:9e:96:3f:fa:a9:04:3b:9b:e0:cc:
5f:50:ed:74:ee:bb:51:e2:8f:4f:97:39:97:4d:0a:9e:71:a4:
0b:e4:a6:65:97:ea:3c:bc:98:79:7f:c7:0e:10:0b:23:85:c2:
4f:5e:34:44:fe:bf:43:fc:03:3f:48:c4:ee:fa:80:f7:a8:9d:
97:24:c1:aa:7a:18:63:89:ca:f9:ef:01:ca:0c:df:e7:62:97:
de:2d:f0:c8:54:9f:a5:8d:8e:77:0a:ff:53:8f:0b:5c:4e:ad:
00:0c:43:ae:9e:52:5b:4b:de:32:94:d1:0b:5f:d0:d7:e5:d0:
ea:36:28:82:f4:a7:94:01:8e:7e:69:12:6a:39:d7:fb:d1:60:
4f:53:33:d3:36:e7:eb:76:ae:73:b5:1c:70:75:9e:ef:98:aa:
59:88:75:c9:0c:9d:9b:d1:f1:86:bf:4f:00:4e:a1:e3:8d:e1:
8d:7a:65:d1:aa:21:03:b4:b4:c2:1b:7a:a1:c5:02:5b:57:80:
d4:a4:4e:7f:03:51:bd:25:98:a8:ba:07:00:d1:ec:20:08:3d:
b6:a1:46:6b
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIECEoIVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDJhNDc4YmIwYjA4ZTY2MWIwYjJmOWZiZTg5MzViYzljMmEyOGExMB4XDTIyMDQy
MTExMTcwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2VhMTRjNWI4NzM2
MTFlNjA1MDJmNTZkNjZiYjVkMGEyMmY4NTA3NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKtU6sA6AyNlXjwURoJpwBWIOrB+7TEp9BaRVab+DMyC9A6k
muak8F9aOQsd56r6fAPt5n+HMe1jMIvGXiaiVBf3uBhaf37I4+wgAh4ctJ7yJ4ia
lmdPIPdrbsz9VyNl09Sh3Wln3Qz+9kKTZdmAGnmkymS6ZXg3Ds+mZ/+rnYUIaLnH
C+wuQaz4yoPNoSMInVH1ZzGQdOGe3wIcu8M5Ml7tBgMe7/IWIQT0xiqg3wa3qXBA
qGysjGwC8+2/4I0kJn6pxMwHN0ZmHRIOezmbrpKN90VWglWkZUdPV4hQax0yQgc7
9Y3UAmmUf5hjbMNtX6wqQSIhOkWLkCBxcO2H/lkCAwEAAaOCArkwggK1MB0GA1Ud
DgQWBBTOoUxbhzYR5gUC9W1mu10KIvhQdjAfBgNVHSMEGDAWgBSdKkeLsLCOZhsL
L5++iTW8nCoooTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8x
L3pxRk1XNGMyRWVZRkF2VnRacnRkQ2lMNFVIWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8xL25TcEhpN0N3am1Z
YkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
zgYIKwYBBQUHAQcBAf8Egb4wgbswgY0EAgABMIGGAwQALQkdAwQBLQ28AwQALQ2/
AwQCLViIAwQALYS1AwQCLZDUAwQALZcCMAwDBABNUyUDBANNUyADBAJV0XgDBAG5
K/gDBAC5K/sDBAC5yD4DBALBHvADBADBOSkDBADBOSsDBAHCDzQDBALC8mADBADD
PhgDBAHDsVwDBADDsV8DBADD074wKQQCAAIwIwMFACoBcSADBQMqB5IAAwUDKgyl
gAMFAyoQ38ADBQMqEQWAMA0GCSqGSIb3DQEBCwUAA4IBAQCGCBXVdH+NGcXWk+nm
tJo3kjTvn6io7ZRW2KEIZugeGgvY9sr2xfMauGPNm56WP/qpBDub4MxfUO107rtR
4o9PlzmXTQqecaQL5KZll+o8vJh5f8cOEAsjhcJPXjRE/r9D/AM/SMTu+oD3qJ2X
JMGqehhjicr57wHKDN/nYpfeLfDIVJ+ljY53Cv9TjwtcTq0ADEOunlJbS94ylNEL
X9DX5dDqNiiC9KeUAY5+aRJqOdf70WBPUzPTNufrdq5ztRxwdZ7vmKpZiHXJDJ2b
0fGGv08ATqHjjeGNemXRqiEDtLTCG3qhxQJbV4DUpE5/A1G9JZiougcA0ewgCD22
oUZr
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:21 2023 by rpki-client on console-ams.rpki-client.org