Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/4zAbj54nmQWUVFTXoKVuCPNQ6g0.roa
File: 4zAbj54nmQWUVFTXoKVuCPNQ6g0.roa (raw, json)
Hash identifier: 4R09FoNMU5vOD19V099sRStycnAAmZnNkzCOFlk8+VU=
Subject key identifier: E3:30:1B:8F:9E:27:99:05:94:54:54:D7:A0:A5:6E:08:F3:50:EA:0D
Certificate issuer: /CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Certificate serial: 018380DB22B639B44212E0CEA9ED6E596B7D
Authority key identifier: F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/4zAbj54nmQWUVFTXoKVuCPNQ6g0.roa
Signing time: Tue 27 Sep 2022 21:29:48 +0000
ROA not before: Tue 27 Sep 2022 21:29:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202448
IP address blocks: 45.137.151.0/24 maxlen: 24
45.137.150.0/24 maxlen: 24
45.137.148.0/24 maxlen: 32
45.137.149.0/24 maxlen: 24
2.56.213.0/24 maxlen: 24
2.56.212.0/24 maxlen: 24
89.43.33.0/24 maxlen: 24
86.107.197.0/24 maxlen: 24
93.114.128.0/24 maxlen: 24
2.56.215.0/24 maxlen: 24
2.56.214.0/24 maxlen: 24
194.32.78.0/24 maxlen: 24
194.32.77.0/24 maxlen: 24
194.32.76.0/24 maxlen: 24
194.32.79.0/24 maxlen: 24
91.250.248.0/24 maxlen: 32
91.250.249.0/24 maxlen: 32
185.234.52.0/24 maxlen: 32
185.96.163.0/24 maxlen: 24
178.157.82.0/24 maxlen: 24
185.170.213.0/24 maxlen: 24
178.157.91.0/24 maxlen: 24
185.170.212.0/24 maxlen: 24
178.157.90.0/24 maxlen: 24
185.170.215.0/24 maxlen: 24
185.170.214.0/24 maxlen: 24
45.153.184.0/24 maxlen: 24
45.153.186.0/24 maxlen: 24
45.153.185.0/24 maxlen: 24
45.153.187.0/24 maxlen: 24
86.106.181.0/24 maxlen: 24
89.38.135.0/24 maxlen: 32
91.227.41.0/24 maxlen: 24
91.227.40.0/24 maxlen: 24
86.105.252.0/24 maxlen: 24
94.176.182.0/24 maxlen: 24
185.243.214.0/24 maxlen: 32
185.243.215.0/24 maxlen: 24
194.99.23.0/24 maxlen: 24
194.99.22.0/24 maxlen: 24
194.99.21.0/24 maxlen: 24
194.99.20.0/24 maxlen: 24
89.38.131.0/24 maxlen: 24
31.14.238.0/24 maxlen: 24
89.38.130.0/24 maxlen: 24
89.38.129.0/24 maxlen: 24
93.114.133.0/24 maxlen: 24
93.115.23.0/24 maxlen: 24
93.115.22.0/24 maxlen: 24
93.115.21.0/24 maxlen: 24
93.115.20.0/24 maxlen: 24
93.115.19.0/24 maxlen: 24
93.115.18.0/24 maxlen: 24
2a05:8280::/32 maxlen: 32
2a09:cd42::/32 maxlen: 32
2a09:cd45::/32 maxlen: 32
2a09:cd43::/32 maxlen: 32
2a0c:b9c1::/32 maxlen: 32
2a09:cd41::/32 maxlen: 32
2a09:cd40::/32 maxlen: 32
2a0c:b9c0::/32 maxlen: 32
2a09:cd46::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:80:db:22:b6:39:b4:42:12:e0:ce:a9:ed:6e:59:6b:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Validity
Not Before: Sep 27 21:29:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e3301b8f9e279905945454d7a0a56e08f350ea0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:09:64:b3:bb:15:6a:42:7e:76:ff:a2:1b:25:
f2:ba:b3:13:19:ae:b3:2f:ab:32:ae:3a:e7:c0:b9:
0b:63:6c:ed:fa:18:1c:05:0a:ed:91:24:40:e8:1b:
df:72:91:45:26:e4:92:04:c9:5a:92:7d:f7:b4:3c:
7d:4e:93:4e:f2:dc:a6:10:d7:a4:11:98:b2:ef:50:
29:24:2e:96:99:fe:ef:52:eb:8c:5a:49:63:13:c9:
e6:0c:39:89:a7:a4:60:cc:54:b4:d2:0a:9a:4b:94:
32:36:ec:98:ca:1a:be:92:50:8c:fc:6f:ba:c5:ab:
8a:20:23:db:dc:bc:45:da:af:37:f4:85:aa:45:8a:
20:6d:94:22:75:a3:ef:5e:2c:96:a8:0a:0f:e1:7e:
0d:e3:22:ad:8b:d4:d2:f7:10:01:d6:c9:b5:fb:98:
c4:a4:2d:9d:25:d3:84:fa:20:ce:7d:bc:1b:14:59:
6d:eb:df:d0:26:79:36:90:cb:a2:a5:1c:14:08:75:
a4:cd:62:e2:91:5e:21:c8:82:f6:6a:35:de:3b:1f:
77:ff:d3:f6:18:05:e5:ba:26:49:b0:54:be:77:17:
9f:af:73:64:c5:43:19:3f:ed:eb:f3:27:df:cf:d8:
4d:bb:9a:80:66:bf:1e:49:81:18:7f:93:57:a1:7b:
e5:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:30:1B:8F:9E:27:99:05:94:54:54:D7:A0:A5:6E:08:F3:50:EA:0D
X509v3 Authority Key Identifier:
keyid:F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/4zAbj54nmQWUVFTXoKVuCPNQ6g0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.212.0/22
31.14.238.0/24
45.137.148.0/22
45.153.184.0/22
86.105.252.0/24
86.106.181.0/24
86.107.197.0/24
89.38.129.0-89.38.131.255
89.38.135.0/24
89.43.33.0/24
91.227.40.0/23
91.250.248.0/23
93.114.128.0/24
93.114.133.0/24
93.115.18.0-93.115.23.255
94.176.182.0/24
178.157.82.0/24
178.157.90.0/23
185.96.163.0/24
185.170.212.0/22
185.234.52.0/24
185.243.214.0/23
194.32.76.0/22
194.99.20.0/22
IPv6:
2a05:8280::/32
2a09:cd40::/30
2a09:cd45::-2a09:cd46:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:b9c0::/31
Signature Algorithm: sha256WithRSAEncryption
bb:71:fc:a3:ff:ae:eb:5e:ee:c0:e8:ed:b8:31:bf:6b:a9:d6:
a3:0b:1a:3b:8f:bd:3a:24:2e:9e:76:7d:88:52:0b:6e:a8:ea:
57:14:fb:29:ee:8a:fa:bb:3f:69:a1:b6:0a:e2:88:f8:e9:d6:
52:c6:ee:f6:af:d3:5c:77:b4:b2:e8:c4:70:d0:27:a7:ad:5c:
48:ed:7f:c4:6f:5b:1d:60:10:63:18:be:fe:20:d9:cb:70:95:
22:ec:52:0a:73:00:c4:cd:41:59:19:7b:29:75:8c:42:98:65:
a6:ed:c6:f4:d2:a1:5c:5d:54:be:5c:98:86:f2:0f:f2:02:c3:
8a:f5:16:2b:b1:57:b8:c3:8a:55:a5:5e:c5:75:d5:b4:d1:7d:
f8:f4:eb:cd:83:53:ea:c5:48:cb:c8:9d:43:b4:30:9d:a8:1a:
29:12:ed:e8:c0:d3:b7:ce:d0:fe:a7:3e:34:65:5a:2f:22:8d:
19:a6:1c:de:56:eb:89:67:8b:a0:e4:6c:39:34:d3:ef:6d:b8:
7d:35:88:a6:7f:f4:87:bf:25:3b:a9:8f:c7:7f:32:44:a6:92:
80:08:2b:b8:57:29:6f:bd:7b:8d:5d:27:7e:9a:91:dd:53:8c:
35:8d:f8:1e:82:e8:98:82:2f:4a:d2:45:84:d9:03:7d:37:33:
32:35:b5:cc
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAYOA2yK2ObRCEuDOqe1uWWt9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0M2JmOTA4MDhhZTdlY2EwNjNmNzQ2YThmMWQ4ODg2NTcz
NGM4YTMwHhcNMjIwOTI3MjEyOTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzMwMWI4ZjllMjc5OTA1OTQ1NDU0ZDdhMGE1NmUwOGYzNTBlYTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQlks7sVakJ+dv+iGyXyurMTGa6z
L6syrjrnwLkLY2zt+hgcBQrtkSRA6BvfcpFFJuSSBMlakn33tDx9TpNO8tymENek
EZiy71ApJC6Wmf7vUuuMWkljE8nmDDmJp6RgzFS00gqaS5QyNuyYyhq+klCM/G+6
xauKICPb3LxF2q839IWqRYogbZQidaPvXiyWqAoP4X4N4yKti9TS9xAB1sm1+5jE
pC2dJdOE+iDOfbwbFFlt69/QJnk2kMuipRwUCHWkzWLikV4hyIL2ajXeOx93/9P2
GAXluiZJsFS+dxefr3NkxUMZP+3r8yffz9hNu5qAZr8eSYEYf5NXoXvlbwIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFOMwG4+eJ5kFlFRU16ClbgjzUOoNMB8GA1UdIwQY
MBaAFPQ7+QgIrn7KBj90ao8diIZXNMijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAt
Mzg5MTk1YzRmMDdiLzEvNHpBYmo1NG5tUVdVVkZUWG9LVnVDUE5RNmcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAtMzg5MTk1YzRmMDdi
LzEvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBpwQCAAEwgaADBAIC
ONQDBAAfDu4DBAItiZQDBAItmbgDBABWafwDBABWarUDBABWa8UwDAMEAFkmgQME
AlkmgAMEAFkmhwMEAFkrIQMEAVvjKAMEAVv6+AMEAF1ygAMEAF1yhTAMAwQBXXMS
AwQDXXMQAwQAXrC2AwQAsp1SAwQBsp1aAwQAuWCjAwQCuarUAwQAueo0AwQBufPW
AwQCwiBMAwQCwmMUMCsEAgACMCUDBQAqBYKAAwUCKgnNQDAOAwUAKgnNRQMFACoJ
zUYDBQEqDLnAMA0GCSqGSIb3DQEBCwUAA4IBAQC7cfyj/67rXu7A6O24Mb9rqdaj
Cxo7j706JC6edn2IUgtuqOpXFPsp7or6uz9pobYK4oj46dZSxu72r9Ncd7Sy6MRw
0CenrVxI7X/Eb1sdYBBjGL7+INnLcJUi7FIKcwDEzUFZGXspdYxCmGWm7cb00qFc
XVS+XJiG8g/yAsOK9RYrsVe4w4pVpV7FddW00X349OvNg1PqxUjLyJ1DtDCdqBop
Eu3owNO3ztD+pz40ZVovIo0ZphzeVuuJZ4ug5Gw5NNPvbbh9NYimf/SHvyU7qY/H
fzJEppKACCu4VylvvXuNXSd+mpHdU4w1jfgeguiYgi9K0kWE2QN9NzMyNbXM
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:22 2023 by rpki-client on console-ams.rpki-client.org