Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/wN9MKfhuYLaGbBgS_-Rm-DeJg30.roa
File: wN9MKfhuYLaGbBgS_-Rm-DeJg30.roa (raw, json)
Hash identifier: IpWOWpMR8WimoNW8zEPpLovK07CzK2cZ2cX0RKwkCmM=
Subject key identifier: C0:DF:4C:29:F8:6E:60:B6:86:6C:18:12:FF:E4:66:F8:37:89:83:7D
Certificate issuer: /CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Certificate serial: 01843D59DAC2369DED6B9ED1F11725062FDE
Authority key identifier: F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/wN9MKfhuYLaGbBgS_-Rm-DeJg30.roa
Signing time: Thu 03 Nov 2022 11:56:49 +0000
ROA not before: Thu 03 Nov 2022 11:56:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202448
IP address blocks: 45.137.151.0/24 maxlen: 24
45.137.150.0/24 maxlen: 24
45.137.148.0/24 maxlen: 32
45.137.149.0/24 maxlen: 24
2.56.213.0/24 maxlen: 24
2.56.212.0/24 maxlen: 24
89.43.33.0/24 maxlen: 24
86.107.197.0/24 maxlen: 24
93.114.128.0/24 maxlen: 24
2.56.215.0/24 maxlen: 24
2.56.214.0/24 maxlen: 24
194.32.78.0/24 maxlen: 24
194.32.77.0/24 maxlen: 24
194.32.76.0/24 maxlen: 24
194.32.79.0/24 maxlen: 24
91.250.248.0/24 maxlen: 32
91.250.249.0/24 maxlen: 32
185.234.52.0/24 maxlen: 32
185.96.163.0/24 maxlen: 24
178.157.82.0/24 maxlen: 24
185.170.213.0/24 maxlen: 24
178.157.91.0/24 maxlen: 24
185.170.212.0/24 maxlen: 24
178.157.90.0/24 maxlen: 24
185.170.215.0/24 maxlen: 24
185.170.214.0/24 maxlen: 24
45.153.184.0/24 maxlen: 24
45.153.186.0/24 maxlen: 24
45.153.185.0/24 maxlen: 24
45.153.187.0/24 maxlen: 24
86.106.181.0/24 maxlen: 24
89.38.135.0/24 maxlen: 32
91.227.41.0/24 maxlen: 24
91.227.40.0/24 maxlen: 24
86.105.252.0/24 maxlen: 24
94.176.182.0/24 maxlen: 24
185.243.214.0/24 maxlen: 32
185.243.215.0/24 maxlen: 24
194.99.23.0/24 maxlen: 24
194.99.22.0/24 maxlen: 24
194.99.21.0/24 maxlen: 24
194.99.20.0/24 maxlen: 24
89.38.131.0/24 maxlen: 24
31.14.238.0/24 maxlen: 24
89.38.130.0/24 maxlen: 24
89.38.129.0/24 maxlen: 24
89.38.128.0/24 maxlen: 24
93.114.133.0/24 maxlen: 24
93.115.23.0/24 maxlen: 24
93.115.22.0/24 maxlen: 24
93.115.21.0/24 maxlen: 24
93.115.20.0/24 maxlen: 24
93.115.19.0/24 maxlen: 24
93.115.18.0/24 maxlen: 24
2a05:8280::/32 maxlen: 32
2a09:cd42::/32 maxlen: 32
2a09:cd45::/32 maxlen: 32
2a09:cd43::/32 maxlen: 32
2a0c:b9c1::/32 maxlen: 32
2a09:cd41::/32 maxlen: 32
2a09:cd40::/32 maxlen: 32
2a0c:b9c0::/32 maxlen: 32
2a09:cd46::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3d:59:da:c2:36:9d:ed:6b:9e:d1:f1:17:25:06:2f:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Validity
Not Before: Nov 3 11:56:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c0df4c29f86e60b6866c1812ffe466f83789837d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:53:3a:d4:44:97:8e:5b:83:03:65:29:41:b4:
94:4d:5d:4e:cf:53:5b:11:05:9f:c7:f9:ee:2f:3d:
2d:29:0c:31:67:fb:f8:4e:e7:e5:a2:81:a5:21:29:
7d:8e:c2:71:d0:33:68:b0:e4:69:b0:50:27:3b:3c:
c0:07:ea:d8:b2:32:4a:10:95:8f:8a:eb:af:42:23:
0c:79:c3:7b:cb:9b:d8:aa:3c:3c:81:61:dd:d4:3c:
e3:b8:14:e9:17:66:9b:fd:6e:16:eb:40:dc:20:53:
10:5f:fc:0b:b5:2a:ea:49:84:d5:7a:c2:0f:db:de:
f8:c6:12:60:db:55:2a:b0:c0:d0:03:bd:d3:80:5b:
fc:d9:c6:7a:37:fa:fa:f5:0d:c7:80:ba:b9:af:d9:
e7:57:77:d8:8f:8d:cc:42:d9:77:88:bd:f0:c3:ae:
42:38:f1:ba:80:09:02:b1:b7:ac:44:03:ff:72:da:
4b:a5:76:ae:53:0e:75:44:30:7a:38:81:6b:ee:22:
f6:d8:14:df:11:73:8a:5a:e7:4f:fa:97:a1:eb:43:
50:3d:8f:c0:f7:e4:87:a4:33:92:db:5d:1d:90:7a:
69:ca:b6:c1:74:a0:2b:81:44:1a:93:b8:e8:4d:64:
e7:08:2d:ba:de:63:c7:75:8f:f8:22:57:65:58:ac:
f9:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:DF:4C:29:F8:6E:60:B6:86:6C:18:12:FF:E4:66:F8:37:89:83:7D
X509v3 Authority Key Identifier:
keyid:F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/wN9MKfhuYLaGbBgS_-Rm-DeJg30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.212.0/22
31.14.238.0/24
45.137.148.0/22
45.153.184.0/22
86.105.252.0/24
86.106.181.0/24
86.107.197.0/24
89.38.128.0/22
89.38.135.0/24
89.43.33.0/24
91.227.40.0/23
91.250.248.0/23
93.114.128.0/24
93.114.133.0/24
93.115.18.0-93.115.23.255
94.176.182.0/24
178.157.82.0/24
178.157.90.0/23
185.96.163.0/24
185.170.212.0/22
185.234.52.0/24
185.243.214.0/23
194.32.76.0/22
194.99.20.0/22
IPv6:
2a05:8280::/32
2a09:cd40::/30
2a09:cd45::-2a09:cd46:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:b9c0::/31
Signature Algorithm: sha256WithRSAEncryption
88:1c:1d:69:ac:a5:85:3e:26:ec:31:50:27:3f:5c:ed:ec:2e:
24:19:b1:d0:67:57:71:8d:99:bd:0f:a0:d5:c1:f5:71:88:a6:
72:a2:76:39:9f:c2:b3:7a:56:5a:6c:f6:20:8e:04:2f:8d:6a:
1f:58:0c:29:42:0f:47:5c:95:ba:7b:a9:0e:0d:7d:64:d7:f1:
c2:e4:f1:38:ec:a3:1b:34:1e:63:65:66:e8:aa:ca:c1:6b:92:
1c:84:c1:0f:59:3f:af:88:08:dc:66:76:90:c9:a4:2a:05:30:
ac:89:a3:b6:79:3c:30:93:25:72:eb:55:34:41:79:e9:3a:f4:
e3:83:c2:82:e4:17:53:f5:ae:5f:89:14:ae:00:7f:5d:c9:75:
65:1c:b9:84:0f:ad:4c:fb:fe:17:7a:15:94:1a:bd:16:4c:01:
dd:2a:2d:bb:41:5d:10:f2:e3:e9:04:f2:8f:93:13:09:20:b9:
76:1f:10:bd:60:39:28:d0:fd:37:30:47:12:36:3b:e1:d9:a3:
1f:84:4f:3c:99:f1:b4:2e:03:33:f3:b4:fe:81:dc:f0:1e:28:
78:1f:12:48:b0:d6:ab:e2:2e:db:04:ca:57:1e:01:fe:13:46:
02:cc:26:a6:0f:25:5a:0f:6f:02:6d:7c:f3:f9:b7:ac:9b:9a:
f0:ad:76:16
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgISAYQ9WdrCNp3ta57R8RclBi/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0M2JmOTA4MDhhZTdlY2EwNjNmNzQ2YThmMWQ4ODg2NTcz
NGM4YTMwHhcNMjIxMTAzMTE1NjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGRmNGMyOWY4NmU2MGI2ODY2YzE4MTJmZmU0NjZmODM3ODk4MzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlM61ESXjluDA2UpQbSUTV1Oz1Nb
EQWfx/nuLz0tKQwxZ/v4TuflooGlISl9jsJx0DNosORpsFAnOzzAB+rYsjJKEJWP
iuuvQiMMecN7y5vYqjw8gWHd1DzjuBTpF2ab/W4W60DcIFMQX/wLtSrqSYTVesIP
2974xhJg21UqsMDQA73TgFv82cZ6N/r69Q3HgLq5r9nnV3fYj43MQtl3iL3ww65C
OPG6gAkCsbesRAP/ctpLpXauUw51RDB6OIFr7iL22BTfEXOKWudP+peh60NQPY/A
9+SHpDOS210dkHppyrbBdKArgUQak7joTWTnCC263mPHdY/4IldlWKz58QIDAQAB
o4ICzTCCAskwHQYDVR0OBBYEFMDfTCn4bmC2hmwYEv/kZvg3iYN9MB8GA1UdIwQY
MBaAFPQ7+QgIrn7KBj90ao8diIZXNMijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAt
Mzg5MTk1YzRmMDdiLzEvd045TUtmaHVZTGFHYkJnU18tUm0tRGVKZzMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAtMzg5MTk1YzRmMDdi
LzEvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHiBggrBgEFBQcBBwEB/wSB0jCBzzCBnwQCAAEwgZgDBAIC
ONQDBAAfDu4DBAItiZQDBAItmbgDBABWafwDBABWarUDBABWa8UDBAJZJoADBABZ
JocDBABZKyEDBAFb4ygDBAFb+vgDBABdcoADBABdcoUwDAMEAV1zEgMEA11zEAME
AF6wtgMEALKdUgMEAbKdWgMEALlgowMEArmq1AMEALnqNAMEAbnz1gMEAsIgTAME
AsJjFDArBAIAAjAlAwUAKgWCgAMFAioJzUAwDgMFACoJzUUDBQAqCc1GAwUBKgy5
wDANBgkqhkiG9w0BAQsFAAOCAQEAiBwdaaylhT4m7DFQJz9c7ewuJBmx0GdXcY2Z
vQ+g1cH1cYimcqJ2OZ/Cs3pWWmz2II4EL41qH1gMKUIPR1yVunupDg19ZNfxwuTx
OOyjGzQeY2Vm6KrKwWuSHITBD1k/r4gI3GZ2kMmkKgUwrImjtnk8MJMlcutVNEF5
6Tr044PCguQXU/WuX4kUrgB/Xcl1ZRy5hA+tTPv+F3oVlBq9FkwB3Sotu0FdEPLj
6QTyj5MTCSC5dh8QvWA5KND9NzBHEjY74dmjH4RPPJnxtC4DM/O0/oHc8B4oeB8S
SLDWq+Iu2wTKVx4B/hNGAswmpg8lWg9vAm188/m3rJua8K12Fg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:22 2023 by rpki-client on console-ams.rpki-client.org