Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/7jYGOVbwnjLmjaSjO9xpDaOXWj4.roa
File: 7jYGOVbwnjLmjaSjO9xpDaOXWj4.roa (raw, json)
Hash identifier: A6L0+JUDItDpwdyPVVKi0y8k1PD5s+Mh+ZIStbH1r6k=
Subject key identifier: EE:36:06:39:56:F0:9E:32:E6:8D:A4:A3:3B:DC:69:0D:A3:97:5A:3E
Certificate issuer: /CN=9d23f4cb4bab5c10801a770658df891cfb8c68c6
Certificate serial: 05FE6B74
Authority key identifier: 9D:23:F4:CB:4B:AB:5C:10:80:1A:77:06:58:DF:89:1C:FB:8C:68:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/7jYGOVbwnjLmjaSjO9xpDaOXWj4.roa
Signing time: Sat 01 Jan 2022 08:57:22 +0000
ROA not before: Sat 01 Jan 2022 08:57:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29802
IP address blocks: 149.255.39.0/24 maxlen: 24
45.158.36.0/23 maxlen: 32
37.72.168.0/21 maxlen: 32
37.72.172.0/23 maxlen: 23
37.72.170.0/23 maxlen: 23
37.72.174.0/23 maxlen: 23
194.126.172.0/22 maxlen: 24
194.126.172.0/24 maxlen: 24
194.126.175.0/24 maxlen: 24
194.126.173.0/24 maxlen: 24
94.100.16.0/20 maxlen: 32
94.100.16.0/24 maxlen: 24
94.100.17.0/24 maxlen: 24
94.100.23.0/24 maxlen: 24
94.100.24.0/24 maxlen: 24
94.100.21.0/24 maxlen: 24
94.100.22.0/24 maxlen: 24
94.100.19.0/24 maxlen: 24
94.100.20.0/24 maxlen: 24
94.100.18.0/24 maxlen: 24
94.100.30.0/24 maxlen: 24
94.100.31.0/24 maxlen: 24
94.100.28.0/24 maxlen: 24
94.100.29.0/24 maxlen: 24
94.100.26.0/24 maxlen: 24
94.100.27.0/24 maxlen: 24
94.100.25.0/24 maxlen: 24
217.79.240.0/24 maxlen: 24
217.79.242.0/23 maxlen: 24
217.79.240.0/20 maxlen: 24
149.255.37.0/24 maxlen: 24
149.255.38.0/24 maxlen: 24
149.255.32.0/21 maxlen: 32
149.255.35.0/24 maxlen: 24
149.255.36.0/24 maxlen: 32
89.233.104.0/24 maxlen: 24
89.233.104.0/21 maxlen: 24
89.233.105.0/24 maxlen: 24
89.233.106.0/24 maxlen: 24
89.233.107.0/24 maxlen: 24
46.21.144.0/24 maxlen: 24
46.21.145.0/24 maxlen: 24
46.21.144.0/20 maxlen: 32
46.21.151.0/24 maxlen: 24
46.21.152.0/24 maxlen: 24
46.21.150.0/24 maxlen: 24
46.21.148.0/24 maxlen: 24
46.21.146.0/24 maxlen: 24
46.21.147.0/24 maxlen: 24
46.21.158.0/23 maxlen: 23
46.21.156.0/24 maxlen: 24
46.21.157.0/24 maxlen: 24
46.21.153.0/24 maxlen: 24
195.242.153.0/24 maxlen: 24
2a02:748:f000::/36 maxlen: 36
2a02:748:e000::/35 maxlen: 35
2a02:748::/35 maxlen: 35
2a02:748:c000::/35 maxlen: 35
2a02:748::/32 maxlen: 48
2a0f:5180::/32 maxlen: 32
2a02:748:6000::/48 maxlen: 48
2a0f:5180::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100559732 (0x5fe6b74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d23f4cb4bab5c10801a770658df891cfb8c68c6
Validity
Not Before: Jan 1 08:57:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ee36063956f09e32e68da4a33bdc690da3975a3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:92:e5:12:73:a1:c9:16:67:fc:df:e5:44:69:
46:ed:4d:3c:3b:2c:a9:e6:9c:a0:1d:94:76:06:55:
65:37:99:ee:57:b5:a5:e0:df:1b:8c:44:d0:f9:69:
36:94:be:8d:50:62:d1:c5:64:e4:44:41:97:87:34:
d1:d2:f7:ed:a7:c2:b8:ff:bb:0c:cb:e4:80:e3:ea:
b0:1d:61:fd:a9:7d:dd:63:09:a6:2b:1d:40:a8:21:
91:a3:b3:5c:c2:80:52:ed:10:8f:73:86:77:86:ac:
d9:29:17:43:38:c5:80:7f:0f:90:ba:02:b2:f1:02:
cc:d4:e7:ee:09:1a:d2:f0:ab:55:c8:cb:7b:81:59:
9e:27:bc:42:00:e6:e0:60:b9:10:83:dd:58:60:d6:
a1:86:33:24:33:f1:ca:a7:97:07:a9:49:d0:94:3e:
11:df:71:43:21:9c:a7:0e:e9:ef:df:bd:a8:1d:64:
1d:d7:c2:58:33:02:8c:ba:c2:35:7a:a8:31:60:79:
5e:34:fd:16:c9:4e:ee:ce:47:d0:2e:12:9a:a7:63:
cd:78:b3:64:0c:d7:6d:3a:37:42:d0:45:2d:f0:d2:
88:97:5d:84:15:37:ee:07:94:f6:3d:de:ae:9d:d7:
33:c0:9e:1f:53:c4:18:cc:db:ad:8e:c6:50:1c:64:
4e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:36:06:39:56:F0:9E:32:E6:8D:A4:A3:3B:DC:69:0D:A3:97:5A:3E
X509v3 Authority Key Identifier:
keyid:9D:23:F4:CB:4B:AB:5C:10:80:1A:77:06:58:DF:89:1C:FB:8C:68:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/7jYGOVbwnjLmjaSjO9xpDaOXWj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/nSP0y0urXBCAGncGWN-JHPuMaMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.168.0/21
45.158.36.0/23
46.21.144.0/20
89.233.104.0/21
94.100.16.0/20
149.255.32.0/21
194.126.172.0/22
195.242.153.0/24
217.79.240.0/20
IPv6:
2a02:748::/32
2a0f:5180::/29
Signature Algorithm: sha256WithRSAEncryption
7f:3d:0f:38:49:9f:92:61:53:1c:c3:52:8c:df:78:29:a8:f5:
42:71:8b:9a:1b:ff:40:7c:68:6a:3c:d8:5f:1a:4a:dd:50:d5:
1a:86:d6:32:d5:18:c9:e0:3d:e9:1b:62:e0:01:01:76:50:62:
5d:6d:01:c0:23:d1:b0:ad:1e:86:ca:dc:2f:fe:8c:bc:80:a5:
22:cf:97:74:e9:2e:98:98:61:22:42:32:b3:cb:8c:68:90:bb:
f9:70:b3:7c:c6:5a:c9:0e:9f:4b:98:9f:48:e8:1a:5a:bd:88:
db:b2:01:4d:34:30:3b:50:e7:81:2a:d2:ca:3d:7f:f4:a1:c6:
8c:7c:ed:b1:df:57:d3:60:e9:fe:5e:9a:15:03:71:4d:22:60:
c6:06:95:60:6a:cd:69:2e:26:cf:e6:33:14:53:f4:e7:84:b1:
00:2b:ca:43:1f:27:63:79:86:14:92:9b:4a:76:1f:48:6f:36:
df:75:bc:44:8a:dc:4a:0d:f9:88:d2:90:95:f7:87:f0:c5:df:
f8:ec:d4:90:3c:00:a1:98:56:c7:d8:2e:70:a2:c6:07:3e:f2:
ee:fc:94:aa:4d:e3:ed:19:5c:4d:de:b1:96:39:e4:f1:5e:df:
ca:f6:f0:1b:77:d6:da:e8:78:47:34:3b:23:68:c6:07:b6:40:
48:db:f7:b5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIEBf5rdDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDIzZjRjYjRiYWI1YzEwODAxYTc3MDY1OGRmODkxY2ZiOGM2OGM2MB4XDTIyMDEw
MTA4NTcyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWUzNjA2Mzk1NmYw
OWUzMmU2OGRhNGEzM2JkYzY5MGRhMzk3NWEzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALeS5RJzockWZ/zf5URpRu1NPDssqeacoB2UdgZVZTeZ7le1
peDfG4xE0PlpNpS+jVBi0cVk5ERBl4c00dL37afCuP+7DMvkgOPqsB1h/al93WMJ
pisdQKghkaOzXMKAUu0Qj3OGd4as2SkXQzjFgH8PkLoCsvECzNTn7gka0vCrVcjL
e4FZnie8QgDm4GC5EIPdWGDWoYYzJDPxyqeXB6lJ0JQ+Ed9xQyGcpw7p79+9qB1k
HdfCWDMCjLrCNXqoMWB5XjT9FslO7s5H0C4SmqdjzXizZAzXbTo3QtBFLfDSiJdd
hBU37geU9j3erp3XM8CeH1PEGMzbrY7GUBxkTs8CAwEAAaOCAk8wggJLMB0GA1Ud
DgQWBBTuNgY5VvCeMuaNpKM73GkNo5daPjAfBgNVHSMEGDAWgBSdI/TLS6tcEIAa
dwZY34kc+4xoxjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TUDB5MHVyWEJDQUduY0dXTi1KSFB1TWFNWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvNGVjYTRkLTNhMmUtNGE4NC1hNzg5LTAxNTc3YTkyN2ZhOS8x
LzdqWUdPVmJ3bmpMbWphU2pPOXhwRGFPWFdqNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
NGVjYTRkLTNhMmUtNGE4NC1hNzg5LTAxNTc3YTkyN2ZhOS8xL25TUDB5MHVyWEJD
QUduY0dXTi1KSFB1TWFNWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBl
BggrBgEFBQcBBwEB/wRWMFQwPAQCAAEwNgMEAyVIqAMEAS2eJAMEBC4VkAMEA1np
aAMEBF5kEAMEA5X/IAMEAsJ+rAMEAMPymQMEBNlP8DAUBAIAAjAOAwUAKgIHSAMF
AyoPUYAwDQYJKoZIhvcNAQELBQADggEBAH89DzhJn5JhUxzDUozfeCmo9UJxi5ob
/0B8aGo82F8aSt1Q1RqG1jLVGMngPekbYuABAXZQYl1tAcAj0bCtHobK3C/+jLyA
pSLPl3TpLpiYYSJCMrPLjGiQu/lws3zGWskOn0uYn0joGlq9iNuyAU00MDtQ54Eq
0so9f/Shxox87bHfV9Ng6f5emhUDcU0iYMYGlWBqzWkuJs/mMxRT9OeEsQArykMf
J2N5hhSSm0p2H0hvNt91vESK3EoN+YjSkJX3h/DF3/js1JA8AKGYVsfYLnCixgc+
8u78lKpN4+0ZXE3esZY55PFe38r28Bt31troeEc0OyNoxge2QEjb97U=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:08 2025 by rpki-client