Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/maxUdsbxUZTWjqhsQfJfDZWsq4k.roa
File: maxUdsbxUZTWjqhsQfJfDZWsq4k.roa (raw, json)
Hash identifier: sqBUXc3kLQMIIkKVXR3YaS/ckMV9q/lHjXxFjMNoMgA=
Subject key identifier: 99:AC:54:76:C6:F1:51:94:D6:8E:A8:6C:41:F2:5F:0D:95:AC:AB:89
Certificate issuer: /CN=6e60883aae491e5fb773a9264019ff4f888d5ca5
Certificate serial: 0184A84048EBDF38489F0213612C2D2F204B
Authority key identifier: 6E:60:88:3A:AE:49:1E:5F:B7:73:A9:26:40:19:FF:4F:88:8D:5C:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bmCIOq5JHl-3c6kmQBn_T4iNXKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/maxUdsbxUZTWjqhsQfJfDZWsq4k.roa
Signing time: Thu 24 Nov 2022 06:08:16 +0000
ROA not before: Thu 24 Nov 2022 06:08:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44143
IP address blocks: 188.120.112.0/22 maxlen: 22
37.19.104.0/21 maxlen: 21
188.120.118.0/24 maxlen: 24
37.19.104.0/22 maxlen: 22
188.120.117.0/24 maxlen: 24
188.120.116.0/22 maxlen: 22
188.120.116.0/24 maxlen: 24
188.120.113.0/24 maxlen: 24
37.19.110.0/24 maxlen: 24
37.19.108.0/23 maxlen: 23
37.19.107.0/24 maxlen: 24
188.120.119.0/24 maxlen: 24
95.86.48.0/21 maxlen: 21
185.37.24.0/24 maxlen: 24
185.37.24.0/22 maxlen: 22
185.37.27.0/24 maxlen: 24
185.37.26.0/24 maxlen: 24
185.37.25.0/24 maxlen: 24
188.120.96.0/24 maxlen: 24
188.120.96.0/21 maxlen: 21
188.120.98.0/24 maxlen: 24
188.120.97.0/24 maxlen: 24
188.120.104.0/21 maxlen: 21
188.120.103.0/24 maxlen: 24
188.120.102.0/24 maxlen: 24
188.120.101.0/24 maxlen: 24
188.120.100.0/24 maxlen: 24
188.120.99.0/24 maxlen: 24
77.243.16.0/21 maxlen: 21
77.243.16.0/24 maxlen: 24
77.243.24.0/22 maxlen: 22
77.243.23.0/24 maxlen: 24
77.243.22.0/24 maxlen: 24
77.243.20.0/23 maxlen: 23
77.243.20.0/22 maxlen: 22
77.243.20.0/24 maxlen: 24
77.243.19.0/24 maxlen: 24
77.243.31.0/24 maxlen: 24
77.243.30.0/24 maxlen: 24
77.243.29.0/24 maxlen: 24
77.243.28.0/22 maxlen: 22
77.243.28.0/24 maxlen: 24
2a00:61c0::/32 maxlen: 32
2a00:61c0::/29 maxlen: 29
2a00:61c1::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a8:40:48:eb:df:38:48:9f:02:13:61:2c:2d:2f:20:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e60883aae491e5fb773a9264019ff4f888d5ca5
Validity
Not Before: Nov 24 06:08:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99ac5476c6f15194d68ea86c41f25f0d95acab89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ab:97:fc:94:db:42:86:6d:f2:e9:f3:db:f0:
5f:ad:88:96:42:15:43:81:0d:28:f8:f2:87:d5:1e:
82:3a:3e:2e:21:78:d2:38:b5:08:35:9c:27:4e:d4:
a5:e7:cb:05:2a:33:36:74:28:bc:22:ba:78:ff:a9:
7a:e4:2a:75:9b:f3:f6:88:ef:ab:e0:c6:57:d0:ee:
33:76:b6:05:33:77:ca:6d:e9:cf:a1:01:cd:e9:03:
59:28:97:f2:ad:18:5f:5c:8d:8b:e1:d0:d6:92:a1:
31:00:24:dd:8e:df:d6:93:f5:09:66:c7:d4:9b:96:
dc:cd:08:5f:99:37:39:56:83:64:49:92:9a:e2:91:
b2:d5:d3:91:7d:05:df:bd:a4:b6:70:88:cf:b4:e5:
60:ee:bc:06:36:e5:07:8d:0e:79:02:6c:fd:87:20:
a9:fc:48:db:ab:c9:57:49:f2:c8:24:92:23:56:29:
66:66:cc:6f:55:4f:3b:bd:5b:1f:dc:23:b1:0d:8f:
52:d2:8c:b8:b8:a8:b3:21:ad:06:50:ef:8d:18:23:
27:be:f2:8f:dd:56:ef:56:30:a1:e5:66:6f:df:de:
59:00:38:7e:db:a4:ba:bc:85:05:42:05:c4:02:39:
39:bd:db:81:53:64:6f:e1:f8:a1:20:f6:90:56:5b:
2f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:AC:54:76:C6:F1:51:94:D6:8E:A8:6C:41:F2:5F:0D:95:AC:AB:89
X509v3 Authority Key Identifier:
keyid:6E:60:88:3A:AE:49:1E:5F:B7:73:A9:26:40:19:FF:4F:88:8D:5C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bmCIOq5JHl-3c6kmQBn_T4iNXKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/maxUdsbxUZTWjqhsQfJfDZWsq4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/bmCIOq5JHl-3c6kmQBn_T4iNXKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.104.0/21
77.243.16.0/20
95.86.48.0/21
185.37.24.0/22
188.120.96.0-188.120.119.255
IPv6:
2a00:61c0::/29
Signature Algorithm: sha256WithRSAEncryption
30:b0:54:d1:d1:e7:31:8f:d4:3c:fc:8a:ed:8e:a4:02:53:8d:
db:02:5a:4e:28:53:98:61:52:7f:2c:15:8d:33:2d:91:ba:a5:
4e:99:ed:75:cb:9c:15:39:d2:82:74:0e:95:33:28:cd:fa:36:
dc:be:79:cb:16:4f:51:33:84:0a:dc:d2:12:75:b5:bf:f3:c8:
49:85:4d:70:f8:de:30:fd:59:db:ae:a6:a5:b6:72:b8:3a:e6:
10:ea:38:ce:97:ae:36:3c:1e:2e:2f:6c:58:b9:33:be:b7:7c:
65:2f:85:93:d3:1e:44:bb:bd:04:37:c6:21:40:c9:e7:d7:0b:
10:33:bc:0c:99:be:30:f7:97:b1:44:7c:6b:9b:c9:5d:3a:d3:
3d:07:ff:d3:a3:c1:38:46:f4:55:4a:1b:68:83:d0:f2:14:e4:
39:87:39:8b:4b:18:7a:12:84:89:b4:88:6b:6f:c7:42:42:c6:
86:36:e0:7c:fc:cf:2e:f1:ee:92:64:b3:71:b2:03:92:6f:cb:
82:65:69:12:38:51:95:ce:13:ff:9b:17:a5:f0:4c:93:eb:1f:
8d:e1:67:42:d5:37:88:07:8a:0e:f0:f2:4e:8e:ba:48:f1:ac:
02:e1:f9:44:cf:05:af:c2:54:ed:1b:00:88:88:b7:cc:b4:fa:
c9:91:45:b7
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYSoQEjr3zhInwITYSwtLyBLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNjA4ODNhYWU0OTFlNWZiNzczYTkyNjQwMTlmZjRmODg4
ZDVjYTUwHhcNMjIxMTI0MDYwODE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWFjNTQ3NmM2ZjE1MTk0ZDY4ZWE4NmM0MWYyNWYwZDk1YWNhYjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KuX/JTbQoZt8unz2/BfrYiWQhVD
gQ0o+PKH1R6COj4uIXjSOLUINZwnTtSl58sFKjM2dCi8Irp4/6l65Cp1m/P2iO+r
4MZX0O4zdrYFM3fKbenPoQHN6QNZKJfyrRhfXI2L4dDWkqExACTdjt/Wk/UJZsfU
m5bczQhfmTc5VoNkSZKa4pGy1dORfQXfvaS2cIjPtOVg7rwGNuUHjQ55Amz9hyCp
/Ejbq8lXSfLIJJIjVilmZsxvVU87vVsf3COxDY9S0oy4uKizIa0GUO+NGCMnvvKP
3VbvVjCh5WZv395ZADh+26S6vIUFQgXEAjk5vduBU2Rv4fihIPaQVlsvGwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFJmsVHbG8VGU1o6obEHyXw2VrKuJMB8GA1UdIwQY
MBaAFG5giDquSR5ft3OpJkAZ/0+IjVylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm1DSU9xNUpIbC0zYzZrbVFCbl9UNGlOWEtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9kOGUwOTYtNDMxMC00MmI5LWJkMjAt
YjU2MDJkM2RhOGE2LzEvbWF4VWRzYnhVWlRXanFoc1FmSmZEWldzcTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9kOGUwOTYtNDMxMC00MmI5LWJkMjAtYjU2MDJkM2RhOGE2
LzEvYm1DSU9xNUpIbC0zYzZrbVFCbl9UNGlOWEtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQDJRNoAwQE
TfMQAwQDX1YwAwQCuSUYMAwDBAW8eGADBAO8eHAwDQQCAAIwBwMFAyoAYcAwDQYJ
KoZIhvcNAQELBQADggEBADCwVNHR5zGP1Dz8iu2OpAJTjdsCWk4oU5hhUn8sFY0z
LZG6pU6Z7XXLnBU50oJ0DpUzKM36Nty+ecsWT1EzhArc0hJ1tb/zyEmFTXD43jD9
WduupqW2crg65hDqOM6XrjY8Hi4vbFi5M763fGUvhZPTHkS7vQQ3xiFAyefXCxAz
vAyZvjD3l7FEfGubyV060z0H/9OjwThG9FVKG2iD0PIU5DmHOYtLGHoShIm0iGtv
x0JCxoY24Hz8zy7x7pJks3GyA5Jvy4JlaRI4UZXOE/+bF6XwTJPrH43hZ0LVN4gH
ig7w8k6OukjxrALh+UTPBa/CVO0bAIiIt8y0+smRRbc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:52 2024 by rpki-client on console-ams.rpki-client.org