Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/CJ18kXQm5pbDIwtVSLYDnZWyoEE.roa
File: CJ18kXQm5pbDIwtVSLYDnZWyoEE.roa (raw, json)
Hash identifier: urkg1cxY0T2bNu78dOFioFd9R+Vi9cdax9BLIN7gJWg=
Subject key identifier: 08:9D:7C:91:74:26:E6:96:C3:23:0B:55:48:B6:03:9D:95:B2:A0:41
Certificate issuer: /CN=e9aab1446100a8fce03df19d755e06329ee24713
Certificate serial: 01850546BFDE7B0F4FDBA1B5B5DCE8147D8F
Authority key identifier: E9:AA:B1:44:61:00:A8:FC:E0:3D:F1:9D:75:5E:06:32:9E:E2:47:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/CJ18kXQm5pbDIwtVSLYDnZWyoEE.roa
Signing time: Mon 12 Dec 2022 07:40:00 +0000
ROA not before: Mon 12 Dec 2022 07:40:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42708
IP address blocks: 46.21.96.0/20 maxlen: 24
46.21.100.0/24 maxlen: 24
195.149.101.0/24 maxlen: 24
185.157.220.0/22 maxlen: 24
212.112.0.0/19 maxlen: 24
31.192.224.0/21 maxlen: 24
31.192.228.0/24 maxlen: 24
193.108.196.0/24 maxlen: 24
91.223.232.0/24 maxlen: 24
109.74.0.0/20 maxlen: 24
188.126.64.0/19 maxlen: 24
80.67.0.0/20 maxlen: 24
79.99.0.0/21 maxlen: 24
178.73.192.0/18 maxlen: 24
91.228.194.0/23 maxlen: 24
91.228.193.0/24 maxlen: 24
178.73.224.0/19 maxlen: 19
5.178.72.0/21 maxlen: 21
185.118.36.0/22 maxlen: 22
91.213.246.0/24 maxlen: 24
94.247.168.0/21 maxlen: 24
46.246.0.0/17 maxlen: 24
37.152.56.0/21 maxlen: 24
194.54.164.0/22 maxlen: 24
195.238.76.0/23 maxlen: 24
185.39.144.0/22 maxlen: 24
159.253.24.0/21 maxlen: 24
91.217.189.0/24 maxlen: 24
159.253.28.0/24 maxlen: 24
159.253.29.0/24 maxlen: 24
195.246.120.0/23 maxlen: 24
195.20.206.0/23 maxlen: 24
2a03:5e00::/32 maxlen: 32
2a00:1a28::/32 maxlen: 48
2a02:750::/29 maxlen: 48
2a02:750:10::/48 maxlen: 48
2a02:750:14::/48 maxlen: 48
2a02:750:8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:46:bf:de:7b:0f:4f:db:a1:b5:b5:dc:e8:14:7d:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9aab1446100a8fce03df19d755e06329ee24713
Validity
Not Before: Dec 12 07:40:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=089d7c917426e696c3230b5548b6039d95b2a041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4c:d2:d4:55:f6:e0:6a:95:45:df:2e:0d:b8:
59:9d:20:a8:62:8e:b7:6a:46:22:57:c1:11:d4:f0:
59:d3:6a:67:39:69:8a:64:6a:8e:71:d3:78:fd:9a:
47:22:c2:fd:6d:b3:fb:4e:1e:5d:5e:8a:05:47:98:
a3:82:9d:0e:64:e4:c6:59:df:46:ff:7a:e3:66:a8:
32:50:fd:97:5c:31:eb:8e:33:62:67:3d:7b:e1:1e:
23:1c:ac:57:4b:18:8c:e9:82:e6:52:06:22:66:aa:
8b:d4:36:37:1a:1b:d3:bd:1a:3d:e4:46:49:84:39:
4e:0e:36:2e:2f:16:05:20:dd:c1:b8:57:54:f2:cc:
67:8c:9a:af:9b:56:6c:87:0f:66:c1:fb:3b:91:0d:
da:8b:ab:9d:68:1e:84:75:7c:4b:c7:e1:ea:79:1c:
5e:d6:ae:7e:6c:03:90:1e:c9:73:f3:a8:45:c9:3f:
b9:e9:01:74:db:18:fb:bc:4e:99:75:7c:6a:b2:8e:
8f:af:5a:1a:e5:9b:f4:41:d7:5b:0b:fe:c8:d3:7e:
3b:fa:cb:9e:11:04:90:af:38:8e:3f:05:91:91:b9:
36:49:d6:f6:54:38:57:37:d4:93:ed:5e:6a:66:f1:
a2:e3:d0:66:8c:c9:7c:11:ff:f9:86:98:9b:a9:b2:
20:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:9D:7C:91:74:26:E6:96:C3:23:0B:55:48:B6:03:9D:95:B2:A0:41
X509v3 Authority Key Identifier:
keyid:E9:AA:B1:44:61:00:A8:FC:E0:3D:F1:9D:75:5E:06:32:9E:E2:47:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/CJ18kXQm5pbDIwtVSLYDnZWyoEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/6aqxRGEAqPzgPfGddV4GMp7iRxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.72.0/21
31.192.224.0/21
37.152.56.0/21
46.21.96.0/20
46.246.0.0/17
79.99.0.0/21
80.67.0.0/20
91.213.246.0/24
91.217.189.0/24
91.223.232.0/24
91.228.193.0-91.228.195.255
94.247.168.0/21
109.74.0.0/20
159.253.24.0/21
178.73.192.0/18
185.39.144.0/22
185.118.36.0/22
185.157.220.0/22
188.126.64.0/19
193.108.196.0/24
194.54.164.0/22
195.20.206.0/23
195.149.101.0/24
195.238.76.0/23
195.246.120.0/23
212.112.0.0/19
IPv6:
2a00:1a28::/32
2a02:750::/29
2a03:5e00::/32
Signature Algorithm: sha256WithRSAEncryption
99:a5:47:d9:97:22:83:ce:5f:c1:0d:82:0c:c0:66:30:c7:a0:
1c:a1:e5:f7:f1:20:0f:3c:8e:fc:eb:a0:ad:78:98:f3:46:22:
73:39:9e:af:a8:19:a1:76:29:a3:18:fc:7d:a7:61:6b:b4:8d:
39:c1:14:db:f4:dc:ef:c5:62:0e:06:9d:e0:eb:50:67:6c:d6:
5b:89:f3:ef:66:a8:a8:1b:76:f2:dd:93:24:9c:d3:de:7a:d9:
3c:ef:2f:d9:30:1d:81:07:0a:fb:58:9e:3f:60:b3:8c:ea:99:
15:46:b7:87:02:38:b3:33:81:ad:aa:74:29:e8:fc:9a:6d:16:
07:72:3a:ca:42:e9:6a:a3:ae:88:f9:14:aa:93:e0:2c:c5:88:
42:a9:ec:96:7d:30:60:b4:d2:29:92:80:22:8e:e6:21:d5:5b:
71:be:8c:d6:3d:3a:a6:eb:18:3b:31:5b:da:65:a7:28:c7:d3:
74:ce:22:ef:55:4d:07:5f:34:30:7a:d6:8f:21:b3:3b:6d:a1:
40:35:e4:27:00:3e:61:eb:0f:75:42:d8:51:c3:99:2b:42:00:
1e:91:c9:7e:25:ad:64:e4:31:5f:a9:c3:ab:e8:30:b0:6a:d1:
ee:61:01:cb:0b:24:32:ae:c1:1f:55:61:1d:05:38:e5:dd:99:
45:37:11:3a
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgISAYUFRr/eew9P26G1tdzoFH2PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YWFiMTQ0NjEwMGE4ZmNlMDNkZjE5ZDc1NWUwNjMyOWVl
MjQ3MTMwHhcNMjIxMjEyMDc0MDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODlkN2M5MTc0MjZlNjk2YzMyMzBiNTU0OGI2MDM5ZDk1YjJhMDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokzS1FX24GqVRd8uDbhZnSCoYo63
akYiV8ER1PBZ02pnOWmKZGqOcdN4/ZpHIsL9bbP7Th5dXooFR5ijgp0OZOTGWd9G
/3rjZqgyUP2XXDHrjjNiZz174R4jHKxXSxiM6YLmUgYiZqqL1DY3GhvTvRo95EZJ
hDlODjYuLxYFIN3BuFdU8sxnjJqvm1Zshw9mwfs7kQ3ai6udaB6EdXxLx+HqeRxe
1q5+bAOQHslz86hFyT+56QF02xj7vE6ZdXxqso6Pr1oa5Zv0QddbC/7I0347+sue
EQSQrziOPwWRkbk2Sdb2VDhXN9ST7V5qZvGi49BmjMl8Ef/5hpibqbIgFwIDAQAB
o4ICyTCCAsUwHQYDVR0OBBYEFAidfJF0JuaWwyMLVUi2A52VsqBBMB8GA1UdIwQY
MBaAFOmqsURhAKj84D3xnXVeBjKe4kcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmFxeFJHRUFxUHpnUGZHZGRWNEdNcDdpUnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83MWUwOWMtMjhmMy00ODI1LTgwNmYt
YTBkYzM1NGY0Y2EzLzEvQ0oxOGtYUW01cGJESXd0VlNMWURuWld5b0VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83MWUwOWMtMjhmMy00ODI1LTgwNmYtYTBkYzM1NGY0Y2Ez
LzEvNmFxeFJHRUFxUHpnUGZHZGRWNEdNcDdpUnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHeBggrBgEFBQcBBwEB/wSBzjCByzCBqwQCAAEwgaQDBAMF
skgDBAMfwOADBAMlmDgDBAQuFWADBAcu9gADBANPYwADBARQQwADBABb1fYDBABb
2b0DBABb3+gwDAMEAFvkwQMEAlvkwAMEA173qAMEBG1KAAMEA5/9GAMEBrJJwAME
ArknkAMEArl2JAMEArmd3AMEBbx+QAMEAMFsxAMEAsI2pAMEAcMUzgMEAMOVZQME
AcPuTAMEAcP2eAMEBdRwADAbBAIAAjAVAwUAKgAaKAMFAyoCB1ADBQAqA14AMA0G
CSqGSIb3DQEBCwUAA4IBAQCZpUfZlyKDzl/BDYIMwGYwx6AcoeX38SAPPI7866Ct
eJjzRiJzOZ6vqBmhdimjGPx9p2FrtI05wRTb9NzvxWIOBp3g61BnbNZbifPvZqio
G3by3ZMknNPeetk87y/ZMB2BBwr7WJ4/YLOM6pkVRreHAjizM4GtqnQp6PyabRYH
cjrKQulqo66I+RSqk+AsxYhCqeyWfTBgtNIpkoAijuYh1VtxvozWPTqm6xg7MVva
Zacox9N0ziLvVU0HXzQwetaPIbM7baFANeQnAD5h6w91QthRw5krQgAekcl+Ja1k
5DFfqcOr6DCwatHuYQHLCyQyrsEfVWEdBTjl3ZlFNxE6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:38 2023 by rpki-client on console-fra.rpki-client.org