Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/AIwYMclQi9kqmUNAV8yNkiEaWLo.roa
File: AIwYMclQi9kqmUNAV8yNkiEaWLo.roa (raw, json)
Hash identifier: 65no73WEHmJeONwohA1UnQM2/cwvwaOaECAVBU+YKvg=
Subject key identifier: 00:8C:18:31:C9:50:8B:D9:2A:99:43:40:57:CC:8D:92:21:1A:58:BA
Certificate issuer: /CN=50741158f3ed65bee1bde12f34f895afb0dd50d5
Certificate serial: 0182C4D4C9955613DCC55EA09745B6DE2336
Authority key identifier: 50:74:11:58:F3:ED:65:BE:E1:BD:E1:2F:34:F8:95:AF:B0:DD:50:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UHQRWPPtZb7hveEvNPiVr7DdUNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/AIwYMclQi9kqmUNAV8yNkiEaWLo.roa
Signing time: Mon 22 Aug 2022 09:14:15 +0000
ROA not before: Mon 22 Aug 2022 09:14:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208905
IP address blocks: 147.235.40.0/24 maxlen: 24
147.235.49.0/24 maxlen: 24
147.235.50.0/23 maxlen: 24
147.235.46.0/23 maxlen: 24
147.235.45.0/24 maxlen: 24
147.235.61.0/24 maxlen: 24
147.235.60.0/23 maxlen: 23
147.235.60.0/22 maxlen: 22
147.235.62.0/24 maxlen: 24
147.235.62.0/23 maxlen: 23
147.235.60.0/24 maxlen: 24
147.235.63.0/24 maxlen: 24
147.235.76.0/22 maxlen: 22
147.235.78.0/23 maxlen: 23
147.235.77.0/24 maxlen: 24
147.235.78.0/24 maxlen: 24
147.235.74.0/23 maxlen: 23
147.235.74.0/24 maxlen: 24
147.235.75.0/24 maxlen: 24
147.235.76.0/24 maxlen: 24
147.235.73.0/24 maxlen: 24
147.235.72.0/23 maxlen: 23
147.235.72.0/24 maxlen: 24
147.235.72.0/22 maxlen: 22
147.235.76.0/23 maxlen: 23
147.235.80.0/24 maxlen: 24
147.235.79.0/24 maxlen: 24
147.235.26.0/23 maxlen: 24
147.235.25.0/24 maxlen: 24
147.235.36.0/24 maxlen: 24
147.235.152.0/23 maxlen: 24
147.235.180.0/23 maxlen: 24
147.235.94.0/23 maxlen: 23
147.235.94.0/24 maxlen: 24
147.235.95.0/24 maxlen: 24
147.235.93.0/24 maxlen: 24
147.235.224.0/23 maxlen: 24
147.235.232.0/23 maxlen: 24
147.235.234.0/24 maxlen: 24
147.235.240.0/23 maxlen: 24
147.235.248.0/23 maxlen: 24
185.130.84.0/22 maxlen: 22
2a06:c702::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c4:d4:c9:95:56:13:dc:c5:5e:a0:97:45:b6:de:23:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50741158f3ed65bee1bde12f34f895afb0dd50d5
Validity
Not Before: Aug 22 09:14:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=008c1831c9508bd92a99434057cc8d92211a58ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0f:9e:f5:d8:2f:0a:f1:b6:d9:6c:e6:ac:d9:
3d:0e:8c:35:4e:63:d2:5f:54:5c:7e:b5:33:10:4f:
5f:64:11:07:c3:b1:48:1e:59:d0:9c:83:47:dc:ea:
61:df:63:b9:69:a1:26:66:f5:54:e0:16:33:e8:6e:
86:42:f7:a3:e9:04:48:9b:4b:ac:d4:50:33:d8:5a:
6e:a2:67:90:38:27:df:ee:24:5d:49:34:d3:4e:89:
10:65:93:84:00:f5:65:7d:45:75:22:63:57:87:24:
89:cc:b4:f3:3a:00:6b:e5:e4:1e:c6:0b:82:8b:8b:
ff:b1:6a:62:4e:5a:b8:d6:3b:8d:de:25:b2:19:7a:
5f:9a:00:71:e9:5c:a3:af:36:c6:0d:87:31:04:90:
89:eb:d0:5a:0a:13:cf:9d:c2:c2:1d:bb:de:2b:db:
b5:6d:d5:78:33:44:57:ed:96:c8:e9:5b:53:c1:38:
ff:ee:1a:a6:96:96:5f:a7:a2:b3:82:84:a3:10:7e:
56:a8:2d:d9:da:cd:9b:d2:16:42:1a:d2:69:2c:38:
00:70:29:d0:8f:ea:36:86:f1:ed:76:97:09:89:e1:
09:72:e6:bc:fe:b6:89:9f:d5:b3:76:99:8a:d9:06:
df:80:82:35:e1:6f:62:1d:ff:68:7c:1e:2f:b4:19:
49:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:8C:18:31:C9:50:8B:D9:2A:99:43:40:57:CC:8D:92:21:1A:58:BA
X509v3 Authority Key Identifier:
keyid:50:74:11:58:F3:ED:65:BE:E1:BD:E1:2F:34:F8:95:AF:B0:DD:50:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UHQRWPPtZb7hveEvNPiVr7DdUNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/AIwYMclQi9kqmUNAV8yNkiEaWLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/UHQRWPPtZb7hveEvNPiVr7DdUNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.235.25.0-147.235.27.255
147.235.36.0/24
147.235.40.0/24
147.235.45.0-147.235.47.255
147.235.49.0-147.235.51.255
147.235.60.0/22
147.235.72.0-147.235.80.255
147.235.93.0-147.235.95.255
147.235.152.0/23
147.235.180.0/23
147.235.224.0/23
147.235.232.0-147.235.234.255
147.235.240.0/23
147.235.248.0/23
185.130.84.0/22
IPv6:
2a06:c702::/48
Signature Algorithm: sha256WithRSAEncryption
1c:6e:58:06:54:eb:17:98:c2:45:ca:3f:a0:a8:7e:0f:8c:69:
f2:04:00:2f:d9:90:c8:35:83:4f:38:94:cd:b8:76:1b:a3:ae:
02:2b:52:75:58:a8:07:58:d5:f4:4a:4d:0e:f1:0d:8b:ea:0a:
4f:f7:bc:07:f1:51:cd:d2:96:45:dc:c9:0c:31:50:e0:0c:44:
c4:d3:82:08:53:19:f8:1c:96:1b:53:7a:1a:0f:ec:08:cb:60:
af:94:78:bd:0d:7f:65:cf:83:a4:a1:66:21:db:be:18:46:f5:
d1:72:23:82:20:d8:40:37:9b:82:46:e6:79:9a:0c:73:79:ce:
85:36:63:1c:71:95:fc:ee:00:95:3e:a2:88:54:75:f7:3f:d4:
ff:fa:4d:2b:aa:3e:c7:bd:e6:08:db:4a:ab:ca:3b:8c:14:d4:
a0:93:95:25:e3:26:16:90:4a:1c:b4:7e:57:f2:01:93:48:1a:
51:6b:02:ab:27:08:49:8e:97:6f:b2:12:af:b0:6b:fb:0c:7b:
23:02:31:7b:fd:51:f3:35:62:0d:33:3a:ad:1d:79:1b:d7:d1:
3f:0e:eb:94:8f:0e:58:c4:b1:6b:a3:66:4d:d6:33:5b:67:a7:
00:84:86:15:a6:f9:ca:17:85:e7:d1:c9:a1:2a:50:d7:44:ac:
44:ec:2b:ce
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAYLE1MmVVhPcxV6gl0W23iM2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNzQxMTU4ZjNlZDY1YmVlMWJkZTEyZjM0Zjg5NWFmYjBk
ZDUwZDUwHhcNMjIwODIyMDkxNDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDhjMTgzMWM5NTA4YmQ5MmE5OTQzNDA1N2NjOGQ5MjIxMWE1OGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuw+e9dgvCvG22WzmrNk9Dow1TmPS
X1RcfrUzEE9fZBEHw7FIHlnQnINH3Oph32O5aaEmZvVU4BYz6G6GQvej6QRIm0us
1FAz2FpuomeQOCff7iRdSTTTTokQZZOEAPVlfUV1ImNXhySJzLTzOgBr5eQexguC
i4v/sWpiTlq41juN3iWyGXpfmgBx6VyjrzbGDYcxBJCJ69BaChPPncLCHbveK9u1
bdV4M0RX7ZbI6VtTwTj/7hqmlpZfp6KzgoSjEH5WqC3Z2s2b0hZCGtJpLDgAcCnQ
j+o2hvHtdpcJieEJcua8/raJn9WzdpmK2QbfgII14W9iHf9ofB4vtBlJQwIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFACMGDHJUIvZKplDQFfMjZIhGli6MB8GA1UdIwQY
MBaAFFB0EVjz7WW+4b3hLzT4la+w3VDVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUhRUldQUHRaYjdodmVFdk5QaVZyN0RkVU5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83MzliODEtM2NkMy00NjljLWI5NTQt
MzU1M2I0ZWQ2Nzk0LzEvQUl3WU1jbFFpOWtxbVVOQVY4eU5raUVhV0xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83MzliODEtM2NkMy00NjljLWI5NTQtMzU1M2I0ZWQ2Nzk0
LzEvVUhRUldQUHRaYjdodmVFdk5QaVZyN0RkVU5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTCBkQQCAAEwgYowDAME
AJPrGQMEApPrGAMEAJPrJAMEAJPrKDAMAwQAk+stAwQEk+sgMAwDBACT6zEDBAKT
6zADBAKT6zwwDAMEA5PrSAMEAJPrUDAMAwQAk+tdAwQFk+tAAwQBk+uYAwQBk+u0
AwQBk+vgMAwDBAOT6+gDBACT6+oDBAGT6/ADBAGT6/gDBAK5glQwDwQCAAIwCQMH
ACoGxwIAADANBgkqhkiG9w0BAQsFAAOCAQEAHG5YBlTrF5jCRco/oKh+D4xp8gQA
L9mQyDWDTziUzbh2G6OuAitSdVioB1jV9EpNDvENi+oKT/e8B/FRzdKWRdzJDDFQ
4AxExNOCCFMZ+ByWG1N6Gg/sCMtgr5R4vQ1/Zc+DpKFmIdu+GEb10XIjgiDYQDeb
gkbmeZoMc3nOhTZjHHGV/O4AlT6iiFR19z/U//pNK6o+x73mCNtKq8o7jBTUoJOV
JeMmFpBKHLR+V/IBk0gaUWsCqycISY6Xb7ISr7Br+wx7IwIxe/1R8zViDTM6rR15
G9fRPw7rlI8OWMSxa6NmTdYzW2enAISGFab5yheF59HJoSpQ10SsROwrzg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:41 2024 by rpki-client on console-ams.rpki-client.org