Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/KoaMdBe6tqNeN7BncaMI2ilOH3I.roa
File: KoaMdBe6tqNeN7BncaMI2ilOH3I.roa (raw, json)
Hash identifier: XJkfTiSnkedsAZtsu9vO/m6Lof9t833BbRiVZt4an/s=
Subject key identifier: 2A:86:8C:74:17:BA:B6:A3:5E:37:B0:67:71:A3:08:DA:29:4E:1F:72
Certificate issuer: /CN=50741158f3ed65bee1bde12f34f895afb0dd50d5
Certificate serial: 01852EE39AFE8E107B2EEFBB9C70991793DA
Authority key identifier: 50:74:11:58:F3:ED:65:BE:E1:BD:E1:2F:34:F8:95:AF:B0:DD:50:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UHQRWPPtZb7hveEvNPiVr7DdUNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/KoaMdBe6tqNeN7BncaMI2ilOH3I.roa
Signing time: Tue 20 Dec 2022 09:35:46 +0000
ROA not before: Tue 20 Dec 2022 09:35:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208905
IP address blocks: 147.235.40.0/24 maxlen: 24
147.235.49.0/24 maxlen: 24
147.235.50.0/23 maxlen: 24
147.235.46.0/23 maxlen: 24
147.235.45.0/24 maxlen: 24
147.235.61.0/24 maxlen: 24
147.235.60.0/23 maxlen: 23
147.235.60.0/22 maxlen: 22
147.235.62.0/24 maxlen: 24
147.235.62.0/23 maxlen: 23
147.235.60.0/24 maxlen: 24
147.235.63.0/24 maxlen: 24
147.235.76.0/22 maxlen: 22
147.235.78.0/23 maxlen: 23
147.235.77.0/24 maxlen: 24
147.235.78.0/24 maxlen: 24
147.235.74.0/23 maxlen: 23
147.235.74.0/24 maxlen: 24
147.235.75.0/24 maxlen: 24
147.235.76.0/24 maxlen: 24
147.235.73.0/24 maxlen: 24
147.235.72.0/23 maxlen: 23
147.235.72.0/24 maxlen: 24
147.235.72.0/22 maxlen: 22
147.235.76.0/23 maxlen: 23
147.235.80.0/24 maxlen: 24
147.235.79.0/24 maxlen: 24
147.235.26.0/23 maxlen: 24
147.235.25.0/24 maxlen: 24
147.235.36.0/24 maxlen: 24
147.235.152.0/23 maxlen: 24
147.235.154.0/24 maxlen: 24
147.235.180.0/23 maxlen: 24
147.235.94.0/23 maxlen: 23
147.235.94.0/24 maxlen: 24
147.235.95.0/24 maxlen: 24
147.235.93.0/24 maxlen: 24
147.235.254.0/23 maxlen: 24
147.235.224.0/23 maxlen: 24
147.235.232.0/23 maxlen: 24
147.235.234.0/24 maxlen: 24
147.235.240.0/23 maxlen: 24
147.235.248.0/23 maxlen: 24
185.130.84.0/22 maxlen: 22
2a06:c702::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2e:e3:9a:fe:8e:10:7b:2e:ef:bb:9c:70:99:17:93:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50741158f3ed65bee1bde12f34f895afb0dd50d5
Validity
Not Before: Dec 20 09:35:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a868c7417bab6a35e37b06771a308da294e1f72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:87:f3:87:5e:90:c2:06:1c:d1:7e:46:5f:78:
78:8e:99:3d:ee:95:92:4a:6a:d5:8f:c0:03:b5:1a:
9d:bc:24:84:01:78:cf:58:a1:47:4f:85:2a:1f:a0:
15:52:8f:f5:97:9a:c1:f4:9c:a0:90:b1:b7:4d:72:
52:49:2e:9a:aa:00:12:dc:e0:ac:88:ad:5f:02:15:
80:c1:8c:f5:63:f8:e7:09:db:e2:d3:b2:17:94:63:
3f:cf:7c:17:c0:79:13:9c:06:b6:84:77:5d:35:33:
92:aa:82:25:8e:0a:1f:3b:d6:f1:41:33:3b:29:c1:
f4:d4:0e:37:b2:26:8d:0a:b3:71:bc:f9:f4:52:87:
ca:b5:59:94:4d:e8:2e:b2:6a:c1:64:1a:da:b1:4c:
e8:bf:e5:ed:81:7a:1e:ce:d8:d9:fd:1c:66:25:c5:
5f:bb:0e:b5:42:7e:d1:93:2b:d4:7e:ba:9f:9c:32:
c1:06:90:ed:55:26:4a:4f:17:50:cf:ff:b9:6d:10:
ae:e8:4f:a6:af:0d:16:b3:31:96:11:47:e0:29:d3:
26:44:ee:0f:e7:c1:ae:b0:e7:ea:19:b1:72:16:5e:
5a:fd:a5:f6:ef:a2:98:3f:66:15:c0:e4:e2:05:9a:
f6:b7:69:00:ed:ec:d7:b9:8f:e8:48:7f:6b:fe:85:
83:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:86:8C:74:17:BA:B6:A3:5E:37:B0:67:71:A3:08:DA:29:4E:1F:72
X509v3 Authority Key Identifier:
keyid:50:74:11:58:F3:ED:65:BE:E1:BD:E1:2F:34:F8:95:AF:B0:DD:50:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UHQRWPPtZb7hveEvNPiVr7DdUNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/KoaMdBe6tqNeN7BncaMI2ilOH3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/UHQRWPPtZb7hveEvNPiVr7DdUNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.235.25.0-147.235.27.255
147.235.36.0/24
147.235.40.0/24
147.235.45.0-147.235.47.255
147.235.49.0-147.235.51.255
147.235.60.0/22
147.235.72.0-147.235.80.255
147.235.93.0-147.235.95.255
147.235.152.0-147.235.154.255
147.235.180.0/23
147.235.224.0/23
147.235.232.0-147.235.234.255
147.235.240.0/23
147.235.248.0/23
147.235.254.0/23
185.130.84.0/22
IPv6:
2a06:c702::/48
Signature Algorithm: sha256WithRSAEncryption
44:9c:77:83:89:53:fc:45:ba:71:7c:b7:ed:b9:c9:2d:42:c2:
ce:5d:4c:6d:63:25:d4:39:28:09:99:e8:a5:95:26:aa:cc:af:
03:62:c1:f7:2a:d8:95:a6:e2:18:0f:d7:58:38:98:89:44:ca:
a2:77:ce:40:8b:64:54:db:29:64:f3:eb:a5:92:e7:8a:cb:ba:
62:4c:57:82:60:00:f1:c6:32:a1:86:66:e4:4d:6e:1f:d6:44:
f0:06:06:f8:95:63:fc:2d:30:6c:ae:eb:5d:3d:fb:62:37:1e:
2f:5c:98:f5:c4:d8:e7:ed:86:15:14:b4:3d:77:6e:2c:8d:93:
06:a4:c8:bc:34:9e:1b:d5:ff:c3:ae:90:ac:74:61:8f:8a:eb:
61:df:ba:17:d3:dd:dc:9a:4d:87:a4:7d:26:63:f8:0e:34:2a:
96:a7:74:53:90:ca:ac:88:4d:7d:a6:c7:b1:0b:fa:81:ff:38:
8a:d5:bf:d4:7d:77:99:74:00:b3:b6:06:eb:b9:21:9a:de:4d:
f6:b3:81:7e:d7:53:07:c7:c1:cc:8d:e1:e4:fa:8e:a9:be:99:
b7:ff:e9:c5:fb:b4:5f:9c:91:4c:c5:8b:6d:30:99:58:82:34:
7e:20:85:7e:dd:2f:f1:2f:85:e7:11:c5:88:06:66:1b:32:ed:
e0:fd:ae:79
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAYUu45r+jhB7Lu+7nHCZF5PaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNzQxMTU4ZjNlZDY1YmVlMWJkZTEyZjM0Zjg5NWFmYjBk
ZDUwZDUwHhcNMjIxMjIwMDkzNTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTg2OGM3NDE3YmFiNmEzNWUzN2IwNjc3MWEzMDhkYTI5NGUxZjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Yfzh16QwgYc0X5GX3h4jpk97pWS
SmrVj8ADtRqdvCSEAXjPWKFHT4UqH6AVUo/1l5rB9JygkLG3TXJSSS6aqgAS3OCs
iK1fAhWAwYz1Y/jnCdvi07IXlGM/z3wXwHkTnAa2hHddNTOSqoIljgofO9bxQTM7
KcH01A43siaNCrNxvPn0UofKtVmUTegusmrBZBrasUzov+XtgXoeztjZ/RxmJcVf
uw61Qn7RkyvUfrqfnDLBBpDtVSZKTxdQz/+5bRCu6E+mrw0WszGWEUfgKdMmRO4P
58GusOfqGbFyFl5a/aX276KYP2YVwOTiBZr2t2kA7ezXuY/oSH9r/oWDJQIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFCqGjHQXurajXjewZ3GjCNopTh9yMB8GA1UdIwQY
MBaAFFB0EVjz7WW+4b3hLzT4la+w3VDVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUhRUldQUHRaYjdodmVFdk5QaVZyN0RkVU5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83MzliODEtM2NkMy00NjljLWI5NTQt
MzU1M2I0ZWQ2Nzk0LzEvS29hTWRCZTZ0cU5lTjdCbmNhTUkyaWxPSDNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83MzliODEtM2NkMy00NjljLWI5NTQtMzU1M2I0ZWQ2Nzk0
LzEvVUhRUldQUHRaYjdodmVFdk5QaVZyN0RkVU5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHGBggrBgEFBQcBBwEB/wSBtjCBszCBnwQCAAEwgZgwDAME
AJPrGQMEApPrGAMEAJPrJAMEAJPrKDAMAwQAk+stAwQEk+sgMAwDBACT6zEDBAKT
6zADBAKT6zwwDAMEA5PrSAMEAJPrUDAMAwQAk+tdAwQFk+tAMAwDBAOT65gDBACT
65oDBAGT67QDBAGT6+AwDAMEA5Pr6AMEAJPr6gMEAZPr8AMEAZPr+AMEAZPr/gME
ArmCVDAPBAIAAjAJAwcAKgbHAgAAMA0GCSqGSIb3DQEBCwUAA4IBAQBEnHeDiVP8
RbpxfLftucktQsLOXUxtYyXUOSgJmeillSaqzK8DYsH3KtiVpuIYD9dYOJiJRMqi
d85Ai2RU2ylk8+ulkueKy7piTFeCYADxxjKhhmbkTW4f1kTwBgb4lWP8LTBsrutd
PftiNx4vXJj1xNjn7YYVFLQ9d24sjZMGpMi8NJ4b1f/DrpCsdGGPiuth37oX093c
mk2HpH0mY/gONCqWp3RTkMqsiE19psexC/qB/ziK1b/UfXeZdACztgbruSGa3k32
s4F+11MHx8HMjeHk+o6pvpm3/+nF+7RfnJFMxYttMJlYgjR+IIV+3S/xL4XnEcWI
BmYbMu3g/a55
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:38 2023 by rpki-client on console-fra.rpki-client.org