Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/skFxjh3LqANLxagZmSurrNDXz4I.roa
File: skFxjh3LqANLxagZmSurrNDXz4I.roa (raw, json)
Hash identifier: GE975VikMszTSXl4r9+QNJ1E5Z7kkay+1udfsqy6kGA=
Subject key identifier: B2:41:71:8E:1D:CB:A8:03:4B:C5:A8:19:99:2B:AB:AC:D0:D7:CF:82
Certificate issuer: /CN=49ee1194bd81d1946c39f10f7fdfdf22d1a03112
Certificate serial: 0184B8697BB0BEC35C8CF8FBDCCB16FBFDE7
Authority key identifier: 49:EE:11:94:BD:81:D1:94:6C:39:F1:0F:7F:DF:DF:22:D1:A0:31:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Se4RlL2B0ZRsOfEPf9_fItGgMRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/skFxjh3LqANLxagZmSurrNDXz4I.roa
Signing time: Sun 27 Nov 2022 09:27:11 +0000
ROA not before: Sun 27 Nov 2022 09:27:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59441
IP address blocks: 185.208.78.0/24 maxlen: 24
185.208.78.0/23 maxlen: 24
185.208.79.0/24 maxlen: 24
185.83.112.0/22 maxlen: 22
185.83.112.0/23 maxlen: 23
185.83.112.0/24 maxlen: 24
185.83.113.0/24 maxlen: 24
185.83.114.0/23 maxlen: 24
185.83.114.0/24 maxlen: 24
185.83.115.0/24 maxlen: 24
5.144.130.0/24 maxlen: 24
5.144.132.0/22 maxlen: 22
5.144.128.0/21 maxlen: 21
5.144.128.0/22 maxlen: 22
5.144.128.0/23 maxlen: 23
5.144.131.0/24 maxlen: 24
5.144.132.0/24 maxlen: 24
5.144.128.0/24 maxlen: 24
5.144.129.0/24 maxlen: 24
5.144.132.0/23 maxlen: 24
5.144.130.0/23 maxlen: 24
5.144.135.0/24 maxlen: 24
5.144.133.0/24 maxlen: 24
5.144.134.0/23 maxlen: 24
5.144.134.0/24 maxlen: 24
185.173.104.0/24 maxlen: 24
185.173.104.0/22 maxlen: 24
185.173.105.0/24 maxlen: 24
185.173.106.0/24 maxlen: 24
185.173.107.0/24 maxlen: 24
45.92.95.0/24 maxlen: 24
45.92.92.0/22 maxlen: 24
45.92.92.0/24 maxlen: 24
45.92.92.0/23 maxlen: 24
45.92.93.0/24 maxlen: 24
45.92.94.0/23 maxlen: 24
45.92.94.0/24 maxlen: 24
45.138.132.0/24 maxlen: 24
45.138.132.0/23 maxlen: 24
45.138.132.0/22 maxlen: 24
45.138.133.0/24 maxlen: 24
45.138.134.0/24 maxlen: 24
45.138.135.0/24 maxlen: 24
2a10:5c40::/29 maxlen: 29
2a05:9a00:4::/48 maxlen: 48
2a05:9a00::/29 maxlen: 29
2a05:9a00:1001::/48 maxlen: 48
2a05:9a00:1::/48 maxlen: 48
2a05:9a00:1002::/48 maxlen: 48
2a05:9a00:2::/48 maxlen: 48
2a07:e440::/29 maxlen: 29
2a05:9a00:1000::/48 maxlen: 48
2a05:9a00::/48 maxlen: 48
2a05:9a00:1003::/48 maxlen: 48
2a05:9a00:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:b8:69:7b:b0:be:c3:5c:8c:f8:fb:dc:cb:16:fb:fd:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49ee1194bd81d1946c39f10f7fdfdf22d1a03112
Validity
Not Before: Nov 27 09:27:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b241718e1dcba8034bc5a819992babacd0d7cf82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:37:37:ef:fe:e9:61:09:35:d4:ca:3f:6f:83:
91:04:81:cd:52:a5:4a:56:78:65:36:64:c4:66:c3:
c1:b5:d2:20:45:24:4e:f3:9b:b6:43:c8:2e:e5:03:
15:c9:3a:4b:83:f8:ee:54:e9:59:7e:9c:6a:a3:e2:
e0:66:ec:2e:16:29:4d:ad:62:45:65:dd:40:08:53:
e7:77:67:df:63:5b:c5:8e:62:b4:f5:ad:6d:40:cf:
af:c1:19:be:08:da:3f:40:9f:1c:eb:16:1c:4d:6a:
df:4d:b4:68:3c:d7:64:63:85:35:3f:a3:32:78:88:
04:eb:3d:7c:ef:a8:b1:83:2a:36:1c:c1:51:9a:32:
29:f6:10:db:6a:5e:13:96:3d:a5:f1:63:da:a1:79:
27:7e:17:23:c1:63:e2:d8:ad:8f:2a:d3:14:49:78:
c2:41:3d:55:7c:82:14:a7:56:78:f9:0b:af:0f:97:
a5:75:49:f6:15:52:ab:c0:68:43:a8:b4:30:3b:8c:
4d:45:17:78:a3:bc:a8:f6:f8:24:28:a7:0c:ed:b1:
d9:b8:26:54:71:f1:7d:94:23:3f:3c:df:b0:72:6e:
32:27:10:27:5c:31:f1:40:cb:cc:9c:21:08:b1:95:
41:3c:6c:c6:ff:ae:bd:fa:58:58:76:f0:b2:32:6c:
89:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:41:71:8E:1D:CB:A8:03:4B:C5:A8:19:99:2B:AB:AC:D0:D7:CF:82
X509v3 Authority Key Identifier:
keyid:49:EE:11:94:BD:81:D1:94:6C:39:F1:0F:7F:DF:DF:22:D1:A0:31:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Se4RlL2B0ZRsOfEPf9_fItGgMRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/skFxjh3LqANLxagZmSurrNDXz4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/Se4RlL2B0ZRsOfEPf9_fItGgMRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.128.0/21
45.92.92.0/22
45.138.132.0/22
185.83.112.0/22
185.173.104.0/22
185.208.78.0/23
IPv6:
2a05:9a00::/29
2a07:e440::/29
2a10:5c40::/29
Signature Algorithm: sha256WithRSAEncryption
1d:b4:c8:33:fb:da:09:c7:fc:c4:4b:9d:9f:e2:8a:56:95:77:
ee:7a:ad:0e:fe:e9:49:54:c9:ac:fb:8a:f3:84:45:3a:c8:10:
ed:cd:87:bc:9b:bf:6c:f9:55:a6:9b:ea:23:87:41:d0:9a:ec:
23:4e:12:64:7f:3e:c9:3c:d1:60:2e:f0:43:4b:6d:48:b8:a4:
89:0a:aa:e8:29:96:2d:c4:ff:f0:e1:07:50:fd:0c:1a:78:92:
f6:34:2b:0a:20:91:9b:16:ac:19:da:18:08:ba:7b:36:71:92:
84:43:6c:93:63:d5:58:29:7a:3e:4e:39:2c:d1:24:ed:de:ea:
da:e7:3b:f5:07:70:ee:0e:e0:c7:e1:58:25:66:f6:91:b7:5c:
b7:d4:fc:03:e3:df:31:68:d9:f5:52:23:bf:aa:cf:38:39:37:
eb:db:6b:23:be:86:04:37:76:bc:94:e9:d9:0e:df:85:d4:8f:
d8:7a:c0:b1:d0:83:7c:50:44:d3:b2:be:30:65:a9:18:cf:c4:
0d:0b:2d:e3:32:c1:77:63:0c:27:f5:ee:be:4c:18:b5:21:a7:
dd:dd:a4:b9:91:63:03:25:5c:c8:7e:03:81:d7:21:d8:27:50:
3d:72:43:6a:d1:ea:65:a6:e4:9b:a8:61:d5:bc:86:e3:ef:97:
42:93:3d:67
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYS4aXuwvsNcjPj73MsW+/3nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZWUxMTk0YmQ4MWQxOTQ2YzM5ZjEwZjdmZGZkZjIyZDFh
MDMxMTIwHhcNMjIxMTI3MDkyNzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjQxNzE4ZTFkY2JhODAzNGJjNWE4MTk5OTJiYWJhY2QwZDdjZjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDc37/7pYQk11Mo/b4ORBIHNUqVK
VnhlNmTEZsPBtdIgRSRO85u2Q8gu5QMVyTpLg/juVOlZfpxqo+LgZuwuFilNrWJF
Zd1ACFPnd2ffY1vFjmK09a1tQM+vwRm+CNo/QJ8c6xYcTWrfTbRoPNdkY4U1P6My
eIgE6z1876ixgyo2HMFRmjIp9hDbal4Tlj2l8WPaoXknfhcjwWPi2K2PKtMUSXjC
QT1VfIIUp1Z4+QuvD5eldUn2FVKrwGhDqLQwO4xNRRd4o7yo9vgkKKcM7bHZuCZU
cfF9lCM/PN+wcm4yJxAnXDHxQMvMnCEIsZVBPGzG/669+lhYdvCyMmyJpwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFLJBcY4dy6gDS8WoGZkrq6zQ18+CMB8GA1UdIwQY
MBaAFEnuEZS9gdGUbDnxD3/f3yLRoDESMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2U0UmxMMkIwWlJzT2ZFUGY5X2ZJdEdnTVJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9hMzI0ZjQtOTc3MC00YTU4LWE2ZWYt
ZDYyZmE2MzE5ZmQ0LzEvc2tGeGpoM0xxQU5MeGFnWm1TdXJyTkRYejRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9hMzI0ZjQtOTc3MC00YTU4LWE2ZWYtZDYyZmE2MzE5ZmQ0
LzEvU2U0UmxMMkIwWlJzT2ZFUGY5X2ZJdEdnTVJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQDBZCAAwQC
LVxcAwQCLYqEAwQCuVNwAwQCua1oAwQBudBOMBsEAgACMBUDBQMqBZoAAwUDKgfk
QAMFAyoQXEAwDQYJKoZIhvcNAQELBQADggEBAB20yDP72gnH/MRLnZ/iilaVd+56
rQ7+6UlUyaz7ivOERTrIEO3Nh7ybv2z5Vaab6iOHQdCa7CNOEmR/Psk80WAu8ENL
bUi4pIkKqugpli3E//DhB1D9DBp4kvY0KwogkZsWrBnaGAi6ezZxkoRDbJNj1Vgp
ej5OOSzRJO3e6trnO/UHcO4O4MfhWCVm9pG3XLfU/APj3zFo2fVSI7+qzzg5N+vb
ayO+hgQ3dryU6dkO34XUj9h6wLHQg3xQRNOyvjBlqRjPxA0LLeMywXdjDCf17r5M
GLUhp93dpLmRYwMlXMh+A4HXIdgnUD1yQ2rR6mWm5JuoYdW8huPvl0KTPWc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:39 2023 by rpki-client on console-ams.rpki-client.org