Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/hdCPxE92ZPKkL2-1892l7rFvZFg.roa
File: hdCPxE92ZPKkL2-1892l7rFvZFg.roa (raw, json)
Hash identifier: XC9+jvfF4qHRZpNwDnj5c8r9rfmvB42z6mDAorke8wA=
Subject key identifier: 85:D0:8F:C4:4F:76:64:F2:A4:2F:6F:B5:F3:DD:A5:EE:B1:6F:64:58
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 0183892BBC6C7C7DEAE6CE9E6A627A7E5530
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/hdCPxE92ZPKkL2-1892l7rFvZFg.roa
Signing time: Thu 29 Sep 2022 12:14:48 +0000
ROA not before: Thu 29 Sep 2022 12:14:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48635
IP address blocks: 195.39.204.0/23 maxlen: 24
195.39.214.0/23 maxlen: 24
185.103.240.0/22 maxlen: 24
185.103.156.0/22 maxlen: 24
93.187.220.0/22 maxlen: 24
185.56.144.0/22 maxlen: 24
109.72.80.0/20 maxlen: 24
185.159.240.0/22 maxlen: 24
2.57.56.0/22 maxlen: 24
185.66.248.0/22 maxlen: 24
92.63.168.0/21 maxlen: 24
62.221.248.0/21 maxlen: 24
31.186.168.0/21 maxlen: 24
185.37.68.0/22 maxlen: 24
185.182.56.0/22 maxlen: 24
185.224.88.0/22 maxlen: 24
185.109.216.0/22 maxlen: 24
93.180.64.0/21 maxlen: 24
185.107.212.0/22 maxlen: 24
185.107.224.0/23 maxlen: 24
185.187.12.0/22 maxlen: 24
31.25.96.0/21 maxlen: 24
185.87.184.0/22 maxlen: 24
79.99.128.0/21 maxlen: 24
185.175.200.0/22 maxlen: 24
185.233.28.0/22 maxlen: 24
5.157.80.0/21 maxlen: 24
185.27.172.0/22 maxlen: 24
185.95.28.0/22 maxlen: 24
195.238.74.0/23 maxlen: 24
185.223.32.0/22 maxlen: 24
109.106.160.0/19 maxlen: 24
185.94.228.0/22 maxlen: 24
2a01:b942::/32 maxlen: 48
2a03:3060::/29 maxlen: 48
2a0b:7280::/29 maxlen: 48
2a04:6bc0::/36 maxlen: 48
2a0b:8f80::/48 maxlen: 48
2a02:40c1::/32 maxlen: 48
2a05:1500::/29 maxlen: 48
2a01:b944::/32 maxlen: 48
2a00:f10::/29 maxlen: 48
2a0c:84c0::/29 maxlen: 48
2a01:b940::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:89:2b:bc:6c:7c:7d:ea:e6:ce:9e:6a:62:7a:7e:55:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Sep 29 12:14:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85d08fc44f7664f2a42f6fb5f3dda5eeb16f6458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:97:03:15:25:0c:27:14:7e:b3:95:db:23:20:
3d:fd:f2:12:5e:f5:de:d2:02:8a:14:9a:2f:50:61:
d8:b2:f9:d2:d6:73:3f:b3:8f:be:96:80:2a:64:d1:
8a:ba:e6:c4:f0:61:a6:86:89:4c:4c:89:72:77:32:
67:e0:26:52:62:07:74:18:c1:6d:ee:35:15:c7:6b:
6c:d7:0d:c7:a1:37:d0:e9:f3:63:d6:a7:9c:a9:4d:
7c:14:63:74:2e:53:67:86:56:cc:5e:8c:df:90:9b:
07:21:d6:09:8f:bd:90:f0:e3:a9:e0:d6:bf:c3:5b:
b1:6a:34:0c:3a:26:67:0c:53:ed:80:b8:20:15:10:
13:8d:5f:5e:3c:f2:5d:c7:21:88:f2:f6:b8:94:a5:
57:9d:31:98:1f:90:59:ff:86:7e:16:22:11:28:dd:
80:44:74:38:b2:f0:26:4e:82:e3:fa:d6:1d:9a:62:
f3:1f:28:43:7c:10:33:bd:ab:45:41:87:5b:c5:1d:
74:fb:64:f8:3e:2e:92:f4:a8:02:4c:ed:b2:89:15:
aa:93:b1:70:e2:83:11:8f:48:fe:ea:da:92:88:a9:
7b:4c:29:9a:19:46:2f:0d:b2:bc:77:b8:33:0f:e6:
70:35:76:70:e1:f2:b6:e7:59:e7:8a:95:70:1d:72:
52:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:D0:8F:C4:4F:76:64:F2:A4:2F:6F:B5:F3:DD:A5:EE:B1:6F:64:58
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/hdCPxE92ZPKkL2-1892l7rFvZFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.56.0/22
5.157.80.0/21
31.25.96.0/21
31.186.168.0/21
62.221.248.0/21
79.99.128.0/21
92.63.168.0/21
93.180.64.0/21
93.187.220.0/22
109.72.80.0/20
109.106.160.0/19
185.27.172.0/22
185.37.68.0/22
185.56.144.0/22
185.66.248.0/22
185.87.184.0/22
185.94.228.0/22
185.95.28.0/22
185.103.156.0/22
185.103.240.0/22
185.107.212.0/22
185.107.224.0/23
185.109.216.0/22
185.159.240.0/22
185.175.200.0/22
185.182.56.0/22
185.187.12.0/22
185.223.32.0/22
185.224.88.0/22
185.233.28.0/22
195.39.204.0/23
195.39.214.0/23
195.238.74.0/23
IPv6:
2a00:f10::/29
2a01:b940::/29
2a02:40c1::/32
2a03:3060::/29
2a04:6bc0::/36
2a05:1500::/29
2a0b:7280::/29
2a0b:8f80::/48
2a0c:84c0::/29
Signature Algorithm: sha256WithRSAEncryption
74:29:52:5a:09:1f:63:7c:1c:f2:05:4f:b6:e4:7d:39:0e:57:
ba:a4:67:c0:a8:26:b4:41:02:66:01:a5:be:41:ce:2e:63:f5:
e0:0b:45:26:5a:c3:a2:fa:aa:88:e6:97:d5:fe:78:08:6f:c5:
b7:dc:53:bb:63:6a:e5:6c:73:15:07:8d:cc:98:00:08:18:ba:
db:33:dc:9e:33:4d:41:df:5d:1a:0a:b7:de:a8:9f:f5:84:71:
80:ce:b5:18:a2:68:91:b8:1a:05:49:1a:ca:1c:11:ab:4c:45:
38:c2:00:4a:e9:b6:e6:35:62:57:cb:31:ef:61:8c:e6:98:22:
a6:fc:5c:5a:9c:1e:9e:20:cc:8f:d5:8e:5d:71:33:05:71:9a:
5e:f0:8c:b7:c4:7e:4e:c2:aa:39:6c:0d:2d:d0:56:fd:16:d4:
ee:13:67:f9:b7:75:f0:57:ef:4d:2b:b1:e4:12:b2:8e:b2:42:
c5:1a:90:3b:7d:a1:a0:e8:7a:af:47:bc:d3:d1:a5:5b:c1:71:
ee:d2:f2:87:8a:a9:cc:9f:2b:d6:65:1b:d7:2a:13:ff:0d:e2:
08:f3:c2:1b:2c:c2:42:96:27:11:73:80:02:ce:35:50:cf:a1:
8c:89:17:11:04:9a:6f:d8:e0:a4:43:63:1e:81:b8:fe:11:f1:
dc:32:39:87
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAYOJK7xsfH3q5s6eamJ6flUwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjIwOTI5MTIxNDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWQwOGZjNDRmNzY2NGYyYTQyZjZmYjVmM2RkYTVlZWIxNmY2NDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pcDFSUMJxR+s5XbIyA9/fISXvXe
0gKKFJovUGHYsvnS1nM/s4++loAqZNGKuubE8GGmholMTIlydzJn4CZSYgd0GMFt
7jUVx2ts1w3HoTfQ6fNj1qecqU18FGN0LlNnhlbMXozfkJsHIdYJj72Q8OOp4Na/
w1uxajQMOiZnDFPtgLggFRATjV9ePPJdxyGI8va4lKVXnTGYH5BZ/4Z+FiIRKN2A
RHQ4svAmToLj+tYdmmLzHyhDfBAzvatFQYdbxR10+2T4Pi6S9KgCTO2yiRWqk7Fw
4oMRj0j+6tqSiKl7TCmaGUYvDbK8d7gzD+ZwNXZw4fK251nnipVwHXJSawIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFIXQj8RPdmTypC9vtfPdpe6xb2RYMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvaGRDUHhFOTJaUEtrTDItMTg5Mmw3ckZ2WkZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCBzQQCAAEwgcYD
BAICOTgDBAMFnVADBAMfGWADBAMfuqgDBAM+3fgDBANPY4ADBANcP6gDBANdtEAD
BAJdu9wDBARtSFADBAVtaqADBAK5G6wDBAK5JUQDBAK5OJADBAK5QvgDBAK5V7gD
BAK5XuQDBAK5XxwDBAK5Z5wDBAK5Z/ADBAK5a9QDBAG5a+ADBAK5bdgDBAK5n/AD
BAK5r8gDBAK5tjgDBAK5uwwDBAK53yADBAK54FgDBAK56RwDBAHDJ8wDBAHDJ9YD
BAHD7kowSAQCAAIwQgMFAyoADxADBQMqAblAAwUAKgJAwQMFAyoDMGADBgQqBGvA
AAMFAyoFFQADBQMqC3KAAwcAKguPgAAAAwUDKgyEwDANBgkqhkiG9w0BAQsFAAOC
AQEAdClSWgkfY3wc8gVPtuR9OQ5XuqRnwKgmtEECZgGlvkHOLmP14AtFJlrDovqq
iOaX1f54CG/Ft9xTu2Nq5WxzFQeNzJgACBi62zPcnjNNQd9dGgq33qif9YRxgM61
GKJokbgaBUkayhwRq0xFOMIASum25jViV8sx72GM5pgipvxcWpweniDMj9WOXXEz
BXGaXvCMt8R+TsKqOWwNLdBW/RbU7hNn+bd18FfvTSux5BKyjrJCxRqQO32hoOh6
r0e809GlW8Fx7tLyh4qpzJ8r1mUb1yoT/w3iCPPCGyzCQpYnEXOAAs41UM+hjIkX
EQSab9jgpENjHoG4/hHx3DI5hw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:11 2024 by rpki-client on console-ams.rpki-client.org