Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/31991a-bdb8-4b5b-ae5d-b29812c3e465/1/tLkr2eebrQuYEsoZiFTXsHo8Zzc.roa
File: tLkr2eebrQuYEsoZiFTXsHo8Zzc.roa (raw, json)
Hash identifier: fBtxzeajHhNwkLVypyARIY32AiqNjmWVg8/8Hehyrsk=
Subject key identifier: B4:B9:2B:D9:E7:9B:AD:0B:98:12:CA:19:88:54:D7:B0:7A:3C:67:37
Certificate issuer: /CN=ae0a5a1b38617cc161f60613d98e179b5360c054
Certificate serial: 285649F0
Authority key identifier: AE:0A:5A:1B:38:61:7C:C1:61:F6:06:13:D9:8E:17:9B:53:60:C0:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rgpaGzhhfMFh9gYT2Y4Xm1NgwFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/31991a-bdb8-4b5b-ae5d-b29812c3e465/1/tLkr2eebrQuYEsoZiFTXsHo8Zzc.roa
Signing time: Sat 01 Jan 2022 03:56:15 +0000
ROA not before: Sat 01 Jan 2022 03:56:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3209
IP address blocks: 37.201.128.0/17 maxlen: 17
94.114.0.0/16 maxlen: 16
94.114.0.0/15 maxlen: 15
176.198.0.0/16 maxlen: 16
176.198.0.0/15 maxlen: 15
92.50.96.0/19 maxlen: 19
46.252.128.0/20 maxlen: 20
46.252.128.0/21 maxlen: 21
46.252.136.0/21 maxlen: 21
178.202.0.0/15 maxlen: 15
78.94.0.0/17 maxlen: 17
92.50.64.0/19 maxlen: 19
95.222.0.0/16 maxlen: 16
78.94.0.0/16 maxlen: 16
92.50.64.0/18 maxlen: 18
95.222.0.0/15 maxlen: 15
81.210.192.0/18 maxlen: 18
80.69.96.0/21 maxlen: 21
80.69.96.0/20 maxlen: 20
94.79.128.0/19 maxlen: 19
192.109.212.0/24 maxlen: 24
94.79.128.0/18 maxlen: 18
80.69.104.0/21 maxlen: 21
62.143.128.0/17 maxlen: 17
192.109.211.0/24 maxlen: 24
130.180.64.0/18 maxlen: 18
109.90.0.0/16 maxlen: 16
109.90.0.0/15 maxlen: 15
94.79.160.0/19 maxlen: 19
5.147.0.0/16 maxlen: 16
185.248.36.0/22 maxlen: 22
185.248.36.0/23 maxlen: 23
185.248.38.0/23 maxlen: 23
37.201.0.0/17 maxlen: 17
37.201.0.0/16 maxlen: 16
5.146.0.0/16 maxlen: 16
5.146.0.0/15 maxlen: 15
37.24.128.0/17 maxlen: 17
130.180.0.0/17 maxlen: 17
130.180.0.0/18 maxlen: 18
62.143.0.0/17 maxlen: 17
62.143.0.0/16 maxlen: 16
81.210.128.0/18 maxlen: 18
81.210.128.0/17 maxlen: 17
178.200.0.0/15 maxlen: 15
178.200.0.0/14 maxlen: 14
88.153.0.0/16 maxlen: 16
176.199.0.0/16 maxlen: 16
109.91.0.0/16 maxlen: 16
78.94.128.0/17 maxlen: 17
95.223.0.0/16 maxlen: 16
37.24.0.0/17 maxlen: 17
88.152.0.0/16 maxlen: 16
37.24.0.0/16 maxlen: 16
88.152.0.0/15 maxlen: 15
94.115.0.0/16 maxlen: 16
5.10.160.0/19 maxlen: 19
5.10.160.0/20 maxlen: 20
5.10.176.0/20 maxlen: 20
2a02:908::/32 maxlen: 32
2a02:908:8000::/33 maxlen: 33
2a02:908::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 676743664 (0x285649f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae0a5a1b38617cc161f60613d98e179b5360c054
Validity
Not Before: Jan 1 03:56:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4b92bd9e79bad0b9812ca198854d7b07a3c6737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f9:83:a6:66:88:44:db:0a:c2:e5:df:ed:f9:
92:2c:8b:99:ec:e3:9a:71:e5:31:ef:f2:27:36:50:
f0:3a:27:83:b0:e4:97:9a:1e:06:05:5c:f1:4b:9b:
5e:ef:8d:7f:51:97:8c:3c:7d:53:42:99:64:c0:df:
2f:2a:71:f4:a3:90:24:06:d0:e8:0d:a4:3e:10:e6:
b9:f5:b6:75:74:47:94:b1:a3:d4:19:64:d6:1b:1a:
89:6e:c5:3f:4e:c7:e5:21:4c:6b:a1:3e:4b:eb:7a:
1a:15:53:a5:79:92:8a:cc:41:01:8f:ae:4d:62:5c:
b6:af:51:25:2e:31:29:b6:32:ba:06:ea:4c:73:27:
39:ca:48:8c:6a:18:c3:41:ff:e4:9a:cb:29:f1:f3:
47:5d:4a:c9:b1:5d:30:aa:ad:ec:30:83:7e:d1:36:
67:e4:13:06:49:b9:c7:09:97:75:79:59:80:ec:ad:
30:2c:e6:86:44:b3:8a:fd:76:e6:2f:c8:c8:19:3b:
09:fe:5e:0b:0b:c0:f6:31:67:a4:10:f0:88:0a:59:
7b:5f:dc:0e:67:f0:c1:d9:43:1c:e7:1f:a8:48:07:
cf:9d:61:67:51:1f:cc:7e:ce:be:44:93:20:48:d0:
96:99:5a:48:0e:f0:8f:82:03:07:71:fa:90:1e:42:
ad:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:B9:2B:D9:E7:9B:AD:0B:98:12:CA:19:88:54:D7:B0:7A:3C:67:37
X509v3 Authority Key Identifier:
keyid:AE:0A:5A:1B:38:61:7C:C1:61:F6:06:13:D9:8E:17:9B:53:60:C0:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rgpaGzhhfMFh9gYT2Y4Xm1NgwFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/31991a-bdb8-4b5b-ae5d-b29812c3e465/1/tLkr2eebrQuYEsoZiFTXsHo8Zzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/31991a-bdb8-4b5b-ae5d-b29812c3e465/1/rgpaGzhhfMFh9gYT2Y4Xm1NgwFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.160.0/19
5.146.0.0/15
37.24.0.0/16
37.201.0.0/16
46.252.128.0/20
62.143.0.0/16
78.94.0.0/16
80.69.96.0/20
81.210.128.0/17
88.152.0.0/15
92.50.64.0/18
94.79.128.0/18
94.114.0.0/15
95.222.0.0/15
109.90.0.0/15
130.180.0.0/17
176.198.0.0/15
178.200.0.0/14
185.248.36.0/22
192.109.211.0-192.109.212.255
IPv6:
2a02:908::/32
Signature Algorithm: sha256WithRSAEncryption
5f:6d:89:fc:e0:cf:0f:31:f7:f0:de:c4:de:fc:0a:f7:df:cd:
8e:01:eb:19:92:19:15:c6:8f:fd:70:c0:cb:c7:31:63:63:21:
43:57:3d:c8:2b:d2:8a:62:7a:95:19:9c:04:e1:7b:27:62:84:
af:80:1e:a8:ae:84:a7:19:ea:45:8c:85:e2:7b:79:a9:42:32:
36:ee:e1:36:7a:10:54:cd:e4:3b:ad:c3:6d:48:9b:35:88:6f:
84:5b:22:c4:67:58:8e:85:c0:3c:35:a9:dd:5a:6c:79:3e:16:
7e:e4:ca:c6:6d:9c:db:dc:61:77:ab:64:4c:d1:b7:e4:96:2a:
7d:96:59:9e:aa:a3:5f:7c:d6:3e:16:0d:cb:30:97:8d:c6:f3:
5c:fd:4f:fc:a7:06:f3:41:42:6e:d3:a7:2e:1f:13:e6:29:f7:
31:bb:08:f7:79:bf:c8:03:4e:a3:a9:c5:a9:7a:f1:8b:3b:86:
56:2c:44:fe:ad:b3:03:18:31:ec:d8:a0:af:4f:7a:4a:86:f8:
61:13:18:34:a9:1f:da:d8:2c:87:fc:ef:53:4b:d4:94:97:e1:
a3:0d:fe:d6:ad:b8:f5:e1:25:33:24:4b:42:4f:69:85:93:b3:
bd:f4:35:f5:a1:8b:d4:35:28:b0:23:41:1a:dc:77:bf:e3:9b:
b0:c6:56:bb
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIEKFZJ8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZTBhNWExYjM4NjE3Y2MxNjFmNjA2MTNkOThlMTc5YjUzNjBjMDU0MB4XDTIyMDEw
MTAzNTYxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjRiOTJiZDllNzli
YWQwYjk4MTJjYTE5ODg1NGQ3YjA3YTNjNjczNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMP5g6ZmiETbCsLl3+35kiyLmezjmnHlMe/yJzZQ8Dong7Dk
l5oeBgVc8UubXu+Nf1GXjDx9U0KZZMDfLypx9KOQJAbQ6A2kPhDmufW2dXRHlLGj
1Blk1hsaiW7FP07H5SFMa6E+S+t6GhVTpXmSisxBAY+uTWJctq9RJS4xKbYyugbq
THMnOcpIjGoYw0H/5JrLKfHzR11KybFdMKqt7DCDftE2Z+QTBkm5xwmXdXlZgOyt
MCzmhkSziv125i/IyBk7Cf5eCwvA9jFnpBDwiApZe1/cDmfwwdlDHOcfqEgHz51h
Z1EfzH7OvkSTIEjQlplaSA7wj4IDB3H6kB5CrZcCAwEAAaOCAoowggKGMB0GA1Ud
DgQWBBS0uSvZ55utC5gSyhmIVNewejxnNzAfBgNVHSMEGDAWgBSuClobOGF8wWH2
BhPZjhebU2DAVDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JncGFHemhoZk1GaDlnWVQyWTRYbTFOZ3dGUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzgvMzE5OTFhLWJkYjgtNGI1Yi1hZTVkLWIyOTgxMmMzZTQ2NS8x
L3RMa3IyZWViclF1WUVzb1ppRlRYc0hvOFp6Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzgv
MzE5OTFhLWJkYjgtNGI1Yi1hZTVkLWIyOTgxMmMzZTQ2NS8xL3JncGFHemhoZk1G
aDlnWVQyWTRYbTFOZ3dGUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
nwYIKwYBBQUHAQcBAf8EgY8wgYwwewQCAAEwdQMEBQUKoAMDAQWSAwMAJRgDAwAl
yQMEBC78gAMDAD6PAwMATl4DBARQRWADBAdR0oADAwFYmAMEBlwyQAMEBl5PgAMD
AV5yAwMBX94DAwFtWgMEB4K0AAMDAbDGAwMCssgDBAK5+CQwDAMEAMBt0wMEAMBt
1DANBAIAAjAHAwUAKgIJCDANBgkqhkiG9w0BAQsFAAOCAQEAX22J/ODPDzH38N7E
3vwK99/NjgHrGZIZFcaP/XDAy8cxY2MhQ1c9yCvSimJ6lRmcBOF7J2KEr4AeqK6E
pxnqRYyF4nt5qUIyNu7hNnoQVM3kO63DbUibNYhvhFsixGdYjoXAPDWp3VpseT4W
fuTKxm2c29xhd6tkTNG35JYqfZZZnqqjX3zWPhYNyzCXjcbzXP1P/KcG80FCbtOn
Lh8T5in3MbsI93m/yANOo6nFqXrxizuGVixE/q2zAxgx7Nigr096Sob4YRMYNKkf
2tgsh/zvU0vUlJfhow3+1q249eElMyRLQk9phZOzvfQ19aGL1DUosCNBGtx3v+Ob
sMZWuw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:19 2024 by rpki-client on console-ams.rpki-client.org