Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/af_-4doYef4b7k7o5scuZHKKV6g.roa
File: af_-4doYef4b7k7o5scuZHKKV6g.roa (raw, json)
Hash identifier: uFIKkK4Zcff1SVnATNGqG0X/teToExGPCkeyaBqkIPU=
Subject key identifier: 69:FF:FE:E1:DA:18:79:FE:1B:EE:4E:E8:E6:C7:2E:64:72:8A:57:A8
Certificate issuer: /CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Certificate serial: 17AEAB1B
Authority key identifier: 0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/af_-4doYef4b7k7o5scuZHKKV6g.roa
Signing time: Fri 03 Jun 2022 08:41:29 +0000
ROA not before: Fri 03 Jun 2022 08:41:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 45011
IP address blocks: 188.120.160.0/19 maxlen: 19
82.117.96.0/19 maxlen: 19
94.198.64.0/21 maxlen: 21
94.245.16.0/20 maxlen: 20
85.235.0.0/19 maxlen: 19
85.235.17.0/24 maxlen: 24
94.245.48.0/20 maxlen: 20
85.235.24.0/24 maxlen: 24
85.235.18.0/23 maxlen: 23
85.235.20.0/22 maxlen: 22
178.251.240.0/21 maxlen: 21
213.185.12.0/22 maxlen: 22
213.185.16.0/23 maxlen: 23
91.232.59.0/24 maxlen: 24
91.232.60.0/23 maxlen: 23
213.185.20.0/23 maxlen: 23
213.185.22.0/24 maxlen: 24
213.185.24.0/24 maxlen: 24
213.185.26.0/24 maxlen: 24
109.124.128.0/18 maxlen: 18
79.138.0.0/17 maxlen: 17
109.225.64.0/18 maxlen: 18
85.238.192.0/19 maxlen: 19
85.30.0.0/18 maxlen: 18
213.185.4.0/24 maxlen: 24
213.185.6.0/24 maxlen: 24
213.185.7.0/24 maxlen: 24
213.185.8.0/23 maxlen: 23
213.185.10.0/24 maxlen: 24
80.244.64.0/19 maxlen: 19
185.18.164.0/22 maxlen: 22
94.245.0.0/20 maxlen: 20
77.53.0.0/16 maxlen: 16
87.241.64.0/18 maxlen: 18
87.96.128.0/17 maxlen: 17
185.52.180.0/22 maxlen: 22
88.83.32.0/19 maxlen: 19
213.21.64.0/18 maxlen: 18
37.17.248.0/21 maxlen: 21
188.122.128.0/19 maxlen: 19
5.44.192.0/20 maxlen: 20
88.129.0.0/16 maxlen: 16
217.72.54.0/24 maxlen: 24
217.72.56.0/22 maxlen: 22
217.72.52.0/23 maxlen: 23
217.72.60.0/23 maxlen: 23
217.72.62.0/24 maxlen: 24
178.132.248.0/21 maxlen: 21
85.8.0.0/18 maxlen: 18
185.58.144.0/22 maxlen: 22
195.78.224.0/22 maxlen: 22
146.247.80.0/21 maxlen: 21
89.236.2.0/23 maxlen: 23
89.236.4.0/22 maxlen: 22
89.236.0.0/23 maxlen: 23
89.236.8.0/23 maxlen: 23
89.236.11.0/24 maxlen: 24
89.236.17.0/24 maxlen: 24
89.236.15.0/24 maxlen: 24
89.236.18.0/23 maxlen: 23
89.236.20.0/22 maxlen: 22
89.236.24.0/23 maxlen: 23
89.236.26.0/24 maxlen: 24
89.236.35.0/24 maxlen: 24
89.236.36.0/23 maxlen: 23
89.236.38.0/24 maxlen: 24
89.236.47.0/24 maxlen: 24
89.236.48.0/24 maxlen: 24
62.182.0.0/21 maxlen: 21
83.209.0.0/16 maxlen: 16
31.192.192.0/20 maxlen: 20
5.172.144.0/21 maxlen: 21
95.155.192.0/18 maxlen: 18
89.236.53.0/24 maxlen: 24
89.236.54.0/23 maxlen: 23
89.236.56.0/22 maxlen: 22
46.236.64.0/18 maxlen: 18
213.142.0.0/19 maxlen: 19
87.236.88.0/21 maxlen: 21
87.253.64.0/19 maxlen: 19
2a02:7b8::/32 maxlen: 32
2a00:8280::/32 maxlen: 32
2a02:23c0::/32 maxlen: 32
2a01:b700::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 397323035 (0x17aeab1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Validity
Not Before: Jun 3 08:41:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69fffee1da1879fe1bee4ee8e6c72e64728a57a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4e:34:a1:4a:f8:66:de:70:5c:53:60:ab:b4:
c0:a8:c4:7f:9c:a1:53:0c:51:0f:2a:4e:32:80:20:
3c:1a:6b:a6:3d:81:19:0d:73:b5:af:42:03:45:59:
58:9a:89:bf:82:16:3c:99:3e:b2:c0:74:f3:81:1e:
1a:9b:d3:65:1f:6a:2d:47:fa:9a:82:65:c4:f8:ca:
f9:d6:88:8e:d7:b3:06:46:f0:60:32:d0:69:03:c7:
a3:cf:e0:3e:a1:c3:a3:24:d5:39:ac:3c:59:b5:f9:
cd:8e:9e:e4:90:1b:6c:c1:6a:a3:9f:09:85:00:54:
d4:47:92:d9:96:78:11:dc:a6:8d:87:37:cd:b3:f3:
1e:e3:8d:ef:7b:5f:68:e8:27:19:54:4c:e2:49:fb:
3b:08:f6:68:c3:de:54:f1:70:3a:17:89:62:14:3c:
15:85:52:24:88:c3:28:93:2b:b6:77:cf:be:fa:52:
49:59:e8:91:fa:eb:7d:0f:3c:e7:23:e4:42:5c:6c:
50:ee:b9:17:a6:85:4f:f6:3f:ad:26:46:7e:8e:77:
c9:88:98:4a:c9:61:9f:67:a2:b0:79:51:05:2e:0a:
eb:34:c4:13:9d:5e:21:6b:5f:38:b7:ff:04:f1:cc:
50:d3:2d:d1:29:b1:ad:74:3d:c1:66:0c:56:37:9b:
12:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:FF:FE:E1:DA:18:79:FE:1B:EE:4E:E8:E6:C7:2E:64:72:8A:57:A8
X509v3 Authority Key Identifier:
keyid:0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/af_-4doYef4b7k7o5scuZHKKV6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.192.0/20
5.172.144.0/21
31.192.192.0/20
37.17.248.0/21
46.236.64.0/18
62.182.0.0/21
77.53.0.0/16
79.138.0.0/17
80.244.64.0/19
82.117.96.0/19
83.209.0.0/16
85.8.0.0/18
85.30.0.0/18
85.235.0.0/19
85.238.192.0/19
87.96.128.0/17
87.236.88.0/21
87.241.64.0/18
87.253.64.0/19
88.83.32.0/19
88.129.0.0/16
89.236.0.0-89.236.9.255
89.236.11.0/24
89.236.15.0/24
89.236.17.0-89.236.26.255
89.236.35.0-89.236.38.255
89.236.47.0-89.236.48.255
89.236.53.0-89.236.59.255
91.232.59.0-91.232.61.255
94.198.64.0/21
94.245.0.0/19
94.245.48.0/20
95.155.192.0/18
109.124.128.0/18
109.225.64.0/18
146.247.80.0/21
178.132.248.0/21
178.251.240.0/21
185.18.164.0/22
185.52.180.0/22
185.58.144.0/22
188.120.160.0/19
188.122.128.0/19
195.78.224.0/22
213.21.64.0/18
213.142.0.0/19
213.185.4.0/24
213.185.6.0-213.185.10.255
213.185.12.0-213.185.17.255
213.185.20.0-213.185.22.255
213.185.24.0/24
213.185.26.0/24
217.72.52.0-217.72.54.255
217.72.56.0-217.72.62.255
IPv6:
2a00:8280::/32
2a01:b700::/32
2a02:7b8::/32
2a02:23c0::/32
Signature Algorithm: sha256WithRSAEncryption
0d:2f:16:12:02:e8:12:c3:16:32:67:96:90:97:08:4d:0e:a6:
68:4f:3f:b3:b4:99:ef:7c:bf:e6:04:9f:8f:01:99:df:70:41:
ea:56:3b:89:17:f0:41:8b:ab:f2:61:ca:eb:b0:cc:ff:12:af:
ff:60:59:4f:2b:11:de:7e:ff:23:ed:de:98:52:5c:17:0d:0b:
35:51:90:c1:de:08:8b:3d:65:14:0c:0b:99:46:94:1d:52:53:
a7:1f:47:f0:49:03:ae:1b:b6:9e:26:a0:b3:35:ee:40:0a:78:
39:1a:5b:23:ae:b4:b2:7c:52:6e:99:24:d7:62:a8:37:79:82:
40:59:96:6b:ef:e3:12:5c:74:1a:ab:36:00:49:72:b7:e6:b4:
7c:43:38:c2:81:70:1a:14:07:35:af:ab:b6:ce:d2:87:79:65:
10:9b:fc:68:5c:15:e5:42:a4:70:9d:a5:0d:39:e4:ce:a1:60:
cd:8e:63:70:07:63:5e:c7:08:92:17:f9:d6:6c:c4:5e:db:72:
bd:ce:0e:9a:72:75:6e:30:7d:e0:49:e3:1c:67:68:1a:33:8f:
2a:6e:0d:62:93:3a:f4:0d:c7:f6:74:ab:a6:68:ab:75:5e:8c:
69:e1:b8:be:fb:07:7a:16:a8:94:1b:11:e5:91:2a:df:d8:4a:
de:65:91:e8
-----BEGIN CERTIFICATE-----
MIIGrzCCBZegAwIBAgIEF66rGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
Y2UxMzA4ZWFkNmFkYjFkMDg1ZTdlNTkxMGEwY2IyZGU1NmFhMzJlMB4XDTIyMDYw
MzA4NDEyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjlmZmZlZTFkYTE4
NzlmZTFiZWU0ZWU4ZTZjNzJlNjQ3MjhhNTdhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1ONKFK+GbecFxTYKu0wKjEf5yhUwxRDypOMoAgPBprpj2B
GQ1zta9CA0VZWJqJv4IWPJk+ssB084EeGpvTZR9qLUf6moJlxPjK+daIjtezBkbw
YDLQaQPHo8/gPqHDoyTVOaw8WbX5zY6e5JAbbMFqo58JhQBU1EeS2ZZ4EdymjYc3
zbPzHuON73tfaOgnGVRM4kn7Owj2aMPeVPFwOheJYhQ8FYVSJIjDKJMrtnfPvvpS
SVnokfrrfQ885yPkQlxsUO65F6aFT/Y/rSZGfo53yYiYSslhn2eisHlRBS4K6zTE
E51eIWtfOLf/BPHMUNMt0SmxrXQ9wWYMVjebEvkCAwEAAaOCA8kwggPFMB0GA1Ud
DgQWBBRp//7h2hh5/hvuTujmxy5kcopXqDAfBgNVHSMEGDAWgBQM4TCOrWrbHQhe
flkQoMst5WqjLjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RPRXdqcTFxMngwSVhuNVpFS0RMTGVWcW95NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvODk5MzgwLWFkMjctNDRlYi04YzJlLWIwYmFkMThmMDJkMC8x
L2FmXy00ZG9ZZWY0YjdrN281c2N1WkhLS1Y2Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
ODk5MzgwLWFkMjctNDRlYi04YzJlLWIwYmFkMThmMDJkMC8xL0RPRXdqcTFxMngw
SVhuNVpFS0RMTGVWcW95NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
Ad0GCCsGAQUFBwEHAQH/BIIBzDCCAcgwggGgBAIAATCCAZgDBAQFLMADBAMFrJAD
BAQfwMADBAMlEfgDBAYu7EADBAM+tgADAwBNNQMEB0+KAAMEBVD0QAMEBVJ1YAMD
AFPRAwQGVQgAAwQGVR4AAwQFVesAAwQFVe7AAwQHV2CAAwQDV+xYAwQGV/FAAwQF
V/1AAwQFWFMgAwMAWIEwCwMDAlnsAwQBWewIAwQAWewLAwQAWewPMAwDBABZ7BED
BABZ7BowDAMEAFnsIwMEAFnsJjAMAwQAWewvAwQAWewwMAwDBABZ7DUDBAJZ7Dgw
DAMEAFvoOwMEAVvoPAMEA17GQAMEBV71AAMEBF71MAMEBl+bwAMEBm18gAMEBm3h
QAMEA5L3UAMEA7KE+AMEA7L78AMEArkSpAMEArk0tAMEArk6kAMEBbx4oAMEBbx6
gAMEAsNO4AMEBtUVQAMEBdWOAAMEANW5BDAMAwQB1bkGAwQA1bkKMAwDBALVuQwD
BAHVuRAwDAMEAtW5FAMEANW5FgMEANW5GAMEANW5GjAMAwQC2Ug0AwQA2Ug2MAwD
BAPZSDgDBADZSD4wIgQCAAIwHAMFACoAgoADBQAqAbcAAwUAKgIHuAMFACoCI8Aw
DQYJKoZIhvcNAQELBQADggEBAA0vFhIC6BLDFjJnlpCXCE0OpmhPP7O0me98v+YE
n48Bmd9wQepWO4kX8EGLq/JhyuuwzP8Sr/9gWU8rEd5+/yPt3phSXBcNCzVRkMHe
CIs9ZRQMC5lGlB1SU6cfR/BJA64btp4moLM17kAKeDkaWyOutLJ8Um6ZJNdiqDd5
gkBZlmvv4xJcdBqrNgBJcrfmtHxDOMKBcBoUBzWvq7bO0od5ZRCb/GhcFeVCpHCd
pQ055M6hYM2OY3AHY17HCJIX+dZsxF7bcr3ODppydW4wfeBJ4xxnaBozjypuDWKT
OvQNx/Z0q6Zoq3VejGnhuL77B3oWqJQbEeWRKt/YSt5lkeg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:49 2023 by rpki-client on console-ams.rpki-client.org