Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/SLhfTvfmtUdMMf3y14GAlweLnzA.roa
File: SLhfTvfmtUdMMf3y14GAlweLnzA.roa (raw, json)
Hash identifier: Kem/1QkY4RK5Ij3VVBUs00+SCENze0iVC2ppTsNaLKA=
Subject key identifier: 48:B8:5F:4E:F7:E6:B5:47:4C:31:FD:F2:D7:81:80:97:07:8B:9F:30
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 0987EDEC
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/SLhfTvfmtUdMMf3y14GAlweLnzA.roa
Signing time: Sat 01 Jan 2022 04:03:18 +0000
ROA not before: Sat 01 Jan 2022 04:03:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 680
IP address blocks: 192.76.245.0/24 maxlen: 24
192.76.246.0/23 maxlen: 23
192.76.241.0/24 maxlen: 24
192.76.248.0/24 maxlen: 24
192.109.177.0/24 maxlen: 24
192.35.150.0/24 maxlen: 24
192.35.150.0/23 maxlen: 23
192.35.149.0/24 maxlen: 24
192.35.151.0/24 maxlen: 24
192.35.153.0/24 maxlen: 24
129.26.0.0/16 maxlen: 16
192.76.148.0/24 maxlen: 24
129.233.128.0/18 maxlen: 18
192.88.108.0/24 maxlen: 24
212.44.192.0/19 maxlen: 19
192.102.150.0/23 maxlen: 23
192.102.152.0/23 maxlen: 23
192.102.156.0/24 maxlen: 24
192.102.158.0/23 maxlen: 23
192.102.164.0/24 maxlen: 24
192.102.161.0/24 maxlen: 24
192.102.160.0/24 maxlen: 24
192.102.162.0/23 maxlen: 23
192.102.168.0/24 maxlen: 24
192.102.167.0/24 maxlen: 24
192.102.170.0/24 maxlen: 24
192.102.169.0/24 maxlen: 24
192.102.172.0/24 maxlen: 24
192.102.175.0/24 maxlen: 24
192.102.174.0/24 maxlen: 24
192.102.176.0/23 maxlen: 23
129.233.210.0/24 maxlen: 24
129.233.224.0/20 maxlen: 20
192.44.4.0/24 maxlen: 24
192.54.34.0/23 maxlen: 23
192.44.8.0/24 maxlen: 24
192.44.5.0/24 maxlen: 24
192.44.6.0/24 maxlen: 24
192.44.15.0/24 maxlen: 24
192.44.12.0/24 maxlen: 24
192.44.23.0/24 maxlen: 24
192.44.18.0/24 maxlen: 24
192.44.20.0/23 maxlen: 23
192.44.30.0/23 maxlen: 23
192.44.29.0/24 maxlen: 24
192.44.26.0/24 maxlen: 24
192.44.25.0/24 maxlen: 24
192.44.28.0/24 maxlen: 24
192.44.36.0/24 maxlen: 24
84.246.64.0/21 maxlen: 21
192.44.38.0/23 maxlen: 23
192.44.40.0/24 maxlen: 24
2a03:db80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159903212 (0x987edec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 1 04:03:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=48b85f4ef7e6b5474c31fdf2d7818097078b9f30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:db:e9:51:16:70:af:2a:fc:d2:cd:94:3e:2b:
0c:8d:eb:7c:e5:8a:0d:94:aa:af:3f:59:67:c5:2f:
37:97:09:9d:a7:41:fb:37:06:03:1e:96:cc:54:51:
d3:18:bb:a6:cb:e7:80:c4:99:63:db:86:ab:77:e8:
36:bc:a1:57:f3:72:d6:e9:8d:7d:f3:10:ec:b8:2e:
fe:97:6b:c9:51:a1:a5:5e:d7:d1:05:71:a1:d6:43:
90:de:9d:6d:6f:54:8d:08:7c:59:a8:23:23:7d:9b:
ac:01:bf:23:68:ae:9c:a5:03:5a:00:3e:39:d0:d7:
c4:1c:1e:74:ee:0f:1a:55:62:f6:e2:76:2d:80:67:
fc:f9:42:e9:50:9e:26:a7:b5:0b:82:b7:b0:05:e6:
b3:d7:44:bf:ac:15:9f:92:95:0e:e4:31:dc:26:ad:
80:1a:e0:96:02:20:9f:98:e8:32:d7:b6:c4:c3:c0:
9a:91:be:94:37:85:81:e4:ed:32:c5:58:59:4e:c7:
aa:22:36:dd:98:23:2e:ee:d3:89:bf:75:89:89:4a:
be:ae:df:94:7e:92:43:59:27:6a:19:00:57:98:38:
53:32:a3:04:fc:cb:9b:bd:e4:b3:b4:c5:55:37:a2:
12:ce:99:e1:98:b0:e7:d8:26:bb:3a:8e:5c:4b:dd:
b8:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:B8:5F:4E:F7:E6:B5:47:4C:31:FD:F2:D7:81:80:97:07:8B:9F:30
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/SLhfTvfmtUdMMf3y14GAlweLnzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.64.0/21
129.26.0.0/16
129.233.128.0/18
129.233.210.0/24
129.233.224.0/20
192.35.149.0-192.35.151.255
192.35.153.0/24
192.44.4.0-192.44.6.255
192.44.8.0/24
192.44.12.0/24
192.44.15.0/24
192.44.18.0/24
192.44.20.0/23
192.44.23.0/24
192.44.25.0-192.44.26.255
192.44.28.0/22
192.44.36.0/24
192.44.38.0-192.44.40.255
192.54.34.0/23
192.76.148.0/24
192.76.241.0/24
192.76.245.0-192.76.248.255
192.88.108.0/24
192.102.150.0-192.102.153.255
192.102.156.0/24
192.102.158.0-192.102.164.255
192.102.167.0-192.102.170.255
192.102.172.0/24
192.102.174.0-192.102.177.255
192.109.177.0/24
212.44.192.0/19
IPv6:
2a03:db80::/32
Signature Algorithm: sha256WithRSAEncryption
68:8e:2f:22:c5:34:33:7c:83:56:b6:5a:c9:d2:8b:2b:e8:ca:
44:28:3d:27:e1:98:9e:6d:6a:ea:39:21:dc:c3:0e:a9:83:e6:
b9:51:83:15:fb:01:68:d0:60:cc:11:7a:e3:4c:ef:e2:ba:90:
00:10:0b:9b:6d:f7:64:36:3c:b7:b5:ed:28:a4:94:b0:9f:db:
32:3e:b9:9f:f2:9e:9e:cf:e9:63:6c:20:b6:e2:d7:c6:61:90:
2d:86:16:73:67:d1:cd:df:32:c1:50:db:85:f4:93:da:bf:ee:
a4:14:88:5f:4a:16:ed:c3:3c:01:17:4b:92:7a:6c:c7:3e:61:
67:c6:c9:19:d3:59:64:5e:7f:46:8b:1f:2c:29:61:b6:4d:d7:
ab:ce:90:68:95:ef:39:ea:62:82:9f:ef:fd:c9:7f:1f:47:e7:
4e:23:bf:c1:19:9c:f9:63:0f:2e:83:eb:f2:81:f0:76:17:b3:
e6:fb:28:4e:33:28:53:0b:08:68:6b:86:0f:75:94:8e:06:ad:
6f:00:39:48:18:fe:2c:0c:b3:04:02:c1:17:cf:d6:43:2f:4f:
d6:eb:bf:0d:7a:3a:18:26:64:9a:ca:3d:b7:30:40:e5:7c:69:
e2:c0:51:5a:b1:4c:5c:22:97:86:f4:c6:d3:7a:81:d0:0e:15:
e7:0b:1e:61
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgIECYft7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NmE3NTgyNmU5OTEyMjVhNDI5ZmY4YTFlN2ZmZGM4MDQ2NjQyMGRmMB4XDTIyMDEw
MTA0MDMxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDhiODVmNGVmN2U2
YjU0NzRjMzFmZGYyZDc4MTgwOTcwNzhiOWYzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM3b6VEWcK8q/NLNlD4rDI3rfOWKDZSqrz9ZZ8UvN5cJnadB
+zcGAx6WzFRR0xi7psvngMSZY9uGq3foNryhV/Ny1umNffMQ7Lgu/pdryVGhpV7X
0QVxodZDkN6dbW9UjQh8WagjI32brAG/I2iunKUDWgA+OdDXxBwedO4PGlVi9uJ2
LYBn/PlC6VCeJqe1C4K3sAXms9dEv6wVn5KVDuQx3CatgBrglgIgn5joMte2xMPA
mpG+lDeFgeTtMsVYWU7HqiI23ZgjLu7Tib91iYlKvq7flH6SQ1knahkAV5g4UzKj
BPzLm73ks7TFVTeiEs6Z4Ziw59gmuzqOXEvduEsCAwEAAaOCAx0wggMZMB0GA1Ud
DgQWBBRIuF9O9+a1R0wx/fLXgYCXB4ufMDAfBgNVHSMEGDAWgBR2p1gm6ZEiWkKf
+KHn/9yARmQg3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RxZFlKdW1SSWxwQ25faWg1X19jZ0Vaa0lOOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvMWQzM2NhLThkMWMtNDljMC1iZTk3LWFkOGZiZWFhOGRkOS8x
L1NMaGZUdmZtdFVkTU1mM3kxNEdBbHdlTG56QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
MWQzM2NhLThkMWMtNDljMC1iZTk3LWFkOGZiZWFhOGRkOS8xL2RxZFlKdW1SSWxw
Q25faWg1X19jZ0Vaa0lOOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
ATEGCCsGAQUFBwEHAQH/BIIBIDCCARwwggEJBAIAATCCAQEDBANU9kADAwCBGgME
BoHpgAMEAIHp0gMEBIHp4DAMAwQAwCOVAwQDwCOQAwQAwCOZMAwDBALALAQDBADA
LAYDBADALAgDBADALAwDBADALA8DBADALBIDBAHALBQDBADALBcwDAMEAMAsGQME
AMAsGgMEAsAsHAMEAMAsJDAMAwQBwCwmAwQAwCwoAwQBwDYiAwQAwEyUAwQAwEzx
MAwDBADATPUDBADATPgDBADAWGwwDAMEAcBmlgMEAcBmmAMEAMBmnDAMAwQBwGae
AwQAwGakMAwDBADAZqcDBADAZqoDBADAZqwwDAMEAcBmrgMEAcBmsAMEAMBtsQME
BdQswDANBAIAAjAHAwUAKgPbgDANBgkqhkiG9w0BAQsFAAOCAQEAaI4vIsU0M3yD
VrZaydKLK+jKRCg9J+GYnm1q6jkh3MMOqYPmuVGDFfsBaNBgzBF640zv4rqQABAL
m233ZDY8t7XtKKSUsJ/bMj65n/Kens/pY2wgtuLXxmGQLYYWc2fRzd8ywVDbhfST
2r/upBSIX0oW7cM8ARdLknpsxz5hZ8bJGdNZZF5/RosfLClhtk3Xq86QaJXvOepi
gp/v/cl/H0fnTiO/wRmc+WMPLoPr8oHwdhez5vsoTjMoUwsIaGuGD3WUjgatbwA5
SBj+LAyzBALBF8/WQy9P1uu/DXo6GCZkmso9tzBA5Xxp4sBRWrFMXCKXhvTG03qB
0A4V5wseYQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:31 2023 by rpki-client on console-fra.rpki-client.org