Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/A5dJB9SmctFm3HbONnb9ZWz6m_s.roa
File: A5dJB9SmctFm3HbONnb9ZWz6m_s.roa (raw, json)
Hash identifier: ljJm8wMYpHYsCP5QCCV9+FGWuiDaMD2f0U8tvKXlZpc=
Subject key identifier: 03:97:49:07:D4:A6:72:D1:66:DC:76:CE:36:76:FD:65:6C:FA:9B:FB
Certificate issuer: /CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Certificate serial: 0183DF773AC36F09B86445646F755B17B170
Authority key identifier: 4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/A5dJB9SmctFm3HbONnb9ZWz6m_s.roa
Signing time: Sun 16 Oct 2022 06:24:36 +0000
ROA not before: Sun 16 Oct 2022 06:24:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12975
IP address blocks: 103.215.4.0/22 maxlen: 22
43.255.108.0/22 maxlen: 22
182.161.60.0/22 maxlen: 22
1.178.112.0/20 maxlen: 20
1.178.128.0/20 maxlen: 20
45.127.179.0/24 maxlen: 24
45.127.178.0/24 maxlen: 24
45.127.177.0/24 maxlen: 24
45.127.176.0/22 maxlen: 22
45.127.176.0/24 maxlen: 24
213.244.121.0/24 maxlen: 24
139.190.176.0/20 maxlen: 20
37.75.211.0/24 maxlen: 24
37.75.208.0/21 maxlen: 21
213.244.71.0/24 maxlen: 24
213.244.70.0/23 maxlen: 24
213.244.70.0/24 maxlen: 24
83.244.78.0/24 maxlen: 24
213.244.76.0/24 maxlen: 24
144.48.236.0/22 maxlen: 22
83.244.75.0/24 maxlen: 24
83.244.74.0/24 maxlen: 24
213.244.73.0/24 maxlen: 24
83.244.73.0/24 maxlen: 24
213.244.72.0/21 maxlen: 24
213.244.72.0/24 maxlen: 24
83.244.79.0/24 maxlen: 24
24.42.64.0/18 maxlen: 18
103.231.105.0/24 maxlen: 24
103.231.104.0/24 maxlen: 24
103.231.107.0/24 maxlen: 24
103.231.106.0/24 maxlen: 24
43.241.159.0/24 maxlen: 24
43.241.158.0/24 maxlen: 24
43.241.157.0/24 maxlen: 24
43.241.156.0/22 maxlen: 22
43.241.156.0/24 maxlen: 24
103.53.4.0/24 maxlen: 24
103.53.4.0/22 maxlen: 24
103.248.38.0/24 maxlen: 24
103.248.37.0/24 maxlen: 24
103.248.36.0/24 maxlen: 24
193.227.236.0/23 maxlen: 23
45.113.111.0/24 maxlen: 24
45.113.110.0/24 maxlen: 24
45.113.109.0/24 maxlen: 24
45.113.108.0/22 maxlen: 22
45.113.108.0/24 maxlen: 24
103.248.39.0/24 maxlen: 24
5.11.40.0/21 maxlen: 21
5.11.47.0/24 maxlen: 24
5.11.46.0/24 maxlen: 24
103.196.120.0/22 maxlen: 22
43.243.95.0/24 maxlen: 24
43.243.94.0/24 maxlen: 24
43.243.93.0/24 maxlen: 24
43.243.92.0/24 maxlen: 24
43.243.92.0/22 maxlen: 22
103.206.108.0/22 maxlen: 22
103.193.132.0/22 maxlen: 22
193.223.252.0/23 maxlen: 23
203.189.236.0/22 maxlen: 22
103.239.96.0/22 maxlen: 22
103.37.85.0/24 maxlen: 24
103.37.84.0/24 maxlen: 24
103.37.84.0/22 maxlen: 22
103.37.87.0/24 maxlen: 24
103.37.86.0/24 maxlen: 24
113.212.64.0/22 maxlen: 22
45.121.105.0/24 maxlen: 24
45.121.104.0/22 maxlen: 22
45.121.106.0/23 maxlen: 23
1.179.40.0/21 maxlen: 21
103.206.36.0/22 maxlen: 22
1.179.72.0/21 maxlen: 21
1.179.88.0/21 maxlen: 21
43.243.24.0/22 maxlen: 22
103.27.144.0/22 maxlen: 22
43.243.35.0/24 maxlen: 24
43.243.34.0/24 maxlen: 24
43.243.32.0/24 maxlen: 24
43.243.32.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:df:77:3a:c3:6f:09:b8:64:45:64:6f:75:5b:17:b1:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Validity
Not Before: Oct 16 06:24:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=03974907d4a672d166dc76ce3676fd656cfa9bfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:34:34:a8:dc:a1:80:6c:84:14:1f:d9:73:00:
be:07:f4:b8:08:04:68:05:60:07:e7:9b:87:44:63:
9c:f2:a2:c0:a7:ce:8e:0f:4e:ce:ad:ad:a9:52:24:
cb:5a:d7:8c:c9:78:17:04:b3:10:89:a3:b4:59:1e:
e1:bb:47:0f:30:4f:6f:31:75:70:6d:b5:50:57:1d:
74:a3:4e:26:6c:a9:e3:90:97:4d:ef:cc:65:a7:24:
20:c9:15:fb:d4:32:06:52:a4:12:80:14:3c:c7:83:
9d:b4:cf:80:79:f3:32:cd:57:6b:55:ef:22:4d:6c:
a1:fd:3b:6d:4e:13:c1:41:f6:16:55:a7:3c:b3:25:
29:ed:fc:95:d1:c4:3e:c7:f5:ab:46:9d:d4:58:38:
ee:ac:74:f6:84:28:19:24:ab:fe:ed:0a:54:7e:54:
d7:15:43:55:05:f6:e2:bc:3a:ea:aa:47:fb:c4:dd:
19:65:bc:3c:c3:6e:19:f5:9a:04:2b:d2:be:06:bc:
3a:f5:6d:46:25:30:17:eb:f8:b8:56:d3:23:3f:c8:
eb:25:b3:46:47:bd:a3:02:b1:b8:5b:0c:11:23:89:
b6:54:04:11:75:14:8f:fb:5d:64:35:04:ec:50:81:
87:05:b6:fc:04:25:0c:b7:23:d9:03:f0:cc:50:69:
2e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:97:49:07:D4:A6:72:D1:66:DC:76:CE:36:76:FD:65:6C:FA:9B:FB
X509v3 Authority Key Identifier:
keyid:4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/A5dJB9SmctFm3HbONnb9ZWz6m_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
1.178.112.0-1.178.143.255
1.179.40.0/21
1.179.72.0/21
1.179.88.0/21
5.11.40.0/21
24.42.64.0/18
37.75.208.0/21
43.241.156.0/22
43.243.24.0/22
43.243.32.0/22
43.243.92.0/22
43.255.108.0/22
45.113.108.0/22
45.121.104.0/22
45.127.176.0/22
83.244.73.0-83.244.75.255
83.244.78.0/23
103.27.144.0/22
103.37.84.0/22
103.53.4.0/22
103.193.132.0/22
103.196.120.0/22
103.206.36.0/22
103.206.108.0/22
103.215.4.0/22
103.231.104.0/22
103.239.96.0/22
103.248.36.0/22
113.212.64.0/22
139.190.176.0/20
144.48.236.0/22
182.161.60.0/22
193.223.252.0/23
193.227.236.0/23
203.189.236.0/22
213.244.70.0-213.244.79.255
213.244.121.0/24
Signature Algorithm: sha256WithRSAEncryption
16:09:ff:7b:37:37:3e:ac:45:d0:b0:dc:6a:4a:a6:a7:b5:be:
8a:6d:4d:94:19:1d:55:4a:11:50:a2:fe:4d:a9:cb:47:0f:72:
79:1b:52:12:5c:3c:ca:f4:d4:16:15:5b:f7:dd:e4:20:f4:ad:
02:1c:8f:36:d7:02:d8:19:9c:97:c1:28:76:e9:81:b8:ca:04:
74:64:48:d0:5b:f9:66:9a:b9:f2:09:cb:84:d5:e2:90:34:1b:
fe:0f:df:87:9a:ac:eb:e8:5a:a0:e7:6f:25:7a:be:1b:c8:88:
8c:ac:70:f9:94:4b:82:bb:80:f2:5e:be:ef:4f:fa:38:b1:02:
32:db:9b:bb:66:72:09:41:67:0f:8e:45:65:14:62:3e:17:a8:
ea:7c:96:cf:fb:6f:73:76:fc:81:e4:00:db:17:20:57:fc:60:
75:c1:6f:41:0e:91:07:55:5e:96:23:9e:35:39:44:97:f3:bf:
67:9b:4d:99:2f:45:b3:4d:9c:92:f4:c6:09:97:92:13:29:eb:
6e:43:f9:b8:92:d8:10:ea:bc:d7:01:7c:e1:3c:6c:15:04:9f:
17:b3:1c:66:11:bb:1c:86:e1:db:46:0f:14:0e:dc:fc:ea:fb:
af:5d:a9:8e:dc:20:a9:c7:49:12:92:f3:73:0a:28:6f:5f:9a:
aa:b2:f2:e3
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgISAYPfdzrDbwm4ZEVkb3VbF7FwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzdmMjdlYjQ5OTdiM2JlZjlmMjgyNjZhMzk2OTQwNTBm
ZTc0ZjkwHhcNMjIxMDE2MDYyNDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzk3NDkwN2Q0YTY3MmQxNjZkYzc2Y2UzNjc2ZmQ2NTZjZmE5YmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DQ0qNyhgGyEFB/ZcwC+B/S4CARo
BWAH55uHRGOc8qLAp86OD07Ora2pUiTLWteMyXgXBLMQiaO0WR7hu0cPME9vMXVw
bbVQVx10o04mbKnjkJdN78xlpyQgyRX71DIGUqQSgBQ8x4OdtM+AefMyzVdrVe8i
TWyh/TttThPBQfYWVac8syUp7fyV0cQ+x/WrRp3UWDjurHT2hCgZJKv+7QpUflTX
FUNVBfbivDrqqkf7xN0ZZbw8w24Z9ZoEK9K+Brw69W1GJTAX6/i4VtMjP8jrJbNG
R72jArG4WwwRI4m2VAQRdRSP+11kNQTsUIGHBbb8BCUMtyPZA/DMUGkuZQIDAQAB
o4IDATCCAv0wHQYDVR0OBBYEFAOXSQfUpnLRZtx2zjZ2/WVs+pv7MB8GA1UdIwQY
MBaAFEw38n60mXs7758oJmo5aUBQ/nT5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEt
ZWI1YTYyN2U3NmEzLzEvQTVkSkI5U21jdEZtM0hiT05uYjlaV3o2bV9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEtZWI1YTYyN2U3NmEz
LzEvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFQYIKwYBBQUHAQcBAf8EggEEMIIBADCB/QQCAAEwgfYw
DAMEBAGycAMEBAGygAMEAwGzKAMEAwGzSAMEAwGzWAMEAwULKAMEBhgqQAMEAyVL
0AMEAivxnAMEAivzGAMEAivzIAMEAivzXAMEAiv/bAMEAi1xbAMEAi15aAMEAi1/
sDAMAwQAU/RJAwQCU/RIAwQBU/ROAwQCZxuQAwQCZyVUAwQCZzUEAwQCZ8GEAwQC
Z8R4AwQCZ84kAwQCZ85sAwQCZ9cEAwQCZ+doAwQCZ+9gAwQCZ/gkAwQCcdRAAwQE
i76wAwQCkDDsAwQCtqE8AwQBwd/8AwQBwePsAwQCy73sMAwDBAHV9EYDBATV9EAD
BADV9HkwDQYJKoZIhvcNAQELBQADggEBABYJ/3s3Nz6sRdCw3GpKpqe1voptTZQZ
HVVKEVCi/k2py0cPcnkbUhJcPMr01BYVW/fd5CD0rQIcjzbXAtgZnJfBKHbpgbjK
BHRkSNBb+WaaufIJy4TV4pA0G/4P34earOvoWqDnbyV6vhvIiIyscPmUS4K7gPJe
vu9P+jixAjLbm7tmcglBZw+ORWUUYj4XqOp8ls/7b3N2/IHkANsXIFf8YHXBb0EO
kQdVXpYjnjU5RJfzv2ebTZkvRbNNnJL0xgmXkhMp625D+biS2BDqvNcBfOE8bBUE
nxezHGYRuxyG4dtGDxQO3Pzq+69dqY7cIKnHSRKS83MKKG9fmqqy8uM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:44 2023 by rpki-client on console-ams.rpki-client.org