Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/CZtvM1cddD-JI8H-LR7zm62-Hx4.roa
File: CZtvM1cddD-JI8H-LR7zm62-Hx4.roa (raw, json)
Hash identifier: INPT+zwSBi32E4o4fp5+lUkLrGfhbKmrybeupMvJTEg=
Subject key identifier: 09:9B:6F:33:57:1D:74:3F:89:23:C1:FE:2D:1E:F3:9B:AD:BE:1F:1E
Certificate issuer: /CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Certificate serial: 018244106C6172E5AEB7B897A846C25A4755
Authority key identifier: 4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/CZtvM1cddD-JI8H-LR7zm62-Hx4.roa
Signing time: Thu 28 Jul 2022 09:08:23 +0000
ROA not before: Thu 28 Jul 2022 09:08:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12975
IP address blocks: 213.244.121.0/24 maxlen: 24
103.215.4.0/22 maxlen: 22
103.196.120.0/22 maxlen: 22
139.190.176.0/20 maxlen: 20
213.244.71.0/24 maxlen: 24
213.244.70.0/23 maxlen: 24
213.244.70.0/24 maxlen: 24
83.244.78.0/24 maxlen: 24
213.244.76.0/24 maxlen: 24
83.244.75.0/24 maxlen: 24
83.244.74.0/24 maxlen: 24
213.244.73.0/24 maxlen: 24
83.244.73.0/24 maxlen: 24
213.244.72.0/21 maxlen: 24
213.244.72.0/24 maxlen: 24
83.244.79.0/24 maxlen: 24
103.206.108.0/22 maxlen: 22
24.42.64.0/18 maxlen: 18
103.53.4.0/22 maxlen: 22
45.127.179.0/24 maxlen: 24
45.127.178.0/24 maxlen: 24
45.127.177.0/24 maxlen: 24
45.127.176.0/22 maxlen: 22
45.127.176.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:44:10:6c:61:72:e5:ae:b7:b8:97:a8:46:c2:5a:47:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Validity
Not Before: Jul 28 09:08:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=099b6f33571d743f8923c1fe2d1ef39badbe1f1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:90:40:4c:3d:94:9e:10:a5:4d:d4:f1:e9:32:
05:52:7b:67:1a:89:80:fa:e8:37:20:d9:d8:0d:60:
ac:73:a9:ad:08:6a:1d:05:e3:c0:f8:2f:25:ef:51:
08:26:37:a7:79:2a:b0:8a:e8:f4:86:94:97:de:00:
1a:f2:14:d0:1a:67:24:4a:27:c3:a5:85:3b:48:2d:
81:30:86:bd:1c:b6:b2:95:46:be:ee:7d:5a:4f:53:
77:d6:93:01:74:9e:ca:a0:f7:9c:5b:d7:09:9d:05:
f1:d7:3b:7e:69:a2:db:d7:76:0f:81:27:c6:5f:4c:
f8:98:31:c9:e3:ae:2e:83:87:f0:53:b6:ad:38:26:
89:f6:32:79:24:47:30:57:94:7f:42:13:5f:ef:71:
f8:66:ed:a6:44:00:23:18:2e:ac:aa:78:65:24:65:
1c:3c:86:c8:59:6d:26:e3:25:9f:2d:f5:85:4d:91:
6c:47:95:b9:3d:c5:bd:f9:94:d7:d3:84:8f:5b:5e:
55:f3:2e:ce:f1:58:13:70:89:67:1a:ea:26:b9:41:
42:99:aa:47:51:3e:17:d7:3c:24:68:0e:50:25:50:
3f:66:a8:b6:ff:e4:5f:0e:4b:c5:c3:e9:da:60:96:
d0:01:53:f3:c7:67:8f:ec:e3:54:f0:97:23:45:9f:
f9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:9B:6F:33:57:1D:74:3F:89:23:C1:FE:2D:1E:F3:9B:AD:BE:1F:1E
X509v3 Authority Key Identifier:
keyid:4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/CZtvM1cddD-JI8H-LR7zm62-Hx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.42.64.0/18
45.127.176.0/22
83.244.73.0-83.244.75.255
83.244.78.0/23
103.53.4.0/22
103.196.120.0/22
103.206.108.0/22
103.215.4.0/22
139.190.176.0/20
213.244.70.0-213.244.79.255
213.244.121.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:92:b2:68:df:f7:f9:bb:25:55:c2:d4:45:57:65:c4:82:83:
cb:e4:be:53:3d:6a:1d:ac:b9:f3:73:83:cf:d3:a4:f8:b4:ec:
55:b9:2b:41:4f:cd:cf:43:6f:bc:78:12:19:fc:e8:e9:f3:2a:
5a:66:e1:ff:77:1c:93:9c:e0:51:41:85:a3:9f:c7:3e:6b:c9:
99:f6:09:5a:57:9b:fa:84:e7:8e:89:27:5e:dd:a2:4e:8e:15:
a0:50:22:18:bf:2f:e5:20:fc:51:18:45:cf:67:41:cc:af:e1:
bb:e7:e2:9a:4d:a3:7a:76:b6:89:3b:5b:fb:e6:1b:16:98:ec:
e3:3c:ce:49:09:e1:1a:c1:e9:8b:f0:25:52:fe:3a:1a:3d:ab:
17:97:7f:31:6e:62:dd:ad:4d:6e:91:5e:cf:52:99:d4:dc:ac:
6b:4a:0d:06:39:46:d5:c8:21:cd:c0:d3:0f:f8:8b:00:64:ad:
c7:03:9e:a2:5c:e9:cc:12:f4:9e:76:27:00:a2:c7:11:e4:5f:
80:25:ea:a3:fb:ff:5e:43:2a:8c:6f:32:74:7c:16:7b:29:57:
a1:aa:2e:af:33:8c:fb:a4:77:d9:de:b2:18:7d:0e:0f:34:07:
b0:c2:3a:de:ca:dc:8e:9a:42:ce:e4:31:e2:a1:0d:93:c1:03:
75:71:78:71
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYJEEGxhcuWut7iXqEbCWkdVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzdmMjdlYjQ5OTdiM2JlZjlmMjgyNjZhMzk2OTQwNTBm
ZTc0ZjkwHhcNMjIwNzI4MDkwODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTliNmYzMzU3MWQ3NDNmODkyM2MxZmUyZDFlZjM5YmFkYmUxZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZBATD2UnhClTdTx6TIFUntnGomA
+ug3INnYDWCsc6mtCGodBePA+C8l71EIJjeneSqwiuj0hpSX3gAa8hTQGmckSifD
pYU7SC2BMIa9HLaylUa+7n1aT1N31pMBdJ7KoPecW9cJnQXx1zt+aaLb13YPgSfG
X0z4mDHJ464ug4fwU7atOCaJ9jJ5JEcwV5R/QhNf73H4Zu2mRAAjGC6sqnhlJGUc
PIbIWW0m4yWfLfWFTZFsR5W5PcW9+ZTX04SPW15V8y7O8VgTcIlnGuomuUFCmapH
UT4X1zwkaA5QJVA/Zqi2/+RfDkvFw+naYJbQAVPzx2eP7ONU8JcjRZ/5wwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFAmbbzNXHXQ/iSPB/i0e85utvh8eMB8GA1UdIwQY
MBaAFEw38n60mXs7758oJmo5aUBQ/nT5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEt
ZWI1YTYyN2U3NmEzLzEvQ1p0dk0xY2RkRC1KSThILUxSN3ptNjItSHg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEtZWI1YTYyN2U3NmEz
LzEvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQGGCpAAwQC
LX+wMAwDBABT9EkDBAJT9EgDBAFT9E4DBAJnNQQDBAJnxHgDBAJnzmwDBAJn1wQD
BASLvrAwDAMEAdX0RgMEBNX0QAMEANX0eTANBgkqhkiG9w0BAQsFAAOCAQEATZKy
aN/3+bslVcLURVdlxIKDy+S+Uz1qHay583ODz9Ok+LTsVbkrQU/Nz0NvvHgSGfzo
6fMqWmbh/3cck5zgUUGFo5/HPmvJmfYJWleb+oTnjoknXt2iTo4VoFAiGL8v5SD8
URhFz2dBzK/hu+fimk2jena2iTtb++YbFpjs4zzOSQnhGsHpi/AlUv46Gj2rF5d/
MW5i3a1NbpFez1KZ1Nysa0oNBjlG1cghzcDTD/iLAGStxwOeolzpzBL0nnYnAKLH
EeRfgCXqo/v/XkMqjG8ydHwWeylXoaourzOM+6R32d6yGH0ODzQHsMI63srcjppC
zuQx4qENk8EDdXF4cQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:09 2024 by rpki-client on console-ams.rpki-client.org