Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/H0g4TN8SUAvR6yDhm9pgkyAD4BU.roa
File: H0g4TN8SUAvR6yDhm9pgkyAD4BU.roa (raw, json)
Hash identifier: NyMpNQFMvIm/zR//OViEFlHimoIATxcpgCHYD6EVV1c=
Subject key identifier: 1F:48:38:4C:DF:12:50:0B:D1:EB:20:E1:9B:DA:60:93:20:03:E0:15
Certificate issuer: /CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Certificate serial: 01839D94A71C2B9D6FAC538103AE6C29CFA3
Authority key identifier: 4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/H0g4TN8SUAvR6yDhm9pgkyAD4BU.roa
Signing time: Mon 03 Oct 2022 11:21:48 +0000
ROA not before: Mon 03 Oct 2022 11:21:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12975
IP address blocks: 103.215.4.0/22 maxlen: 22
43.255.108.0/22 maxlen: 22
182.161.60.0/22 maxlen: 22
45.127.179.0/24 maxlen: 24
45.127.178.0/24 maxlen: 24
45.127.177.0/24 maxlen: 24
45.127.176.0/22 maxlen: 22
45.127.176.0/24 maxlen: 24
213.244.121.0/24 maxlen: 24
139.190.176.0/20 maxlen: 20
213.244.71.0/24 maxlen: 24
213.244.70.0/23 maxlen: 24
213.244.70.0/24 maxlen: 24
83.244.78.0/24 maxlen: 24
213.244.76.0/24 maxlen: 24
83.244.75.0/24 maxlen: 24
144.48.236.0/22 maxlen: 22
83.244.74.0/24 maxlen: 24
83.244.73.0/24 maxlen: 24
213.244.73.0/24 maxlen: 24
213.244.72.0/21 maxlen: 24
213.244.72.0/24 maxlen: 24
83.244.79.0/24 maxlen: 24
24.42.64.0/18 maxlen: 18
103.231.105.0/24 maxlen: 24
103.231.104.0/24 maxlen: 24
103.231.107.0/24 maxlen: 24
103.231.106.0/24 maxlen: 24
103.53.4.0/22 maxlen: 24
103.53.4.0/24 maxlen: 24
103.248.38.0/24 maxlen: 24
103.248.37.0/24 maxlen: 24
103.248.36.0/24 maxlen: 24
193.227.236.0/23 maxlen: 23
103.248.39.0/24 maxlen: 24
103.196.120.0/22 maxlen: 22
103.206.108.0/22 maxlen: 22
193.223.252.0/23 maxlen: 23
203.189.236.0/22 maxlen: 22
103.239.96.0/22 maxlen: 22
103.37.85.0/24 maxlen: 24
103.37.84.0/24 maxlen: 24
103.37.84.0/22 maxlen: 22
103.37.87.0/24 maxlen: 24
103.37.86.0/24 maxlen: 24
113.212.64.0/22 maxlen: 22
45.121.105.0/24 maxlen: 24
45.121.104.0/22 maxlen: 22
45.121.106.0/23 maxlen: 23
43.243.24.0/22 maxlen: 22
103.27.144.0/22 maxlen: 22
43.243.35.0/24 maxlen: 24
43.243.34.0/24 maxlen: 24
43.243.32.0/24 maxlen: 24
43.243.32.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9d:94:a7:1c:2b:9d:6f:ac:53:81:03:ae:6c:29:cf:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Validity
Not Before: Oct 3 11:21:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f48384cdf12500bd1eb20e19bda60932003e015
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:39:33:8b:17:33:43:b4:d5:b6:46:12:8d:ea:
42:19:3c:7d:76:ee:1e:50:1b:12:0e:4e:4b:fa:2d:
9b:ff:51:f2:2d:c6:da:99:df:95:2e:0a:56:ff:33:
cb:1a:8e:6c:1a:87:3b:4b:de:b1:c0:4d:41:fd:17:
72:12:be:30:aa:cd:46:eb:c6:f1:62:83:9e:62:ca:
fa:d2:de:54:4f:50:a0:fe:f1:75:d6:45:60:32:73:
1a:4a:16:a3:92:e1:5f:e8:6c:c6:5a:ed:e7:af:d9:
d3:24:91:af:7c:c9:de:28:12:3e:1f:d2:74:15:59:
aa:43:65:19:01:41:bf:49:ae:7b:4f:e1:41:66:9e:
40:a4:57:ab:5a:2b:17:02:51:bb:52:57:4f:5d:77:
3a:98:24:49:f3:b4:9e:b3:8b:95:3b:b9:9a:25:0f:
03:b1:66:9a:9d:9e:1b:cf:14:44:34:2c:32:0d:1f:
fb:3a:07:c5:ae:04:f9:07:e5:34:3a:53:5b:00:25:
c6:4e:ff:db:bc:cc:29:58:63:77:a3:f9:af:f2:9e:
f7:d5:59:b0:dd:36:78:77:dc:aa:dd:c1:7f:50:b2:
50:b2:2d:43:c2:fa:d0:52:35:f3:57:35:88:ce:b7:
3f:3f:f4:52:55:e7:06:16:09:da:09:20:13:6e:69:
04:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:48:38:4C:DF:12:50:0B:D1:EB:20:E1:9B:DA:60:93:20:03:E0:15
X509v3 Authority Key Identifier:
keyid:4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/H0g4TN8SUAvR6yDhm9pgkyAD4BU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.42.64.0/18
43.243.24.0/22
43.243.32.0/22
43.255.108.0/22
45.121.104.0/22
45.127.176.0/22
83.244.73.0-83.244.75.255
83.244.78.0/23
103.27.144.0/22
103.37.84.0/22
103.53.4.0/22
103.196.120.0/22
103.206.108.0/22
103.215.4.0/22
103.231.104.0/22
103.239.96.0/22
103.248.36.0/22
113.212.64.0/22
139.190.176.0/20
144.48.236.0/22
182.161.60.0/22
193.223.252.0/23
193.227.236.0/23
203.189.236.0/22
213.244.70.0-213.244.79.255
213.244.121.0/24
Signature Algorithm: sha256WithRSAEncryption
39:93:db:fa:8a:93:1b:c7:a6:54:5f:cc:f5:1c:98:db:9f:9f:
7a:46:29:9f:1d:87:19:7d:17:9b:42:2a:05:6b:89:0f:ca:44:
d2:8d:6a:d8:a2:dc:16:30:c9:7b:df:a4:2f:43:b7:ca:a1:9f:
45:29:cc:cf:b3:d2:2c:f6:ae:6d:44:2c:00:9b:07:b2:da:bf:
07:fa:37:5d:12:d4:34:21:03:9a:3f:76:f9:76:ea:31:35:a8:
1b:c0:76:81:f4:5d:4a:57:18:75:30:d5:04:34:01:4f:44:d6:
69:d0:a3:34:45:cb:c8:59:99:1d:7c:da:78:35:18:b4:70:ec:
20:b9:54:6a:e9:3b:6f:2f:3d:1e:c3:05:6d:c5:e7:a1:3d:0d:
9b:66:48:c2:af:7c:96:39:f5:f8:cd:d4:a6:0a:b5:b5:b9:ed:
49:5d:48:93:3a:ae:d9:68:bc:5a:ff:9e:f9:8c:0c:81:44:dc:
59:07:57:81:a7:93:2e:ec:a0:5a:da:6d:76:f8:b2:80:72:c2:
65:22:da:c8:f4:d9:77:25:08:a2:7a:be:6c:f7:52:67:e7:30:
23:c2:fd:5a:ca:d6:16:d0:93:4d:8b:08:3f:7c:d4:dd:44:7d:
f0:fd:04:53:09:22:d8:f0:7f:b7:95:c0:8d:3f:e8:57:c5:d3:
d6:9a:55:25
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYOdlKccK51vrFOBA65sKc+jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzdmMjdlYjQ5OTdiM2JlZjlmMjgyNjZhMzk2OTQwNTBm
ZTc0ZjkwHhcNMjIxMDAzMTEyMTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjQ4Mzg0Y2RmMTI1MDBiZDFlYjIwZTE5YmRhNjA5MzIwMDNlMDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDkzixczQ7TVtkYSjepCGTx9du4e
UBsSDk5L+i2b/1HyLcbamd+VLgpW/zPLGo5sGoc7S96xwE1B/RdyEr4wqs1G68bx
YoOeYsr60t5UT1Cg/vF11kVgMnMaShajkuFf6GzGWu3nr9nTJJGvfMneKBI+H9J0
FVmqQ2UZAUG/Sa57T+FBZp5ApFerWisXAlG7UldPXXc6mCRJ87Ses4uVO7maJQ8D
sWaanZ4bzxRENCwyDR/7OgfFrgT5B+U0OlNbACXGTv/bvMwpWGN3o/mv8p731Vmw
3TZ4d9yq3cF/ULJQsi1DwvrQUjXzVzWIzrc/P/RSVecGFgnaCSATbmkEZQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFB9IOEzfElAL0esg4ZvaYJMgA+AVMB8GA1UdIwQY
MBaAFEw38n60mXs7758oJmo5aUBQ/nT5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEt
ZWI1YTYyN2U3NmEzLzEvSDBnNFROOFNVQXZSNnlEaG05cGdreUFENEJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEtZWI1YTYyN2U3NmEz
LzEvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAYY
KkADBAIr8xgDBAIr8yADBAIr/2wDBAIteWgDBAItf7AwDAMEAFP0SQMEAlP0SAME
AVP0TgMEAmcbkAMEAmclVAMEAmc1BAMEAmfEeAMEAmfObAMEAmfXBAMEAmfnaAME
AmfvYAMEAmf4JAMEAnHUQAMEBIu+sAMEApAw7AMEArahPAMEAcHf/AMEAcHj7AME
Asu97DAMAwQB1fRGAwQE1fRAAwQA1fR5MA0GCSqGSIb3DQEBCwUAA4IBAQA5k9v6
ipMbx6ZUX8z1HJjbn596RimfHYcZfRebQioFa4kPykTSjWrYotwWMMl736QvQ7fK
oZ9FKczPs9Is9q5tRCwAmwey2r8H+jddEtQ0IQOaP3b5duoxNagbwHaB9F1KVxh1
MNUENAFPRNZp0KM0RcvIWZkdfNp4NRi0cOwguVRq6TtvLz0ewwVtxeehPQ2bZkjC
r3yWOfX4zdSmCrW1ue1JXUiTOq7ZaLxa/575jAyBRNxZB1eBp5Mu7KBa2m12+LKA
csJlItrI9Nl3JQiier5s91Jn5zAjwv1aytYW0JNNiwg/fNTdRH3w/QRTCSLY8H+3
lcCNP+hXxdPWmlUl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:09 2024 by rpki-client on console-ams.rpki-client.org