Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/IdFvgQ1XTppxjlXhf1PsPzeQSNQ.roa
File: IdFvgQ1XTppxjlXhf1PsPzeQSNQ.roa (raw, json)
Hash identifier: ijTCFtIzILZ+3kh9E+F4xBkepzgVScDRwniUpeyOiY4=
Subject key identifier: 21:D1:6F:81:0D:57:4E:9A:71:8E:55:E1:7F:53:EC:3F:37:90:48:D4
Certificate issuer: /CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Certificate serial: 01841890FD2135ECA181E45C42AA23F67383
Authority key identifier: 4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/IdFvgQ1XTppxjlXhf1PsPzeQSNQ.roa
Signing time: Thu 27 Oct 2022 08:31:05 +0000
ROA not before: Thu 27 Oct 2022 08:31:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19905
IP address blocks: 203.28.19.0/24 maxlen: 24
43.243.94.0/24 maxlen: 24
213.6.0.0/16 maxlen: 24
83.244.0.0/17 maxlen: 24
188.161.104.0/24 maxlen: 24
188.161.105.0/24 maxlen: 24
212.14.224.0/19 maxlen: 24
188.161.106.0/24 maxlen: 24
188.161.107.0/24 maxlen: 24
188.161.108.0/24 maxlen: 24
188.161.109.0/24 maxlen: 24
188.161.110.0/24 maxlen: 24
188.161.111.0/24 maxlen: 24
213.244.117.0/24 maxlen: 24
213.244.115.0/24 maxlen: 24
213.244.116.0/24 maxlen: 24
213.244.121.0/24 maxlen: 24
213.244.122.0/24 maxlen: 24
213.244.70.0/24 maxlen: 24
213.244.71.0/24 maxlen: 24
213.244.70.0/23 maxlen: 24
213.244.64.0/18 maxlen: 24
213.244.76.0/24 maxlen: 24
213.244.72.0/24 maxlen: 24
213.244.73.0/24 maxlen: 24
213.244.72.0/21 maxlen: 24
45.121.104.0/24 maxlen: 24
45.121.106.0/24 maxlen: 24
45.121.107.0/24 maxlen: 24
77.91.148.0/22 maxlen: 24
158.140.116.0/22 maxlen: 22
195.123.162.0/24 maxlen: 24
195.123.161.0/24 maxlen: 24
195.123.163.0/24 maxlen: 24
195.123.160.0/24 maxlen: 24
195.123.164.0/24 maxlen: 24
195.123.165.0/24 maxlen: 24
195.123.166.0/24 maxlen: 24
158.140.120.0/22 maxlen: 22
158.140.124.0/22 maxlen: 22
195.123.167.0/24 maxlen: 24
43.241.156.0/22 maxlen: 22
195.123.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:18:90:fd:21:35:ec:a1:81:e4:5c:42:aa:23:f6:73:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Validity
Not Before: Oct 27 08:31:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21d16f810d574e9a718e55e17f53ec3f379048d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fc:e0:52:16:b9:a4:53:04:45:1a:41:5f:42:
6f:f5:46:d8:af:bf:fe:38:e7:11:bc:69:3e:80:2f:
fa:1c:0b:f4:1c:d3:1f:28:c1:29:86:7d:2d:28:84:
a7:fc:5c:8b:68:d0:cb:d3:33:41:fc:c4:17:3f:6d:
82:21:a4:29:0e:f8:cf:2d:0b:fa:47:68:c9:28:da:
b4:5e:10:09:24:64:0b:98:50:82:a8:e6:80:a6:13:
5f:36:be:83:da:78:a7:d5:54:ec:8f:fb:d8:67:01:
30:fd:52:95:f7:7f:e4:36:9d:74:e7:f3:e0:aa:d4:
82:3e:8d:cf:6a:5f:aa:89:65:f2:c2:90:6f:c8:dc:
0f:17:a6:77:be:9c:4e:de:2d:f9:f9:f4:3e:12:c2:
cc:7f:8a:0f:32:44:56:a0:31:a5:8d:d6:77:1c:99:
06:5b:98:b3:7d:e4:92:b2:90:70:ea:6c:65:c7:04:
a5:e6:84:19:84:b1:c5:5f:ff:8b:47:43:ac:8b:5e:
2f:ea:97:66:13:fc:3e:bb:15:10:bc:0b:ef:46:ae:
82:b6:d8:b7:c2:3d:06:40:13:5e:f0:e0:2a:75:36:
e8:80:d3:b2:3c:12:2a:23:6f:26:96:73:3d:d2:9b:
0c:ef:80:c9:5b:90:52:37:a1:8c:b9:42:44:3f:8f:
d3:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:D1:6F:81:0D:57:4E:9A:71:8E:55:E1:7F:53:EC:3F:37:90:48:D4
X509v3 Authority Key Identifier:
keyid:4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/IdFvgQ1XTppxjlXhf1PsPzeQSNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.241.156.0/22
43.243.94.0/24
45.121.104.0/24
45.121.106.0/23
77.91.148.0/22
83.244.0.0/17
158.140.116.0-158.140.127.255
188.161.104.0/21
195.123.119.0/24
195.123.160.0/21
203.28.19.0/24
212.14.224.0/19
213.6.0.0/16
213.244.64.0/18
Signature Algorithm: sha256WithRSAEncryption
23:81:67:51:4a:f6:14:a9:4e:e7:84:8e:59:ca:db:46:66:f0:
b1:d6:70:bd:e2:7d:9a:a3:26:32:17:42:74:89:e9:e6:78:d3:
41:f4:fc:b0:03:91:2d:61:c8:70:66:af:e9:d4:1f:93:ce:8f:
84:a1:7a:7d:88:d1:75:89:c8:7d:37:c8:54:f0:94:e9:3d:f5:
75:77:a7:8f:28:f5:08:bb:11:f1:38:e5:2e:36:dd:35:63:f3:
af:91:b9:00:78:54:02:a1:6e:5e:3f:c3:e6:1b:f8:7f:47:4f:
f9:82:43:ec:28:68:62:b2:b3:af:05:7f:87:4c:14:9a:0a:1e:
17:80:28:42:d9:c3:c3:66:d0:46:45:95:9f:6c:69:af:11:7d:
0c:91:25:c5:9e:e5:ed:bf:85:d4:9f:27:21:c7:9f:35:57:7a:
f2:97:5c:94:45:69:1a:8d:ac:ab:13:6e:2f:d1:7b:b3:34:7f:
dc:bc:cb:6a:08:7a:29:8b:e8:31:b4:d4:66:d7:1b:a6:6f:e1:
1e:9d:ec:c7:90:31:c3:37:d0:73:92:ed:60:4c:8d:a8:4b:08:
d6:5e:79:d3:8d:84:c3:9a:6f:d1:6b:95:fa:1a:ed:ec:58:60:
fe:65:71:3a:03:c0:e4:5e:f2:30:f7:5f:f6:68:6c:47:14:5d:
9d:21:75:e3
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYQYkP0hNeyhgeRcQqoj9nODMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzdmMjdlYjQ5OTdiM2JlZjlmMjgyNjZhMzk2OTQwNTBm
ZTc0ZjkwHhcNMjIxMDI3MDgzMTA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWQxNmY4MTBkNTc0ZTlhNzE4ZTU1ZTE3ZjUzZWMzZjM3OTA0OGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfzgUha5pFMERRpBX0Jv9UbYr7/+
OOcRvGk+gC/6HAv0HNMfKMEphn0tKISn/FyLaNDL0zNB/MQXP22CIaQpDvjPLQv6
R2jJKNq0XhAJJGQLmFCCqOaAphNfNr6D2nin1VTsj/vYZwEw/VKV93/kNp105/Pg
qtSCPo3Pal+qiWXywpBvyNwPF6Z3vpxO3i35+fQ+EsLMf4oPMkRWoDGljdZ3HJkG
W5izfeSSspBw6mxlxwSl5oQZhLHFX/+LR0Osi14v6pdmE/w+uxUQvAvvRq6Ctti3
wj0GQBNe8OAqdTbogNOyPBIqI28mlnM90psM74DJW5BSN6GMuUJEP4/TewIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFCHRb4ENV06acY5V4X9T7D83kEjUMB8GA1UdIwQY
MBaAFEw38n60mXs7758oJmo5aUBQ/nT5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEt
ZWI1YTYyN2U3NmEzLzEvSWRGdmdRMVhUcHB4amxYaGYxUHNQemVRU05RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEtZWI1YTYyN2U3NmEz
LzEvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBhBAIAATBbAwQCK/GcAwQA
K/NeAwQALXloAwQBLXlqAwQCTVuUAwQHU/QAMAwDBAKejHQDBAeejAADBAO8oWgD
BADDe3cDBAPDe6ADBADLHBMDBAXUDuADAwDVBgMEBtX0QDANBgkqhkiG9w0BAQsF
AAOCAQEAI4FnUUr2FKlO54SOWcrbRmbwsdZwveJ9mqMmMhdCdInp5njTQfT8sAOR
LWHIcGav6dQfk86PhKF6fYjRdYnIfTfIVPCU6T31dXenjyj1CLsR8TjlLjbdNWPz
r5G5AHhUAqFuXj/D5hv4f0dP+YJD7ChoYrKzrwV/h0wUmgoeF4AoQtnDw2bQRkWV
n2xprxF9DJElxZ7l7b+F1J8nIcefNVd68pdclEVpGo2sqxNuL9F7szR/3LzLagh6
KYvoMbTUZtcbpm/hHp3sx5AxwzfQc5LtYEyNqEsI1l55042Ew5pv0WuV+hrt7Fhg
/mVxOgPA5F7yMPdf9mhsRxRdnSF14w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:09 2024 by rpki-client on console-ams.rpki-client.org