Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/Ms7uDdUuuaUwvXqjMXaa2N5qXxw.roa
File: Ms7uDdUuuaUwvXqjMXaa2N5qXxw.roa (raw, json)
Hash identifier: vQOpashj1AC/r08fSEXaLMFgeCWgALzuXipW6V+OD60=
Subject key identifier: 32:CE:EE:0D:D5:2E:B9:A5:30:BD:7A:A3:31:76:9A:D8:DE:6A:5F:1C
Certificate issuer: /CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Certificate serial: 0182BF016BA599960BFC53D0B3DA38C593C3
Authority key identifier: 4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/Ms7uDdUuuaUwvXqjMXaa2N5qXxw.roa
Signing time: Sun 21 Aug 2022 06:05:17 +0000
ROA not before: Sun 21 Aug 2022 06:05:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12975
IP address blocks: 103.215.4.0/22 maxlen: 22
43.255.108.0/22 maxlen: 22
45.127.179.0/24 maxlen: 24
45.127.178.0/24 maxlen: 24
45.127.177.0/24 maxlen: 24
45.127.176.0/22 maxlen: 22
45.127.176.0/24 maxlen: 24
213.244.121.0/24 maxlen: 24
139.190.176.0/20 maxlen: 20
213.244.71.0/24 maxlen: 24
213.244.70.0/23 maxlen: 24
213.244.70.0/24 maxlen: 24
83.244.78.0/24 maxlen: 24
213.244.76.0/24 maxlen: 24
83.244.75.0/24 maxlen: 24
83.244.74.0/24 maxlen: 24
213.244.73.0/24 maxlen: 24
83.244.73.0/24 maxlen: 24
213.244.72.0/21 maxlen: 24
213.244.72.0/24 maxlen: 24
83.244.79.0/24 maxlen: 24
24.42.64.0/18 maxlen: 18
103.231.105.0/24 maxlen: 24
103.231.104.0/24 maxlen: 24
103.231.107.0/24 maxlen: 24
103.231.106.0/24 maxlen: 24
103.53.4.0/24 maxlen: 24
103.53.4.0/22 maxlen: 24
103.248.38.0/24 maxlen: 24
103.248.37.0/24 maxlen: 24
103.248.36.0/24 maxlen: 24
103.248.39.0/24 maxlen: 24
103.196.120.0/22 maxlen: 22
103.206.108.0/22 maxlen: 22
103.239.96.0/22 maxlen: 22
103.37.85.0/24 maxlen: 24
103.37.84.0/24 maxlen: 24
103.37.84.0/22 maxlen: 22
103.37.87.0/24 maxlen: 24
103.37.86.0/24 maxlen: 24
45.121.105.0/24 maxlen: 24
45.121.104.0/22 maxlen: 22
45.121.106.0/23 maxlen: 23
43.243.24.0/22 maxlen: 22
103.27.144.0/22 maxlen: 22
43.243.35.0/24 maxlen: 24
43.243.34.0/24 maxlen: 24
43.243.32.0/24 maxlen: 24
43.243.32.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:bf:01:6b:a5:99:96:0b:fc:53:d0:b3:da:38:c5:93:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Validity
Not Before: Aug 21 06:05:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32ceee0dd52eb9a530bd7aa331769ad8de6a5f1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d7:91:5e:d5:fb:a9:03:d2:ec:4d:98:18:b4:
a7:f9:04:5b:52:32:9a:75:16:af:bb:c6:a5:65:f0:
ec:2e:6c:ae:eb:72:44:31:32:1d:06:91:fe:fc:d0:
33:5a:78:16:cd:68:14:90:f3:a5:ee:66:ea:8e:89:
5b:88:51:b0:57:1d:18:aa:68:af:0e:65:01:5b:03:
be:f5:b9:39:9f:fb:68:94:f4:f4:03:88:be:d4:5d:
2a:ee:50:69:3b:8d:3c:36:1d:69:54:3e:2f:b0:9b:
f3:88:35:46:fe:c3:56:09:95:b7:70:32:bb:1a:5e:
84:fc:0c:45:62:a5:a0:af:4d:23:27:d9:15:f7:49:
a0:53:fb:6c:4a:12:52:ed:2e:de:94:5b:a9:e5:a3:
2d:1f:4e:35:f0:7e:5c:bb:ff:e4:c4:34:36:03:8d:
ea:31:2c:47:db:a5:03:47:13:95:b6:6a:e8:7f:4a:
c0:99:77:3d:dd:a0:c5:e1:0e:68:b9:bd:23:b7:8d:
f8:29:58:80:08:72:f6:29:5c:2a:ca:ab:3c:75:3f:
1e:b7:cd:da:e0:74:71:41:17:9d:bf:82:50:60:d6:
4a:6c:80:f6:de:e8:e9:04:c9:42:e0:25:68:ce:c1:
56:58:cd:7f:7f:59:70:23:1b:96:6b:97:57:62:fa:
70:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:CE:EE:0D:D5:2E:B9:A5:30:BD:7A:A3:31:76:9A:D8:DE:6A:5F:1C
X509v3 Authority Key Identifier:
keyid:4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/Ms7uDdUuuaUwvXqjMXaa2N5qXxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.42.64.0/18
43.243.24.0/22
43.243.32.0/22
43.255.108.0/22
45.121.104.0/22
45.127.176.0/22
83.244.73.0-83.244.75.255
83.244.78.0/23
103.27.144.0/22
103.37.84.0/22
103.53.4.0/22
103.196.120.0/22
103.206.108.0/22
103.215.4.0/22
103.231.104.0/22
103.239.96.0/22
103.248.36.0/22
139.190.176.0/20
213.244.70.0-213.244.79.255
213.244.121.0/24
Signature Algorithm: sha256WithRSAEncryption
42:c6:6c:7e:d8:ef:04:70:e1:85:0c:ba:26:ae:d0:33:01:fe:
d6:c3:17:88:f0:bc:a7:55:c3:d7:d8:53:7b:aa:15:92:04:8b:
0d:d4:e2:01:7f:1f:98:a2:81:03:ea:43:65:e9:69:70:5a:20:
86:90:24:ce:df:4d:9a:b3:b8:19:c4:12:b6:09:65:f6:30:b6:
d7:9d:5f:a4:4a:2c:2b:1c:0d:87:14:95:fc:bc:0a:c9:e7:7d:
b4:d8:01:ba:56:50:f9:83:8d:78:4b:52:aa:d7:e5:9f:02:3a:
3e:cb:67:e7:fd:1f:b6:88:9a:3d:52:5a:89:33:26:b5:6a:9d:
8f:20:3d:b5:f1:4e:16:84:ee:2f:b3:4b:63:81:03:d8:8d:99:
fb:7a:d2:b3:0c:26:b6:22:24:96:ad:9e:76:85:3c:7a:ef:14:
a9:91:01:14:b4:f2:fe:26:50:65:b1:0b:c3:06:94:ff:6d:18:
02:5b:d7:f2:57:c7:ca:a0:b8:b3:0f:a2:53:7f:4a:32:6d:8e:
09:04:42:7b:37:18:b4:21:8f:e5:34:ae:01:c3:79:84:4d:68:
c0:a9:9c:02:37:be:44:ba:1f:11:7a:3f:b6:c3:f9:e4:71:41:
de:9d:3a:e2:36:22:a1:79:41:8f:cd:94:a7:4a:68:e8:01:15:
24:d9:05:cd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYK/AWulmZYL/FPQs9o4xZPDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzdmMjdlYjQ5OTdiM2JlZjlmMjgyNjZhMzk2OTQwNTBm
ZTc0ZjkwHhcNMjIwODIxMDYwNTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmNlZWUwZGQ1MmViOWE1MzBiZDdhYTMzMTc2OWFkOGRlNmE1ZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtteRXtX7qQPS7E2YGLSn+QRbUjKa
dRavu8alZfDsLmyu63JEMTIdBpH+/NAzWngWzWgUkPOl7mbqjolbiFGwVx0Yqmiv
DmUBWwO+9bk5n/tolPT0A4i+1F0q7lBpO408Nh1pVD4vsJvziDVG/sNWCZW3cDK7
Gl6E/AxFYqWgr00jJ9kV90mgU/tsShJS7S7elFup5aMtH0418H5cu//kxDQ2A43q
MSxH26UDRxOVtmrof0rAmXc93aDF4Q5oub0jt434KViACHL2KVwqyqs8dT8et83a
4HRxQRedv4JQYNZKbID23ujpBMlC4CVozsFWWM1/f1lwIxuWa5dXYvpwtQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFDLO7g3VLrmlML16ozF2mtjeal8cMB8GA1UdIwQY
MBaAFEw38n60mXs7758oJmo5aUBQ/nT5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEt
ZWI1YTYyN2U3NmEzLzEvTXM3dURkVXV1YVV3dlhxak1YYWEyTjVxWHh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEtZWI1YTYyN2U3NmEz
LzEvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAYY
KkADBAIr8xgDBAIr8yADBAIr/2wDBAIteWgDBAItf7AwDAMEAFP0SQMEAlP0SAME
AVP0TgMEAmcbkAMEAmclVAMEAmc1BAMEAmfEeAMEAmfObAMEAmfXBAMEAmfnaAME
AmfvYAMEAmf4JAMEBIu+sDAMAwQB1fRGAwQE1fRAAwQA1fR5MA0GCSqGSIb3DQEB
CwUAA4IBAQBCxmx+2O8EcOGFDLomrtAzAf7WwxeI8LynVcPX2FN7qhWSBIsN1OIB
fx+YooED6kNl6WlwWiCGkCTO302as7gZxBK2CWX2MLbXnV+kSiwrHA2HFJX8vArJ
53202AG6VlD5g414S1Kq1+WfAjo+y2fn/R+2iJo9UlqJMya1ap2PID218U4WhO4v
s0tjgQPYjZn7etKzDCa2IiSWrZ52hTx67xSpkQEUtPL+JlBlsQvDBpT/bRgCW9fy
V8fKoLizD6JTf0oybY4JBEJ7Nxi0IY/lNK4Bw3mETWjAqZwCN75Euh8Rej+2w/nk
cUHenTriNiKheUGPzZSnSmjoARUk2QXN
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:03 2023 by rpki-client on console-fra.rpki-client.org