Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/4VJoRM8lmQQNbmTt6TXaWTN9B7A.roa
File: 4VJoRM8lmQQNbmTt6TXaWTN9B7A.roa (raw, json)
Hash identifier: +DQp51ZKy9T+1Mty1T6xPCBQB8PiYBk+k3lNlcGRyAo=
Subject key identifier: E1:52:68:44:CF:25:99:04:0D:6E:64:ED:E9:35:DA:59:33:7D:07:B0
Certificate issuer: /CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Certificate serial: 37C51A3F
Authority key identifier: 87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/4VJoRM8lmQQNbmTt6TXaWTN9B7A.roa
Signing time: Wed 02 Feb 2022 09:25:47 +0000
ROA not before: Wed 02 Feb 2022 09:25:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 23.90.192.0/18 maxlen: 24
185.87.100.0/22 maxlen: 24
185.20.16.0/22 maxlen: 24
185.134.156.0/22 maxlen: 24
45.133.68.0/22 maxlen: 24
79.99.160.0/21 maxlen: 24
185.133.80.0/22 maxlen: 24
92.119.232.0/22 maxlen: 24
185.197.108.0/22 maxlen: 24
5.183.248.0/22 maxlen: 24
45.89.76.0/22 maxlen: 24
45.92.180.0/22 maxlen: 24
185.48.252.0/22 maxlen: 24
45.129.218.0/24 maxlen: 24
45.129.216.0/24 maxlen: 24
185.163.136.0/22 maxlen: 24
45.129.217.0/24 maxlen: 24
185.241.140.0/22 maxlen: 24
94.154.4.0/24 maxlen: 24
88.218.12.0/22 maxlen: 24
185.191.36.0/22 maxlen: 24
185.163.212.0/22 maxlen: 24
185.86.88.0/22 maxlen: 24
45.86.96.0/22 maxlen: 24
185.163.220.0/22 maxlen: 24
185.163.228.0/22 maxlen: 24
31.204.80.0/21 maxlen: 24
2.59.144.0/22 maxlen: 24
185.186.88.0/22 maxlen: 24
185.169.156.0/22 maxlen: 24
185.132.64.0/22 maxlen: 24
45.142.108.0/22 maxlen: 24
185.135.176.0/22 maxlen: 24
195.216.140.0/22 maxlen: 24
46.18.124.0/24 maxlen: 24
46.18.125.0/24 maxlen: 24
46.18.120.0/22 maxlen: 24
46.18.126.0/23 maxlen: 24
185.254.8.0/22 maxlen: 24
185.138.116.0/22 maxlen: 24
5.10.128.0/21 maxlen: 24
45.80.252.0/22 maxlen: 24
185.98.116.0/22 maxlen: 24
45.152.16.0/22 maxlen: 24
62.192.156.0/22 maxlen: 24
2a00:41e0::/29 maxlen: 48
2a05:b780::/29 maxlen: 48
2a01:648::/29 maxlen: 48
2a00:6780::/29 maxlen: 48
2a05:c100::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 935664191 (0x37c51a3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Validity
Not Before: Feb 2 09:25:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1526844cf2599040d6e64ede935da59337d07b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1a:47:35:51:47:79:99:27:8a:62:38:0c:5d:
75:84:9b:4d:c4:63:52:01:85:d2:60:8f:16:54:56:
e7:f6:b5:ba:e5:df:97:02:10:5d:b4:b5:b1:01:39:
41:43:fd:3a:e5:e5:c4:cd:61:9f:fa:14:1a:a5:53:
60:2f:02:f9:d1:cb:f2:36:76:60:b3:6a:e9:29:ad:
38:a2:fc:9e:c3:20:99:bf:d8:cd:29:08:e2:cb:dc:
1f:c8:a7:ee:94:21:29:02:8f:d7:d7:36:5e:fe:ea:
bb:05:62:c9:a4:e5:89:b6:0a:4f:85:39:b6:31:bf:
56:49:66:50:c8:a9:2e:e5:37:b0:76:23:e8:f5:11:
86:35:95:f1:15:f3:e0:f1:d5:51:38:6c:3f:a1:bb:
c5:a0:b5:9c:65:e4:0d:50:b6:0f:39:e2:42:39:73:
b9:72:7d:44:79:34:b4:06:c6:70:c8:d7:54:1e:74:
07:e0:81:e6:61:cd:11:41:f4:91:f5:db:52:11:cb:
ab:bf:8d:f3:c4:0a:6d:de:cf:4b:7e:5c:86:49:73:
18:dd:3b:cd:66:45:60:6a:1e:9b:e6:1b:b0:54:05:
93:56:6b:4e:38:88:fa:2a:37:0c:d0:68:6a:c7:7a:
62:a2:d0:74:66:99:6c:5c:db:69:cb:7f:db:d1:15:
66:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:52:68:44:CF:25:99:04:0D:6E:64:ED:E9:35:DA:59:33:7D:07:B0
X509v3 Authority Key Identifier:
keyid:87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/4VJoRM8lmQQNbmTt6TXaWTN9B7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.144.0/22
5.10.128.0/21
5.183.248.0/22
23.90.192.0/18
31.204.80.0/21
45.80.252.0/22
45.86.96.0/22
45.89.76.0/22
45.92.180.0/22
45.129.216.0-45.129.218.255
45.133.68.0/22
45.142.108.0/22
45.152.16.0/22
46.18.120.0/21
62.192.156.0/22
79.99.160.0/21
88.218.12.0/22
92.119.232.0/22
94.154.4.0/24
185.20.16.0/22
185.48.252.0/22
185.86.88.0/22
185.87.100.0/22
185.98.116.0/22
185.132.64.0/22
185.133.80.0/22
185.134.156.0/22
185.135.176.0/22
185.138.116.0/22
185.163.136.0/22
185.163.212.0/22
185.163.220.0/22
185.163.228.0/22
185.169.156.0/22
185.186.88.0/22
185.191.36.0/22
185.197.108.0/22
185.241.140.0/22
185.254.8.0/22
195.216.140.0/22
IPv6:
2a00:41e0::/29
2a00:6780::/29
2a01:648::/29
2a05:b780::/29
2a05:c100::/29
Signature Algorithm: sha256WithRSAEncryption
a0:fc:bd:76:0c:b6:a4:41:01:1c:ba:d3:77:6a:f0:ad:29:2b:
6a:87:59:c2:ae:fd:b5:c2:61:40:6c:59:66:bf:09:47:2d:45:
96:b1:20:de:0f:84:b3:a5:04:a8:65:63:eb:52:6b:12:10:90:
18:4a:2b:90:99:62:a9:fc:78:ac:9d:be:66:58:6e:89:af:3a:
1e:ae:7e:71:be:6f:6c:4d:af:d0:2f:98:3d:ca:ca:78:78:b7:
54:db:19:29:7f:e6:26:44:b4:f4:27:d4:fa:fa:ae:f3:b4:a4:
bf:71:a7:6b:f0:15:d8:ea:c1:c8:6d:0e:e7:82:46:8d:f5:e4:
25:b0:9c:82:b3:fa:97:da:cb:26:f6:9a:79:0e:84:4a:c7:c6:
15:4a:25:d6:8d:f4:56:e8:30:cc:59:20:13:f9:c0:41:59:2f:
e2:3c:41:62:63:2e:72:16:03:9d:a1:bd:2d:ce:28:36:c2:4d:
8d:73:cd:38:0d:37:8a:be:49:2f:d6:53:24:d3:41:41:52:d0:
6b:f3:cb:f1:ab:3e:cb:ab:54:cc:ac:fd:9d:f8:35:cb:2f:94:
82:2f:38:cf:19:aa:1d:01:69:db:a1:b5:db:a4:42:74:04:a4:
9a:b2:87:ec:56:86:28:23:c9:95:4a:34:15:07:79:2e:1e:19:
01:09:28:7d
-----BEGIN CERTIFICATE-----
MIIGFDCCBPygAwIBAgIEN8UaPzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
N2Q5OTAxMzE0NjdiNzdkMTExNjJiNzlmYmUzYjA2Y2E4YWIyZDM5MB4XDTIyMDIw
MjA5MjU0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTE1MjY4NDRjZjI1
OTkwNDBkNmU2NGVkZTkzNWRhNTkzMzdkMDdiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALAaRzVRR3mZJ4piOAxddYSbTcRjUgGF0mCPFlRW5/a1uuXf
lwIQXbS1sQE5QUP9OuXlxM1hn/oUGqVTYC8C+dHL8jZ2YLNq6SmtOKL8nsMgmb/Y
zSkI4svcH8in7pQhKQKP19c2Xv7quwViyaTlibYKT4U5tjG/VklmUMipLuU3sHYj
6PURhjWV8RXz4PHVUThsP6G7xaC1nGXkDVC2DzniQjlzuXJ9RHk0tAbGcMjXVB50
B+CB5mHNEUH0kfXbUhHLq7+N88QKbd7PS35chklzGN07zWZFYGoem+YbsFQFk1Zr
TjiI+io3DNBoasd6YqLQdGaZbFzbact/29EVZnMCAwEAAaOCAy4wggMqMB0GA1Ud
DgQWBBThUmhEzyWZBA1uZO3pNdpZM30HsDAfBgNVHSMEGDAWgBSH2ZATFGe3fREW
K3n747BsqKstOTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2g5bVFFeFJudDMwUkZpdDUtLU93YktpckxUay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvNWRlYTk3LTdlZjctNGRiMC05NGJjLWI4ZThiMzRkYjI5MC8x
LzRWSm9STThsbVFRTmJtVHQ2VFhhV1ROOUI3QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
NWRlYTk3LTdlZjctNGRiMC05NGJjLWI4ZThiMzRkYjI5MC8xL2g5bVFFeFJudDMw
UkZpdDUtLU93YktpckxUay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AUIGCCsGAQUFBwEHAQH/BIIBMTCCAS0wgf8EAgABMIH4AwQCAjuQAwQDBQqAAwQC
Bbf4AwQGF1rAAwQDH8xQAwQCLVD8AwQCLVZgAwQCLVlMAwQCLVy0MAwDBAMtgdgD
BAAtgdoDBAIthUQDBAItjmwDBAItmBADBAMuEngDBAI+wJwDBANPY6ADBAJY2gwD
BAJcd+gDBABemgQDBAK5FBADBAK5MPwDBAK5VlgDBAK5V2QDBAK5YnQDBAK5hEAD
BAK5hVADBAK5hpwDBAK5h7ADBAK5inQDBAK5o4gDBAK5o9QDBAK5o9wDBAK5o+QD
BAK5qZwDBAK5ulgDBAK5vyQDBAK5xWwDBAK58YwDBAK5/ggDBALD2IwwKQQCAAIw
IwMFAyoAQeADBQMqAGeAAwUDKgEGSAMFAyoFt4ADBQMqBcEAMA0GCSqGSIb3DQEB
CwUAA4IBAQCg/L12DLakQQEcutN3avCtKStqh1nCrv21wmFAbFlmvwlHLUWWsSDe
D4SzpQSoZWPrUmsSEJAYSiuQmWKp/Hisnb5mWG6Jrzoern5xvm9sTa/QL5g9ysp4
eLdU2xkpf+YmRLT0J9T6+q7ztKS/cadr8BXY6sHIbQ7ngkaN9eQlsJyCs/qX2ssm
9pp5DoRKx8YVSiXWjfRW6DDMWSAT+cBBWS/iPEFiYy5yFgOdob0tzig2wk2Nc804
DTeKvkkv1lMk00FBUtBr88vxqz7Lq1TMrP2d+DXLL5SCLzjPGaodAWnbobXbpEJ0
BKSasofsVoYoI8mVSjQVB3kuHhkBCSh9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:15 2024 by rpki-client on console-ams.rpki-client.org