Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/Nb6Rj-tLLFIq38FYfpK1gCxqiuk.roa
File: Nb6Rj-tLLFIq38FYfpK1gCxqiuk.roa (raw, json)
Hash identifier: 4irWYYVA3RPyjaKR7Ft3+6K2tUsLRMsiO9DhiVwiqT8=
Subject key identifier: 35:BE:91:8F:EB:4B:2C:52:2A:DF:C1:58:7E:92:B5:80:2C:6A:8A:E9
Certificate issuer: /CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Certificate serial: 37FB48AD
Authority key identifier: 87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/Nb6Rj-tLLFIq38FYfpK1gCxqiuk.roa
Signing time: Tue 22 Feb 2022 16:22:47 +0000
ROA not before: Tue 22 Feb 2022 16:22:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 192.214.192.0/19 maxlen: 24
23.90.192.0/18 maxlen: 24
185.87.100.0/22 maxlen: 24
185.20.16.0/22 maxlen: 24
185.134.156.0/22 maxlen: 24
45.133.68.0/22 maxlen: 24
79.99.160.0/21 maxlen: 24
185.133.80.0/22 maxlen: 24
92.119.232.0/22 maxlen: 24
185.197.108.0/22 maxlen: 24
5.183.248.0/22 maxlen: 24
45.89.76.0/22 maxlen: 24
45.92.180.0/22 maxlen: 24
185.48.252.0/22 maxlen: 24
45.129.218.0/24 maxlen: 24
45.129.216.0/24 maxlen: 24
185.163.136.0/22 maxlen: 24
45.129.217.0/24 maxlen: 24
185.241.140.0/22 maxlen: 24
94.154.4.0/24 maxlen: 24
88.218.12.0/22 maxlen: 24
185.191.36.0/22 maxlen: 24
185.163.212.0/22 maxlen: 24
185.86.88.0/22 maxlen: 24
45.86.96.0/22 maxlen: 24
185.163.220.0/22 maxlen: 24
185.163.228.0/22 maxlen: 24
31.204.80.0/21 maxlen: 24
94.187.128.0/19 maxlen: 24
2.59.144.0/22 maxlen: 24
185.186.88.0/22 maxlen: 24
185.169.156.0/22 maxlen: 24
185.132.64.0/22 maxlen: 24
45.142.108.0/22 maxlen: 24
185.135.176.0/22 maxlen: 24
195.216.140.0/22 maxlen: 24
46.18.124.0/24 maxlen: 24
46.18.125.0/24 maxlen: 24
46.18.120.0/22 maxlen: 24
46.18.126.0/23 maxlen: 24
185.254.8.0/22 maxlen: 24
185.138.116.0/22 maxlen: 24
5.10.128.0/21 maxlen: 24
45.80.252.0/22 maxlen: 24
185.98.116.0/22 maxlen: 24
45.152.16.0/22 maxlen: 24
62.192.156.0/22 maxlen: 24
2a00:41e0::/29 maxlen: 48
2a05:b780::/29 maxlen: 48
2a01:648::/29 maxlen: 48
2a00:6780::/29 maxlen: 48
2a05:c100::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 939215021 (0x37fb48ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Validity
Not Before: Feb 22 16:22:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35be918feb4b2c522adfc1587e92b5802c6a8ae9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:07:1d:ae:0b:99:9a:0b:b7:0c:db:74:cd:f0:
99:1a:43:c2:5f:24:d6:2a:1d:2e:9c:ed:c7:87:ae:
d6:9b:c8:9e:2b:53:a7:e9:2d:b2:a6:9d:45:f5:1d:
3a:07:08:89:a8:90:4d:d6:87:4d:66:10:cd:35:b2:
2d:2f:03:0f:00:9f:30:2e:73:e0:a3:a0:a2:0f:58:
36:4c:70:9f:e8:97:fe:41:dd:d0:26:da:2c:ec:97:
b3:3c:6c:1c:12:ce:11:2c:36:61:eb:f9:2c:27:6e:
f6:41:5c:21:f6:7a:30:51:f3:24:71:15:e9:f1:cb:
17:ab:d3:78:9e:5b:6a:c3:86:60:fb:ed:8b:db:5e:
b6:91:d0:27:d4:f0:93:25:14:c7:fd:e1:dc:bd:9c:
dd:b2:ce:64:fe:1e:54:54:33:aa:88:32:3a:b3:99:
c2:6c:c7:e3:c2:37:ca:44:47:ba:ff:af:93:7c:b4:
5f:72:39:d6:a3:e3:7a:c3:a6:19:ab:66:76:a1:e5:
d4:96:df:df:9e:db:e8:32:14:34:27:a7:26:1d:9c:
11:4b:5e:cc:f1:d6:30:50:27:4e:36:9a:5c:e4:7c:
5c:b3:38:26:35:13:4b:ed:1a:34:6c:24:ba:4c:10:
34:fb:04:f0:46:32:83:2a:cb:dc:82:cc:33:7d:be:
7d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:BE:91:8F:EB:4B:2C:52:2A:DF:C1:58:7E:92:B5:80:2C:6A:8A:E9
X509v3 Authority Key Identifier:
keyid:87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/Nb6Rj-tLLFIq38FYfpK1gCxqiuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.144.0/22
5.10.128.0/21
5.183.248.0/22
23.90.192.0/18
31.204.80.0/21
45.80.252.0/22
45.86.96.0/22
45.89.76.0/22
45.92.180.0/22
45.129.216.0-45.129.218.255
45.133.68.0/22
45.142.108.0/22
45.152.16.0/22
46.18.120.0/21
62.192.156.0/22
79.99.160.0/21
88.218.12.0/22
92.119.232.0/22
94.154.4.0/24
94.187.128.0/19
185.20.16.0/22
185.48.252.0/22
185.86.88.0/22
185.87.100.0/22
185.98.116.0/22
185.132.64.0/22
185.133.80.0/22
185.134.156.0/22
185.135.176.0/22
185.138.116.0/22
185.163.136.0/22
185.163.212.0/22
185.163.220.0/22
185.163.228.0/22
185.169.156.0/22
185.186.88.0/22
185.191.36.0/22
185.197.108.0/22
185.241.140.0/22
185.254.8.0/22
192.214.192.0/19
195.216.140.0/22
IPv6:
2a00:41e0::/29
2a00:6780::/29
2a01:648::/29
2a05:b780::/29
2a05:c100::/29
Signature Algorithm: sha256WithRSAEncryption
9f:ef:d1:5d:ce:21:05:1c:42:66:2e:7a:43:09:2a:29:86:cc:
69:c8:75:e4:f0:aa:a0:96:e8:85:97:6a:d9:16:15:cc:6d:1c:
85:2f:82:9c:e7:07:ac:8d:32:2e:e7:81:04:4d:f2:a5:f0:9b:
8f:c1:ba:9e:d0:27:65:d8:70:da:38:12:07:8b:1c:18:ee:cc:
c7:6b:e4:72:4b:88:d2:be:8f:f8:f0:8b:1b:c3:b4:2e:83:13:
35:97:57:9f:a8:3f:30:21:77:89:b7:a2:e1:55:91:02:d5:22:
e9:9f:5c:55:89:8b:52:d3:a1:d1:22:43:91:95:a8:d2:87:b1:
aa:8d:55:a5:13:23:63:e5:46:87:b8:d7:53:72:e0:84:ac:5f:
1b:bb:c9:3d:19:9f:44:2b:fb:fa:32:fd:2e:5f:5b:01:4e:bc:
9d:d8:1a:23:4e:24:38:9d:74:7b:95:8a:85:0b:e8:2e:9a:2d:
50:6e:a1:10:62:f7:e1:b5:b7:db:d4:97:d1:d3:c9:8f:38:59:
cf:ec:7c:94:bf:d5:75:c8:0e:7a:2c:fd:c1:12:7c:cb:79:08:
8c:41:21:bb:31:bf:7b:4e:20:e4:64:d8:ba:c3:4f:54:ab:e0:
40:eb:4c:bd:fa:ef:92:ba:e8:b8:6d:54:2a:45:a6:91:f0:b0:
b7:50:1c:49
-----BEGIN CERTIFICATE-----
MIIGIjCCBQqgAwIBAgIEN/tIrTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
N2Q5OTAxMzE0NjdiNzdkMTExNjJiNzlmYmUzYjA2Y2E4YWIyZDM5MB4XDTIyMDIy
MjE2MjI0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzViZTkxOGZlYjRi
MmM1MjJhZGZjMTU4N2U5MmI1ODAyYzZhOGFlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0HHa4LmZoLtwzbdM3wmRpDwl8k1iodLpztx4eu1pvInitT
p+ktsqadRfUdOgcIiaiQTdaHTWYQzTWyLS8DDwCfMC5z4KOgog9YNkxwn+iX/kHd
0CbaLOyXszxsHBLOESw2Yev5LCdu9kFcIfZ6MFHzJHEV6fHLF6vTeJ5basOGYPvt
i9tetpHQJ9TwkyUUx/3h3L2c3bLOZP4eVFQzqogyOrOZwmzH48I3ykRHuv+vk3y0
X3I51qPjesOmGatmdqHl1Jbf357b6DIUNCenJh2cEUtezPHWMFAnTjaaXOR8XLM4
JjUTS+0aNGwkukwQNPsE8EYygyrL3ILMM32+fTECAwEAAaOCAzwwggM4MB0GA1Ud
DgQWBBQ1vpGP60ssUirfwVh+krWALGqK6TAfBgNVHSMEGDAWgBSH2ZATFGe3fREW
K3n747BsqKstOTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2g5bVFFeFJudDMwUkZpdDUtLU93YktpckxUay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvNWRlYTk3LTdlZjctNGRiMC05NGJjLWI4ZThiMzRkYjI5MC8x
L05iNlJqLXRMTEZJcTM4RllmcEsxZ0N4cWl1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
NWRlYTk3LTdlZjctNGRiMC05NGJjLWI4ZThiMzRkYjI5MC8xL2g5bVFFeFJudDMw
UkZpdDUtLU93YktpckxUay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AVAGCCsGAQUFBwEHAQH/BIIBPzCCATswggEMBAIAATCCAQQDBAICO5ADBAMFCoAD
BAIFt/gDBAYXWsADBAMfzFADBAItUPwDBAItVmADBAItWUwDBAItXLQwDAMEAy2B
2AMEAC2B2gMEAi2FRAMEAi2ObAMEAi2YEAMEAy4SeAMEAj7AnAMEA09joAMEAlja
DAMEAlx36AMEAF6aBAMEBV67gAMEArkUEAMEArkw/AMEArlWWAMEArlXZAMEArli
dAMEArmEQAMEArmFUAMEArmGnAMEArmHsAMEArmKdAMEArmjiAMEArmj1AMEArmj
3AMEArmj5AMEArmpnAMEArm6WAMEArm/JAMEArnFbAMEArnxjAMEArn+CAMEBcDW
wAMEAsPYjDApBAIAAjAjAwUDKgBB4AMFAyoAZ4ADBQMqAQZIAwUDKgW3gAMFAyoF
wQAwDQYJKoZIhvcNAQELBQADggEBAJ/v0V3OIQUcQmYuekMJKimGzGnIdeTwqqCW
6IWXatkWFcxtHIUvgpznB6yNMi7ngQRN8qXwm4/Bup7QJ2XYcNo4EgeLHBjuzMdr
5HJLiNK+j/jwixvDtC6DEzWXV5+oPzAhd4m3ouFVkQLVIumfXFWJi1LTodEiQ5GV
qNKHsaqNVaUTI2PlRoe411Ny4ISsXxu7yT0Zn0Qr+/oy/S5fWwFOvJ3YGiNOJDid
dHuVioUL6C6aLVBuoRBi9+G1t9vUl9HTyY84Wc/sfJS/1XXIDnos/cESfMt5CIxB
Ibsxv3tOIORk2LrDT1Sr4EDrTL3675K66LhtVCpFppHwsLdQHEk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:15 2024 by rpki-client on console-ams.rpki-client.org