Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/j1_qGzfS_6vDcY4uyStNbIkQhwY.roa
File: j1_qGzfS_6vDcY4uyStNbIkQhwY.roa (raw, json)
Hash identifier: OXItPtBzJVn+8K84pOFKPiNMk7mrha4AIKMN/pnAIlA=
Subject key identifier: 8F:5F:EA:1B:37:D2:FF:AB:C3:71:8E:2E:C9:2B:4D:6C:89:10:87:06
Certificate issuer: /CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Certificate serial: 37EC0992
Authority key identifier: 87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/j1_qGzfS_6vDcY4uyStNbIkQhwY.roa
Signing time: Wed 16 Feb 2022 14:52:39 +0000
ROA not before: Wed 16 Feb 2022 14:52:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57809
IP address blocks: 192.214.192.0/19 maxlen: 19
185.87.100.0/22 maxlen: 22
23.90.192.0/18 maxlen: 18
185.20.16.0/22 maxlen: 22
185.134.156.0/22 maxlen: 22
45.133.68.0/22 maxlen: 22
185.133.80.0/22 maxlen: 22
79.99.160.0/21 maxlen: 21
92.119.232.0/22 maxlen: 22
185.197.108.0/22 maxlen: 22
5.183.248.0/22 maxlen: 22
45.89.76.0/22 maxlen: 22
45.92.180.0/22 maxlen: 22
185.48.252.0/22 maxlen: 22
45.129.218.0/24 maxlen: 24
185.163.136.0/22 maxlen: 22
45.129.216.0/24 maxlen: 24
45.129.217.0/24 maxlen: 24
185.241.140.0/22 maxlen: 22
94.154.4.0/24 maxlen: 24
88.218.12.0/22 maxlen: 22
185.191.36.0/22 maxlen: 22
185.163.212.0/22 maxlen: 22
185.86.88.0/22 maxlen: 22
45.86.96.0/22 maxlen: 22
185.163.220.0/22 maxlen: 22
31.204.80.0/21 maxlen: 21
185.163.228.0/22 maxlen: 22
94.187.128.0/19 maxlen: 19
2.59.144.0/22 maxlen: 22
185.186.88.0/22 maxlen: 22
185.169.156.0/22 maxlen: 22
185.132.64.0/22 maxlen: 22
185.135.176.0/22 maxlen: 22
45.142.108.0/22 maxlen: 22
195.216.140.0/22 maxlen: 22
46.18.120.0/22 maxlen: 22
46.18.124.0/24 maxlen: 24
46.18.125.0/24 maxlen: 24
46.18.126.0/23 maxlen: 23
185.254.8.0/22 maxlen: 22
185.138.116.0/22 maxlen: 22
5.10.128.0/21 maxlen: 21
45.80.252.0/22 maxlen: 22
185.98.116.0/22 maxlen: 22
45.152.16.0/22 maxlen: 22
62.192.156.0/22 maxlen: 22
2a00:41e0::/29 maxlen: 32
2a05:b780::/29 maxlen: 29
2a01:648::/29 maxlen: 32
2a00:6780::/29 maxlen: 32
2a05:c100::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 938215826 (0x37ec0992)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Validity
Not Before: Feb 16 14:52:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8f5fea1b37d2ffabc3718e2ec92b4d6c89108706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:32:f6:90:19:c5:bc:f2:d5:66:95:25:f9:0b:
6e:90:d5:be:d0:4b:da:4c:56:c0:a5:09:a7:a3:eb:
6b:fd:c4:eb:d6:0a:80:01:30:63:ee:0c:4a:1b:75:
69:01:82:c3:9b:fb:0a:d8:c3:5a:ba:e7:7a:48:7d:
c5:9d:62:84:e7:cd:3e:cb:52:66:c0:be:0e:f1:30:
c5:d5:7d:34:bb:84:7f:69:6c:93:35:b9:10:17:f5:
7d:5c:b8:96:de:20:35:bf:cc:b0:5f:af:14:41:46:
3c:27:c1:63:6e:ac:4a:ec:54:81:50:08:d2:a4:02:
25:c9:60:82:e0:e5:e9:34:fa:88:b9:19:91:65:a8:
77:52:0e:68:0a:47:6d:e0:48:02:c4:40:91:5d:3d:
fc:0c:f8:b1:6a:5c:85:e1:84:d3:45:e8:ad:ce:7b:
34:18:2c:8f:1d:09:4b:29:41:9b:ec:73:ae:05:6d:
f5:72:f9:47:0c:5d:fc:0d:14:d4:85:26:de:96:99:
4c:11:ae:e2:13:d4:fe:08:28:40:2f:f8:50:e0:4f:
e9:f6:f7:fe:77:cb:e0:d7:8b:54:03:c2:05:3c:d4:
56:9c:ba:66:ac:6b:d9:d1:20:d4:bb:92:02:da:25:
af:5b:e5:81:2d:cc:ae:3f:3b:c3:84:2b:23:2d:ac:
67:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:5F:EA:1B:37:D2:FF:AB:C3:71:8E:2E:C9:2B:4D:6C:89:10:87:06
X509v3 Authority Key Identifier:
keyid:87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/j1_qGzfS_6vDcY4uyStNbIkQhwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.144.0/22
5.10.128.0/21
5.183.248.0/22
23.90.192.0/18
31.204.80.0/21
45.80.252.0/22
45.86.96.0/22
45.89.76.0/22
45.92.180.0/22
45.129.216.0-45.129.218.255
45.133.68.0/22
45.142.108.0/22
45.152.16.0/22
46.18.120.0/21
62.192.156.0/22
79.99.160.0/21
88.218.12.0/22
92.119.232.0/22
94.154.4.0/24
94.187.128.0/19
185.20.16.0/22
185.48.252.0/22
185.86.88.0/22
185.87.100.0/22
185.98.116.0/22
185.132.64.0/22
185.133.80.0/22
185.134.156.0/22
185.135.176.0/22
185.138.116.0/22
185.163.136.0/22
185.163.212.0/22
185.163.220.0/22
185.163.228.0/22
185.169.156.0/22
185.186.88.0/22
185.191.36.0/22
185.197.108.0/22
185.241.140.0/22
185.254.8.0/22
192.214.192.0/19
195.216.140.0/22
IPv6:
2a00:41e0::/29
2a00:6780::/29
2a01:648::/29
2a05:b780::/29
2a05:c100::/29
Signature Algorithm: sha256WithRSAEncryption
11:17:41:c4:57:5b:eb:9e:72:a7:f5:a1:f7:c2:b2:cd:2d:49:
8a:00:cc:0f:9b:45:ee:6c:b5:37:06:77:68:5d:56:8d:38:7f:
27:17:62:da:39:28:5b:b7:3f:f5:42:e7:bb:3e:33:8b:03:7b:
e3:f5:b4:8e:77:f3:63:7f:f3:ee:e3:1a:bb:59:a5:43:b2:8b:
ee:15:ce:77:7e:ff:41:45:9e:ca:a7:e5:8f:e4:84:e2:9c:32:
66:cb:56:17:6c:ae:10:b8:dd:ba:60:a8:5e:79:5b:96:7b:2e:
5c:ef:c0:ea:2f:5a:d4:0f:e6:cd:1e:fa:1f:25:b9:fe:49:94:
38:e3:15:71:36:51:c7:14:90:09:e7:93:26:b5:3e:09:c5:48:
b8:b8:97:51:a3:13:75:21:2f:72:7b:c0:47:82:f2:ee:88:00:
69:35:8c:0f:51:47:90:f3:5f:82:c1:6e:31:1a:dc:e0:37:cf:
e1:d6:60:75:60:36:cf:11:ea:5e:51:d3:2c:29:e7:9f:1a:1a:
f4:5a:22:2c:d5:7d:05:03:8e:60:64:db:3d:09:49:2d:66:d2:
60:28:99:d9:0b:5c:8e:c1:af:a5:fb:90:bc:6e:58:84:34:f2:
36:29:b8:58:28:63:1c:34:3d:4d:d6:e0:e7:05:b7:69:4d:9d:
9c:a0:77:aa
-----BEGIN CERTIFICATE-----
MIIGIjCCBQqgAwIBAgIEN+wJkjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
N2Q5OTAxMzE0NjdiNzdkMTExNjJiNzlmYmUzYjA2Y2E4YWIyZDM5MB4XDTIyMDIx
NjE0NTIzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGY1ZmVhMWIzN2Qy
ZmZhYmMzNzE4ZTJlYzkyYjRkNmM4OTEwODcwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMUy9pAZxbzy1WaVJfkLbpDVvtBL2kxWwKUJp6Pra/3E69YK
gAEwY+4MSht1aQGCw5v7CtjDWrrnekh9xZ1ihOfNPstSZsC+DvEwxdV9NLuEf2ls
kzW5EBf1fVy4lt4gNb/MsF+vFEFGPCfBY26sSuxUgVAI0qQCJclgguDl6TT6iLkZ
kWWod1IOaApHbeBIAsRAkV09/Az4sWpcheGE00Xorc57NBgsjx0JSylBm+xzrgVt
9XL5Rwxd/A0U1IUm3paZTBGu4hPU/ggoQC/4UOBP6fb3/nfL4NeLVAPCBTzUVpy6
Zqxr2dEg1LuSAtolr1vlgS3Mrj87w4QrIy2sZ7UCAwEAAaOCAzwwggM4MB0GA1Ud
DgQWBBSPX+obN9L/q8Nxji7JK01siRCHBjAfBgNVHSMEGDAWgBSH2ZATFGe3fREW
K3n747BsqKstOTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2g5bVFFeFJudDMwUkZpdDUtLU93YktpckxUay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvNWRlYTk3LTdlZjctNGRiMC05NGJjLWI4ZThiMzRkYjI5MC8x
L2oxX3FHemZTXzZ2RGNZNHV5U3ROYklrUWh3WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
NWRlYTk3LTdlZjctNGRiMC05NGJjLWI4ZThiMzRkYjI5MC8xL2g5bVFFeFJudDMw
UkZpdDUtLU93YktpckxUay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AVAGCCsGAQUFBwEHAQH/BIIBPzCCATswggEMBAIAATCCAQQDBAICO5ADBAMFCoAD
BAIFt/gDBAYXWsADBAMfzFADBAItUPwDBAItVmADBAItWUwDBAItXLQwDAMEAy2B
2AMEAC2B2gMEAi2FRAMEAi2ObAMEAi2YEAMEAy4SeAMEAj7AnAMEA09joAMEAlja
DAMEAlx36AMEAF6aBAMEBV67gAMEArkUEAMEArkw/AMEArlWWAMEArlXZAMEArli
dAMEArmEQAMEArmFUAMEArmGnAMEArmHsAMEArmKdAMEArmjiAMEArmj1AMEArmj
3AMEArmj5AMEArmpnAMEArm6WAMEArm/JAMEArnFbAMEArnxjAMEArn+CAMEBcDW
wAMEAsPYjDApBAIAAjAjAwUDKgBB4AMFAyoAZ4ADBQMqAQZIAwUDKgW3gAMFAyoF
wQAwDQYJKoZIhvcNAQELBQADggEBABEXQcRXW+uecqf1offCss0tSYoAzA+bRe5s
tTcGd2hdVo04fycXYto5KFu3P/VC57s+M4sDe+P1tI5382N/8+7jGrtZpUOyi+4V
znd+/0FFnsqn5Y/khOKcMmbLVhdsrhC43bpgqF55W5Z7LlzvwOovWtQP5s0e+h8l
uf5JlDjjFXE2UccUkAnnkya1PgnFSLi4l1GjE3UhL3J7wEeC8u6IAGk1jA9RR5Dz
X4LBbjEa3OA3z+HWYHVgNs8R6l5R0ywp558aGvRaIizVfQUDjmBk2z0JSS1m0mAo
mdkLXI7Br6X7kLxuWIQ08jYpuFgoYxw0PU3W4OcFt2lNnZygd6o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:11 2024 by rpki-client on console-fra.rpki-client.org