Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/xnmZzSNS8nvCbr7nv21GQW-f8IE.roa
File: xnmZzSNS8nvCbr7nv21GQW-f8IE.roa (raw, json)
Hash identifier: GkTOIhykugfcc9ciDhdZqKojUJfDCFM1URWenyET+zw=
Subject key identifier: C6:79:99:CD:23:52:F2:7B:C2:6E:BE:E7:BF:6D:46:41:6F:9F:F0:81
Certificate issuer: /CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Certificate serial: 37E88312
Authority key identifier: 87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/xnmZzSNS8nvCbr7nv21GQW-f8IE.roa
Signing time: Wed 16 Feb 2022 07:02:08 +0000
ROA not before: Wed 16 Feb 2022 07:02:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57809
IP address blocks: 185.87.100.0/22 maxlen: 22
23.90.192.0/18 maxlen: 18
185.20.16.0/22 maxlen: 22
185.134.156.0/22 maxlen: 22
45.133.68.0/22 maxlen: 22
185.133.80.0/22 maxlen: 22
79.99.160.0/21 maxlen: 21
92.119.232.0/22 maxlen: 22
185.197.108.0/22 maxlen: 22
5.183.248.0/22 maxlen: 22
45.89.76.0/22 maxlen: 22
45.92.180.0/22 maxlen: 22
185.48.252.0/22 maxlen: 22
45.129.218.0/24 maxlen: 24
185.163.136.0/22 maxlen: 22
45.129.216.0/24 maxlen: 24
45.129.217.0/24 maxlen: 24
185.241.140.0/22 maxlen: 22
94.154.4.0/24 maxlen: 24
88.218.12.0/22 maxlen: 22
185.191.36.0/22 maxlen: 22
185.163.212.0/22 maxlen: 22
185.86.88.0/22 maxlen: 22
45.86.96.0/22 maxlen: 22
185.163.220.0/22 maxlen: 22
31.204.80.0/21 maxlen: 21
185.163.228.0/22 maxlen: 22
94.187.128.0/19 maxlen: 19
2.59.144.0/22 maxlen: 22
185.186.88.0/22 maxlen: 22
185.169.156.0/22 maxlen: 22
185.132.64.0/22 maxlen: 22
185.135.176.0/22 maxlen: 22
45.142.108.0/22 maxlen: 22
195.216.140.0/22 maxlen: 22
46.18.120.0/22 maxlen: 22
46.18.124.0/24 maxlen: 24
46.18.125.0/24 maxlen: 24
46.18.126.0/23 maxlen: 23
185.254.8.0/22 maxlen: 22
185.138.116.0/22 maxlen: 22
5.10.128.0/21 maxlen: 21
45.80.252.0/22 maxlen: 22
185.98.116.0/22 maxlen: 22
45.152.16.0/22 maxlen: 22
62.192.156.0/22 maxlen: 22
2a00:41e0::/29 maxlen: 32
2a05:b780::/29 maxlen: 29
2a01:648::/29 maxlen: 32
2a00:6780::/29 maxlen: 32
2a05:c100::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 937984786 (0x37e88312)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Validity
Not Before: Feb 16 07:02:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c67999cd2352f27bc26ebee7bf6d46416f9ff081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:9d:ff:78:8f:f5:b2:e8:62:df:85:f6:92:b7:
34:3a:ae:5c:bb:e0:52:8e:6b:b5:f9:be:f0:60:f3:
b6:26:60:8a:d9:89:4f:8a:aa:af:21:ba:a3:f4:87:
d6:13:28:b0:37:91:f9:29:a3:c1:7d:96:cf:87:48:
5c:20:3f:be:27:57:1a:b6:07:0f:86:ba:13:46:f4:
ea:a2:c9:78:3a:76:ef:f0:01:bd:40:ff:9f:6d:b9:
e6:0e:1c:7b:fb:1a:82:32:c5:13:6b:1b:82:62:c8:
d8:19:e6:3e:a0:d7:89:94:aa:15:a1:b9:a9:ac:f7:
4c:a4:3c:34:f8:27:59:6f:70:9d:29:56:ef:cb:b7:
34:48:bc:1c:a7:26:9a:da:04:b1:ce:cd:c2:18:d1:
33:92:10:b4:d9:d4:04:af:1d:fe:a9:c4:11:66:c0:
2e:87:44:2a:a0:8f:b8:f0:39:65:ad:b9:5a:f9:3d:
06:4f:a2:75:3e:e9:2f:89:71:07:60:45:2f:60:7e:
05:63:7c:92:e8:66:50:04:fb:c4:36:7c:27:40:8a:
bc:3b:ea:26:76:64:04:21:7b:77:08:49:18:06:50:
e2:4d:87:54:1c:13:be:05:9b:39:7d:39:a9:d6:3e:
0c:ad:48:9d:af:e1:4b:31:39:5c:61:bf:a4:06:87:
fc:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:79:99:CD:23:52:F2:7B:C2:6E:BE:E7:BF:6D:46:41:6F:9F:F0:81
X509v3 Authority Key Identifier:
keyid:87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/xnmZzSNS8nvCbr7nv21GQW-f8IE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.144.0/22
5.10.128.0/21
5.183.248.0/22
23.90.192.0/18
31.204.80.0/21
45.80.252.0/22
45.86.96.0/22
45.89.76.0/22
45.92.180.0/22
45.129.216.0-45.129.218.255
45.133.68.0/22
45.142.108.0/22
45.152.16.0/22
46.18.120.0/21
62.192.156.0/22
79.99.160.0/21
88.218.12.0/22
92.119.232.0/22
94.154.4.0/24
94.187.128.0/19
185.20.16.0/22
185.48.252.0/22
185.86.88.0/22
185.87.100.0/22
185.98.116.0/22
185.132.64.0/22
185.133.80.0/22
185.134.156.0/22
185.135.176.0/22
185.138.116.0/22
185.163.136.0/22
185.163.212.0/22
185.163.220.0/22
185.163.228.0/22
185.169.156.0/22
185.186.88.0/22
185.191.36.0/22
185.197.108.0/22
185.241.140.0/22
185.254.8.0/22
195.216.140.0/22
IPv6:
2a00:41e0::/29
2a00:6780::/29
2a01:648::/29
2a05:b780::/29
2a05:c100::/29
Signature Algorithm: sha256WithRSAEncryption
5d:d8:fd:df:46:3c:04:67:97:6a:26:ef:38:b1:45:38:1e:c5:
20:42:27:fa:f2:f2:1d:32:85:e9:97:67:1a:9c:ca:6c:7b:f6:
b4:38:03:19:90:c8:4f:4c:83:c6:a8:62:d4:ab:ac:23:92:e1:
cb:02:32:b6:45:00:99:c2:d0:6c:f2:70:d8:00:b1:6a:84:9d:
64:6e:f2:3a:6c:18:d4:3c:65:e7:df:11:fe:95:73:0e:b4:cd:
50:1f:08:d1:69:32:fc:e4:b8:c9:fe:15:89:30:0a:cb:ba:49:
a5:0b:3b:6e:07:dd:3b:b0:df:bb:c3:a5:ef:de:a5:ba:7f:c8:
b8:eb:6d:a9:70:ee:19:f0:8b:10:bd:9e:0d:cf:8a:88:c6:81:
2f:69:3f:90:de:0f:62:f9:1f:d5:d7:e3:f6:59:97:7f:71:d7:
1d:53:2d:a9:a1:0c:75:4a:3b:c7:62:53:cb:9a:2b:d5:27:e8:
66:30:54:9b:12:7a:64:16:2a:57:12:c8:c0:73:a4:96:61:a9:
0b:dc:50:12:00:b6:ff:be:94:35:95:f5:be:c9:63:71:66:e3:
1a:4b:df:4c:6b:19:a8:81:07:db:5d:ca:3d:bf:45:8e:82:b5:
91:0b:34:cb:2c:4a:77:ab:14:d3:a7:9b:1e:ba:4f:bd:08:b1:
e3:5f:1d:48
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgIEN+iDEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
N2Q5OTAxMzE0NjdiNzdkMTExNjJiNzlmYmUzYjA2Y2E4YWIyZDM5MB4XDTIyMDIx
NjA3MDIwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzY3OTk5Y2QyMzUy
ZjI3YmMyNmViZWU3YmY2ZDQ2NDE2ZjlmZjA4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANud/3iP9bLoYt+F9pK3NDquXLvgUo5rtfm+8GDztiZgitmJ
T4qqryG6o/SH1hMosDeR+SmjwX2Wz4dIXCA/vidXGrYHD4a6E0b06qLJeDp27/AB
vUD/n2255g4ce/sagjLFE2sbgmLI2BnmPqDXiZSqFaG5qaz3TKQ8NPgnWW9wnSlW
78u3NEi8HKcmmtoEsc7NwhjRM5IQtNnUBK8d/qnEEWbALodEKqCPuPA5Za25Wvk9
Bk+idT7pL4lxB2BFL2B+BWN8kuhmUAT7xDZ8J0CKvDvqJnZkBCF7dwhJGAZQ4k2H
VBwTvgWbOX05qdY+DK1Ina/hSzE5XGG/pAaH/AsCAwEAAaOCAzUwggMxMB0GA1Ud
DgQWBBTGeZnNI1Lye8Juvue/bUZBb5/wgTAfBgNVHSMEGDAWgBSH2ZATFGe3fREW
K3n747BsqKstOTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2g5bVFFeFJudDMwUkZpdDUtLU93YktpckxUay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvNWRlYTk3LTdlZjctNGRiMC05NGJjLWI4ZThiMzRkYjI5MC8x
L3hubVp6U05TOG52Q2JyN252MjFHUVctZjhJRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
NWRlYTk3LTdlZjctNGRiMC05NGJjLWI4ZThiMzRkYjI5MC8xL2g5bVFFeFJudDMw
UkZpdDUtLU93YktpckxUay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AUkGCCsGAQUFBwEHAQH/BIIBODCCATQwggEFBAIAATCB/gMEAgI7kAMEAwUKgAME
AgW3+AMEBhdawAMEAx/MUAMEAi1Q/AMEAi1WYAMEAi1ZTAMEAi1ctDAMAwQDLYHY
AwQALYHaAwQCLYVEAwQCLY5sAwQCLZgQAwQDLhJ4AwQCPsCcAwQDT2OgAwQCWNoM
AwQCXHfoAwQAXpoEAwQFXruAAwQCuRQQAwQCuTD8AwQCuVZYAwQCuVdkAwQCuWJ0
AwQCuYRAAwQCuYVQAwQCuYacAwQCuYewAwQCuYp0AwQCuaOIAwQCuaPUAwQCuaPc
AwQCuaPkAwQCuamcAwQCubpYAwQCub8kAwQCucVsAwQCufGMAwQCuf4IAwQCw9iM
MCkEAgACMCMDBQMqAEHgAwUDKgBngAMFAyoBBkgDBQMqBbeAAwUDKgXBADANBgkq
hkiG9w0BAQsFAAOCAQEAXdj930Y8BGeXaibvOLFFOB7FIEIn+vLyHTKF6ZdnGpzK
bHv2tDgDGZDIT0yDxqhi1KusI5LhywIytkUAmcLQbPJw2ACxaoSdZG7yOmwY1Dxl
598R/pVzDrTNUB8I0Wky/OS4yf4ViTAKy7pJpQs7bgfdO7Dfu8Ol796lun/IuOtt
qXDuGfCLEL2eDc+KiMaBL2k/kN4PYvkf1dfj9lmXf3HXHVMtqaEMdUo7x2JTy5or
1SfoZjBUmxJ6ZBYqVxLIwHOklmGpC9xQEgC2/76UNZX1vsljcWbjGkvfTGsZqIEH
213KPb9FjoK1kQs0yyxKd6sU06ebHrpPvQix418dSA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:11 2024 by rpki-client on console-fra.rpki-client.org