Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/70ccef-17f3-4928-9c0b-ba7c7d8190ca/1/ng8vGh9One7pSqOu2Ui6w9I8rwg.roa
File: ng8vGh9One7pSqOu2Ui6w9I8rwg.roa (raw, json)
Hash identifier: /5SRtlntYPMTQG/AbDPWJD1GAmbxp1z8XxvSpHbYTeE=
Subject key identifier: 9E:0F:2F:1A:1F:4E:9D:EE:E9:4A:A3:AE:D9:48:BA:C3:D2:3C:AF:08
Certificate issuer: /CN=6f5e0230be799e44829c8720ca38347045494e20
Certificate serial: 0182C43F8EA9017100C673D1667A9C756079
Authority key identifier: 6F:5E:02:30:BE:79:9E:44:82:9C:87:20:CA:38:34:70:45:49:4E:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b14CML55nkSCnIcgyjg0cEVJTiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/70ccef-17f3-4928-9c0b-ba7c7d8190ca/1/ng8vGh9One7pSqOu2Ui6w9I8rwg.roa
Signing time: Mon 22 Aug 2022 06:31:15 +0000
ROA not before: Mon 22 Aug 2022 06:31:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1257
IP address blocks: 83.188.0.0/18 maxlen: 18
83.177.232.0/21 maxlen: 21
90.144.64.0/19 maxlen: 19
90.141.0.0/19 maxlen: 19
193.150.192.0/18 maxlen: 18
77.218.32.0/19 maxlen: 19
83.177.192.0/19 maxlen: 19
83.177.200.0/21 maxlen: 21
83.177.224.0/19 maxlen: 19
188.148.0.0/14 maxlen: 14
178.218.152.0/22 maxlen: 22
83.191.160.0/19 maxlen: 19
213.100.192.0/19 maxlen: 19
90.141.40.0/21 maxlen: 21
90.141.48.0/20 maxlen: 20
91.130.0.0/18 maxlen: 18
85.194.0.0/18 maxlen: 18
90.143.128.0/17 maxlen: 17
213.200.128.0/18 maxlen: 18
151.177.0.0/16 maxlen: 16
90.129.224.0/19 maxlen: 19
83.248.0.0/13 maxlen: 13
83.180.224.0/19 maxlen: 19
213.103.128.0/19 maxlen: 19
83.181.0.0/19 maxlen: 19
83.177.160.0/19 maxlen: 19
90.133.128.0/19 maxlen: 19
90.133.160.0/19 maxlen: 19
213.102.64.0/19 maxlen: 19
77.233.95.0/24 maxlen: 24
90.143.0.0/19 maxlen: 19
83.190.64.0/18 maxlen: 18
193.14.192.0/20 maxlen: 20
213.102.80.0/20 maxlen: 20
87.227.0.0/17 maxlen: 17
213.89.0.0/16 maxlen: 16
83.182.32.0/19 maxlen: 19
83.188.224.0/19 maxlen: 19
193.13.160.0/20 maxlen: 20
91.128.160.0/19 maxlen: 19
90.142.32.0/19 maxlen: 19
90.142.48.0/20 maxlen: 20
91.128.192.0/19 maxlen: 19
77.233.64.0/19 maxlen: 19
80.216.0.0/15 maxlen: 15
81.216.23.0/24 maxlen: 24
81.216.18.0/23 maxlen: 23
91.128.128.0/19 maxlen: 19
2a04:ae00::/26 maxlen: 26
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c4:3f:8e:a9:01:71:00:c6:73:d1:66:7a:9c:75:60:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f5e0230be799e44829c8720ca38347045494e20
Validity
Not Before: Aug 22 06:31:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e0f2f1a1f4e9deee94aa3aed948bac3d23caf08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6f:0b:1f:02:0b:ea:97:aa:b9:d2:1a:76:17:
7c:47:24:b0:ad:8f:cc:4a:15:2f:7f:02:6d:ff:74:
2c:0b:59:34:a1:11:1a:c1:67:be:c9:3c:41:54:5c:
23:57:7b:50:c2:3b:dc:a7:92:21:a2:f0:0e:af:ca:
2d:81:42:72:f2:33:bf:cb:22:a0:01:99:3b:de:35:
61:f8:56:fc:92:9d:e9:a7:4e:d6:f6:29:01:46:23:
fe:9c:b6:ea:87:38:53:40:c6:9a:d6:92:48:93:44:
31:9a:9d:86:b7:84:fb:52:d9:f6:4a:c5:3a:ca:8d:
dd:f9:6c:95:3b:81:cc:fa:ee:c2:78:42:46:f8:a6:
f9:dd:f0:70:d9:db:79:5f:b1:42:64:80:38:03:e8:
c6:8c:e4:c1:d7:5c:ca:14:a2:2d:2a:21:fb:67:cd:
97:be:7b:f7:78:93:86:cf:d1:46:09:66:2d:8d:1f:
85:c0:74:d6:99:57:63:9d:be:ce:fc:55:f9:9d:5d:
8b:cd:ef:7c:e5:0a:d5:2f:1b:be:42:5c:d5:39:da:
71:93:55:2c:16:44:50:e7:87:83:bd:5e:ae:fa:dd:
5d:68:35:af:1a:29:e1:5c:f9:45:9b:ee:55:de:a7:
26:50:7e:0e:f8:fd:65:03:cd:2f:ca:e5:01:c3:41:
b6:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:0F:2F:1A:1F:4E:9D:EE:E9:4A:A3:AE:D9:48:BA:C3:D2:3C:AF:08
X509v3 Authority Key Identifier:
keyid:6F:5E:02:30:BE:79:9E:44:82:9C:87:20:CA:38:34:70:45:49:4E:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b14CML55nkSCnIcgyjg0cEVJTiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/70ccef-17f3-4928-9c0b-ba7c7d8190ca/1/ng8vGh9One7pSqOu2Ui6w9I8rwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/70ccef-17f3-4928-9c0b-ba7c7d8190ca/1/b14CML55nkSCnIcgyjg0cEVJTiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.218.32.0/19
77.233.64.0/19
80.216.0.0/15
81.216.18.0/23
81.216.23.0/24
83.177.160.0-83.177.255.255
83.180.224.0-83.181.31.255
83.182.32.0/19
83.188.0.0/18
83.188.224.0/19
83.190.64.0/18
83.191.160.0/19
83.248.0.0/13
85.194.0.0/18
87.227.0.0/17
90.129.224.0/19
90.133.128.0/18
90.141.0.0/19
90.141.40.0-90.141.63.255
90.142.32.0/19
90.143.0.0/19
90.143.128.0/17
90.144.64.0/19
91.128.128.0-91.128.223.255
91.130.0.0/18
151.177.0.0/16
178.218.152.0/22
188.148.0.0/14
193.13.160.0/20
193.14.192.0/20
193.150.192.0/18
213.89.0.0/16
213.100.192.0/19
213.102.64.0/19
213.103.128.0/19
213.200.128.0/18
IPv6:
2a04:ae00::/26
Signature Algorithm: sha256WithRSAEncryption
17:bf:5e:ac:27:99:bc:fe:36:30:d4:46:37:2e:0c:ce:56:15:
57:35:8f:6b:03:91:f0:da:02:1c:de:19:a1:3f:1d:54:5d:7d:
5d:88:58:d7:88:67:b8:6f:53:f7:29:84:78:5c:40:09:75:a7:
5d:54:6b:82:51:42:9e:4c:c6:f8:ca:d8:0f:d4:b0:5f:f8:f4:
9a:a1:1f:b7:2d:f6:24:40:bd:9e:e5:7b:0d:30:ab:95:16:d9:
d6:a1:f8:17:8f:d6:89:2b:1c:51:56:20:33:e6:ca:c0:9f:2d:
37:51:72:5d:04:b2:37:ad:2c:99:c5:21:26:79:0c:e3:87:f9:
51:38:1f:3d:dd:17:cd:4e:0c:0c:9b:d9:88:c6:db:12:62:9e:
3d:19:b1:04:33:60:f5:ea:bc:bb:b9:b7:39:2d:a2:7a:2d:7b:
b2:44:40:e3:78:4d:de:ba:dd:1d:05:8f:1f:34:7a:74:04:12:
58:33:34:f8:2a:3b:c5:be:6d:19:1e:ba:29:24:5d:1f:6d:67:
31:17:b7:32:d6:09:82:58:54:c9:ab:47:84:00:01:97:56:1f:
8c:28:92:ec:97:a0:24:4d:81:e4:e8:3a:82:25:8f:60:56:d4:
30:b1:b4:28:cf:57:37:4f:0c:5f:06:00:85:5a:51:bc:86:1d:
65:f9:de:c3
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgISAYLEP46pAXEAxnPRZnqcdWB5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNWUwMjMwYmU3OTllNDQ4MjljODcyMGNhMzgzNDcwNDU0
OTRlMjAwHhcNMjIwODIyMDYzMTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTBmMmYxYTFmNGU5ZGVlZTk0YWEzYWVkOTQ4YmFjM2QyM2NhZjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnm8LHwIL6pequdIadhd8RySwrY/M
ShUvfwJt/3QsC1k0oREawWe+yTxBVFwjV3tQwjvcp5IhovAOr8otgUJy8jO/yyKg
AZk73jVh+Fb8kp3pp07W9ikBRiP+nLbqhzhTQMaa1pJIk0Qxmp2Gt4T7Utn2SsU6
yo3d+WyVO4HM+u7CeEJG+Kb53fBw2dt5X7FCZIA4A+jGjOTB11zKFKItKiH7Z82X
vnv3eJOGz9FGCWYtjR+FwHTWmVdjnb7O/FX5nV2Lze985QrVLxu+QlzVOdpxk1Us
FkRQ54eDvV6u+t1daDWvGinhXPlFm+5V3qcmUH4O+P1lA80vyuUBw0G2nwIDAQAB
o4IDDDCCAwgwHQYDVR0OBBYEFJ4PLxofTp3u6UqjrtlIusPSPK8IMB8GA1UdIwQY
MBaAFG9eAjC+eZ5EgpyHIMo4NHBFSU4gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjE0Q01MNTVua1NDbkljZ3lqZzBjRVZKVGlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83MGNjZWYtMTdmMy00OTI4LTljMGIt
YmE3YzdkODE5MGNhLzEvbmc4dkdoOU9uZTdwU3FPdTJVaTZ3OUk4cndnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83MGNjZWYtMTdmMy00OTI4LTljMGItYmE3YzdkODE5MGNh
LzEvYjE0Q01MNTVua1NDbkljZ3lqZzBjRVZKVGlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIAYIKwYBBQUHAQcBAf8EggEPMIIBCzCB+QQCAAEwgfID
BAVN2iADBAVN6UADAwFQ2AMEAVHYEgMEAFHYFzALAwQFU7GgAwMBU7AwDAMEBVO0
4AMEBVO1AAMEBVO2IAMEBlO8AAMEBVO84AMEBlO+QAMEBVO/oAMDA1P4AwQGVcIA
AwQHV+MAAwQFWoHgAwQGWoWAAwQFWo0AMAwDBANajSgDBAZajQADBAVajiADBAVa
jwADBAdaj4ADBAVakEAwDAMEB1uAgAMEBVuAwAMEBluCAAMDAJexAwQCstqYAwMC
vJQDBATBDaADBATBDsADBAbBlsADAwDVWQMEBdVkwAMEBdVmQAMEBdVngAMEBtXI
gDANBAIAAjAHAwUGKgSuADANBgkqhkiG9w0BAQsFAAOCAQEAF79erCeZvP42MNRG
Ny4MzlYVVzWPawOR8NoCHN4ZoT8dVF19XYhY14hnuG9T9ymEeFxACXWnXVRrglFC
nkzG+MrYD9SwX/j0mqEfty32JEC9nuV7DTCrlRbZ1qH4F4/WiSscUVYgM+bKwJ8t
N1FyXQSyN60smcUhJnkM44f5UTgfPd0XzU4MDJvZiMbbEmKePRmxBDNg9eq8u7m3
OS2iei17skRA43hN3rrdHQWPHzR6dAQSWDM0+Co7xb5tGR66KSRdH21nMRe3MtYJ
glhUyatHhAABl1YfjCiS7JegJE2B5Og6giWPYFbUMLG0KM9XN08MXwYAhVpRvIYd
Zfneww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:27 2024 by rpki-client on console-ams.rpki-client.org