Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/SXzESell9rMTYHSGHSZQRMuZbfo.roa
File: SXzESell9rMTYHSGHSZQRMuZbfo.roa (raw, json)
Hash identifier: WanZaf+VXcWYNhr5dYj1mdhW90etJVXShzWApECywCc=
Subject key identifier: 49:7C:C4:49:E9:65:F6:B3:13:60:74:86:1D:26:50:44:CB:99:6D:FA
Certificate issuer: /CN=7ccd0cacfafa2e0d31495dd950f76af5f98ba5d7
Certificate serial: 018B8072E843366AAD611850734435450180
Authority key identifier: 7C:CD:0C:AC:FA:FA:2E:0D:31:49:5D:D9:50:F7:6A:F5:F9:8B:A5:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/SXzESell9rMTYHSGHSZQRMuZbfo.roa
Signing time: Mon 30 Oct 2023 11:58:16 +0000
ROA not before: Mon 30 Oct 2023 11:58:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42925
IP address blocks: 147.236.224.0/22 maxlen: 24
37.60.44.0/22 maxlen: 24
37.60.40.0/21 maxlen: 24
37.60.40.0/22 maxlen: 24
213.151.32.0/19 maxlen: 24
213.151.32.0/24 maxlen: 24
147.236.212.0/22 maxlen: 24
213.151.48.0/20 maxlen: 24
95.86.64.0/19 maxlen: 24
164.138.112.0/21 maxlen: 24
164.138.112.0/20 maxlen: 24
164.138.120.0/21 maxlen: 24
95.86.64.0/18 maxlen: 24
185.10.64.0/22 maxlen: 24
212.76.112.0/20 maxlen: 24
31.44.128.0/21 maxlen: 24
31.44.128.0/20 maxlen: 24
31.44.136.0/21 maxlen: 24
95.86.96.0/19 maxlen: 24
212.76.96.0/20 maxlen: 24
212.76.96.0/19 maxlen: 24
147.236.102.0/23 maxlen: 24
2a01:6507::/32 maxlen: 32
2a01:6502:a58::/46 maxlen: 46
2a01:6500::/32 maxlen: 32
2a01:6506::/32 maxlen: 32
2a01:6500:a040::/46 maxlen: 46
2a01:6505::/32 maxlen: 32
2a01:6500:a044::/46 maxlen: 46
2a01:6502::/32 maxlen: 32
2a01:6502:a54::/46 maxlen: 46
2a01:6500:a058::/46 maxlen: 46
2a01:6503::/32 maxlen: 32
2a01:6500::/29 maxlen: 29
2a01:6500:a050::/46 maxlen: 46
2a01:6501::/32 maxlen: 32
2a01:6500:a054::/46 maxlen: 46
2a01:6504::/32 maxlen: 32
2a01:6500:3::/48 maxlen: 48
2a01:6500:a048::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:72:e8:43:36:6a:ad:61:18:50:73:44:35:45:01:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ccd0cacfafa2e0d31495dd950f76af5f98ba5d7
Validity
Not Before: Oct 30 11:58:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=497cc449e965f6b3136074861d265044cb996dfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c9:91:f8:ca:ef:9e:9a:49:73:5a:cf:c7:a1:
9f:c9:82:e0:1e:b2:56:46:25:44:bf:be:fb:ee:64:
96:0f:ad:db:4e:e6:29:0d:29:f1:03:87:20:41:01:
0d:ff:16:07:3e:8a:81:91:ad:59:7c:8a:b5:4e:7a:
56:27:89:dc:f9:32:1f:6d:25:d8:bd:2d:a0:a2:7b:
9c:19:4b:c2:ec:cd:1b:5d:ea:45:f9:64:e9:49:8f:
d1:6b:a4:74:e9:b0:9f:f5:ff:8c:87:3e:ee:4f:37:
0b:6a:9c:66:66:c2:57:0c:8c:63:dc:49:cc:f0:4e:
86:eb:d2:f1:67:c3:4e:a0:04:f8:c5:78:46:55:de:
03:7f:47:43:34:61:76:c2:c4:b5:fc:46:b7:43:99:
fa:7b:c4:a8:be:1f:a7:8d:13:4d:36:60:ac:ae:72:
2a:fd:5a:8c:da:aa:57:b1:e4:4f:21:4c:ca:0f:b5:
a3:f9:08:10:96:20:b2:b7:d1:bf:ef:25:e5:f4:ed:
ea:ad:89:fe:67:64:69:f8:67:94:4d:25:7e:46:46:
12:ee:95:ad:22:55:13:ce:a5:d4:d5:28:59:29:59:
bb:9d:ae:3d:a9:0b:ef:64:88:5c:fa:09:3c:f4:2d:
e1:90:37:72:e9:d0:45:5d:73:59:fa:28:80:a4:8e:
f1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:7C:C4:49:E9:65:F6:B3:13:60:74:86:1D:26:50:44:CB:99:6D:FA
X509v3 Authority Key Identifier:
keyid:7C:CD:0C:AC:FA:FA:2E:0D:31:49:5D:D9:50:F7:6A:F5:F9:8B:A5:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/SXzESell9rMTYHSGHSZQRMuZbfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.128.0/20
37.60.40.0/21
95.86.64.0/18
147.236.102.0/23
147.236.212.0/22
147.236.224.0/22
164.138.112.0/20
185.10.64.0/22
212.76.96.0/19
213.151.32.0/19
IPv6:
2a01:6500::/29
Signature Algorithm: sha256WithRSAEncryption
0e:d2:9d:69:2f:b6:fc:0b:84:b5:68:00:53:ad:05:cf:da:f1:
df:1c:a5:4e:6e:e2:9e:a5:1e:19:4b:fa:33:dc:aa:14:78:da:
e9:42:10:12:30:50:7f:e5:ea:f1:80:13:c4:8f:bf:86:12:2c:
71:75:e4:c0:eb:16:fb:36:55:0e:88:5d:e2:5a:05:92:a6:40:
6d:3c:62:2e:c1:1a:31:48:24:9a:28:cd:de:48:b4:07:83:7a:
76:e1:39:34:f2:fe:1c:45:a9:e3:77:54:67:d9:b1:39:57:f3:
05:55:60:6b:7c:f8:c3:a3:d3:da:62:57:23:15:05:87:74:62:
de:f8:dd:e7:61:ed:1b:b8:19:25:ff:0c:99:8e:7e:01:ea:85:
3c:29:7a:3d:27:25:9b:bb:e1:22:64:e2:6c:6b:a8:48:5b:13:
0e:b4:b6:fe:5e:77:5e:da:55:c1:2b:e9:2c:75:bb:1e:8a:74:
28:3e:18:15:01:1b:7b:1d:6c:ba:eb:18:b6:4f:37:29:3d:3c:
82:be:a2:ad:97:b2:41:05:0a:d9:dc:96:2c:9d:29:e3:e2:2e:
65:e7:07:8c:31:ef:2c:8e:d6:53:07:5f:fc:60:14:7e:10:5b:
74:a4:e4:73:0b:56:4e:7d:42:7a:35:65:cd:88:3a:66:0b:41:
15:bf:fa:79
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYuAcuhDNmqtYRhQc0Q1RQGAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjY2QwY2FjZmFmYTJlMGQzMTQ5NWRkOTUwZjc2YWY1Zjk4
YmE1ZDcwHhcNMjMxMDMwMTE1ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTdjYzQ0OWU5NjVmNmIzMTM2MDc0ODYxZDI2NTA0NGNiOTk2ZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8mR+MrvnppJc1rPx6GfyYLgHrJW
RiVEv7777mSWD63bTuYpDSnxA4cgQQEN/xYHPoqBka1ZfIq1TnpWJ4nc+TIfbSXY
vS2gonucGUvC7M0bXepF+WTpSY/Ra6R06bCf9f+Mhz7uTzcLapxmZsJXDIxj3EnM
8E6G69LxZ8NOoAT4xXhGVd4Df0dDNGF2wsS1/Ea3Q5n6e8Sovh+njRNNNmCsrnIq
/VqM2qpXseRPIUzKD7Wj+QgQliCyt9G/7yXl9O3qrYn+Z2Rp+GeUTSV+RkYS7pWt
IlUTzqXU1ShZKVm7na49qQvvZIhc+gk89C3hkDdy6dBFXXNZ+iiApI7xzQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFEl8xEnpZfazE2B0hh0mUETLmW36MB8GA1UdIwQY
MBaAFHzNDKz6+i4NMUld2VD3avX5i6XXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk0wTXJQcjZMZzB4U1YzWlVQZHE5Zm1McGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9iZTVkY2YtY2IwNS00NjFhLTg2OGUt
NDM5ZmM4ZjliMzg2LzEvU1h6RVNlbGw5ck1UWUhTR0hTWlFSTXVaYmZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9iZTVkY2YtY2IwNS00NjFhLTg2OGUtNDM5ZmM4ZjliMzg2
LzEvZk0wTXJQcjZMZzB4U1YzWlVQZHE5Zm1McGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQEHyyAAwQD
JTwoAwQGX1ZAAwQBk+xmAwQCk+zUAwQCk+zgAwQEpIpwAwQCuQpAAwQF1ExgAwQF
1ZcgMA0EAgACMAcDBQMqAWUAMA0GCSqGSIb3DQEBCwUAA4IBAQAO0p1pL7b8C4S1
aABTrQXP2vHfHKVObuKepR4ZS/oz3KoUeNrpQhASMFB/5erxgBPEj7+GEixxdeTA
6xb7NlUOiF3iWgWSpkBtPGIuwRoxSCSaKM3eSLQHg3p24Tk08v4cRanjd1Rn2bE5
V/MFVWBrfPjDo9PaYlcjFQWHdGLe+N3nYe0buBkl/wyZjn4B6oU8KXo9JyWbu+Ei
ZOJsa6hIWxMOtLb+Xnde2lXBK+ksdbseinQoPhgVARt7HWy66xi2TzcpPTyCvqKt
l7JBBQrZ3JYsnSnj4i5l5weMMe8sjtZTB1/8YBR+EFt0pORzC1ZOfUJ6NWXNiDpm
C0EVv/p5
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:11 2025 by rpki-client