Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/0FYbBkrcVAsEf22hkRCiJqIP3kA.roa
File: 0FYbBkrcVAsEf22hkRCiJqIP3kA.roa (raw, json)
Hash identifier: sm+rPAUfv/cmEZr5G7WBsDNQNGVssow/tNuo2hb71J4=
Subject key identifier: D0:56:1B:06:4A:DC:54:0B:04:7F:6D:A1:91:10:A2:26:A2:0F:DE:40
Certificate issuer: /CN=e5503498ff185d0c607353f43f55e911f62a6802
Certificate serial: 01837A285B7C34EDF562EA0F0EFB343D90C1
Authority key identifier: E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/0FYbBkrcVAsEf22hkRCiJqIP3kA.roa
Signing time: Mon 26 Sep 2022 14:16:48 +0000
ROA not before: Mon 26 Sep 2022 14:16:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15943
IP address blocks: 149.233.128.0/17 maxlen: 24
84.242.16.0/20 maxlen: 24
185.82.16.0/22 maxlen: 24
213.21.32.0/20 maxlen: 24
95.129.0.0/21 maxlen: 24
149.249.16.0/20 maxlen: 24
185.207.4.0/22 maxlen: 22
37.122.136.0/21 maxlen: 24
185.29.240.0/22 maxlen: 24
216.83.208.0/20 maxlen: 24
192.119.48.0/20 maxlen: 24
109.230.96.0/20 maxlen: 20
192.196.192.0/20 maxlen: 24
185.232.32.0/22 maxlen: 24
213.195.24.0/21 maxlen: 21
185.220.216.0/22 maxlen: 24
94.72.168.0/21 maxlen: 24
176.109.192.0/19 maxlen: 24
95.163.160.0/20 maxlen: 24
94.72.184.0/21 maxlen: 24
185.23.224.0/22 maxlen: 24
185.215.236.0/22 maxlen: 24
81.25.160.0/20 maxlen: 24
212.146.136.0/22 maxlen: 24
149.224.0.0/16 maxlen: 24
212.146.144.0/20 maxlen: 24
94.72.128.0/21 maxlen: 24
46.22.0.0/20 maxlen: 24
95.81.0.0/19 maxlen: 24
2.57.116.0/22 maxlen: 24
77.223.8.0/21 maxlen: 21
149.249.248.0/22 maxlen: 24
77.223.16.0/20 maxlen: 20
45.157.100.0/22 maxlen: 22
193.218.16.0/20 maxlen: 24
212.127.32.0/19 maxlen: 24
213.209.64.0/18 maxlen: 24
195.123.96.0/20 maxlen: 24
134.101.128.0/17 maxlen: 24
188.136.224.0/19 maxlen: 24
31.29.32.0/19 maxlen: 24
84.46.0.0/17 maxlen: 24
46.59.128.0/17 maxlen: 24
31.172.104.0/21 maxlen: 24
2a04:4540::/29 maxlen: 29
2a02:2028::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7a:28:5b:7c:34:ed:f5:62:ea:0f:0e:fb:34:3d:90:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5503498ff185d0c607353f43f55e911f62a6802
Validity
Not Before: Sep 26 14:16:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d0561b064adc540b047f6da19110a226a20fde40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:65:61:39:9d:b9:d1:34:e1:6e:19:37:24:59:
b5:91:36:05:e7:6c:8d:3e:02:64:83:b2:eb:e5:58:
7c:f3:ca:7e:5b:d5:0b:90:cd:ff:8b:1a:c0:5f:95:
e3:76:32:86:71:7f:40:1c:49:e9:2b:b5:e5:14:7e:
ea:1c:85:15:9b:fc:d7:57:18:5f:7d:e4:cd:13:ba:
69:f1:34:d1:a2:1d:9b:5b:0a:b2:32:cf:21:36:bb:
5f:c9:24:18:57:4c:9d:cf:5e:31:2a:8f:f8:bf:ef:
da:42:ee:7e:0a:22:d3:58:27:fc:bf:6d:5c:03:da:
c3:a4:b2:5b:0b:c1:39:74:af:85:94:fd:6b:25:3c:
71:57:3f:dc:37:55:fa:56:ee:88:5c:f3:69:fb:dd:
f4:44:b2:da:6f:be:1f:36:15:b8:be:e2:55:f5:13:
8f:df:d5:f6:f4:c1:c0:f3:3f:4b:1a:ab:aa:c9:68:
28:fc:d6:98:d5:cc:c6:2a:35:a3:64:fc:e1:28:cb:
5b:3d:25:06:c7:52:d2:1b:5c:46:a3:51:02:b6:bf:
d9:e2:9d:11:84:95:d6:84:e7:28:21:61:8f:27:8f:
cb:c0:f7:93:c9:1e:09:c2:37:d6:d1:12:51:8a:df:
51:2d:c9:a2:94:98:1f:50:e4:e7:b3:6d:c6:7c:b9:
1e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:56:1B:06:4A:DC:54:0B:04:7F:6D:A1:91:10:A2:26:A2:0F:DE:40
X509v3 Authority Key Identifier:
keyid:E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/0FYbBkrcVAsEf22hkRCiJqIP3kA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/5VA0mP8YXQxgc1P0P1XpEfYqaAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.116.0/22
31.29.32.0/19
31.172.104.0/21
37.122.136.0/21
45.157.100.0/22
46.22.0.0/20
46.59.128.0/17
77.223.8.0-77.223.31.255
81.25.160.0/20
84.46.0.0/17
84.242.16.0/20
94.72.128.0/21
94.72.168.0/21
94.72.184.0/21
95.81.0.0/19
95.129.0.0/21
95.163.160.0/20
109.230.96.0/20
134.101.128.0/17
149.224.0.0/16
149.233.128.0/17
149.249.16.0/20
149.249.248.0/22
176.109.192.0/19
185.23.224.0/22
185.29.240.0/22
185.82.16.0/22
185.207.4.0/22
185.215.236.0/22
185.220.216.0/22
185.232.32.0/22
188.136.224.0/19
192.119.48.0/20
192.196.192.0/20
193.218.16.0/20
195.123.96.0/20
212.127.32.0/19
212.146.136.0/22
212.146.144.0/20
213.21.32.0/20
213.195.24.0/21
213.209.64.0/18
216.83.208.0/20
IPv6:
2a02:2028::/32
2a04:4540::/29
Signature Algorithm: sha256WithRSAEncryption
98:70:c0:7f:81:f2:db:6d:77:d3:b2:ba:80:e3:98:e1:88:c7:
dc:f9:45:55:9e:8f:38:83:f2:17:f2:c0:a0:1b:da:97:f4:44:
26:f5:bb:ec:c7:94:5f:c3:a1:fe:7c:9e:97:1e:3f:3c:c6:fe:
57:ce:67:c9:57:66:01:91:5a:37:61:ad:e2:fe:2c:b8:72:9c:
f9:01:4d:10:74:5e:c5:ba:d1:51:f5:d3:9e:7a:08:cf:bf:cd:
aa:09:b1:15:2b:3a:88:85:be:55:5b:01:1e:cb:cb:fc:df:38:
b2:18:55:bc:96:7f:1c:b7:89:e1:3d:5c:08:9c:d2:47:b2:fc:
c6:af:69:d3:0a:d8:c6:6a:da:c4:e9:24:59:89:c6:bc:74:de:
60:40:6d:ec:5b:70:4a:8c:bc:27:78:30:be:15:09:e3:47:ab:
bf:7c:54:b7:f4:59:61:ae:fd:59:49:dc:4a:fa:e0:2e:97:94:
d1:b9:50:f7:6e:14:fd:61:0f:6e:d8:f8:12:2a:66:a0:dd:5a:
4d:7c:ea:17:2b:69:b2:ad:fe:e6:d7:ee:c5:56:7e:6a:38:61:
45:1e:6c:44:87:c2:37:d9:5a:76:68:0d:fb:62:8b:3e:5f:37:
a5:dc:4d:58:4b:ac:49:87:e7:d0:b2:31:3b:e0:db:78:74:1d:
a5:32:17:96
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgISAYN6KFt8NO31YuoPDvs0PZDBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NTAzNDk4ZmYxODVkMGM2MDczNTNmNDNmNTVlOTExZjYy
YTY4MDIwHhcNMjIwOTI2MTQxNjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDU2MWIwNjRhZGM1NDBiMDQ3ZjZkYTE5MTEwYTIyNmEyMGZkZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWVhOZ250TThbhk3JFm1kTYF52yN
PgJkg7Lr5Vh888p+W9ULkM3/ixrAX5XjdjKGcX9AHEnpK7XlFH7qHIUVm/zXVxhf
feTNE7pp8TTRoh2bWwqyMs8hNrtfySQYV0ydz14xKo/4v+/aQu5+CiLTWCf8v21c
A9rDpLJbC8E5dK+FlP1rJTxxVz/cN1X6Vu6IXPNp+930RLLab74fNhW4vuJV9ROP
39X29MHA8z9LGquqyWgo/NaY1czGKjWjZPzhKMtbPSUGx1LSG1xGo1ECtr/Z4p0R
hJXWhOcoIWGPJ4/LwPeTyR4JwjfW0RJRit9RLcmilJgfUOTns23GfLke5wIDAQAB
o4IDLDCCAygwHQYDVR0OBBYEFNBWGwZK3FQLBH9toZEQoiaiD95AMB8GA1UdIwQY
MBaAFOVQNJj/GF0MYHNT9D9V6RH2KmgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVZBMG1QOFlYUXhnYzFQMFAxWHBFZllxYUFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85N2IwYmMtZjRmOC00ZjkwLTg1NTQt
MWUyNzlmN2I2MDIzLzEvMEZZYkJrcmNWQXNFZjIyaGtSQ2lKcUlQM2tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85N2IwYmMtZjRmOC00ZjkwLTg1NTQtMWUyNzlmN2I2MDIz
LzEvNVZBMG1QOFlYUXhnYzFQMFAxWHBFZllxYUFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQAYIKwYBBQUHAQcBAf8EggEvMIIBKzCCAREEAgABMIIB
CQMEAgI5dAMEBR8dIAMEAx+saAMEAyV6iAMEAi2dZAMEBC4WAAMEBy47gDAMAwQD
Td8IAwQFTd8AAwQEURmgAwQHVC4AAwQEVPIQAwQDXkiAAwQDXkioAwQDXki4AwQF
X1EAAwQDX4EAAwQEX6OgAwQEbeZgAwQHhmWAAwMAleADBAeV6YADBASV+RADBAKV
+fgDBAWwbcADBAK5F+ADBAK5HfADBAK5UhADBAK5zwQDBAK51+wDBAK53NgDBAK5
6CADBAW8iOADBATAdzADBATAxMADBATB2hADBATDe2ADBAXUfyADBALUkogDBATU
kpADBATVFSADBAPVwxgDBAbV0UADBATYU9AwFAQCAAIwDgMFACoCICgDBQMqBEVA
MA0GCSqGSIb3DQEBCwUAA4IBAQCYcMB/gfLbbXfTsrqA45jhiMfc+UVVno84g/IX
8sCgG9qX9EQm9bvsx5Rfw6H+fJ6XHj88xv5XzmfJV2YBkVo3Ya3i/iy4cpz5AU0Q
dF7FutFR9dOeegjPv82qCbEVKzqIhb5VWwEey8v83ziyGFW8ln8ct4nhPVwInNJH
svzGr2nTCtjGatrE6SRZica8dN5gQG3sW3BKjLwneDC+FQnjR6u/fFS39Flhrv1Z
SdxK+uAul5TRuVD3bhT9YQ9u2PgSKmag3VpNfOoXK2myrf7m1+7FVn5qOGFFHmxE
h8I32Vp2aA37Yos+Xzel3E1YS6xJh+fQsjE74Nt4dB2lMheW
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:37 2023 by rpki-client on console-ams.rpki-client.org