Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/0Um7lfVL7KmXpkO8hq7YLwMSrr0.roa
File: 0Um7lfVL7KmXpkO8hq7YLwMSrr0.roa (raw, json)
Hash identifier: +JR+ueXW93mLIH3IhXBh4AgGMJpstgZ2GCw3tNNfFeg=
Subject key identifier: D1:49:BB:95:F5:4B:EC:A9:97:A6:43:BC:86:AE:D8:2F:03:12:AE:BD
Certificate issuer: /CN=e5503498ff185d0c607353f43f55e911f62a6802
Certificate serial: 358EAC80
Authority key identifier: E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/0Um7lfVL7KmXpkO8hq7YLwMSrr0.roa
Signing time: Wed 09 Mar 2022 08:30:26 +0000
ROA not before: Wed 09 Mar 2022 08:30:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15943
IP address blocks: 149.233.128.0/17 maxlen: 24
84.242.16.0/20 maxlen: 24
185.82.16.0/22 maxlen: 24
213.21.32.0/20 maxlen: 24
149.249.16.0/20 maxlen: 24
185.29.240.0/22 maxlen: 24
216.83.208.0/20 maxlen: 24
192.119.48.0/20 maxlen: 24
192.196.192.0/20 maxlen: 24
185.232.32.0/22 maxlen: 24
185.220.216.0/22 maxlen: 24
95.163.160.0/20 maxlen: 24
185.23.224.0/22 maxlen: 24
185.215.236.0/22 maxlen: 24
81.25.160.0/20 maxlen: 24
149.224.0.0/16 maxlen: 24
46.22.0.0/20 maxlen: 24
95.81.0.0/19 maxlen: 24
149.249.248.0/22 maxlen: 24
193.218.16.0/20 maxlen: 24
213.209.64.0/18 maxlen: 24
195.123.96.0/20 maxlen: 24
134.101.128.0/17 maxlen: 24
188.136.224.0/19 maxlen: 24
31.29.32.0/19 maxlen: 24
84.46.0.0/17 maxlen: 24
46.59.128.0/17 maxlen: 24
31.172.104.0/21 maxlen: 24
2a04:4540::/29 maxlen: 29
2a02:2028::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 898542720 (0x358eac80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5503498ff185d0c607353f43f55e911f62a6802
Validity
Not Before: Mar 9 08:30:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d149bb95f54beca997a643bc86aed82f0312aebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:11:0d:f2:e5:7e:ea:47:5e:82:80:ad:5a:1d:
17:6f:fb:7e:f3:9d:94:52:ce:af:63:5e:8c:c3:4d:
31:d8:0e:c0:5b:ea:12:75:ea:6d:56:fa:b5:d9:5e:
dc:9b:98:44:a2:60:41:d3:0b:08:ce:be:37:68:7f:
4c:e5:16:7c:be:c9:88:34:4b:9a:cc:9f:8b:29:f4:
eb:b1:cf:d3:c1:eb:4a:74:fe:b6:7c:4d:49:14:39:
c7:75:d6:e8:93:20:f1:ef:5f:16:72:a0:75:fe:27:
9f:1c:26:66:ea:eb:bc:e9:b8:d8:16:ff:2f:8f:21:
b7:e5:bc:ca:34:6a:85:a7:c8:4e:b8:0a:d7:4a:02:
3b:9e:6a:72:f5:ff:01:d1:a2:ff:30:5e:8d:8f:db:
96:fa:09:49:45:48:27:12:5b:45:3f:4c:69:7b:ca:
f6:81:82:2c:79:36:96:f2:99:c7:84:b6:e7:ca:5b:
3e:84:36:85:5a:a9:30:01:bf:fe:a4:5f:2f:a4:93:
fd:45:a5:2a:53:ed:dc:af:1e:6a:e9:67:6f:08:22:
31:08:78:fe:69:9d:2b:83:4c:ac:61:2c:73:8e:9e:
91:b4:ae:5a:a2:ad:e3:26:fe:2a:96:19:b6:f9:64:
8b:63:ef:58:90:ba:a5:1b:69:75:d7:a4:74:9b:ae:
ca:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:49:BB:95:F5:4B:EC:A9:97:A6:43:BC:86:AE:D8:2F:03:12:AE:BD
X509v3 Authority Key Identifier:
keyid:E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/0Um7lfVL7KmXpkO8hq7YLwMSrr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/5VA0mP8YXQxgc1P0P1XpEfYqaAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.29.32.0/19
31.172.104.0/21
46.22.0.0/20
46.59.128.0/17
81.25.160.0/20
84.46.0.0/17
84.242.16.0/20
95.81.0.0/19
95.163.160.0/20
134.101.128.0/17
149.224.0.0/16
149.233.128.0/17
149.249.16.0/20
149.249.248.0/22
185.23.224.0/22
185.29.240.0/22
185.82.16.0/22
185.215.236.0/22
185.220.216.0/22
185.232.32.0/22
188.136.224.0/19
192.119.48.0/20
192.196.192.0/20
193.218.16.0/20
195.123.96.0/20
213.21.32.0/20
213.209.64.0/18
216.83.208.0/20
IPv6:
2a02:2028::/32
2a04:4540::/29
Signature Algorithm: sha256WithRSAEncryption
54:c1:e2:ab:e6:54:28:b3:10:e4:50:f1:6d:6e:df:de:70:3d:
fc:08:1a:d1:ec:8d:b7:a9:f1:5c:a9:99:4f:ef:c4:5c:4f:be:
db:fd:fe:3d:a3:6b:72:e7:bc:4d:66:85:08:bc:2b:38:0f:03:
2e:69:66:6c:22:a6:98:72:18:24:95:5a:72:86:e7:c1:90:01:
91:89:c7:3e:9b:ef:d7:b4:40:c9:64:4d:16:5b:f0:6d:26:d9:
8c:9b:cd:d0:52:45:1d:fb:c8:5b:58:7d:a9:72:e0:0a:8d:53:
5b:2a:7e:da:f0:68:14:e8:b6:4c:a0:9c:e5:1b:41:b3:3d:f1:
70:70:c1:db:af:b8:46:d7:4d:27:fd:71:6b:9d:11:95:86:8e:
51:fb:a7:0d:b5:75:8d:51:01:91:09:f3:b5:2e:cc:8d:5a:c5:
a1:83:9a:af:92:49:eb:2b:0a:2e:3b:1e:56:28:62:e6:0c:9c:
5d:dc:91:10:9b:ba:2a:e9:62:4a:49:0a:80:6e:38:b3:34:9d:
a7:27:7c:e9:8f:cc:bd:02:ed:39:ad:7a:85:7c:85:97:6f:62:
0d:1b:4b:0d:ef:d4:d3:76:ef:67:1f:41:59:e6:4b:9e:57:d8:
68:57:24:b6:6b:4d:38:38:2e:09:f4:b5:06:94:a0:79:e2:81:
65:63:eb:9e
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgIENY6sgDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NTUwMzQ5OGZmMTg1ZDBjNjA3MzUzZjQzZjU1ZTkxMWY2MmE2ODAyMB4XDTIyMDMw
OTA4MzAyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDE0OWJiOTVmNTRi
ZWNhOTk3YTY0M2JjODZhZWQ4MmYwMzEyYWViZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALERDfLlfupHXoKArVodF2/7fvOdlFLOr2NejMNNMdgOwFvq
EnXqbVb6tdle3JuYRKJgQdMLCM6+N2h/TOUWfL7JiDRLmsyfiyn067HP08HrSnT+
tnxNSRQ5x3XW6JMg8e9fFnKgdf4nnxwmZurrvOm42Bb/L48ht+W8yjRqhafITrgK
10oCO55qcvX/AdGi/zBejY/blvoJSUVIJxJbRT9MaXvK9oGCLHk2lvKZx4S258pb
PoQ2hVqpMAG//qRfL6ST/UWlKlPt3K8eaulnbwgiMQh4/mmdK4NMrGEsc46ekbSu
WqKt4yb+KpYZtvlki2PvWJC6pRtpddekdJuuysUCAwEAAaOCAsUwggLBMB0GA1Ud
DgQWBBTRSbuV9UvsqZemQ7yGrtgvAxKuvTAfBgNVHSMEGDAWgBTlUDSY/xhdDGBz
U/Q/VekR9ipoAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVWQTBtUDhZWFF4Z2MxUDBQMVhwRWZZcWFBSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvOTdiMGJjLWY0ZjgtNGY5MC04NTU0LTFlMjc5ZjdiNjAyMy8x
LzBVbTdsZlZMN0ttWHBrTzhocTdZTHdNU3JyMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
OTdiMGJjLWY0ZjgtNGY5MC04NTU0LTFlMjc5ZjdiNjAyMy8xLzVWQTBtUDhZWFF4
Z2MxUDBQMVhwRWZZcWFBSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
2gYIKwYBBQUHAQcBAf8Egcowgccwga4EAgABMIGnAwQFHx0gAwQDH6xoAwQELhYA
AwQHLjuAAwQEURmgAwQHVC4AAwQEVPIQAwQFX1EAAwQEX6OgAwQHhmWAAwMAleAD
BAeV6YADBASV+RADBAKV+fgDBAK5F+ADBAK5HfADBAK5UhADBAK51+wDBAK53NgD
BAK56CADBAW8iOADBATAdzADBATAxMADBATB2hADBATDe2ADBATVFSADBAbV0UAD
BATYU9AwFAQCAAIwDgMFACoCICgDBQMqBEVAMA0GCSqGSIb3DQEBCwUAA4IBAQBU
weKr5lQosxDkUPFtbt/ecD38CBrR7I23qfFcqZlP78RcT77b/f49o2ty57xNZoUI
vCs4DwMuaWZsIqaYchgklVpyhufBkAGRicc+m+/XtEDJZE0WW/BtJtmMm83QUkUd
+8hbWH2pcuAKjVNbKn7a8GgU6LZMoJzlG0GzPfFwcMHbr7hG100n/XFrnRGVho5R
+6cNtXWNUQGRCfO1LsyNWsWhg5qvkknrKwouOx5WKGLmDJxd3JEQm7oq6WJKSQqA
bjizNJ2nJ3zpj8y9Au05rXqFfIWXb2ING0sN79TTdu9nH0FZ5kueV9hoVyS2a004
OC4J9LUGlKB54oFlY+ue
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:59 2023 by rpki-client on console-fra.rpki-client.org