Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/7S-daQgpW4DynLc7DEfKB2Tr1u0.roa
File: 7S-daQgpW4DynLc7DEfKB2Tr1u0.roa (raw, json)
Hash identifier: AM4BV2/YTMWH3lzd+aI0ZK+8HbUUu8wxz11VAPGYVug=
Subject key identifier: ED:2F:9D:69:08:29:5B:80:F2:9C:B7:3B:0C:47:CA:07:64:EB:D6:ED
Certificate issuer: /CN=e5503498ff185d0c607353f43f55e911f62a6802
Certificate serial: 0183792AC0ABB40D9E6F035EB0867C9F76A2
Authority key identifier: E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/7S-daQgpW4DynLc7DEfKB2Tr1u0.roa
Signing time: Mon 26 Sep 2022 09:39:48 +0000
ROA not before: Mon 26 Sep 2022 09:39:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15943
IP address blocks: 149.233.128.0/17 maxlen: 24
84.242.16.0/20 maxlen: 24
185.82.16.0/22 maxlen: 24
213.21.32.0/20 maxlen: 24
95.129.0.0/21 maxlen: 24
149.249.16.0/20 maxlen: 24
185.207.4.0/22 maxlen: 22
37.122.136.0/21 maxlen: 24
185.29.240.0/22 maxlen: 24
216.83.208.0/20 maxlen: 24
192.119.48.0/20 maxlen: 24
109.230.96.0/20 maxlen: 20
192.196.192.0/20 maxlen: 24
185.232.32.0/22 maxlen: 24
213.195.24.0/21 maxlen: 21
185.220.216.0/22 maxlen: 24
94.72.168.0/21 maxlen: 24
176.109.192.0/20 maxlen: 24
176.109.192.0/19 maxlen: 19
95.163.160.0/20 maxlen: 24
94.72.184.0/21 maxlen: 24
185.23.224.0/22 maxlen: 24
185.215.236.0/22 maxlen: 24
81.25.160.0/20 maxlen: 24
149.224.0.0/16 maxlen: 24
94.72.128.0/21 maxlen: 24
46.22.0.0/20 maxlen: 24
95.81.0.0/19 maxlen: 24
77.223.8.0/21 maxlen: 21
149.249.248.0/22 maxlen: 24
77.223.16.0/20 maxlen: 20
45.157.100.0/22 maxlen: 22
193.218.16.0/20 maxlen: 24
212.127.32.0/19 maxlen: 24
213.209.64.0/18 maxlen: 24
195.123.96.0/20 maxlen: 24
134.101.128.0/17 maxlen: 24
188.136.224.0/19 maxlen: 24
31.29.32.0/19 maxlen: 24
84.46.0.0/17 maxlen: 24
46.59.128.0/17 maxlen: 24
31.172.104.0/21 maxlen: 24
2a04:4540::/29 maxlen: 29
2a02:2028::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:79:2a:c0:ab:b4:0d:9e:6f:03:5e:b0:86:7c:9f:76:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5503498ff185d0c607353f43f55e911f62a6802
Validity
Not Before: Sep 26 09:39:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ed2f9d6908295b80f29cb73b0c47ca0764ebd6ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:af:72:df:db:37:ad:18:54:19:5e:5f:e5:43:
65:6e:ec:c2:cf:6a:8b:bf:39:47:68:06:07:8c:55:
e1:ba:13:38:e2:83:2d:1a:1f:f6:dd:88:63:c9:81:
bc:8e:93:22:37:63:60:fb:a4:9d:28:63:eb:f9:44:
7a:fe:a3:b8:30:a6:ef:cd:87:c8:ad:d2:ff:2a:19:
6e:58:0a:e1:4b:b3:98:61:70:64:1c:c5:8a:18:d7:
84:ce:7e:00:41:3d:9c:f9:50:6a:da:40:1c:f5:0d:
79:1a:6e:a7:f2:d9:d3:83:e8:e4:cf:b2:8a:5b:85:
f2:5c:e1:42:be:31:84:94:ad:b4:74:56:a0:d6:81:
3d:9b:fc:61:9b:59:9b:64:10:14:9e:05:51:35:eb:
11:5b:7b:f5:8d:10:4e:17:11:6f:b3:ad:cf:62:28:
20:a9:d9:f1:88:98:b9:50:fd:b1:8c:13:6f:2e:3f:
61:4b:37:c2:2f:e6:7d:b5:7a:2f:ae:ae:90:c3:14:
9c:72:4c:45:17:f8:26:a5:5f:60:01:19:1d:6f:c6:
a0:ad:12:b6:3f:e0:33:8c:76:6a:7e:e2:92:9a:0e:
09:6f:b8:de:49:66:a0:d8:c8:da:11:d9:70:e5:f3:
a2:72:45:62:20:bf:cc:a9:37:aa:a3:ff:97:64:a4:
43:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:2F:9D:69:08:29:5B:80:F2:9C:B7:3B:0C:47:CA:07:64:EB:D6:ED
X509v3 Authority Key Identifier:
keyid:E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/7S-daQgpW4DynLc7DEfKB2Tr1u0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/5VA0mP8YXQxgc1P0P1XpEfYqaAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.29.32.0/19
31.172.104.0/21
37.122.136.0/21
45.157.100.0/22
46.22.0.0/20
46.59.128.0/17
77.223.8.0-77.223.31.255
81.25.160.0/20
84.46.0.0/17
84.242.16.0/20
94.72.128.0/21
94.72.168.0/21
94.72.184.0/21
95.81.0.0/19
95.129.0.0/21
95.163.160.0/20
109.230.96.0/20
134.101.128.0/17
149.224.0.0/16
149.233.128.0/17
149.249.16.0/20
149.249.248.0/22
176.109.192.0/19
185.23.224.0/22
185.29.240.0/22
185.82.16.0/22
185.207.4.0/22
185.215.236.0/22
185.220.216.0/22
185.232.32.0/22
188.136.224.0/19
192.119.48.0/20
192.196.192.0/20
193.218.16.0/20
195.123.96.0/20
212.127.32.0/19
213.21.32.0/20
213.195.24.0/21
213.209.64.0/18
216.83.208.0/20
IPv6:
2a02:2028::/32
2a04:4540::/29
Signature Algorithm: sha256WithRSAEncryption
93:a9:38:ed:f6:6f:90:47:52:66:db:ef:12:d3:ca:6e:e5:e7:
12:09:af:95:5c:30:54:06:8a:a0:87:09:39:aa:94:41:11:07:
54:d2:17:85:b7:34:7e:9c:09:b4:9e:98:75:84:17:97:e2:3e:
89:24:6d:55:fa:a4:90:0b:7f:66:36:f3:b8:ca:c9:d2:be:0f:
79:c1:41:0e:ba:a0:71:c2:1a:ee:3d:e6:f5:f1:d5:fd:72:82:
d5:2f:b3:f9:ff:13:25:53:3b:09:a1:f2:37:ee:1a:7c:73:ba:
0a:13:fb:f6:f2:e8:d0:b9:79:eb:36:7d:66:38:0d:d8:0e:ec:
bd:48:8a:20:b9:de:74:1c:a8:3b:49:5b:07:e8:9a:81:35:1d:
ed:70:21:1a:da:30:39:74:ea:ec:a4:00:bd:fc:07:e8:42:c9:
fb:14:e9:07:91:06:09:62:5c:64:f4:2a:66:77:5a:3b:83:34:
99:93:28:61:cc:4f:59:46:75:21:39:dc:e7:58:84:c4:45:4c:
48:29:c8:b5:66:66:32:bd:ab:dc:51:f7:36:1d:c1:90:69:a4:
3c:da:c0:ba:2b:e7:a5:94:c2:e7:ff:c4:a6:db:10:f0:41:a8:
d1:48:b7:cb:ce:99:37:f4:d1:ca:01:a8:b1:02:7d:a2:dd:c5:
20:1b:a4:e6
-----BEGIN CERTIFICATE-----
MIIGDDCCBPSgAwIBAgISAYN5KsCrtA2ebwNesIZ8n3aiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NTAzNDk4ZmYxODVkMGM2MDczNTNmNDNmNTVlOTExZjYy
YTY4MDIwHhcNMjIwOTI2MDkzOTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDJmOWQ2OTA4Mjk1YjgwZjI5Y2I3M2IwYzQ3Y2EwNzY0ZWJkNmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt69y39s3rRhUGV5f5UNlbuzCz2qL
vzlHaAYHjFXhuhM44oMtGh/23YhjyYG8jpMiN2Ng+6SdKGPr+UR6/qO4MKbvzYfI
rdL/KhluWArhS7OYYXBkHMWKGNeEzn4AQT2c+VBq2kAc9Q15Gm6n8tnTg+jkz7KK
W4XyXOFCvjGElK20dFag1oE9m/xhm1mbZBAUngVRNesRW3v1jRBOFxFvs63PYigg
qdnxiJi5UP2xjBNvLj9hSzfCL+Z9tXovrq6QwxScckxFF/gmpV9gARkdb8agrRK2
P+AzjHZqfuKSmg4Jb7jeSWag2MjaEdlw5fOickViIL/MqTeqo/+XZKRDCQIDAQAB
o4IDGDCCAxQwHQYDVR0OBBYEFO0vnWkIKVuA8py3OwxHygdk69btMB8GA1UdIwQY
MBaAFOVQNJj/GF0MYHNT9D9V6RH2KmgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVZBMG1QOFlYUXhnYzFQMFAxWHBFZllxYUFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85N2IwYmMtZjRmOC00ZjkwLTg1NTQt
MWUyNzlmN2I2MDIzLzEvN1MtZGFRZ3BXNER5bkxjN0RFZktCMlRyMXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85N2IwYmMtZjRmOC00ZjkwLTg1NTQtMWUyNzlmN2I2MDIz
LzEvNVZBMG1QOFlYUXhnYzFQMFAxWHBFZllxYUFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLAYIKwYBBQUHAQcBAf8EggEbMIIBFzCB/gQCAAEwgfcD
BAUfHSADBAMfrGgDBAMleogDBAItnWQDBAQuFgADBAcuO4AwDAMEA03fCAMEBU3f
AAMEBFEZoAMEB1QuAAMEBFTyEAMEA15IgAMEA15IqAMEA15IuAMEBV9RAAMEA1+B
AAMEBF+joAMEBG3mYAMEB4ZlgAMDAJXgAwQHlemAAwQElfkQAwQClfn4AwQFsG3A
AwQCuRfgAwQCuR3wAwQCuVIQAwQCuc8EAwQCudfsAwQCudzYAwQCueggAwQFvIjg
AwQEwHcwAwQEwMTAAwQEwdoQAwQEw3tgAwQF1H8gAwQE1RUgAwQD1cMYAwQG1dFA
AwQE2FPQMBQEAgACMA4DBQAqAiAoAwUDKgRFQDANBgkqhkiG9w0BAQsFAAOCAQEA
k6k47fZvkEdSZtvvEtPKbuXnEgmvlVwwVAaKoIcJOaqUQREHVNIXhbc0fpwJtJ6Y
dYQXl+I+iSRtVfqkkAt/ZjbzuMrJ0r4PecFBDrqgccIa7j3m9fHV/XKC1S+z+f8T
JVM7CaHyN+4afHO6ChP79vLo0Ll56zZ9ZjgN2A7svUiKILnedByoO0lbB+iagTUd
7XAhGtowOXTq7KQAvfwH6ELJ+xTpB5EGCWJcZPQqZndaO4M0mZMoYcxPWUZ1ITnc
51iExEVMSCnItWZmMr2r3FH3Nh3BkGmkPNrAuivnpZTC5//EptsQ8EGo0Ui3y86Z
N/TRygGosQJ9ot3FIBuk5g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:37 2023 by rpki-client on console-ams.rpki-client.org