Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/A09-PrA_AkLqSd90f6_9immW1VY.roa
File: A09-PrA_AkLqSd90f6_9immW1VY.roa (raw, json)
Hash identifier: E1COlBiPjUZR0TT+G8CCpHCxrDQm2dasVWEngsQm/y0=
Subject key identifier: 03:4F:7E:3E:B0:3F:02:42:EA:49:DF:74:7F:AF:FD:8A:69:96:D5:56
Certificate issuer: /CN=e5503498ff185d0c607353f43f55e911f62a6802
Certificate serial: 018388299010F80BA75DAA8B8A4117691C5A
Authority key identifier: E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/A09-PrA_AkLqSd90f6_9immW1VY.roa
Signing time: Thu 29 Sep 2022 07:32:48 +0000
ROA not before: Thu 29 Sep 2022 07:32:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15943
IP address blocks: 80.245.104.0/22 maxlen: 24
84.242.16.0/20 maxlen: 24
149.249.16.0/20 maxlen: 24
185.29.240.0/22 maxlen: 24
216.83.208.0/20 maxlen: 24
193.178.56.0/22 maxlen: 24
185.232.32.0/22 maxlen: 24
213.195.24.0/21 maxlen: 21
45.82.192.0/22 maxlen: 22
185.220.216.0/22 maxlen: 24
94.72.168.0/21 maxlen: 24
176.109.192.0/19 maxlen: 24
95.163.160.0/20 maxlen: 24
94.72.184.0/21 maxlen: 24
81.25.160.0/20 maxlen: 24
212.146.136.0/22 maxlen: 24
149.224.0.0/16 maxlen: 24
212.146.144.0/20 maxlen: 24
94.72.128.0/21 maxlen: 24
46.22.0.0/20 maxlen: 24
45.157.100.0/22 maxlen: 22
193.218.16.0/20 maxlen: 24
212.127.32.0/19 maxlen: 24
195.123.96.0/20 maxlen: 24
188.136.224.0/19 maxlen: 24
31.29.32.0/19 maxlen: 24
84.46.0.0/17 maxlen: 24
46.59.128.0/17 maxlen: 24
149.233.128.0/17 maxlen: 24
185.82.16.0/22 maxlen: 24
213.21.32.0/20 maxlen: 24
95.129.0.0/21 maxlen: 24
185.207.4.0/22 maxlen: 22
37.122.136.0/21 maxlen: 24
192.119.48.0/20 maxlen: 24
109.230.96.0/20 maxlen: 20
192.196.192.0/20 maxlen: 24
45.159.176.0/22 maxlen: 24
185.23.224.0/22 maxlen: 24
185.215.236.0/22 maxlen: 24
95.81.0.0/19 maxlen: 24
2.57.116.0/22 maxlen: 24
149.249.248.0/22 maxlen: 24
77.223.8.0/21 maxlen: 21
77.223.16.0/20 maxlen: 20
213.209.64.0/18 maxlen: 24
134.101.128.0/17 maxlen: 24
31.172.104.0/21 maxlen: 24
2a04:4540::/29 maxlen: 29
2a02:2028::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:88:29:90:10:f8:0b:a7:5d:aa:8b:8a:41:17:69:1c:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5503498ff185d0c607353f43f55e911f62a6802
Validity
Not Before: Sep 29 07:32:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=034f7e3eb03f0242ea49df747faffd8a6996d556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:a9:b4:75:4c:8b:84:a9:e2:3d:6c:b3:82:8d:
f4:f8:c1:e9:5e:96:96:a3:7b:83:21:a4:e6:72:ee:
5c:9e:d2:d8:61:08:ce:b8:98:46:c1:cd:65:9f:96:
59:79:2f:f2:3c:d4:54:af:ca:d2:4e:f7:b8:d3:5f:
fd:4e:92:9c:2d:b3:7b:14:9e:b2:e9:fa:ac:4e:6c:
75:56:10:64:67:77:c5:ff:3c:89:2a:f3:ba:63:c5:
1a:4a:b6:8f:62:4c:d2:31:c2:f0:03:e1:27:56:9b:
64:fd:24:69:3b:95:ff:dc:75:d0:d8:c7:d8:34:31:
8b:12:b1:51:00:da:fb:cc:b8:68:c1:31:a0:17:69:
83:8e:a7:8e:5e:13:07:48:2f:51:4c:8d:1f:be:9d:
02:67:78:b4:09:34:99:05:c8:9c:68:c7:30:04:4e:
d9:13:10:34:05:2a:ba:86:18:f0:59:e3:69:47:23:
5e:7c:04:1f:76:13:69:b0:29:43:a7:ec:f8:b9:c5:
93:70:dd:ec:13:c8:99:99:9b:f5:3b:52:59:0a:e3:
2a:f3:ad:96:24:47:4c:45:45:3d:57:df:1c:fe:5a:
30:69:bc:60:bf:a1:f7:95:d2:a0:df:bb:dc:1a:37:
75:e5:9d:74:a5:97:be:d6:be:f5:16:61:32:44:61:
5e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:4F:7E:3E:B0:3F:02:42:EA:49:DF:74:7F:AF:FD:8A:69:96:D5:56
X509v3 Authority Key Identifier:
keyid:E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/A09-PrA_AkLqSd90f6_9immW1VY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/5VA0mP8YXQxgc1P0P1XpEfYqaAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.116.0/22
31.29.32.0/19
31.172.104.0/21
37.122.136.0/21
45.82.192.0/22
45.157.100.0/22
45.159.176.0/22
46.22.0.0/20
46.59.128.0/17
77.223.8.0-77.223.31.255
80.245.104.0/22
81.25.160.0/20
84.46.0.0/17
84.242.16.0/20
94.72.128.0/21
94.72.168.0/21
94.72.184.0/21
95.81.0.0/19
95.129.0.0/21
95.163.160.0/20
109.230.96.0/20
134.101.128.0/17
149.224.0.0/16
149.233.128.0/17
149.249.16.0/20
149.249.248.0/22
176.109.192.0/19
185.23.224.0/22
185.29.240.0/22
185.82.16.0/22
185.207.4.0/22
185.215.236.0/22
185.220.216.0/22
185.232.32.0/22
188.136.224.0/19
192.119.48.0/20
192.196.192.0/20
193.178.56.0/22
193.218.16.0/20
195.123.96.0/20
212.127.32.0/19
212.146.136.0/22
212.146.144.0/20
213.21.32.0/20
213.195.24.0/21
213.209.64.0/18
216.83.208.0/20
IPv6:
2a02:2028::/32
2a04:4540::/29
Signature Algorithm: sha256WithRSAEncryption
55:7c:3c:e6:0f:9a:6b:df:32:5a:86:b4:15:fc:e7:43:b6:1c:
d2:dd:17:d7:cf:5a:e9:e6:87:fc:ce:d6:a8:7f:9b:79:a8:de:
a0:1b:72:ca:96:4f:a6:62:53:93:6d:75:90:c0:ec:46:b2:96:
8a:6e:bf:27:e7:6f:f1:5b:ef:5c:79:f2:6a:b3:85:6f:e7:39:
ce:96:17:c0:69:b2:b8:d6:0b:9f:6a:c5:d0:9b:25:b2:3a:6c:
c7:69:b9:7d:5c:e8:16:3c:60:ea:13:a4:0b:b9:7b:2f:34:7c:
cd:f0:2a:9c:30:b6:ec:f9:4e:d1:70:ef:7c:79:f3:60:30:99:
15:da:19:b3:2f:9f:5a:5b:2d:c5:a7:a5:e1:e2:e8:81:a6:e2:
e9:8b:e7:cc:ef:85:7a:ce:e8:e0:23:c4:50:42:7d:49:d4:0d:
c8:69:12:d0:b7:69:5e:d9:5e:5a:a1:b0:af:32:58:e9:de:f8:
15:4a:5e:bf:78:a7:2f:76:cc:b4:a0:e1:1e:54:fb:08:45:fd:
c0:07:ae:06:6a:36:ce:13:47:67:92:58:f3:ff:85:33:ec:57:
3e:a2:c2:44:a3:8c:e9:58:4e:77:f5:e4:33:31:43:1f:bb:a3:
fb:97:9d:10:fb:6b:bc:05:5e:2d:20:c6:c4:61:f6:49:44:22:
f1:91:d5:b9
-----BEGIN CERTIFICATE-----
MIIGODCCBSCgAwIBAgISAYOIKZAQ+AunXaqLikEXaRxaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NTAzNDk4ZmYxODVkMGM2MDczNTNmNDNmNTVlOTExZjYy
YTY4MDIwHhcNMjIwOTI5MDczMjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzRmN2UzZWIwM2YwMjQyZWE0OWRmNzQ3ZmFmZmQ4YTY5OTZkNTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKm0dUyLhKniPWyzgo30+MHpXpaW
o3uDIaTmcu5cntLYYQjOuJhGwc1ln5ZZeS/yPNRUr8rSTve401/9TpKcLbN7FJ6y
6fqsTmx1VhBkZ3fF/zyJKvO6Y8UaSraPYkzSMcLwA+EnVptk/SRpO5X/3HXQ2MfY
NDGLErFRANr7zLhowTGgF2mDjqeOXhMHSC9RTI0fvp0CZ3i0CTSZBcicaMcwBE7Z
ExA0BSq6hhjwWeNpRyNefAQfdhNpsClDp+z4ucWTcN3sE8iZmZv1O1JZCuMq862W
JEdMRUU9V98c/lowabxgv6H3ldKg37vcGjd15Z10pZe+1r71FmEyRGFeiwIDAQAB
o4IDRDCCA0AwHQYDVR0OBBYEFANPfj6wPwJC6knfdH+v/YppltVWMB8GA1UdIwQY
MBaAFOVQNJj/GF0MYHNT9D9V6RH2KmgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVZBMG1QOFlYUXhnYzFQMFAxWHBFZllxYUFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85N2IwYmMtZjRmOC00ZjkwLTg1NTQt
MWUyNzlmN2I2MDIzLzEvQTA5LVByQV9Ba0xxU2Q5MGY2XzlpbW1XMVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85N2IwYmMtZjRmOC00ZjkwLTg1NTQtMWUyNzlmN2I2MDIz
LzEvNVZBMG1QOFlYUXhnYzFQMFAxWHBFZllxYUFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBWAYIKwYBBQUHAQcBAf8EggFHMIIBQzCCASkEAgABMIIB
IQMEAgI5dAMEBR8dIAMEAx+saAMEAyV6iAMEAi1SwAMEAi2dZAMEAi2fsAMEBC4W
AAMEBy47gDAMAwQDTd8IAwQFTd8AAwQCUPVoAwQEURmgAwQHVC4AAwQEVPIQAwQD
XkiAAwQDXkioAwQDXki4AwQFX1EAAwQDX4EAAwQEX6OgAwQEbeZgAwQHhmWAAwMA
leADBAeV6YADBASV+RADBAKV+fgDBAWwbcADBAK5F+ADBAK5HfADBAK5UhADBAK5
zwQDBAK51+wDBAK53NgDBAK56CADBAW8iOADBATAdzADBATAxMADBALBsjgDBATB
2hADBATDe2ADBAXUfyADBALUkogDBATUkpADBATVFSADBAPVwxgDBAbV0UADBATY
U9AwFAQCAAIwDgMFACoCICgDBQMqBEVAMA0GCSqGSIb3DQEBCwUAA4IBAQBVfDzm
D5pr3zJahrQV/OdDthzS3RfXz1rp5of8ztaof5t5qN6gG3LKlk+mYlOTbXWQwOxG
spaKbr8n52/xW+9cefJqs4Vv5znOlhfAabK41gufasXQmyWyOmzHabl9XOgWPGDq
E6QLuXsvNHzN8CqcMLbs+U7RcO98efNgMJkV2hmzL59aWy3Fp6Xh4uiBpuLpi+fM
74V6zujgI8RQQn1J1A3IaRLQt2le2V5aobCvMljp3vgVSl6/eKcvdsy0oOEeVPsI
Rf3AB64GajbOE0dnkljz/4Uz7Fc+osJEo4zpWE539eQzMUMfu6P7l50Q+2u8BV4t
IMbEYfZJRCLxkdW5
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:37 2023 by rpki-client on console-ams.rpki-client.org