Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/OJ2IBARt6tkcpRjK3wuXPDho12k.roa
File: OJ2IBARt6tkcpRjK3wuXPDho12k.roa (raw, json)
Hash identifier: BZ2pEvoOj7adKokD3dCqUyPW0x2LHjvx/+z6u2nlPB0=
Subject key identifier: 38:9D:88:04:04:6D:EA:D9:1C:A5:18:CA:DF:0B:97:3C:38:68:D7:69
Certificate issuer: /CN=e5503498ff185d0c607353f43f55e911f62a6802
Certificate serial: 0184C9135F8B59066D90B5B73F32EDD8DB3E
Authority key identifier: E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/OJ2IBARt6tkcpRjK3wuXPDho12k.roa
Signing time: Wed 30 Nov 2022 15:06:40 +0000
ROA not before: Wed 30 Nov 2022 15:06:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15943
IP address blocks: 80.245.104.0/22 maxlen: 24
84.242.16.0/20 maxlen: 24
149.249.16.0/20 maxlen: 24
185.29.240.0/22 maxlen: 24
216.83.208.0/20 maxlen: 24
45.131.16.0/22 maxlen: 24
193.178.56.0/22 maxlen: 24
185.232.32.0/22 maxlen: 24
213.195.24.0/21 maxlen: 21
45.82.192.0/22 maxlen: 22
185.220.216.0/22 maxlen: 24
94.72.168.0/21 maxlen: 24
176.109.192.0/19 maxlen: 24
95.163.160.0/20 maxlen: 24
94.72.184.0/21 maxlen: 24
81.25.160.0/20 maxlen: 24
212.146.136.0/22 maxlen: 24
149.224.0.0/16 maxlen: 24
212.146.144.0/20 maxlen: 24
94.72.128.0/21 maxlen: 24
46.22.0.0/20 maxlen: 24
45.157.100.0/22 maxlen: 22
193.218.16.0/20 maxlen: 24
212.127.32.0/19 maxlen: 24
195.123.96.0/20 maxlen: 24
188.136.224.0/19 maxlen: 24
31.29.32.0/19 maxlen: 24
84.46.0.0/17 maxlen: 24
46.59.128.0/17 maxlen: 24
149.233.128.0/17 maxlen: 24
185.82.16.0/22 maxlen: 24
213.21.32.0/20 maxlen: 24
95.129.0.0/21 maxlen: 24
185.207.4.0/22 maxlen: 22
37.122.136.0/21 maxlen: 24
192.119.48.0/20 maxlen: 24
109.230.96.0/20 maxlen: 20
192.196.192.0/20 maxlen: 24
45.159.176.0/22 maxlen: 24
185.23.224.0/22 maxlen: 24
185.215.236.0/22 maxlen: 24
95.81.0.0/19 maxlen: 24
2.57.116.0/22 maxlen: 24
149.249.248.0/22 maxlen: 24
77.223.8.0/21 maxlen: 21
195.250.0.0/20 maxlen: 24
77.223.16.0/20 maxlen: 20
213.209.64.0/18 maxlen: 24
134.101.128.0/17 maxlen: 24
31.172.104.0/21 maxlen: 24
2a04:4540::/29 maxlen: 29
2a02:2028::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c9:13:5f:8b:59:06:6d:90:b5:b7:3f:32:ed:d8:db:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5503498ff185d0c607353f43f55e911f62a6802
Validity
Not Before: Nov 30 15:06:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=389d8804046dead91ca518cadf0b973c3868d769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:8d:23:60:2d:b1:5b:61:4f:1c:8c:46:9d:0c:
a7:c5:5c:83:17:68:e9:de:ef:f9:df:f7:4c:af:ab:
89:82:77:d8:7a:9d:e6:b2:b2:d1:63:21:9f:ef:6e:
32:e9:3d:a4:89:59:78:b2:57:82:f0:17:12:86:52:
07:a8:5f:b7:0b:4e:f5:7c:e4:dc:17:50:72:75:cf:
c6:08:e6:b9:61:b9:6f:36:8f:61:d4:37:e8:9a:87:
93:64:e3:c5:5c:3e:5f:e1:4e:10:82:7d:92:61:97:
52:ad:43:21:98:4b:1b:9e:ce:8a:c1:e3:dc:af:03:
e7:8e:d5:78:63:6b:bb:14:ca:96:dd:50:a8:7e:b2:
2b:98:12:08:ff:00:52:1b:d5:84:eb:95:95:75:58:
d1:b3:21:a6:44:7c:78:c8:3b:46:e9:95:14:7f:ea:
eb:da:01:12:02:f8:a4:99:2c:84:38:fe:43:33:8b:
6b:5f:89:3f:fe:70:85:f5:91:b4:42:24:1b:4d:c9:
45:a5:5d:aa:71:7d:c0:b9:f3:d8:3d:56:5b:d3:dc:
8b:ad:2b:b7:1f:3c:37:31:a5:25:9c:41:a2:e3:de:
26:22:8c:8a:24:81:63:a2:7e:d1:f2:85:8d:b7:69:
63:a7:49:28:97:18:08:d1:84:6f:78:58:37:ef:f3:
2a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:9D:88:04:04:6D:EA:D9:1C:A5:18:CA:DF:0B:97:3C:38:68:D7:69
X509v3 Authority Key Identifier:
keyid:E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/OJ2IBARt6tkcpRjK3wuXPDho12k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/5VA0mP8YXQxgc1P0P1XpEfYqaAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.116.0/22
31.29.32.0/19
31.172.104.0/21
37.122.136.0/21
45.82.192.0/22
45.131.16.0/22
45.157.100.0/22
45.159.176.0/22
46.22.0.0/20
46.59.128.0/17
77.223.8.0-77.223.31.255
80.245.104.0/22
81.25.160.0/20
84.46.0.0/17
84.242.16.0/20
94.72.128.0/21
94.72.168.0/21
94.72.184.0/21
95.81.0.0/19
95.129.0.0/21
95.163.160.0/20
109.230.96.0/20
134.101.128.0/17
149.224.0.0/16
149.233.128.0/17
149.249.16.0/20
149.249.248.0/22
176.109.192.0/19
185.23.224.0/22
185.29.240.0/22
185.82.16.0/22
185.207.4.0/22
185.215.236.0/22
185.220.216.0/22
185.232.32.0/22
188.136.224.0/19
192.119.48.0/20
192.196.192.0/20
193.178.56.0/22
193.218.16.0/20
195.123.96.0/20
195.250.0.0/20
212.127.32.0/19
212.146.136.0/22
212.146.144.0/20
213.21.32.0/20
213.195.24.0/21
213.209.64.0/18
216.83.208.0/20
IPv6:
2a02:2028::/32
2a04:4540::/29
Signature Algorithm: sha256WithRSAEncryption
7b:1f:15:de:d4:c5:be:65:cb:c2:40:38:d0:16:59:4f:06:cd:
1f:20:ef:8b:dd:ee:8b:32:4e:4d:ba:88:94:fa:9f:02:00:07:
8b:e7:52:df:43:e0:6e:6e:08:f4:d7:c1:38:f7:2c:d7:dc:db:
d6:d2:be:79:80:6a:ba:9e:95:2d:ee:8d:2e:b7:6f:cd:05:f2:
f5:7b:14:a5:9d:2c:d1:35:58:2f:ad:48:cb:35:41:60:fa:00:
12:f9:eb:fb:d8:15:96:90:8a:ef:8d:fa:e7:16:d3:e2:4e:5e:
21:d3:32:88:e2:15:19:ac:a5:8e:48:58:88:81:3d:08:63:fd:
b1:8c:3b:6c:47:ce:87:27:65:74:43:db:fd:28:ed:4f:87:cf:
7b:54:e1:0d:bc:16:f5:10:bd:a3:1e:d0:2d:11:50:66:91:3f:
b1:d8:d5:28:29:79:ad:d8:07:54:85:0c:e9:a9:af:7f:33:c6:
17:63:b9:17:fb:8e:60:ad:55:a9:d4:d6:eb:fb:4e:d2:67:9c:
37:76:76:9e:f8:c7:17:49:81:d5:e2:15:0a:a1:6b:b0:8f:76:
a4:90:19:a7:93:d4:98:cc:ad:98:cf:3c:61:f0:21:50:3b:d0:
b4:e7:19:bb:15:33:0b:70:b5:8e:0b:96:25:c6:4e:59:d9:d4:
5f:57:a1:f3
-----BEGIN CERTIFICATE-----
MIIGRDCCBSygAwIBAgISAYTJE1+LWQZtkLW3PzLt2Ns+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NTAzNDk4ZmYxODVkMGM2MDczNTNmNDNmNTVlOTExZjYy
YTY4MDIwHhcNMjIxMTMwMTUwNjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODlkODgwNDA0NmRlYWQ5MWNhNTE4Y2FkZjBiOTczYzM4NjhkNzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjI0jYC2xW2FPHIxGnQynxVyDF2jp
3u/53/dMr6uJgnfYep3msrLRYyGf724y6T2kiVl4sleC8BcShlIHqF+3C071fOTc
F1Bydc/GCOa5YblvNo9h1DfomoeTZOPFXD5f4U4Qgn2SYZdSrUMhmEsbns6KwePc
rwPnjtV4Y2u7FMqW3VCofrIrmBII/wBSG9WE65WVdVjRsyGmRHx4yDtG6ZUUf+rr
2gESAvikmSyEOP5DM4trX4k//nCF9ZG0QiQbTclFpV2qcX3AufPYPVZb09yLrSu3
Hzw3MaUlnEGi494mIoyKJIFjon7R8oWNt2ljp0kolxgI0YRveFg37/MquQIDAQAB
o4IDUDCCA0wwHQYDVR0OBBYEFDidiAQEberZHKUYyt8Llzw4aNdpMB8GA1UdIwQY
MBaAFOVQNJj/GF0MYHNT9D9V6RH2KmgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVZBMG1QOFlYUXhnYzFQMFAxWHBFZllxYUFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85N2IwYmMtZjRmOC00ZjkwLTg1NTQt
MWUyNzlmN2I2MDIzLzEvT0oySUJBUnQ2dGtjcFJqSzN3dVhQRGhvMTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85N2IwYmMtZjRmOC00ZjkwLTg1NTQtMWUyNzlmN2I2MDIz
LzEvNVZBMG1QOFlYUXhnYzFQMFAxWHBFZllxYUFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZAYIKwYBBQUHAQcBAf8EggFTMIIBTzCCATUEAgABMIIB
LQMEAgI5dAMEBR8dIAMEAx+saAMEAyV6iAMEAi1SwAMEAi2DEAMEAi2dZAMEAi2f
sAMEBC4WAAMEBy47gDAMAwQDTd8IAwQFTd8AAwQCUPVoAwQEURmgAwQHVC4AAwQE
VPIQAwQDXkiAAwQDXkioAwQDXki4AwQFX1EAAwQDX4EAAwQEX6OgAwQEbeZgAwQH
hmWAAwMAleADBAeV6YADBASV+RADBAKV+fgDBAWwbcADBAK5F+ADBAK5HfADBAK5
UhADBAK5zwQDBAK51+wDBAK53NgDBAK56CADBAW8iOADBATAdzADBATAxMADBALB
sjgDBATB2hADBATDe2ADBATD+gADBAXUfyADBALUkogDBATUkpADBATVFSADBAPV
wxgDBAbV0UADBATYU9AwFAQCAAIwDgMFACoCICgDBQMqBEVAMA0GCSqGSIb3DQEB
CwUAA4IBAQB7HxXe1MW+ZcvCQDjQFllPBs0fIO+L3e6LMk5NuoiU+p8CAAeL51Lf
Q+Bubgj018E49yzX3NvW0r55gGq6npUt7o0ut2/NBfL1exSlnSzRNVgvrUjLNUFg
+gAS+ev72BWWkIrvjfrnFtPiTl4h0zKI4hUZrKWOSFiIgT0IY/2xjDtsR86HJ2V0
Q9v9KO1Ph897VOENvBb1EL2jHtAtEVBmkT+x2NUoKXmt2AdUhQzpqa9/M8YXY7kX
+45grVWp1Nbr+07SZ5w3dnae+McXSYHV4hUKoWuwj3akkBmnk9SYzK2Yzzxh8CFQ
O9C05xm7FTMLcLWOC5Ylxk5Z2dRfV6Hz
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:37 2023 by rpki-client on console-ams.rpki-client.org