Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/ObLTqddqeF2FYKsPLSAo8CSf-Bo.roa
File: ObLTqddqeF2FYKsPLSAo8CSf-Bo.roa (raw, json)
Hash identifier: O/J7mfxnFIdFjoMMglSF3P0bbNYbbzIZLrdWLJ3zqEg=
Subject key identifier: 39:B2:D3:A9:D7:6A:78:5D:85:60:AB:0F:2D:20:28:F0:24:9F:F8:1A
Certificate issuer: /CN=e5503498ff185d0c607353f43f55e911f62a6802
Certificate serial: 01883374FBF30BEDF2F9AC2CE457D2C122E6
Authority key identifier: E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/ObLTqddqeF2FYKsPLSAo8CSf-Bo.roa
Signing time: Fri 19 May 2023 10:01:24 +0000
ROA not before: Fri 19 May 2023 10:01:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15943
IP address blocks: 80.245.104.0/22 maxlen: 24
84.242.16.0/20 maxlen: 24
149.249.16.0/20 maxlen: 24
185.29.240.0/22 maxlen: 24
216.83.208.0/20 maxlen: 24
45.131.16.0/22 maxlen: 24
193.178.56.0/22 maxlen: 24
185.232.32.0/22 maxlen: 24
213.195.24.0/21 maxlen: 24
45.82.192.0/22 maxlen: 24
185.220.216.0/22 maxlen: 24
94.72.168.0/21 maxlen: 24
176.109.192.0/19 maxlen: 24
95.163.160.0/20 maxlen: 24
94.72.184.0/21 maxlen: 24
81.25.160.0/20 maxlen: 24
212.146.136.0/21 maxlen: 24
149.224.0.0/16 maxlen: 24
212.146.144.0/20 maxlen: 24
94.72.128.0/21 maxlen: 24
46.22.0.0/20 maxlen: 24
45.157.100.0/22 maxlen: 24
193.218.16.0/20 maxlen: 24
212.127.32.0/19 maxlen: 24
195.123.96.0/20 maxlen: 24
188.136.224.0/19 maxlen: 24
31.29.32.0/19 maxlen: 24
84.46.0.0/17 maxlen: 24
46.59.128.0/17 maxlen: 24
149.233.128.0/17 maxlen: 24
185.82.16.0/22 maxlen: 24
213.21.32.0/20 maxlen: 24
95.129.0.0/21 maxlen: 24
185.207.4.0/22 maxlen: 24
37.122.136.0/21 maxlen: 24
192.119.48.0/20 maxlen: 24
109.230.96.0/20 maxlen: 24
192.196.192.0/20 maxlen: 24
45.159.176.0/22 maxlen: 24
185.23.224.0/22 maxlen: 24
185.215.236.0/22 maxlen: 24
95.81.0.0/19 maxlen: 24
2.57.116.0/22 maxlen: 24
149.249.248.0/22 maxlen: 24
77.223.8.0/21 maxlen: 24
195.250.0.0/20 maxlen: 24
77.223.16.0/20 maxlen: 24
213.209.64.0/18 maxlen: 24
134.101.128.0/17 maxlen: 24
31.172.104.0/21 maxlen: 24
2a04:4540::/29 maxlen: 29
2a02:2028::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:33:74:fb:f3:0b:ed:f2:f9:ac:2c:e4:57:d2:c1:22:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5503498ff185d0c607353f43f55e911f62a6802
Validity
Not Before: May 19 10:01:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39b2d3a9d76a785d8560ab0f2d2028f0249ff81a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ab:9f:68:3a:b5:7e:cc:61:7a:cd:8d:5c:d0:
5c:f7:ce:68:ac:90:ec:f0:27:8f:de:98:b3:44:6f:
f9:ff:83:82:1f:c0:1b:02:70:0e:2d:22:c2:a3:1f:
47:2e:23:1a:89:1f:46:08:3d:61:12:d8:59:b2:55:
65:40:0a:c7:35:f0:db:d8:2b:e4:92:36:5e:c3:0b:
c9:ce:fe:60:0d:02:67:4f:1c:75:ab:a6:18:8f:e7:
de:87:58:88:53:76:48:0b:89:01:b1:d0:1d:01:2d:
c7:8e:ad:a6:76:5e:b4:d5:10:2a:8d:b0:52:a2:37:
19:c2:01:30:79:59:48:40:8c:ef:dc:27:c5:bf:cc:
5e:46:dc:38:00:7f:59:dd:3f:31:64:08:03:ea:21:
68:0b:e9:4d:e7:b4:38:67:a0:23:cd:0c:f3:1f:34:
d0:5e:bb:2c:5d:8c:b4:77:4e:03:2c:7b:25:de:65:
9c:55:ec:58:41:c9:96:2b:c2:df:56:30:ab:f2:de:
fa:9d:76:8e:0d:f6:8c:94:45:08:a5:ed:91:c9:8f:
e4:6a:de:6e:cd:37:b8:32:ce:28:e5:9c:05:8a:28:
c5:47:03:d2:75:a2:b2:0d:d8:ae:ea:3c:a4:03:1a:
3b:7d:52:40:b5:96:26:67:6c:d0:6b:bf:82:d7:df:
95:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:B2:D3:A9:D7:6A:78:5D:85:60:AB:0F:2D:20:28:F0:24:9F:F8:1A
X509v3 Authority Key Identifier:
keyid:E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/ObLTqddqeF2FYKsPLSAo8CSf-Bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/5VA0mP8YXQxgc1P0P1XpEfYqaAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.116.0/22
31.29.32.0/19
31.172.104.0/21
37.122.136.0/21
45.82.192.0/22
45.131.16.0/22
45.157.100.0/22
45.159.176.0/22
46.22.0.0/20
46.59.128.0/17
77.223.8.0-77.223.31.255
80.245.104.0/22
81.25.160.0/20
84.46.0.0/17
84.242.16.0/20
94.72.128.0/21
94.72.168.0/21
94.72.184.0/21
95.81.0.0/19
95.129.0.0/21
95.163.160.0/20
109.230.96.0/20
134.101.128.0/17
149.224.0.0/16
149.233.128.0/17
149.249.16.0/20
149.249.248.0/22
176.109.192.0/19
185.23.224.0/22
185.29.240.0/22
185.82.16.0/22
185.207.4.0/22
185.215.236.0/22
185.220.216.0/22
185.232.32.0/22
188.136.224.0/19
192.119.48.0/20
192.196.192.0/20
193.178.56.0/22
193.218.16.0/20
195.123.96.0/20
195.250.0.0/20
212.127.32.0/19
212.146.136.0-212.146.159.255
213.21.32.0/20
213.195.24.0/21
213.209.64.0/18
216.83.208.0/20
IPv6:
2a02:2028::/32
2a04:4540::/29
Signature Algorithm: sha256WithRSAEncryption
9a:78:6e:bb:2f:e6:49:ad:cb:74:f0:e3:5c:5d:5a:13:26:df:
33:11:c6:1d:5d:72:88:62:4d:1d:6f:4c:ac:78:aa:2c:27:07:
1a:0c:bf:ff:f4:9c:a6:0c:13:f7:20:54:2f:c3:94:f7:8b:52:
8f:0c:81:34:cf:1b:b8:3b:42:d2:f4:65:74:c0:f5:1c:95:a2:
78:6d:47:62:8e:36:e1:6c:e7:e6:43:f6:45:9a:f1:6b:58:16:
4d:6e:9a:dd:41:11:3f:9a:dd:74:4b:a2:90:da:12:9f:5f:c6:
57:42:b4:b7:58:84:1f:78:bc:a4:53:e0:e0:19:4c:43:7e:86:
3d:99:d8:16:69:38:b1:d0:87:03:48:98:ba:96:df:73:5b:b2:
61:cd:10:94:b1:95:3b:6d:8d:fc:c8:90:dd:33:1e:14:6d:6b:
cc:6d:8a:68:16:73:ae:a5:e6:e1:61:ce:2f:b0:bb:c1:19:e4:
c0:a4:06:50:30:38:7a:d6:22:9d:ff:19:7e:c3:62:82:7d:0e:
e0:b5:21:dc:71:74:cb:76:8c:b6:bf:05:27:0e:88:4d:e5:30:
65:35:78:7e:2b:f9:fd:d4:73:a9:1c:bd:02:8b:56:b4:61:2d:
4e:5a:c5:ed:90:28:53:62:b1:20:fd:4a:bb:c6:9b:ba:72:89:
3b:7c:0f:70
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgISAYgzdPvzC+3y+aws5FfSwSLmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NTAzNDk4ZmYxODVkMGM2MDczNTNmNDNmNTVlOTExZjYy
YTY4MDIwHhcNMjMwNTE5MTAwMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWIyZDNhOWQ3NmE3ODVkODU2MGFiMGYyZDIwMjhmMDI0OWZmODFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6ufaDq1fsxhes2NXNBc985orJDs
8CeP3pizRG/5/4OCH8AbAnAOLSLCox9HLiMaiR9GCD1hEthZslVlQArHNfDb2Cvk
kjZewwvJzv5gDQJnTxx1q6YYj+feh1iIU3ZIC4kBsdAdAS3Hjq2mdl601RAqjbBS
ojcZwgEweVlIQIzv3CfFv8xeRtw4AH9Z3T8xZAgD6iFoC+lN57Q4Z6AjzQzzHzTQ
XrssXYy0d04DLHsl3mWcVexYQcmWK8LfVjCr8t76nXaODfaMlEUIpe2RyY/kat5u
zTe4Ms4o5ZwFiijFRwPSdaKyDdiu6jykAxo7fVJAtZYmZ2zQa7+C19+VEwIDAQAB
o4IDUjCCA04wHQYDVR0OBBYEFDmy06nXanhdhWCrDy0gKPAkn/gaMB8GA1UdIwQY
MBaAFOVQNJj/GF0MYHNT9D9V6RH2KmgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVZBMG1QOFlYUXhnYzFQMFAxWHBFZllxYUFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85N2IwYmMtZjRmOC00ZjkwLTg1NTQt
MWUyNzlmN2I2MDIzLzEvT2JMVHFkZHFlRjJGWUtzUExTQW84Q1NmLUJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85N2IwYmMtZjRmOC00ZjkwLTg1NTQtMWUyNzlmN2I2MDIz
LzEvNVZBMG1QOFlYUXhnYzFQMFAxWHBFZllxYUFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZgYIKwYBBQUHAQcBAf8EggFVMIIBUTCCATcEAgABMIIB
LwMEAgI5dAMEBR8dIAMEAx+saAMEAyV6iAMEAi1SwAMEAi2DEAMEAi2dZAMEAi2f
sAMEBC4WAAMEBy47gDAMAwQDTd8IAwQFTd8AAwQCUPVoAwQEURmgAwQHVC4AAwQE
VPIQAwQDXkiAAwQDXkioAwQDXki4AwQFX1EAAwQDX4EAAwQEX6OgAwQEbeZgAwQH
hmWAAwMAleADBAeV6YADBASV+RADBAKV+fgDBAWwbcADBAK5F+ADBAK5HfADBAK5
UhADBAK5zwQDBAK51+wDBAK53NgDBAK56CADBAW8iOADBATAdzADBATAxMADBALB
sjgDBATB2hADBATDe2ADBATD+gADBAXUfyAwDAMEA9SSiAMEBdSSgAMEBNUVIAME
A9XDGAMEBtXRQAMEBNhT0DAUBAIAAjAOAwUAKgIgKAMFAyoERUAwDQYJKoZIhvcN
AQELBQADggEBAJp4brsv5kmty3Tw41xdWhMm3zMRxh1dcohiTR1vTKx4qiwnBxoM
v//0nKYME/cgVC/DlPeLUo8MgTTPG7g7QtL0ZXTA9RyVonhtR2KONuFs5+ZD9kWa
8WtYFk1umt1BET+a3XRLopDaEp9fxldCtLdYhB94vKRT4OAZTEN+hj2Z2BZpOLHQ
hwNImLqW33NbsmHNEJSxlTttjfzIkN0zHhRta8xtimgWc66l5uFhzi+wu8EZ5MCk
BlAwOHrWIp3/GX7DYoJ9DuC1IdxxdMt2jLa/BScOiE3lMGU1eH4r+f3Uc6kcvQKL
VrRhLU5axe2QKFNisSD9SrvGm7pyiTt8D3A=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:36:11 2025 by rpki-client