Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/TaLU8n422uAy7pSACGoQ2NPPVkM.roa
File: TaLU8n422uAy7pSACGoQ2NPPVkM.roa (raw, json)
Hash identifier: cPirJy0A0qBIt2iAchVgpTVReT31APapuYo3ouUfuiA=
Subject key identifier: 4D:A2:D4:F2:7E:36:DA:E0:32:EE:94:80:08:6A:10:D8:D3:CF:56:43
Certificate issuer: /CN=e5503498ff185d0c607353f43f55e911f62a6802
Certificate serial: 366D8792
Authority key identifier: E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/TaLU8n422uAy7pSACGoQ2NPPVkM.roa
Signing time: Thu 16 Jun 2022 08:27:44 +0000
ROA not before: Thu 16 Jun 2022 08:27:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15943
IP address blocks: 149.233.128.0/17 maxlen: 24
84.242.16.0/20 maxlen: 24
185.82.16.0/22 maxlen: 24
213.21.32.0/20 maxlen: 24
95.129.0.0/21 maxlen: 24
149.249.16.0/20 maxlen: 24
37.122.136.0/21 maxlen: 24
185.29.240.0/22 maxlen: 24
216.83.208.0/20 maxlen: 24
192.119.48.0/20 maxlen: 24
192.196.192.0/20 maxlen: 24
185.232.32.0/22 maxlen: 24
185.220.216.0/22 maxlen: 24
94.72.168.0/21 maxlen: 24
176.109.192.0/20 maxlen: 24
95.163.160.0/20 maxlen: 24
94.72.184.0/21 maxlen: 24
185.23.224.0/22 maxlen: 24
185.215.236.0/22 maxlen: 24
81.25.160.0/20 maxlen: 24
149.224.0.0/16 maxlen: 24
94.72.128.0/21 maxlen: 24
46.22.0.0/20 maxlen: 24
95.81.0.0/19 maxlen: 24
149.249.248.0/22 maxlen: 24
193.218.16.0/20 maxlen: 24
212.127.32.0/19 maxlen: 24
213.209.64.0/18 maxlen: 24
195.123.96.0/20 maxlen: 24
134.101.128.0/17 maxlen: 24
188.136.224.0/19 maxlen: 24
31.29.32.0/19 maxlen: 24
84.46.0.0/17 maxlen: 24
46.59.128.0/17 maxlen: 24
31.172.104.0/21 maxlen: 24
2a04:4540::/29 maxlen: 29
2a02:2028::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 913147794 (0x366d8792)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5503498ff185d0c607353f43f55e911f62a6802
Validity
Not Before: Jun 16 08:27:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4da2d4f27e36dae032ee9480086a10d8d3cf5643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:24:0b:f7:28:aa:44:23:e3:88:f2:bf:6e:fc:
86:cf:76:42:ed:cd:c3:19:aa:75:ee:36:43:23:c9:
65:50:52:a9:b1:2d:47:23:7b:7b:79:49:bc:ca:75:
7d:6e:94:f0:17:11:e3:89:3b:2c:65:83:9f:8d:c3:
1c:62:bd:4e:db:d0:0e:d3:a4:cf:2a:bf:d2:83:f0:
70:36:8c:e4:1c:b3:8b:37:55:3a:ff:81:d6:85:de:
8b:0f:22:f1:e7:05:cc:56:bc:89:a2:1d:d1:20:ef:
d7:d2:a5:ec:62:90:a2:6c:81:d8:e0:fa:fd:ab:42:
aa:6b:c7:86:f8:1e:99:4a:c3:76:33:e7:e5:0c:28:
a7:55:19:97:d0:56:3a:37:d4:a0:e3:a5:60:81:fb:
bc:28:98:da:cc:9e:59:a0:d5:d5:52:55:4d:fc:8b:
bf:9c:8f:7a:f7:4b:c9:47:04:7e:e8:c5:00:c7:4c:
58:70:86:44:f2:ad:49:51:6b:e0:5f:98:82:f3:91:
93:c7:49:28:59:28:85:db:50:12:70:09:19:9b:5c:
14:0e:93:e0:47:a7:82:66:2f:43:a1:d1:85:68:c5:
7f:ff:67:f9:01:10:ea:a6:ce:fe:83:1a:4a:c4:35:
48:f7:77:cd:bf:53:89:dc:26:ba:0b:db:80:64:e9:
4c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:A2:D4:F2:7E:36:DA:E0:32:EE:94:80:08:6A:10:D8:D3:CF:56:43
X509v3 Authority Key Identifier:
keyid:E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/TaLU8n422uAy7pSACGoQ2NPPVkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/5VA0mP8YXQxgc1P0P1XpEfYqaAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.29.32.0/19
31.172.104.0/21
37.122.136.0/21
46.22.0.0/20
46.59.128.0/17
81.25.160.0/20
84.46.0.0/17
84.242.16.0/20
94.72.128.0/21
94.72.168.0/21
94.72.184.0/21
95.81.0.0/19
95.129.0.0/21
95.163.160.0/20
134.101.128.0/17
149.224.0.0/16
149.233.128.0/17
149.249.16.0/20
149.249.248.0/22
176.109.192.0/20
185.23.224.0/22
185.29.240.0/22
185.82.16.0/22
185.215.236.0/22
185.220.216.0/22
185.232.32.0/22
188.136.224.0/19
192.119.48.0/20
192.196.192.0/20
193.218.16.0/20
195.123.96.0/20
212.127.32.0/19
213.21.32.0/20
213.209.64.0/18
216.83.208.0/20
IPv6:
2a02:2028::/32
2a04:4540::/29
Signature Algorithm: sha256WithRSAEncryption
3d:8a:df:32:1e:fc:cc:02:da:27:ce:6e:74:ca:a6:26:ea:4d:
b9:47:3f:24:a0:98:40:c1:84:52:2a:d7:15:a4:f2:ae:e8:c9:
ae:63:ec:24:37:8d:25:d5:48:53:89:e8:37:d9:f4:37:63:0c:
e4:2e:95:56:27:00:65:a2:81:6c:6d:91:72:7f:b5:3c:24:61:
c2:17:7a:11:c9:ed:cd:a5:ab:6c:80:a9:10:78:33:1f:6e:c8:
86:5a:79:42:eb:ad:96:f6:5e:f6:3a:35:8a:51:3a:9c:e8:de:
d8:98:a3:5b:8d:45:b1:c5:e9:60:56:6c:92:e7:d2:3a:22:e5:
47:4b:31:eb:70:8c:06:dd:62:0e:f3:53:92:45:3e:0f:1d:9a:
e4:57:09:33:d2:38:b6:43:76:e6:43:14:71:88:cd:51:91:2b:
13:db:ce:77:ce:c3:7e:37:fc:2d:21:47:11:e8:16:a0:6d:c1:
d0:6b:37:2a:de:b0:8f:e8:66:7e:f2:8c:46:98:d6:07:41:b3:
ef:52:1b:a0:26:9f:a0:57:65:32:e5:69:7f:42:bd:62:ec:b8:
a7:d0:25:33:0a:3b:77:08:ce:a2:35:07:a7:6c:7d:6d:04:9a:
f4:49:93:c2:42:eb:15:b2:b9:6a:59:ca:56:e4:d5:41:70:97:
09:7e:8a:04
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgIENm2HkjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NTUwMzQ5OGZmMTg1ZDBjNjA3MzUzZjQzZjU1ZTkxMWY2MmE2ODAyMB4XDTIyMDYx
NjA4Mjc0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGRhMmQ0ZjI3ZTM2
ZGFlMDMyZWU5NDgwMDg2YTEwZDhkM2NmNTY0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8kC/coqkQj44jyv278hs92Qu3Nwxmqde42QyPJZVBSqbEt
RyN7e3lJvMp1fW6U8BcR44k7LGWDn43DHGK9TtvQDtOkzyq/0oPwcDaM5ByzizdV
Ov+B1oXeiw8i8ecFzFa8iaId0SDv19Kl7GKQomyB2OD6/atCqmvHhvgemUrDdjPn
5Qwop1UZl9BWOjfUoOOlYIH7vCiY2syeWaDV1VJVTfyLv5yPevdLyUcEfujFAMdM
WHCGRPKtSVFr4F+YgvORk8dJKFkohdtQEnAJGZtcFA6T4EengmYvQ6HRhWjFf/9n
+QEQ6qbO/oMaSsQ1SPd3zb9TidwmugvbgGTpTNMCAwEAAaOCAvAwggLsMB0GA1Ud
DgQWBBRNotTyfjba4DLulIAIahDY089WQzAfBgNVHSMEGDAWgBTlUDSY/xhdDGBz
U/Q/VekR9ipoAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVWQTBtUDhZWFF4Z2MxUDBQMVhwRWZZcWFBSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvOTdiMGJjLWY0ZjgtNGY5MC04NTU0LTFlMjc5ZjdiNjAyMy8x
L1RhTFU4bjQyMnVBeTdwU0FDR29RMk5QUFZrTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
OTdiMGJjLWY0ZjgtNGY5MC04NTU0LTFlMjc5ZjdiNjAyMy8xLzVWQTBtUDhZWFF4
Z2MxUDBQMVhwRWZZcWFBSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AQQGCCsGAQUFBwEHAQH/BIH0MIHxMIHYBAIAATCB0QMEBR8dIAMEAx+saAMEAyV6
iAMEBC4WAAMEBy47gAMEBFEZoAMEB1QuAAMEBFTyEAMEA15IgAMEA15IqAMEA15I
uAMEBV9RAAMEA1+BAAMEBF+joAMEB4ZlgAMDAJXgAwQHlemAAwQElfkQAwQClfn4
AwQEsG3AAwQCuRfgAwQCuR3wAwQCuVIQAwQCudfsAwQCudzYAwQCueggAwQFvIjg
AwQEwHcwAwQEwMTAAwQEwdoQAwQEw3tgAwQF1H8gAwQE1RUgAwQG1dFAAwQE2FPQ
MBQEAgACMA4DBQAqAiAoAwUDKgRFQDANBgkqhkiG9w0BAQsFAAOCAQEAPYrfMh78
zALaJ85udMqmJupNuUc/JKCYQMGEUirXFaTyrujJrmPsJDeNJdVIU4noN9n0N2MM
5C6VVicAZaKBbG2Rcn+1PCRhwhd6EcntzaWrbICpEHgzH27Ihlp5QuutlvZe9jo1
ilE6nOje2JijW41FscXpYFZskufSOiLlR0sx63CMBt1iDvNTkkU+Dx2a5FcJM9I4
tkN25kMUcYjNUZErE9vOd87Dfjf8LSFHEegWoG3B0Gs3Kt6wj+hmfvKMRpjWB0Gz
71IboCafoFdlMuVpf0K9Yuy4p9AlMwo7dwjOojUHp2x9bQSa9EmTwkLrFbK5alnK
VuTVQXCXCX6KBA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:37 2023 by rpki-client on console-ams.rpki-client.org