Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/byLbqK7UAzIsMWydWNKxoeqL0sg.roa
File: byLbqK7UAzIsMWydWNKxoeqL0sg.roa (raw, json)
Hash identifier: pGzvOBvhRmCw4g9j1IBDB2EIHaIarRKRAwE+HRiMKUw=
Subject key identifier: 6F:22:DB:A8:AE:D4:03:32:2C:31:6C:9D:58:D2:B1:A1:EA:8B:D2:C8
Certificate issuer: /CN=e5503498ff185d0c607353f43f55e911f62a6802
Certificate serial: 3635B286
Authority key identifier: E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/byLbqK7UAzIsMWydWNKxoeqL0sg.roa
Signing time: Wed 25 May 2022 05:20:13 +0000
ROA not before: Wed 25 May 2022 05:20:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15943
IP address blocks: 149.233.128.0/17 maxlen: 24
84.242.16.0/20 maxlen: 24
185.82.16.0/22 maxlen: 24
213.21.32.0/20 maxlen: 24
149.249.16.0/20 maxlen: 24
185.29.240.0/22 maxlen: 24
216.83.208.0/20 maxlen: 24
192.119.48.0/20 maxlen: 24
192.196.192.0/20 maxlen: 24
185.232.32.0/22 maxlen: 24
185.220.216.0/22 maxlen: 24
94.72.168.0/21 maxlen: 21
176.109.192.0/20 maxlen: 20
95.163.160.0/20 maxlen: 24
185.23.224.0/22 maxlen: 24
185.215.236.0/22 maxlen: 24
81.25.160.0/20 maxlen: 24
149.224.0.0/16 maxlen: 24
94.72.128.0/21 maxlen: 21
46.22.0.0/20 maxlen: 24
95.81.0.0/19 maxlen: 24
149.249.248.0/22 maxlen: 24
193.218.16.0/20 maxlen: 24
212.127.32.0/19 maxlen: 19
213.209.64.0/18 maxlen: 24
195.123.96.0/20 maxlen: 24
134.101.128.0/17 maxlen: 24
188.136.224.0/19 maxlen: 24
31.29.32.0/19 maxlen: 24
84.46.0.0/17 maxlen: 24
46.59.128.0/17 maxlen: 24
31.172.104.0/21 maxlen: 24
2a04:4540::/29 maxlen: 29
2a02:2028::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 909488774 (0x3635b286)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5503498ff185d0c607353f43f55e911f62a6802
Validity
Not Before: May 25 05:20:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f22dba8aed403322c316c9d58d2b1a1ea8bd2c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ff:df:99:25:e9:f8:d5:da:5a:33:66:0e:71:
ba:bf:4b:7a:77:7a:de:f1:c2:d7:85:f5:17:3c:cd:
eb:a0:a6:1a:84:27:a0:86:33:06:c4:eb:96:6d:f6:
e3:38:cb:84:e6:a2:6c:7d:d2:25:8d:45:11:fe:77:
8f:ee:de:b9:e0:db:d5:89:a9:d1:c8:1e:a2:7e:6a:
bd:d9:db:8f:a9:dc:25:8f:44:4f:c0:85:aa:52:08:
f6:0a:73:52:7c:53:d1:f5:f2:25:a2:b3:b3:78:d5:
1b:77:df:2c:d8:26:14:cc:b8:a6:5a:97:9f:5e:cf:
21:b0:f8:af:7f:2f:9c:39:17:c8:92:56:8a:97:95:
dc:e8:94:28:78:80:a0:9c:d7:ce:64:2b:18:0b:21:
b5:e9:7a:c7:b5:8a:e6:3f:ff:62:a6:d5:50:c3:32:
7d:19:cc:44:e2:17:34:f3:75:8d:e5:60:cd:f9:c5:
a2:5c:cf:c0:9a:ec:43:95:d7:41:36:a0:44:61:04:
ef:51:64:62:9b:3a:af:e2:20:68:2d:f9:a8:32:ba:
ef:a4:b9:a2:af:97:74:51:4e:c6:31:b2:d6:b7:26:
ed:66:f2:85:8a:d6:c5:7a:a7:4b:1b:8b:75:a3:c9:
de:a8:e3:3c:22:02:51:91:d7:3e:1a:7e:51:de:46:
ec:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:22:DB:A8:AE:D4:03:32:2C:31:6C:9D:58:D2:B1:A1:EA:8B:D2:C8
X509v3 Authority Key Identifier:
keyid:E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/byLbqK7UAzIsMWydWNKxoeqL0sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/5VA0mP8YXQxgc1P0P1XpEfYqaAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.29.32.0/19
31.172.104.0/21
46.22.0.0/20
46.59.128.0/17
81.25.160.0/20
84.46.0.0/17
84.242.16.0/20
94.72.128.0/21
94.72.168.0/21
95.81.0.0/19
95.163.160.0/20
134.101.128.0/17
149.224.0.0/16
149.233.128.0/17
149.249.16.0/20
149.249.248.0/22
176.109.192.0/20
185.23.224.0/22
185.29.240.0/22
185.82.16.0/22
185.215.236.0/22
185.220.216.0/22
185.232.32.0/22
188.136.224.0/19
192.119.48.0/20
192.196.192.0/20
193.218.16.0/20
195.123.96.0/20
212.127.32.0/19
213.21.32.0/20
213.209.64.0/18
216.83.208.0/20
IPv6:
2a02:2028::/32
2a04:4540::/29
Signature Algorithm: sha256WithRSAEncryption
08:27:38:b5:81:f2:1a:7e:d5:bd:06:b8:64:8c:4b:d2:66:fe:
84:95:00:57:ae:fe:a1:7b:59:96:10:56:e0:fb:8a:e0:89:9b:
07:8d:b6:03:67:eb:58:99:bf:9f:fe:48:94:4f:e3:11:20:96:
b3:8e:12:19:7f:f0:63:09:96:c7:f7:52:6e:7e:fb:25:38:58:
b1:14:8c:4d:28:c6:98:6a:03:7b:45:68:4d:98:51:86:4b:12:
08:54:c6:b3:5c:1f:00:e8:38:5a:1c:2a:8b:1c:51:a1:0d:d7:
e3:68:25:a2:ce:9b:4d:39:5f:03:df:45:af:2f:2c:13:e9:b6:
0c:84:9b:38:15:79:70:2b:16:37:0d:9b:10:4c:67:6e:3b:43:
d0:3c:ed:ad:32:32:85:b8:09:68:90:a5:3f:0a:c5:92:82:1b:
73:ab:f8:52:e7:ab:5f:1f:09:07:99:a3:68:91:5d:b6:7d:fa:
df:80:51:fd:b2:3a:40:6a:d2:74:d5:4f:23:44:73:19:4c:47:
53:3e:33:71:0c:79:d9:58:f4:c2:fc:eb:03:44:b0:74:7c:da:
ec:8d:f5:d1:6f:43:a7:8a:a2:b6:e2:ff:51:81:3a:99:1c:ba:
d8:4c:6a:ce:b1:45:b2:4d:25:a5:6b:5e:9f:78:64:74:0d:fe:
e4:e8:ad:c1
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgIENjWyhjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NTUwMzQ5OGZmMTg1ZDBjNjA3MzUzZjQzZjU1ZTkxMWY2MmE2ODAyMB4XDTIyMDUy
NTA1MjAxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmYyMmRiYThhZWQ0
MDMzMjJjMzE2YzlkNThkMmIxYTFlYThiZDJjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAND/35kl6fjV2lozZg5xur9Lend63vHC14X1FzzN66CmGoQn
oIYzBsTrlm324zjLhOaibH3SJY1FEf53j+7eueDb1Ymp0cgeon5qvdnbj6ncJY9E
T8CFqlII9gpzUnxT0fXyJaKzs3jVG3ffLNgmFMy4plqXn17PIbD4r38vnDkXyJJW
ipeV3OiUKHiAoJzXzmQrGAshtel6x7WK5j//YqbVUMMyfRnMROIXNPN1jeVgzfnF
olzPwJrsQ5XXQTagRGEE71FkYps6r+IgaC35qDK676S5oq+XdFFOxjGy1rcm7Wby
hYrWxXqnSxuLdaPJ3qjjPCICUZHXPhp+Ud5G7CMCAwEAAaOCAt0wggLZMB0GA1Ud
DgQWBBRvItuortQDMiwxbJ1Y0rGh6ovSyDAfBgNVHSMEGDAWgBTlUDSY/xhdDGBz
U/Q/VekR9ipoAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVWQTBtUDhZWFF4Z2MxUDBQMVhwRWZZcWFBSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvOTdiMGJjLWY0ZjgtNGY5MC04NTU0LTFlMjc5ZjdiNjAyMy8x
L2J5TGJxSzdVQXpJc01XeWRXTkt4b2VxTDBzZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
OTdiMGJjLWY0ZjgtNGY5MC04NTU0LTFlMjc5ZjdiNjAyMy8xLzVWQTBtUDhZWFF4
Z2MxUDBQMVhwRWZZcWFBSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
8gYIKwYBBQUHAQcBAf8EgeIwgd8wgcYEAgABMIG/AwQFHx0gAwQDH6xoAwQELhYA
AwQHLjuAAwQEURmgAwQHVC4AAwQEVPIQAwQDXkiAAwQDXkioAwQFX1EAAwQEX6Og
AwQHhmWAAwMAleADBAeV6YADBASV+RADBAKV+fgDBASwbcADBAK5F+ADBAK5HfAD
BAK5UhADBAK51+wDBAK53NgDBAK56CADBAW8iOADBATAdzADBATAxMADBATB2hAD
BATDe2ADBAXUfyADBATVFSADBAbV0UADBATYU9AwFAQCAAIwDgMFACoCICgDBQMq
BEVAMA0GCSqGSIb3DQEBCwUAA4IBAQAIJzi1gfIaftW9BrhkjEvSZv6ElQBXrv6h
e1mWEFbg+4rgiZsHjbYDZ+tYmb+f/kiUT+MRIJazjhIZf/BjCZbH91JufvslOFix
FIxNKMaYagN7RWhNmFGGSxIIVMazXB8A6DhaHCqLHFGhDdfjaCWizptNOV8D30Wv
LywT6bYMhJs4FXlwKxY3DZsQTGduO0PQPO2tMjKFuAlokKU/CsWSghtzq/hS56tf
HwkHmaNokV22ffrfgFH9sjpAatJ01U8jRHMZTEdTPjNxDHnZWPTC/OsDRLB0fNrs
jfXRb0OniqK24v9RgTqZHLrYTGrOsUWyTSWla16feGR0Df7k6K3B
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:37 2023 by rpki-client on console-ams.rpki-client.org