Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/i5Heiy5sjp39HrMeymsIN-tdTcM.roa
File: i5Heiy5sjp39HrMeymsIN-tdTcM.roa (raw, json)
Hash identifier: XnRTP1c65CqVM6+P3lOC3eor2JFxf26i5JhHIKx32ok=
Subject key identifier: 8B:91:DE:8B:2E:6C:8E:9D:FD:1E:B3:1E:CA:6B:08:37:EB:5D:4D:C3
Certificate issuer: /CN=e5503498ff185d0c607353f43f55e911f62a6802
Certificate serial: 0183ACB912CEE2880F60A0FD385E2EC6E5D2
Authority key identifier: E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/i5Heiy5sjp39HrMeymsIN-tdTcM.roa
Signing time: Thu 06 Oct 2022 09:55:53 +0000
ROA not before: Thu 06 Oct 2022 09:55:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15943
IP address blocks: 80.245.104.0/22 maxlen: 24
84.242.16.0/20 maxlen: 24
149.249.16.0/20 maxlen: 24
185.29.240.0/22 maxlen: 24
216.83.208.0/20 maxlen: 24
193.178.56.0/22 maxlen: 24
185.232.32.0/22 maxlen: 24
213.195.24.0/21 maxlen: 21
45.82.192.0/22 maxlen: 22
185.220.216.0/22 maxlen: 24
94.72.168.0/21 maxlen: 24
176.109.192.0/19 maxlen: 24
95.163.160.0/20 maxlen: 24
94.72.184.0/21 maxlen: 24
81.25.160.0/20 maxlen: 24
212.146.136.0/22 maxlen: 24
149.224.0.0/16 maxlen: 24
212.146.144.0/20 maxlen: 24
94.72.128.0/21 maxlen: 24
46.22.0.0/20 maxlen: 24
45.157.100.0/22 maxlen: 22
193.218.16.0/20 maxlen: 24
212.127.32.0/19 maxlen: 24
195.123.96.0/20 maxlen: 24
188.136.224.0/19 maxlen: 24
31.29.32.0/19 maxlen: 24
84.46.0.0/17 maxlen: 24
46.59.128.0/17 maxlen: 24
149.233.128.0/17 maxlen: 24
185.82.16.0/22 maxlen: 24
213.21.32.0/20 maxlen: 24
95.129.0.0/21 maxlen: 24
185.207.4.0/22 maxlen: 22
37.122.136.0/21 maxlen: 24
192.119.48.0/20 maxlen: 24
109.230.96.0/20 maxlen: 20
192.196.192.0/20 maxlen: 24
45.159.176.0/22 maxlen: 24
185.23.224.0/22 maxlen: 24
185.215.236.0/22 maxlen: 24
95.81.0.0/19 maxlen: 24
2.57.116.0/22 maxlen: 24
149.249.248.0/22 maxlen: 24
77.223.8.0/21 maxlen: 21
195.250.0.0/20 maxlen: 24
77.223.16.0/20 maxlen: 20
213.209.64.0/18 maxlen: 24
134.101.128.0/17 maxlen: 24
31.172.104.0/21 maxlen: 24
2a04:4540::/29 maxlen: 29
2a02:2028::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ac:b9:12:ce:e2:88:0f:60:a0:fd:38:5e:2e:c6:e5:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5503498ff185d0c607353f43f55e911f62a6802
Validity
Not Before: Oct 6 09:55:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b91de8b2e6c8e9dfd1eb31eca6b0837eb5d4dc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a5:0f:a8:7e:0d:f5:12:f8:2d:bd:f1:b1:68:
69:6d:5a:92:1b:07:ec:bb:37:52:d3:01:52:58:e2:
7a:a1:6a:36:ab:d6:9d:62:63:17:d3:dd:26:6c:2d:
0a:34:85:c7:8c:8d:18:e1:f8:4f:0b:87:79:6e:2b:
cc:60:c9:fb:c8:5f:81:d0:79:46:99:79:26:48:81:
58:a7:63:9f:93:e1:b1:3f:6d:bd:28:22:c6:bb:91:
2c:ee:56:f6:cc:80:29:bb:b7:dd:6b:9c:78:a3:5a:
88:49:66:19:06:55:16:df:15:7f:d6:60:ff:a0:e8:
21:65:d3:ee:6e:ff:40:37:af:b7:40:c8:50:f0:8f:
14:a1:13:1c:f5:95:f9:63:6d:ed:fd:dd:74:43:f4:
f8:c9:86:35:e9:3d:3b:7d:68:94:35:13:e4:be:c3:
da:25:1a:f6:89:a4:c5:b3:c4:7c:07:66:c8:12:5e:
63:e9:9b:41:21:ca:c5:3c:53:68:8c:92:2d:80:bc:
62:6c:e8:16:12:77:d3:8a:8f:6d:9b:b8:5a:b2:fa:
5f:72:8a:b5:78:63:cd:36:b5:46:0f:5c:4c:9d:95:
af:dd:7d:18:b6:8a:4c:b0:13:ba:b1:2d:a6:9d:d4:
69:fa:c7:c5:cd:e0:d7:18:58:79:cb:af:ad:8b:15:
49:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:91:DE:8B:2E:6C:8E:9D:FD:1E:B3:1E:CA:6B:08:37:EB:5D:4D:C3
X509v3 Authority Key Identifier:
keyid:E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/i5Heiy5sjp39HrMeymsIN-tdTcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/5VA0mP8YXQxgc1P0P1XpEfYqaAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.116.0/22
31.29.32.0/19
31.172.104.0/21
37.122.136.0/21
45.82.192.0/22
45.157.100.0/22
45.159.176.0/22
46.22.0.0/20
46.59.128.0/17
77.223.8.0-77.223.31.255
80.245.104.0/22
81.25.160.0/20
84.46.0.0/17
84.242.16.0/20
94.72.128.0/21
94.72.168.0/21
94.72.184.0/21
95.81.0.0/19
95.129.0.0/21
95.163.160.0/20
109.230.96.0/20
134.101.128.0/17
149.224.0.0/16
149.233.128.0/17
149.249.16.0/20
149.249.248.0/22
176.109.192.0/19
185.23.224.0/22
185.29.240.0/22
185.82.16.0/22
185.207.4.0/22
185.215.236.0/22
185.220.216.0/22
185.232.32.0/22
188.136.224.0/19
192.119.48.0/20
192.196.192.0/20
193.178.56.0/22
193.218.16.0/20
195.123.96.0/20
195.250.0.0/20
212.127.32.0/19
212.146.136.0/22
212.146.144.0/20
213.21.32.0/20
213.195.24.0/21
213.209.64.0/18
216.83.208.0/20
IPv6:
2a02:2028::/32
2a04:4540::/29
Signature Algorithm: sha256WithRSAEncryption
64:79:c4:77:89:5b:db:84:31:93:ac:20:3e:27:fc:84:a6:8a:
25:71:e6:dd:bd:3c:13:76:8a:1c:82:54:b4:1e:0f:87:1d:2c:
d7:90:99:ec:fb:ac:85:83:c1:d2:54:96:97:17:33:b6:71:1f:
e6:07:08:a4:78:16:b0:b2:90:f6:e7:f0:a9:ff:79:1b:a8:bd:
66:65:56:7b:22:3e:be:62:04:2d:b5:b2:b0:c0:ab:24:f1:0a:
22:da:99:b5:41:86:79:13:8a:bc:1d:ca:5a:42:7f:67:a6:70:
cf:46:d1:c2:3e:64:8b:f2:88:7c:6d:17:8c:60:40:17:cb:4d:
d0:5b:ab:f0:00:69:3b:8a:46:11:ba:5f:f1:bd:34:e4:50:26:
65:dd:6b:e1:59:e4:af:6a:24:17:d6:8d:d5:77:6a:29:c5:f9:
32:fd:e3:df:9a:39:5e:22:a1:46:60:ff:d2:d7:2e:fc:a0:95:
83:ec:4d:b7:41:2a:71:63:c0:18:41:c4:65:e9:a6:09:0d:c0:
7b:ff:80:fa:02:70:95:73:04:d9:88:d9:f2:74:52:dd:45:2b:
5e:7b:fb:73:38:c9:f9:f3:07:3e:87:f3:d8:a0:6c:16:06:0a:
c7:2e:c9:7c:21:6c:b1:e1:bf:d1:0a:39:23:5f:4e:4f:2e:a1:
91:41:f3:bf
-----BEGIN CERTIFICATE-----
MIIGPjCCBSagAwIBAgISAYOsuRLO4ogPYKD9OF4uxuXSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NTAzNDk4ZmYxODVkMGM2MDczNTNmNDNmNTVlOTExZjYy
YTY4MDIwHhcNMjIxMDA2MDk1NTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjkxZGU4YjJlNmM4ZTlkZmQxZWIzMWVjYTZiMDgzN2ViNWQ0ZGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaUPqH4N9RL4Lb3xsWhpbVqSGwfs
uzdS0wFSWOJ6oWo2q9adYmMX090mbC0KNIXHjI0Y4fhPC4d5bivMYMn7yF+B0HlG
mXkmSIFYp2Ofk+GxP229KCLGu5Es7lb2zIApu7fda5x4o1qISWYZBlUW3xV/1mD/
oOghZdPubv9AN6+3QMhQ8I8UoRMc9ZX5Y23t/d10Q/T4yYY16T07fWiUNRPkvsPa
JRr2iaTFs8R8B2bIEl5j6ZtBIcrFPFNojJItgLxibOgWEnfTio9tm7hasvpfcoq1
eGPNNrVGD1xMnZWv3X0YtopMsBO6sS2mndRp+sfFzeDXGFh5y6+tixVJrwIDAQAB
o4IDSjCCA0YwHQYDVR0OBBYEFIuR3osubI6d/R6zHsprCDfrXU3DMB8GA1UdIwQY
MBaAFOVQNJj/GF0MYHNT9D9V6RH2KmgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVZBMG1QOFlYUXhnYzFQMFAxWHBFZllxYUFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85N2IwYmMtZjRmOC00ZjkwLTg1NTQt
MWUyNzlmN2I2MDIzLzEvaTVIZWl5NXNqcDM5SHJNZXltc0lOLXRkVGNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85N2IwYmMtZjRmOC00ZjkwLTg1NTQtMWUyNzlmN2I2MDIz
LzEvNVZBMG1QOFlYUXhnYzFQMFAxWHBFZllxYUFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXgYIKwYBBQUHAQcBAf8EggFNMIIBSTCCAS8EAgABMIIB
JwMEAgI5dAMEBR8dIAMEAx+saAMEAyV6iAMEAi1SwAMEAi2dZAMEAi2fsAMEBC4W
AAMEBy47gDAMAwQDTd8IAwQFTd8AAwQCUPVoAwQEURmgAwQHVC4AAwQEVPIQAwQD
XkiAAwQDXkioAwQDXki4AwQFX1EAAwQDX4EAAwQEX6OgAwQEbeZgAwQHhmWAAwMA
leADBAeV6YADBASV+RADBAKV+fgDBAWwbcADBAK5F+ADBAK5HfADBAK5UhADBAK5
zwQDBAK51+wDBAK53NgDBAK56CADBAW8iOADBATAdzADBATAxMADBALBsjgDBATB
2hADBATDe2ADBATD+gADBAXUfyADBALUkogDBATUkpADBATVFSADBAPVwxgDBAbV
0UADBATYU9AwFAQCAAIwDgMFACoCICgDBQMqBEVAMA0GCSqGSIb3DQEBCwUAA4IB
AQBkecR3iVvbhDGTrCA+J/yEpoolcebdvTwTdoocglS0Hg+HHSzXkJns+6yFg8HS
VJaXFzO2cR/mBwikeBawspD25/Cp/3kbqL1mZVZ7Ij6+YgQttbKwwKsk8Qoi2pm1
QYZ5E4q8HcpaQn9npnDPRtHCPmSL8oh8bReMYEAXy03QW6vwAGk7ikYRul/xvTTk
UCZl3WvhWeSvaiQX1o3Vd2opxfky/ePfmjleIqFGYP/S1y78oJWD7E23QSpxY8AY
QcRl6aYJDcB7/4D6AnCVcwTZiNnydFLdRStee/tzOMn58wc+h/PYoGwWBgrHLsl8
IWyx4b/RCjkjX05PLqGRQfO/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:31 2025 by rpki-client