Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/25LyW-LAPDKsJQfJ1tKF-zRZKxQ.roa
File: 25LyW-LAPDKsJQfJ1tKF-zRZKxQ.roa (raw, json)
Hash identifier: QIbRY6rxT5ALfT4f1kTDPrwNx91p9XzGMcPHa+PJlig=
Subject key identifier: DB:92:F2:5B:E2:C0:3C:32:AC:25:07:C9:D6:D2:85:FB:34:59:2B:14
Certificate issuer: /CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Certificate serial: 018262B04C51461B6ADC74336D4A0A8F6A40
Authority key identifier: D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/25LyW-LAPDKsJQfJ1tKF-zRZKxQ.roa
Signing time: Wed 03 Aug 2022 07:51:37 +0000
ROA not before: Wed 03 Aug 2022 07:51:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49544
IP address blocks: 185.41.140.0/22 maxlen: 22
213.179.192.0/19 maxlen: 19
213.179.192.0/22 maxlen: 22
213.179.196.0/22 maxlen: 22
91.216.207.0/24 maxlen: 24
188.122.64.0/19 maxlen: 24
91.198.152.0/24 maxlen: 24
185.52.12.0/22 maxlen: 24
213.163.64.0/19 maxlen: 24
185.50.104.0/22 maxlen: 22
162.245.204.0/22 maxlen: 22
5.200.0.0/19 maxlen: 24
185.179.202.0/23 maxlen: 24
213.179.204.0/22 maxlen: 22
213.179.200.0/22 maxlen: 22
185.179.200.0/23 maxlen: 24
213.179.210.0/23 maxlen: 23
213.179.209.0/24 maxlen: 24
213.179.212.0/22 maxlen: 22
213.179.216.0/22 maxlen: 22
213.179.220.0/22 maxlen: 22
212.19.224.0/22 maxlen: 22
146.247.76.0/22 maxlen: 22
109.200.192.0/19 maxlen: 24
109.200.194.0/23 maxlen: 23
109.200.208.0/22 maxlen: 22
162.244.52.0/22 maxlen: 23
185.197.24.0/22 maxlen: 23
193.43.218.0/23 maxlen: 23
104.153.84.0/22 maxlen: 22
31.204.132.0/22 maxlen: 22
31.204.128.0/19 maxlen: 24
31.204.158.0/24 maxlen: 24
31.204.156.0/23 maxlen: 23
138.128.136.0/22 maxlen: 22
91.195.234.0/23 maxlen: 23
138.128.140.0/22 maxlen: 22
2a01:9580::/32 maxlen: 34
2a04:c600::/29 maxlen: 34
2a00:1630::/29 maxlen: 32
2a00:1631::/32 maxlen: 32
2a00:1637::/32 maxlen: 32
2a00:1d26::/32 maxlen: 34
2a00:1630::/32 maxlen: 48
2a00:1632::/32 maxlen: 32
2a00:1d20::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:62:b0:4c:51:46:1b:6a:dc:74:33:6d:4a:0a:8f:6a:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Validity
Not Before: Aug 3 07:51:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db92f25be2c03c32ac2507c9d6d285fb34592b14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:45:b3:1b:58:23:02:8a:b0:1e:a2:64:76:0b:
cb:c0:c0:15:85:3f:20:15:e6:63:38:4c:d7:bf:50:
52:4f:38:1a:90:62:5a:ba:7b:b9:a5:9a:02:a8:f4:
14:fc:a5:ba:bd:bc:e0:21:48:5b:85:68:cf:1e:de:
40:1f:99:ce:c5:b8:c6:43:02:7a:57:ce:73:9f:b8:
16:04:30:4d:10:23:5c:cd:49:cd:0e:94:59:94:a6:
f9:8f:1b:77:31:26:60:bd:ec:67:9d:d3:a7:73:49:
9d:08:51:9d:7d:cd:a1:4a:f4:28:9d:b3:4d:a0:33:
39:81:09:4c:69:cb:0c:31:fe:48:ca:a7:65:92:0c:
df:8a:f4:46:7c:ee:8a:46:3e:65:3c:e2:5d:36:83:
84:13:29:2f:ce:af:90:5b:54:0f:14:de:70:05:75:
34:5e:42:53:27:90:f1:56:20:2f:88:30:b3:15:d3:
f0:e1:01:93:5b:25:31:13:60:b9:37:17:c3:fc:1c:
16:23:01:1e:04:54:81:99:90:1a:2b:f3:e1:1d:14:
b4:f8:1f:d8:6c:2b:82:81:28:b7:2c:f8:13:97:5f:
26:2b:b4:76:3c:bf:75:ab:20:29:39:3a:d0:9e:f1:
48:95:b3:da:5e:69:1a:d9:5e:d1:c8:47:55:45:57:
51:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:92:F2:5B:E2:C0:3C:32:AC:25:07:C9:D6:D2:85:FB:34:59:2B:14
X509v3 Authority Key Identifier:
keyid:D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/25LyW-LAPDKsJQfJ1tKF-zRZKxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.200.0.0/19
31.204.128.0/19
91.195.234.0/23
91.198.152.0/24
91.216.207.0/24
104.153.84.0/22
109.200.192.0/19
138.128.136.0/21
146.247.76.0/22
162.244.52.0/22
162.245.204.0/22
185.41.140.0/22
185.50.104.0/22
185.52.12.0/22
185.179.200.0/22
185.197.24.0/22
188.122.64.0/19
193.43.218.0/23
212.19.224.0/22
213.163.64.0/19
213.179.192.0/19
IPv6:
2a00:1630::/29
2a00:1d20::/29
2a01:9580::/32
2a04:c600::/29
Signature Algorithm: sha256WithRSAEncryption
6a:d2:8a:c8:ee:20:d5:37:a5:3b:35:01:37:90:23:2d:10:aa:
aa:15:c1:96:cb:c0:29:7a:d4:11:49:00:0f:96:bc:bb:5a:03:
01:8c:08:6e:b8:b2:a4:a2:b4:82:0b:f9:56:a6:80:61:84:2e:
d1:09:7b:3d:31:c0:19:0b:ba:b5:32:e1:9e:0f:1e:3d:35:8b:
3b:6b:71:18:64:85:5a:b1:12:fe:de:26:33:d1:2d:59:37:cf:
f3:f3:dc:4b:cf:a9:ac:d4:91:b4:a9:62:f3:c8:17:05:f4:d9:
35:47:79:6c:c7:e7:71:95:a5:e2:f4:da:cd:c3:70:ff:95:a3:
84:7a:0e:fb:03:31:d2:5b:9a:12:d1:5c:be:7f:0c:1a:8a:ef:
87:58:6c:15:6a:70:e4:77:7e:06:8d:79:d2:f0:fd:2e:bb:94:
07:96:80:21:d7:a2:b3:51:a0:0f:85:0b:47:ef:a7:54:f2:87:
34:b8:f3:59:78:49:ef:a0:f0:4f:f4:b5:a1:b4:f9:32:47:2d:
5c:fd:31:b5:d8:a5:33:3a:e3:d4:3d:66:18:ef:38:9d:17:84:
2a:ce:d1:f7:f2:9f:fd:a2:3d:69:41:3d:25:cc:11:ec:78:0b:
eb:98:ff:15:2b:17:11:ad:c3:2d:c0:6f:e2:76:d2:5d:a1:12:
51:ed:6f:25
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAYJisExRRhtq3HQzbUoKj2pAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTcwM2RiMzAyMGNjMWVmMmZkNzEwOTFhNDY4ZjRhNjQ5
YzIzOGYwHhcNMjIwODAzMDc1MTM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjkyZjI1YmUyYzAzYzMyYWMyNTA3YzlkNmQyODVmYjM0NTkyYjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0WzG1gjAoqwHqJkdgvLwMAVhT8g
FeZjOEzXv1BSTzgakGJaunu5pZoCqPQU/KW6vbzgIUhbhWjPHt5AH5nOxbjGQwJ6
V85zn7gWBDBNECNczUnNDpRZlKb5jxt3MSZgvexnndOnc0mdCFGdfc2hSvQonbNN
oDM5gQlMacsMMf5IyqdlkgzfivRGfO6KRj5lPOJdNoOEEykvzq+QW1QPFN5wBXU0
XkJTJ5DxViAviDCzFdPw4QGTWyUxE2C5NxfD/BwWIwEeBFSBmZAaK/PhHRS0+B/Y
bCuCgSi3LPgTl18mK7R2PL91qyApOTrQnvFIlbPaXmka2V7RyEdVRVdRWQIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFNuS8lviwDwyrCUHydbShfs0WSsUMB8GA1UdIwQY
MBaAFNQXA9swIMwe8v1xCRpGj0pknCOPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYt
NDhkMzFjNzVmMzFlLzEvMjVMeVctTEFQREtzSlFmSjF0S0YtelJaS3hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYtNDhkMzFjNzVmMzFl
LzEvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzCBhAQCAAEwfgMEBQXI
AAMEBR/MgAMEAVvD6gMEAFvGmAMEAFvYzwMEAmiZVAMEBW3IwAMEA4qAiAMEApL3
TAMEAqL0NAMEAqL1zAMEArkpjAMEArkyaAMEArk0DAMEArmzyAMEArnFGAMEBbx6
QAMEAcEr2gMEAtQT4AMEBdWjQAMEBdWzwDAiBAIAAjAcAwUDKgAWMAMFAyoAHSAD
BQAqAZWAAwUDKgTGADANBgkqhkiG9w0BAQsFAAOCAQEAatKKyO4g1TelOzUBN5Aj
LRCqqhXBlsvAKXrUEUkAD5a8u1oDAYwIbriypKK0ggv5VqaAYYQu0Ql7PTHAGQu6
tTLhng8ePTWLO2txGGSFWrES/t4mM9EtWTfP8/PcS8+prNSRtKli88gXBfTZNUd5
bMfncZWl4vTazcNw/5WjhHoO+wMx0luaEtFcvn8MGorvh1hsFWpw5Hd+Bo150vD9
LruUB5aAIdeis1GgD4ULR++nVPKHNLjzWXhJ76DwT/S1obT5MkctXP0xtdilMzrj
1D1mGO84nReEKs7R9/Kf/aI9aUE9JcwR7HgL65j/FSsXEa3DLcBv4nbSXaESUe1v
JQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:47 2023 by rpki-client on console-ams.rpki-client.org