Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/h3LpqmhsQIGSrXSWikBXIeULF0c.roa
File: h3LpqmhsQIGSrXSWikBXIeULF0c.roa (raw, json)
Hash identifier: JWDVMHUSifpm1BcOeibvmZRbBghimvjXns9xeYfm7vY=
Subject key identifier: 87:72:E9:AA:68:6C:40:81:92:AD:74:96:8A:40:57:21:E5:0B:17:47
Certificate issuer: /CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Certificate serial: 018B292952402535077B29BE84858DA7758C
Authority key identifier: D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/h3LpqmhsQIGSrXSWikBXIeULF0c.roa
Signing time: Fri 13 Oct 2023 13:10:55 +0000
ROA not before: Fri 13 Oct 2023 13:10:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49544
IP address blocks: 185.41.140.0/22 maxlen: 22
213.179.192.0/19 maxlen: 19
213.179.192.0/22 maxlen: 22
213.179.196.0/22 maxlen: 22
91.216.207.0/24 maxlen: 24
188.122.64.0/19 maxlen: 24
91.198.152.0/24 maxlen: 24
185.52.12.0/22 maxlen: 24
213.163.64.0/19 maxlen: 24
185.50.104.0/22 maxlen: 22
162.245.204.0/22 maxlen: 22
5.200.0.0/19 maxlen: 24
185.179.202.0/23 maxlen: 24
213.179.204.0/22 maxlen: 22
213.179.200.0/22 maxlen: 22
185.179.200.0/23 maxlen: 24
213.179.210.0/23 maxlen: 23
213.179.209.0/24 maxlen: 24
213.179.212.0/22 maxlen: 22
213.179.216.0/22 maxlen: 22
213.179.220.0/22 maxlen: 22
212.19.224.0/22 maxlen: 22
146.247.76.0/22 maxlen: 22
109.200.192.0/19 maxlen: 24
109.200.194.0/23 maxlen: 23
109.200.208.0/22 maxlen: 22
162.244.52.0/22 maxlen: 23
185.197.24.0/22 maxlen: 23
193.43.218.0/23 maxlen: 23
104.153.84.0/22 maxlen: 22
31.204.132.0/22 maxlen: 22
31.204.128.0/19 maxlen: 24
31.204.136.0/23 maxlen: 23
138.128.136.0/22 maxlen: 22
91.195.234.0/23 maxlen: 23
138.128.140.0/22 maxlen: 22
2a01:9580:c000::/34 maxlen: 34
2a01:9580::/32 maxlen: 34
2a04:c600::/29 maxlen: 34
2a00:1630::/29 maxlen: 32
2a00:1631::/32 maxlen: 32
2a00:1637::/32 maxlen: 32
2a00:1d26::/32 maxlen: 34
2a00:1630::/32 maxlen: 48
2a00:1632::/32 maxlen: 32
2a00:1d20::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:29:29:52:40:25:35:07:7b:29:be:84:85:8d:a7:75:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Validity
Not Before: Oct 13 13:10:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8772e9aa686c408192ad74968a405721e50b1747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:88:2b:0b:4c:4b:35:40:a9:ae:1d:22:ed:c5:
66:20:96:58:40:5f:1e:a4:24:61:c2:46:ae:ef:dc:
b5:a9:97:4c:f3:7a:e6:de:9c:ac:6d:a2:2f:91:91:
3f:50:8f:3a:9f:e3:b2:71:54:ec:71:3b:d9:5e:7a:
bf:84:e8:10:fc:75:f8:3d:ce:14:58:ea:79:08:71:
72:6b:89:28:4d:d1:60:b4:3e:a7:45:6f:fb:3e:25:
f1:6d:ac:fb:66:8e:ca:e7:66:e5:e4:bf:97:aa:08:
7f:23:85:10:ae:d2:fa:19:fa:5d:85:c7:cd:5e:da:
2d:fa:01:c0:56:1e:c6:ad:d5:0a:49:d4:1c:08:eb:
49:88:6b:c7:8a:68:0c:ae:72:93:49:19:e6:7a:7a:
7d:89:80:78:24:0d:59:22:56:46:2a:b6:d3:14:46:
6c:88:76:84:1a:41:42:8a:21:89:32:41:7b:d6:0d:
8f:c1:e1:59:37:ee:52:7c:8e:af:31:40:13:1d:30:
61:e7:0d:84:f7:5c:48:36:c7:cc:1b:c0:5c:91:04:
f7:47:03:f9:20:bd:7e:49:74:8c:46:a6:c6:54:13:
fa:3a:7d:31:a3:44:a4:ec:0e:9b:52:a4:af:1b:da:
b1:9c:ac:23:32:48:80:17:4f:e4:45:76:f2:01:36:
49:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:72:E9:AA:68:6C:40:81:92:AD:74:96:8A:40:57:21:E5:0B:17:47
X509v3 Authority Key Identifier:
keyid:D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/h3LpqmhsQIGSrXSWikBXIeULF0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.200.0.0/19
31.204.128.0/19
91.195.234.0/23
91.198.152.0/24
91.216.207.0/24
104.153.84.0/22
109.200.192.0/19
138.128.136.0/21
146.247.76.0/22
162.244.52.0/22
162.245.204.0/22
185.41.140.0/22
185.50.104.0/22
185.52.12.0/22
185.179.200.0/22
185.197.24.0/22
188.122.64.0/19
193.43.218.0/23
212.19.224.0/22
213.163.64.0/19
213.179.192.0/19
IPv6:
2a00:1630::/29
2a00:1d20::/29
2a01:9580::/32
2a04:c600::/29
Signature Algorithm: sha256WithRSAEncryption
88:dd:a6:45:87:b2:67:07:02:e1:ef:c6:ee:b7:c2:d4:de:c3:
c5:b8:b6:89:07:80:d2:ff:24:ee:ed:11:45:89:77:9d:d1:fc:
e2:47:61:78:e2:b5:2a:2d:72:3b:d6:8c:80:05:f0:6a:ea:e4:
c5:46:98:fb:bd:83:77:1c:18:25:39:22:75:c6:c0:f7:5c:0f:
bf:dd:ac:93:c7:72:27:99:b8:f1:f3:86:2f:65:0a:4c:0a:1d:
67:10:bf:a0:70:84:e6:08:51:94:77:4d:fc:f7:d6:20:df:95:
46:c8:85:17:6d:66:2d:f1:18:27:cd:50:68:d9:de:24:f6:1b:
ca:43:18:db:83:e8:35:33:bb:01:03:38:3d:c1:4d:f0:29:c5:
9e:c5:24:4e:c9:e9:03:e6:b0:bf:e5:78:c3:9b:a8:63:ac:94:
cd:20:f5:40:b6:a5:85:10:cb:98:2c:1e:5e:51:95:37:00:67:
db:77:6b:00:9c:24:2b:9f:ed:eb:24:bd:6b:b8:a4:67:e2:a5:
e2:5d:f6:71:e2:b7:23:bf:9a:5b:cb:b9:08:54:b8:4d:a9:fa:
6b:c7:cc:df:06:76:f8:a3:28:21:99:d2:34:2e:51:72:44:e8:
50:2a:43:ba:01:b6:e6:e5:ca:45:98:0d:ed:34:b0:4d:61:6f:
5e:cd:2a:58
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAYspKVJAJTUHeym+hIWNp3WMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTcwM2RiMzAyMGNjMWVmMmZkNzEwOTFhNDY4ZjRhNjQ5
YzIzOGYwHhcNMjMxMDEzMTMxMDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzcyZTlhYTY4NmM0MDgxOTJhZDc0OTY4YTQwNTcyMWU1MGIxNzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYgrC0xLNUCprh0i7cVmIJZYQF8e
pCRhwkau79y1qZdM83rm3pysbaIvkZE/UI86n+OycVTscTvZXnq/hOgQ/HX4Pc4U
WOp5CHFya4koTdFgtD6nRW/7PiXxbaz7Zo7K52bl5L+Xqgh/I4UQrtL6GfpdhcfN
Xtot+gHAVh7GrdUKSdQcCOtJiGvHimgMrnKTSRnmenp9iYB4JA1ZIlZGKrbTFEZs
iHaEGkFCiiGJMkF71g2PweFZN+5SfI6vMUATHTBh5w2E91xINsfMG8BckQT3RwP5
IL1+SXSMRqbGVBP6On0xo0Sk7A6bUqSvG9qxnKwjMkiAF0/kRXbyATZJnQIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFIdy6apobECBkq10lopAVyHlCxdHMB8GA1UdIwQY
MBaAFNQXA9swIMwe8v1xCRpGj0pknCOPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYt
NDhkMzFjNzVmMzFlLzEvaDNMcHFtaHNRSUdTclhTV2lrQlhJZVVMRjBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYtNDhkMzFjNzVmMzFl
LzEvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzCBhAQCAAEwfgMEBQXI
AAMEBR/MgAMEAVvD6gMEAFvGmAMEAFvYzwMEAmiZVAMEBW3IwAMEA4qAiAMEApL3
TAMEAqL0NAMEAqL1zAMEArkpjAMEArkyaAMEArk0DAMEArmzyAMEArnFGAMEBbx6
QAMEAcEr2gMEAtQT4AMEBdWjQAMEBdWzwDAiBAIAAjAcAwUDKgAWMAMFAyoAHSAD
BQAqAZWAAwUDKgTGADANBgkqhkiG9w0BAQsFAAOCAQEAiN2mRYeyZwcC4e/G7rfC
1N7Dxbi2iQeA0v8k7u0RRYl3ndH84kdheOK1Ki1yO9aMgAXwaurkxUaY+72DdxwY
JTkidcbA91wPv92sk8dyJ5m48fOGL2UKTAodZxC/oHCE5ghRlHdN/PfWIN+VRsiF
F21mLfEYJ81QaNneJPYbykMY24PoNTO7AQM4PcFN8CnFnsUkTsnpA+awv+V4w5uo
Y6yUzSD1QLalhRDLmCweXlGVNwBn23drAJwkK5/t6yS9a7ikZ+Kl4l32ceK3I7+a
W8u5CFS4Tan6a8fM3wZ2+KMoIZnSNC5RckToUCpDugG25uXKRZgN7TSwTWFvXs0q
WA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:28:33 2025 by rpki-client