Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/mur5hGoN5id0SLTJ7hXIheyZYuw.roa
File: mur5hGoN5id0SLTJ7hXIheyZYuw.roa (raw, json)
Hash identifier: aXHCBuFlgW0yOvml+Qx01etBnNSWT+QNmle9Ac2iabE=
Subject key identifier: 9A:EA:F9:84:6A:0D:E6:27:74:48:B4:C9:EE:15:C8:85:EC:99:62:EC
Certificate issuer: /CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Certificate serial: 01821085A4436C32A9E1B0FB5F5CF4D65518
Authority key identifier: C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/mur5hGoN5id0SLTJ7hXIheyZYuw.roa
Signing time: Mon 18 Jul 2022 08:56:09 +0000
ROA not before: Mon 18 Jul 2022 08:56:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60032
IP address blocks: 193.56.168.0/22 maxlen: 22
45.152.184.0/22 maxlen: 22
194.36.137.0/24 maxlen: 24
45.129.48.0/22 maxlen: 22
185.107.84.0/22 maxlen: 24
185.61.144.0/22 maxlen: 22
109.70.16.0/21 maxlen: 22
45.85.176.0/22 maxlen: 22
45.11.148.0/22 maxlen: 22
194.36.221.0/24 maxlen: 24
80.240.176.0/21 maxlen: 21
185.163.60.0/22 maxlen: 22
80.240.188.0/22 maxlen: 22
45.90.224.0/22 maxlen: 22
185.203.180.0/22 maxlen: 22
194.36.169.0/24 maxlen: 24
5.252.60.0/22 maxlen: 22
194.36.167.0/24 maxlen: 24
188.92.64.0/21 maxlen: 22
5.252.88.0/22 maxlen: 22
185.13.180.0/22 maxlen: 22
95.214.44.0/22 maxlen: 22
2.59.68.0/22 maxlen: 22
2.59.72.0/22 maxlen: 22
193.8.116.0/22 maxlen: 22
185.229.176.0/22 maxlen: 22
128.127.16.0/21 maxlen: 22
185.253.36.0/22 maxlen: 22
212.104.240.0/20 maxlen: 20
185.128.140.0/22 maxlen: 23
194.182.112.0/20 maxlen: 22
2a06:4280::/29 maxlen: 32
2a02:cfc0::/29 maxlen: 32
2a02:79e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:10:85:a4:43:6c:32:a9:e1:b0:fb:5f:5c:f4:d6:55:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Validity
Not Before: Jul 18 08:56:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9aeaf9846a0de6277448b4c9ee15c885ec9962ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:10:f2:2b:18:ca:5c:b3:b9:11:ce:e8:2b:57:
ad:04:3b:30:d5:67:d0:b9:dd:2f:67:be:6b:3e:e6:
65:6b:6c:4e:75:3c:60:a2:79:15:4c:fd:da:5f:7e:
2a:5f:09:75:df:e2:b5:e2:00:b1:87:df:e8:f6:5b:
0a:37:4e:22:d9:1b:eb:00:a6:34:c2:38:8b:43:a8:
e4:ca:f9:43:56:28:39:cf:de:08:dc:e3:0b:78:2e:
af:d2:d9:33:27:5e:78:7c:d7:55:4b:6b:ee:89:98:
d9:bc:19:8b:11:4b:d9:69:4e:da:7b:cd:4e:eb:7a:
55:3d:85:cf:d4:7b:46:85:37:ff:82:34:94:f3:d2:
48:6e:7f:5e:35:89:c1:d6:cd:30:09:e9:65:63:f9:
af:c2:1b:35:5f:e5:3c:90:a7:39:20:4a:8d:2c:81:
e9:57:bb:32:07:f0:2d:0a:a6:f8:75:ef:ba:85:97:
37:47:5f:50:91:51:77:98:a8:c7:7e:c0:ba:cf:c9:
7e:8d:54:96:61:ac:e7:6e:0d:e2:3c:7b:c0:10:e2:
2b:07:a2:e4:b9:fa:d0:43:79:1c:74:aa:3a:28:16:
b0:d3:bf:ba:dd:b4:89:34:bf:f2:46:cf:b0:7d:73:
a6:d3:c6:8c:66:0d:e4:13:f4:fd:24:d3:4d:61:68:
b3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:EA:F9:84:6A:0D:E6:27:74:48:B4:C9:EE:15:C8:85:EC:99:62:EC
X509v3 Authority Key Identifier:
keyid:C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/mur5hGoN5id0SLTJ7hXIheyZYuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/yGjKghR-0id7S8xppShbrnNfLkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.68.0-2.59.75.255
5.252.60.0/22
5.252.88.0/22
45.11.148.0/22
45.85.176.0/22
45.90.224.0/22
45.129.48.0/22
45.152.184.0/22
80.240.176.0/21
80.240.188.0/22
95.214.44.0/22
109.70.16.0/21
128.127.16.0/21
185.13.180.0/22
185.61.144.0/22
185.107.84.0/22
185.128.140.0/22
185.163.60.0/22
185.203.180.0/22
185.229.176.0/22
185.253.36.0/22
188.92.64.0/21
193.8.116.0/22
193.56.168.0/22
194.36.137.0/24
194.36.167.0/24
194.36.169.0/24
194.36.221.0/24
194.182.112.0/20
212.104.240.0/20
IPv6:
2a02:79e0::/32
2a02:cfc0::/29
2a06:4280::/29
Signature Algorithm: sha256WithRSAEncryption
05:23:b8:b6:36:c6:a2:58:35:6b:f8:20:21:66:ab:fd:b1:1d:
30:dd:fd:09:9b:81:37:36:27:3a:f2:0e:96:16:54:56:f5:2e:
d6:12:62:d1:ad:92:bd:08:35:90:e2:33:06:0b:a0:57:4d:06:
6c:bd:81:60:a6:ed:ea:5f:93:8b:83:d3:2b:08:39:b5:e5:6c:
80:00:fc:b5:85:a2:18:c5:c3:d1:02:de:7f:c7:42:3f:af:21:
12:9d:7c:fb:6b:c5:6d:28:c2:96:21:0c:dc:d5:b4:d1:7b:14:
ee:9f:a1:c3:43:10:36:e4:24:b5:89:f1:14:e9:6f:ea:e2:dc:
9d:0f:2f:fd:98:9a:f9:6e:d5:1a:22:ec:c0:1c:f4:df:64:ad:
3f:3a:46:dd:dc:4d:65:68:7c:6e:09:de:b4:0e:09:27:db:ea:
f6:2e:89:24:d2:ef:0b:3d:10:6e:0c:8d:8d:a6:56:76:b9:cf:
65:9e:d4:ba:05:41:ea:07:9d:d5:fa:07:e0:67:51:44:e5:c1:
c2:ca:fe:76:7d:39:06:5f:af:60:0f:e8:ba:6d:e5:7a:a5:4a:
cd:36:0f:26:e2:95:99:90:5e:e9:e7:14:a7:98:8f:a8:82:61:
6b:7a:d9:2c:6a:fe:04:0c:76:1d:25:59:b6:47:b2:21:c5:e6:
95:9c:e9:e6
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISAYIQhaRDbDKp4bD7X1z01lUYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NjhjYTgyMTQ3ZWQyMjc3YjRiY2M2OWE1Mjg1YmFlNzM1
ZjJlNDQwHhcNMjIwNzE4MDg1NjA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWVhZjk4NDZhMGRlNjI3NzQ0OGI0YzllZTE1Yzg4NWVjOTk2MmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBDyKxjKXLO5Ec7oK1etBDsw1WfQ
ud0vZ75rPuZla2xOdTxgonkVTP3aX34qXwl13+K14gCxh9/o9lsKN04i2RvrAKY0
wjiLQ6jkyvlDVig5z94I3OMLeC6v0tkzJ154fNdVS2vuiZjZvBmLEUvZaU7ae81O
63pVPYXP1HtGhTf/gjSU89JIbn9eNYnB1s0wCellY/mvwhs1X+U8kKc5IEqNLIHp
V7syB/AtCqb4de+6hZc3R19QkVF3mKjHfsC6z8l+jVSWYaznbg3iPHvAEOIrB6Lk
ufrQQ3kcdKo6KBaw07+63bSJNL/yRs+wfXOm08aMZg3kE/T9JNNNYWiz2QIDAQAB
o4IC4TCCAt0wHQYDVR0OBBYEFJrq+YRqDeYndEi0ye4VyIXsmWLsMB8GA1UdIwQY
MBaAFMhoyoIUftIne0vMaaUoW65zXy5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTIt
NjY4NDkwMTk2MjdlLzEvbXVyNWhHb041aWQwU0xUSjdoWEloZXlaWXV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTItNjY4NDkwMTk2Mjdl
LzEveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH2BggrBgEFBQcBBwEB/wSB5jCB4zCBwwQCAAEwgbwwDAME
AgI7RAMEAgI7SAMEAgX8PAMEAgX8WAMEAi0LlAMEAi1VsAMEAi1a4AMEAi2BMAME
Ai2YuAMEA1DwsAMEAlDwvAMEAl/WLAMEA21GEAMEA4B/EAMEArkNtAMEArk9kAME
ArlrVAMEArmAjAMEArmjPAMEArnLtAMEArnlsAMEArn9JAMEA7xcQAMEAsEIdAME
AsE4qAMEAMIkiQMEAMIkpwMEAMIkqQMEAMIk3QMEBMK2cAMEBNRo8DAbBAIAAjAV
AwUAKgJ54AMFAyoCz8ADBQMqBkKAMA0GCSqGSIb3DQEBCwUAA4IBAQAFI7i2Nsai
WDVr+CAhZqv9sR0w3f0Jm4E3Nic68g6WFlRW9S7WEmLRrZK9CDWQ4jMGC6BXTQZs
vYFgpu3qX5OLg9MrCDm15WyAAPy1haIYxcPRAt5/x0I/ryESnXz7a8VtKMKWIQzc
1bTRexTun6HDQxA25CS1ifEU6W/q4tydDy/9mJr5btUaIuzAHPTfZK0/Okbd3E1l
aHxuCd60Dgkn2+r2Lokk0u8LPRBuDI2NplZ2uc9lntS6BUHqB53V+gfgZ1FE5cHC
yv52fTkGX69gD+i6beV6pUrNNg8m4pWZkF7p5xSnmI+ogmFretksav4EDHYdJVm2
R7IhxeaVnOnm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:56 2024 by rpki-client on console-fra.rpki-client.org