Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/KzaajO6b2iNjP8tlA5t-mBDnH3I.roa
File: KzaajO6b2iNjP8tlA5t-mBDnH3I.roa (raw, json)
Hash identifier: iQaDnacPxpmTxhYNQpfcp22wHkSxGwnLEZtOv2dWwJo=
Subject key identifier: 2B:36:9A:8C:EE:9B:DA:23:63:3F:CB:65:03:9B:7E:98:10:E7:1F:72
Certificate issuer: /CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593
Certificate serial: 183B2A8C
Authority key identifier: 4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/KzaajO6b2iNjP8tlA5t-mBDnH3I.roa
Signing time: Sat 01 Jan 2022 06:02:17 +0000
ROA not before: Sat 01 Jan 2022 06:02:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31200
IP address blocks: 178.49.248.0/22 maxlen: 22
178.49.200.0/22 maxlen: 22
5.129.0.0/17 maxlen: 17
37.193.0.0/16 maxlen: 16
5.129.128.0/19 maxlen: 19
5.131.0.0/16 maxlen: 16
37.195.0.0/16 maxlen: 16
178.49.12.0/22 maxlen: 22
37.194.0.0/16 maxlen: 16
5.130.0.0/16 maxlen: 16
178.49.56.0/22 maxlen: 22
5.128.0.0/16 maxlen: 16
37.192.0.0/16 maxlen: 16
5.129.186.0/24 maxlen: 24
5.129.181.0/24 maxlen: 24
5.129.184.0/23 maxlen: 23
5.128.0.0/14 maxlen: 14
37.192.0.0/14 maxlen: 14
178.49.0.0/17 maxlen: 17
178.49.0.0/16 maxlen: 24
178.49.132.0/24 maxlen: 24
178.49.128.0/17 maxlen: 24
178.49.133.0/24 maxlen: 24
178.49.145.0/24 maxlen: 24
178.49.144.0/24 maxlen: 24
178.49.142.0/24 maxlen: 24
178.49.141.0/24 maxlen: 24
178.49.146.0/24 maxlen: 24
178.49.148.0/24 maxlen: 24
178.49.147.0/24 maxlen: 24
178.49.152.0/23 maxlen: 23
178.49.152.0/24 maxlen: 24
178.49.152.0/22 maxlen: 22
178.49.150.0/23 maxlen: 23
178.49.159.0/24 maxlen: 24
178.49.158.0/24 maxlen: 24
178.49.156.0/23 maxlen: 23
178.49.154.0/24 maxlen: 24
178.49.154.0/23 maxlen: 23
5.128.119.0/24 maxlen: 24
5.131.240.0/20 maxlen: 20
5.131.251.0/24 maxlen: 24
2a00:7700::/32 maxlen: 32
2a00:7700:8a02::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 406530700 (0x183b2a8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593
Validity
Not Before: Jan 1 06:02:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b369a8cee9bda23633fcb65039b7e9810e71f72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:06:7f:85:58:da:3e:a6:c2:b9:c0:d8:89:78:
ce:75:99:c7:f1:4b:90:fb:87:6f:ed:61:1c:f6:1a:
3e:2b:94:bb:fb:34:62:b0:29:96:d3:9c:19:41:98:
d2:48:23:d7:02:fc:63:b3:ff:12:f2:35:50:02:97:
4b:96:a2:ce:ac:c1:44:c9:72:38:5e:59:f0:b4:87:
17:cf:61:67:5a:dd:87:b3:61:7a:4d:d7:22:22:58:
29:71:44:5d:a7:e4:26:fc:0a:f4:27:8a:4a:a2:da:
59:d8:be:80:8e:f0:8b:92:16:90:99:d3:ed:ba:03:
1c:ca:33:36:b4:af:57:2e:be:14:17:af:d4:5b:54:
0c:c0:24:97:5e:fb:f0:4c:b1:42:4f:24:45:74:78:
82:35:8a:e9:af:09:a5:d3:e0:24:a8:70:81:2a:2e:
7f:b8:cb:db:c9:da:ca:e6:21:5d:1c:89:51:da:c2:
d9:ae:2b:f1:c0:28:83:d6:44:7d:f3:73:b0:ec:2b:
c0:42:cc:13:c6:64:1b:4b:6d:ee:01:8c:1a:c8:40:
8e:16:14:29:5a:a6:77:be:9b:fe:56:67:13:bb:37:
bc:64:ad:5c:de:62:95:f9:0c:9b:88:69:22:86:f6:
34:bc:8c:7d:e6:b4:c3:3e:a2:50:95:fc:87:8b:34:
7c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:36:9A:8C:EE:9B:DA:23:63:3F:CB:65:03:9B:7E:98:10:E7:1F:72
X509v3 Authority Key Identifier:
keyid:4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/KzaajO6b2iNjP8tlA5t-mBDnH3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.128.0.0/14
37.192.0.0/14
178.49.0.0/16
IPv6:
2a00:7700::/32
Signature Algorithm: sha256WithRSAEncryption
87:fb:91:c8:66:4e:07:a5:32:a2:ff:25:0f:eb:69:b9:ca:58:
9a:d4:21:68:eb:cb:c3:18:38:5d:78:01:64:b6:98:9c:ca:12:
60:59:f1:45:86:d9:1d:65:73:22:c8:68:49:92:db:71:c0:7f:
61:f1:31:49:43:32:fb:2b:33:65:d4:4d:5e:38:2b:e0:c3:9c:
ce:29:ae:f3:dc:47:e0:51:26:b4:dd:b2:8a:04:2b:35:de:94:
2c:e5:19:fc:9b:e1:f0:67:4e:1e:19:18:98:65:e7:f5:41:9d:
82:66:38:da:6e:3f:39:93:db:fb:32:a7:ac:07:91:47:d7:50:
cf:ac:eb:22:5a:72:4b:a4:f5:b5:c5:36:3b:d6:69:c7:1f:e0:
7e:ce:d4:79:ce:ea:97:25:5f:21:0a:ff:76:41:19:6a:03:ea:
ac:4f:5d:94:22:ca:12:8c:42:15:c1:bc:b8:ae:73:58:0b:77:
17:a3:db:ec:7d:c2:9b:9b:d6:c0:63:4c:b6:46:2a:bd:fe:46:
1e:8a:26:41:6d:1a:53:a9:f5:d6:ab:fc:94:85:5b:db:86:80:
eb:82:2e:6c:c7:a8:57:ce:e8:fe:c8:c7:a6:8a:8a:d1:98:c6:
c7:4d:bf:b0:1b:42:5d:87:1d:bb:39:89:8c:b0:8f:41:92:0d:
0a:91:87:8d
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEGDsqjDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZGRiM2RjZGY1ZTZiZWUwOTgyNWMzN2JmM2I4YmRmMjhiNmZiNTkzMB4XDTIyMDEw
MTA2MDIxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmIzNjlhOGNlZTli
ZGEyMzYzM2ZjYjY1MDM5YjdlOTgxMGU3MWY3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANMGf4VY2j6mwrnA2Il4znWZx/FLkPuHb+1hHPYaPiuUu/s0
YrApltOcGUGY0kgj1wL8Y7P/EvI1UAKXS5aizqzBRMlyOF5Z8LSHF89hZ1rdh7Nh
ek3XIiJYKXFEXafkJvwK9CeKSqLaWdi+gI7wi5IWkJnT7boDHMozNrSvVy6+FBev
1FtUDMAkl1778EyxQk8kRXR4gjWK6a8JpdPgJKhwgSouf7jL28nayuYhXRyJUdrC
2a4r8cAog9ZEffNzsOwrwELME8ZkG0tt7gGMGshAjhYUKVqmd76b/lZnE7s3vGSt
XN5ilfkMm4hpIob2NLyMfea0wz6iUJX8h4s0fLUCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBQrNpqM7pvaI2M/y2UDm36YEOcfcjAfBgNVHSMEGDAWgBRN2z3N9ea+4Jgl
w3vzuL3yi2+1kzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Rkczl6ZlhtdnVDWUpjTjc4N2k5OG90dnRaTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvNzkwY2VlLWQ1NGUtNDU5OC04YmMxLTIxNzBjNWMxZDNlZC8x
L0t6YWFqTzZiMmlOalA4dGxBNXQtbUJEbkgzSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
NzkwY2VlLWQ1NGUtNDU5OC04YmMxLTIxNzBjNWMxZDNlZC8xL1Rkczl6ZlhtdnVD
WUpjTjc4N2k5OG90dnRaTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwFQQCAAEwDwMDAgWAAwMCJcADAwCyMTANBAIAAjAH
AwUAKgB3ADANBgkqhkiG9w0BAQsFAAOCAQEAh/uRyGZOB6Uyov8lD+tpucpYmtQh
aOvLwxg4XXgBZLaYnMoSYFnxRYbZHWVzIshoSZLbccB/YfExSUMy+yszZdRNXjgr
4MOczimu89xH4FEmtN2yigQrNd6ULOUZ/Jvh8GdOHhkYmGXn9UGdgmY42m4/OZPb
+zKnrAeRR9dQz6zrIlpyS6T1tcU2O9Zpxx/gfs7Uec7qlyVfIQr/dkEZagPqrE9d
lCLKEoxCFcG8uK5zWAt3F6Pb7H3Cm5vWwGNMtkYqvf5GHoomQW0aU6n11qv8lIVb
24aA64IubMeoV87o/sjHpoqK0ZjGx02/sBtCXYcduzmJjLCPQZINCpGHjQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:10 2023 by rpki-client on console-ams.rpki-client.org