Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/0g8oRbL5MfoAchDwgJ9jPL25zvk.roa
File: 0g8oRbL5MfoAchDwgJ9jPL25zvk.roa (raw, json)
Hash identifier: kVhJc1uaEzjaOEWk9UACBF7G4bygmCGRh1p6Pke2lWE=
Subject key identifier: D2:0F:28:45:B2:F9:31:FA:00:72:10:F0:80:9F:63:3C:BD:B9:CE:F9
Certificate issuer: /CN=92192e8d785581f72b18644224bd8c3fa8a2d11b
Certificate serial: 01878E63E9405A5982D331B9FEE28E6B1951
Authority key identifier: 92:19:2E:8D:78:55:81:F7:2B:18:64:42:24:BD:8C:3F:A8:A2:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/0g8oRbL5MfoAchDwgJ9jPL25zvk.roa
Signing time: Mon 17 Apr 2023 08:45:24 +0000
ROA not before: Mon 17 Apr 2023 08:45:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59588
IP address blocks: 45.153.119.0/24 maxlen: 24
45.153.116.0/24 maxlen: 24
45.153.116.0/23 maxlen: 23
45.153.117.0/24 maxlen: 24
45.153.118.0/23 maxlen: 23
45.153.118.0/24 maxlen: 24
198.160.168.0/24 maxlen: 24
151.236.160.0/24 maxlen: 24
151.236.161.0/24 maxlen: 24
151.236.162.0/23 maxlen: 23
151.236.162.0/24 maxlen: 24
151.236.163.0/24 maxlen: 24
151.236.160.0/23 maxlen: 23
151.236.164.0/23 maxlen: 23
151.236.164.0/24 maxlen: 24
151.236.165.0/24 maxlen: 24
151.236.166.0/24 maxlen: 24
151.236.167.0/24 maxlen: 24
151.236.168.0/23 maxlen: 23
151.236.168.0/24 maxlen: 24
151.236.169.0/24 maxlen: 24
151.236.170.0/24 maxlen: 24
151.236.170.0/23 maxlen: 23
151.236.166.0/23 maxlen: 23
151.236.172.0/24 maxlen: 24
151.236.171.0/24 maxlen: 24
151.236.172.0/23 maxlen: 23
151.236.173.0/24 maxlen: 24
151.236.176.0/23 maxlen: 23
151.236.175.0/24 maxlen: 24
151.236.176.0/24 maxlen: 24
151.236.177.0/24 maxlen: 24
151.236.174.0/23 maxlen: 23
151.236.174.0/24 maxlen: 24
151.236.178.0/23 maxlen: 23
151.236.178.0/24 maxlen: 24
151.236.179.0/24 maxlen: 24
151.236.186.0/24 maxlen: 24
151.236.182.0/23 maxlen: 24
151.236.182.0/24 maxlen: 24
151.236.183.0/24 maxlen: 24
151.236.180.0/24 maxlen: 24
151.236.180.0/23 maxlen: 23
151.236.181.0/24 maxlen: 24
151.236.189.0/24 maxlen: 24
151.236.190.0/24 maxlen: 24
151.236.190.0/23 maxlen: 23
151.236.191.0/24 maxlen: 24
151.236.188.0/23 maxlen: 23
151.236.188.0/24 maxlen: 24
2a10:2200:b::/48 maxlen: 48
2a10:2200:c::/48 maxlen: 48
2a10:2200:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:63:e9:40:5a:59:82:d3:31:b9:fe:e2:8e:6b:19:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92192e8d785581f72b18644224bd8c3fa8a2d11b
Validity
Not Before: Apr 17 08:45:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d20f2845b2f931fa007210f0809f633cbdb9cef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:95:82:b2:ff:05:96:2a:9a:45:2c:16:a5:a3:
87:85:a4:56:65:37:fc:66:63:4c:74:7f:85:70:19:
36:74:bb:a1:77:fc:4c:54:8f:a6:03:f1:4f:13:82:
64:ac:2e:aa:79:f9:0c:cd:ce:df:11:ab:67:e1:df:
c0:ab:fd:1a:96:82:f8:a8:46:b3:9e:dc:41:49:b1:
8d:2e:5d:58:68:47:5b:4a:db:d5:fe:28:bd:43:dd:
f3:29:7a:b5:ac:d9:11:df:88:8f:78:ba:e6:17:66:
18:55:52:64:62:f6:88:32:53:34:89:72:29:b6:10:
87:2a:4c:29:f4:84:4f:86:36:99:3b:b1:5d:40:c0:
32:92:67:ad:48:bd:dd:6c:39:41:76:ea:08:7a:db:
96:f6:dd:82:85:0a:2f:b8:38:36:6d:76:54:2d:09:
fc:e2:61:47:75:2a:51:aa:c7:01:90:66:20:0d:97:
5c:4c:7b:14:3e:81:08:9c:69:0b:13:c4:fc:62:5e:
24:25:93:71:a4:fe:7e:50:bd:b1:51:c6:f4:bc:34:
bb:54:2c:b6:ac:e4:2d:2a:e6:fa:44:82:0e:89:06:
39:83:fd:b1:e7:4c:2c:37:13:ee:c1:7d:23:77:d9:
76:49:86:c0:04:57:90:70:c2:04:f9:81:42:22:d3:
62:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:0F:28:45:B2:F9:31:FA:00:72:10:F0:80:9F:63:3C:BD:B9:CE:F9
X509v3 Authority Key Identifier:
keyid:92:19:2E:8D:78:55:81:F7:2B:18:64:42:24:BD:8C:3F:A8:A2:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/0g8oRbL5MfoAchDwgJ9jPL25zvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/khkujXhVgfcrGGRCJL2MP6ii0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.116.0/22
151.236.160.0-151.236.183.255
151.236.186.0/24
151.236.188.0/22
198.160.168.0/24
IPv6:
2a10:2200:2::/48
2a10:2200:b::-2a10:2200:c:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
43:bc:b0:ab:e4:5d:8b:dc:0a:da:e9:82:d6:be:04:c1:00:4b:
5e:1f:58:bf:42:15:01:77:c5:11:b8:fa:d1:50:19:53:49:98:
27:11:55:a0:63:71:fc:aa:83:b4:0a:d1:cc:1c:ff:e2:5f:84:
8a:68:ad:8b:88:f2:41:cb:25:cb:f0:7e:da:da:50:2d:66:ff:
c8:12:43:d2:9e:1b:ba:a0:89:60:9b:f2:89:ec:61:d0:ad:fa:
f0:6c:6d:19:96:f0:ba:11:43:b4:f4:05:d6:a2:67:bc:a5:1e:
68:74:01:b8:db:3f:8c:89:8e:4c:74:ce:8b:d0:00:0c:91:aa:
b6:3f:75:c5:08:fb:e0:ad:28:7d:83:bc:98:f0:a8:c3:a0:4a:
1e:df:7b:7b:15:6d:f2:2c:0a:3a:e1:42:2f:65:b9:a8:f9:fc:
7e:0f:9c:bb:f7:39:fd:5c:2b:5c:09:dd:52:67:f1:8c:b3:fc:
0d:6e:58:97:aa:da:39:55:06:e6:a3:3f:c5:d2:7d:9f:6b:90:
a5:b3:ff:20:b5:11:51:b7:0c:cf:bc:46:eb:97:9a:83:12:43:
93:d0:8c:66:2f:85:0a:2a:81:d6:5a:15:04:7c:39:51:2b:20:
09:57:bd:cf:a9:41:e9:1e:76:ab:09:61:e5:89:57:e3:4a:ef:
00:43:e0:17
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYeOY+lAWlmC0zG5/uKOaxlRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMTkyZThkNzg1NTgxZjcyYjE4NjQ0MjI0YmQ4YzNmYThh
MmQxMWIwHhcNMjMwNDE3MDg0NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjBmMjg0NWIyZjkzMWZhMDA3MjEwZjA4MDlmNjMzY2JkYjljZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5WCsv8FliqaRSwWpaOHhaRWZTf8
ZmNMdH+FcBk2dLuhd/xMVI+mA/FPE4JkrC6qefkMzc7fEatn4d/Aq/0aloL4qEaz
ntxBSbGNLl1YaEdbStvV/ii9Q93zKXq1rNkR34iPeLrmF2YYVVJkYvaIMlM0iXIp
thCHKkwp9IRPhjaZO7FdQMAykmetSL3dbDlBduoIetuW9t2ChQovuDg2bXZULQn8
4mFHdSpRqscBkGYgDZdcTHsUPoEInGkLE8T8Yl4kJZNxpP5+UL2xUcb0vDS7VCy2
rOQtKub6RIIOiQY5g/2x50wsNxPuwX0jd9l2SYbABFeQcMIE+YFCItNinwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFNIPKEWy+TH6AHIQ8ICfYzy9uc75MB8GA1UdIwQY
MBaAFJIZLo14VYH3KxhkQiS9jD+ootEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2hrdWpYaFZnZmNyR0dSQ0pMMk1QNmlpMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9kOWIzOTctZTEwNS00YWM5LTg1Mzct
MDA4NWEzNjVhMjVmLzEvMGc4b1JiTDVNZm9BY2hEd2dKOWpQTDI1enZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9kOWIzOTctZTEwNS00YWM5LTg1MzctMDA4NWEzNjVhMjVm
LzEva2hrdWpYaFZnZmNyR0dSQ0pMMk1QNmlpMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzAsBAIAATAmAwQCLZl0MAwD
BAWX7KADBAOX7LADBACX7LoDBAKX7LwDBADGoKgwIwQCAAIwHQMHACoQIgAAAjAS
AwcAKhAiAAALAwcAKhAiAAAMMA0GCSqGSIb3DQEBCwUAA4IBAQBDvLCr5F2L3Ara
6YLWvgTBAEteH1i/QhUBd8URuPrRUBlTSZgnEVWgY3H8qoO0CtHMHP/iX4SKaK2L
iPJByyXL8H7a2lAtZv/IEkPSnhu6oIlgm/KJ7GHQrfrwbG0ZlvC6EUO09AXWome8
pR5odAG42z+MiY5MdM6L0AAMkaq2P3XFCPvgrSh9g7yY8KjDoEoe33t7FW3yLAo6
4UIvZbmo+fx+D5y79zn9XCtcCd1SZ/GMs/wNbliXqto5VQbmoz/F0n2fa5Cls/8g
tRFRtwzPvEbrl5qDEkOT0IxmL4UKKoHWWhUEfDlRKyAJV73PqUHpHnarCWHliVfj
Su8AQ+AX
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:43 2025 by rpki-client