Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/I5UpPA3N0DGt7QYRvMENoRZiebs.roa
File: I5UpPA3N0DGt7QYRvMENoRZiebs.roa (raw, json)
Hash identifier: NWfM0RCqfAhA5IdaAhzKJJkFDtHkCBIf7753O0t8Id4=
Subject key identifier: 23:95:29:3C:0D:CD:D0:31:AD:ED:06:11:BC:C1:0D:A1:16:62:79:BB
Certificate issuer: /CN=92192e8d785581f72b18644224bd8c3fa8a2d11b
Certificate serial: 018BECDFF34E42D5D1EEBF0BB032B5D493B5
Authority key identifier: 92:19:2E:8D:78:55:81:F7:2B:18:64:42:24:BD:8C:3F:A8:A2:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/I5UpPA3N0DGt7QYRvMENoRZiebs.roa
Signing time: Mon 20 Nov 2023 13:16:21 +0000
ROA not before: Mon 20 Nov 2023 13:16:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59588
IP address blocks: 45.153.119.0/24 maxlen: 24
45.153.116.0/24 maxlen: 24
45.153.116.0/23 maxlen: 23
45.153.117.0/24 maxlen: 24
45.153.118.0/23 maxlen: 23
45.153.118.0/24 maxlen: 24
198.160.168.0/23 maxlen: 23
198.160.168.0/24 maxlen: 24
151.236.160.0/24 maxlen: 24
151.236.161.0/24 maxlen: 24
151.236.162.0/23 maxlen: 23
151.236.162.0/24 maxlen: 24
151.236.163.0/24 maxlen: 24
151.236.160.0/23 maxlen: 23
151.236.164.0/23 maxlen: 23
151.236.164.0/24 maxlen: 24
151.236.165.0/24 maxlen: 24
151.236.166.0/24 maxlen: 24
151.236.167.0/24 maxlen: 24
151.236.168.0/23 maxlen: 23
151.236.168.0/24 maxlen: 24
151.236.169.0/24 maxlen: 24
151.236.170.0/24 maxlen: 24
151.236.170.0/23 maxlen: 23
151.236.166.0/23 maxlen: 23
151.236.172.0/24 maxlen: 24
151.236.171.0/24 maxlen: 24
151.236.172.0/23 maxlen: 23
151.236.173.0/24 maxlen: 24
151.236.176.0/23 maxlen: 23
151.236.175.0/24 maxlen: 24
151.236.176.0/24 maxlen: 24
151.236.177.0/24 maxlen: 24
151.236.174.0/23 maxlen: 23
151.236.174.0/24 maxlen: 24
151.236.178.0/23 maxlen: 23
151.236.178.0/24 maxlen: 24
151.236.179.0/24 maxlen: 24
151.236.186.0/24 maxlen: 24
151.236.182.0/24 maxlen: 24
151.236.182.0/23 maxlen: 24
151.236.183.0/24 maxlen: 24
151.236.180.0/24 maxlen: 24
151.236.180.0/23 maxlen: 23
151.236.181.0/24 maxlen: 24
151.236.189.0/24 maxlen: 24
151.236.190.0/24 maxlen: 24
151.236.190.0/23 maxlen: 23
151.236.191.0/24 maxlen: 24
151.236.188.0/23 maxlen: 23
151.236.188.0/24 maxlen: 24
2a10:2200:b::/48 maxlen: 48
2a10:2200:c::/48 maxlen: 48
2a10:2200:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:df:f3:4e:42:d5:d1:ee:bf:0b:b0:32:b5:d4:93:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92192e8d785581f72b18644224bd8c3fa8a2d11b
Validity
Not Before: Nov 20 13:16:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2395293c0dcdd031aded0611bcc10da1166279bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:9c:d4:38:c4:3a:ba:f7:6b:4e:cc:7b:fa:23:
0f:ae:18:9e:cc:1d:c4:27:04:1e:c8:5e:e7:e6:e8:
6a:dd:7d:3e:4d:d6:ed:a8:a6:6d:2e:df:9e:e8:98:
26:28:90:0f:74:1a:40:ff:2b:90:87:11:5b:9d:cf:
aa:72:59:a9:3c:a0:7d:d2:0a:5d:0d:f6:8d:c7:f7:
25:94:bf:07:83:22:1f:08:2a:8a:f7:3c:32:0b:5b:
a5:3e:f1:3e:3b:0e:2a:b3:92:21:8d:37:11:a9:cb:
43:b6:47:ef:96:cb:23:40:ff:69:77:38:d1:1a:b1:
2d:7b:ee:e3:fa:1a:cd:db:c4:40:9d:c7:75:02:71:
e3:f0:05:a7:dd:12:08:46:cd:82:9b:53:77:3b:01:
8a:a1:cf:b9:ea:bc:4a:0d:3c:c7:fa:f5:e3:d4:90:
45:26:e3:5c:f5:12:42:41:90:07:ff:01:8b:fb:e9:
57:0f:ea:63:89:53:e0:d6:8f:66:8a:f3:95:d4:19:
91:4b:6e:d2:10:de:18:3a:e8:6a:9d:cc:34:d3:5c:
12:64:9c:82:c3:71:02:91:69:e3:60:5b:42:bc:2f:
7a:f0:b7:5a:0d:b9:7f:d5:f5:24:f4:02:00:f4:52:
38:f7:bf:ec:36:bc:71:c2:61:98:ec:9a:08:b4:44:
04:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:95:29:3C:0D:CD:D0:31:AD:ED:06:11:BC:C1:0D:A1:16:62:79:BB
X509v3 Authority Key Identifier:
keyid:92:19:2E:8D:78:55:81:F7:2B:18:64:42:24:BD:8C:3F:A8:A2:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/I5UpPA3N0DGt7QYRvMENoRZiebs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/khkujXhVgfcrGGRCJL2MP6ii0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.116.0/22
151.236.160.0-151.236.183.255
151.236.186.0/24
151.236.188.0/22
198.160.168.0/23
IPv6:
2a10:2200:2::/48
2a10:2200:b::-2a10:2200:c:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3b:4f:d5:0c:e5:bf:1e:85:3b:1a:8b:08:0f:77:d0:b2:eb:ed:
de:02:98:44:89:81:55:3c:61:59:bd:bd:f8:9d:29:54:31:76:
f3:ac:f5:af:c4:d3:47:5e:31:92:9c:3a:64:fc:b5:9d:32:8e:
06:8f:dd:0a:7f:2c:d7:17:86:e6:85:7c:8c:e8:da:d8:87:58:
45:3d:0b:f1:7e:dc:3a:24:57:12:a7:97:b5:e2:86:90:c4:d2:
df:bd:db:8f:37:b3:3c:7f:bc:dc:a7:f7:cf:50:be:83:05:08:
33:0c:38:09:28:46:80:d4:1e:db:44:a5:57:49:6e:8b:81:48:
51:45:98:a2:7a:6f:7b:40:3f:4b:a5:64:24:a3:5f:d6:54:91:
96:58:51:b7:30:05:de:62:a1:34:d3:18:cd:65:23:54:81:2a:
99:7e:09:8c:ab:66:3b:1c:98:39:c1:a2:dc:17:95:19:2a:2f:
6f:d6:86:3c:d6:f3:51:78:0d:eb:94:82:0a:d7:61:ff:d3:f2:
3e:06:1b:89:70:20:b1:6f:86:1d:93:ec:18:81:69:9b:b5:ea:
d8:e8:85:00:5c:46:48:d6:4a:87:b0:f9:70:e6:6f:ef:2c:e6:
92:f0:9c:ee:e5:59:2a:57:07:ea:b3:f6:7b:0d:fe:1f:63:6b:
73:d5:81:69
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYvs3/NOQtXR7r8LsDK11JO1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMTkyZThkNzg1NTgxZjcyYjE4NjQ0MjI0YmQ4YzNmYThh
MmQxMWIwHhcNMjMxMTIwMTMxNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzk1MjkzYzBkY2RkMDMxYWRlZDA2MTFiY2MxMGRhMTE2NjI3OWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJzUOMQ6uvdrTsx7+iMPrhiezB3E
JwQeyF7n5uhq3X0+TdbtqKZtLt+e6JgmKJAPdBpA/yuQhxFbnc+qclmpPKB90gpd
DfaNx/cllL8HgyIfCCqK9zwyC1ulPvE+Ow4qs5IhjTcRqctDtkfvlssjQP9pdzjR
GrEte+7j+hrN28RAncd1AnHj8AWn3RIIRs2Cm1N3OwGKoc+56rxKDTzH+vXj1JBF
JuNc9RJCQZAH/wGL++lXD+pjiVPg1o9mivOV1BmRS27SEN4YOuhqncw001wSZJyC
w3ECkWnjYFtCvC968LdaDbl/1fUk9AIA9FI497/sNrxxwmGY7JoItEQEPQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFCOVKTwNzdAxre0GEbzBDaEWYnm7MB8GA1UdIwQY
MBaAFJIZLo14VYH3KxhkQiS9jD+ootEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2hrdWpYaFZnZmNyR0dSQ0pMMk1QNmlpMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9kOWIzOTctZTEwNS00YWM5LTg1Mzct
MDA4NWEzNjVhMjVmLzEvSTVVcFBBM04wREd0N1FZUnZNRU5vUlppZWJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9kOWIzOTctZTEwNS00YWM5LTg1MzctMDA4NWEzNjVhMjVm
LzEva2hrdWpYaFZnZmNyR0dSQ0pMMk1QNmlpMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzAsBAIAATAmAwQCLZl0MAwD
BAWX7KADBAOX7LADBACX7LoDBAKX7LwDBAHGoKgwIwQCAAIwHQMHACoQIgAAAjAS
AwcAKhAiAAALAwcAKhAiAAAMMA0GCSqGSIb3DQEBCwUAA4IBAQA7T9UM5b8ehTsa
iwgPd9Cy6+3eAphEiYFVPGFZvb34nSlUMXbzrPWvxNNHXjGSnDpk/LWdMo4Gj90K
fyzXF4bmhXyM6NrYh1hFPQvxftw6JFcSp5e14oaQxNLfvduPN7M8f7zcp/fPUL6D
BQgzDDgJKEaA1B7bRKVXSW6LgUhRRZiiem97QD9LpWQko1/WVJGWWFG3MAXeYqE0
0xjNZSNUgSqZfgmMq2Y7HJg5waLcF5UZKi9v1oY81vNReA3rlIIK12H/0/I+BhuJ
cCCxb4Ydk+wYgWmbterY6IUAXEZI1kqHsPlw5m/vLOaS8Jzu5VkqVwfqs/Z7Df4f
Y2tz1YFp
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:03 2025 by rpki-client