Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/TjkCkDp7tVrkWJcp_m6YS99PeIs.roa
File: TjkCkDp7tVrkWJcp_m6YS99PeIs.roa (raw, json)
Hash identifier: ZCffl4nkgzd7w4BuLbMNpoFB7Pi/T3GIlCGGGccHmt4=
Subject key identifier: 4E:39:02:90:3A:7B:B5:5A:E4:58:97:29:FE:6E:98:4B:DF:4F:78:8B
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 1874EEA2
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/TjkCkDp7tVrkWJcp_m6YS99PeIs.roa
Signing time: Thu 02 Jun 2022 09:41:19 +0000
ROA not before: Thu 02 Jun 2022 09:41:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58272
IP address blocks: 37.230.187.0/24 maxlen: 24
188.72.119.0/24 maxlen: 24
178.170.231.0/24 maxlen: 24
178.170.139.0/24 maxlen: 24
178.170.137.0/24 maxlen: 24
178.170.140.0/24 maxlen: 24
217.150.90.0/24 maxlen: 24
217.150.89.0/24 maxlen: 24
217.150.88.0/24 maxlen: 24
217.150.91.0/24 maxlen: 24
217.150.94.0/24 maxlen: 24
217.150.93.0/24 maxlen: 24
217.150.92.0/24 maxlen: 24
217.150.95.0/24 maxlen: 24
46.243.149.0/24 maxlen: 24
37.18.0.0/24 maxlen: 24
185.4.150.0/24 maxlen: 24
37.18.15.0/24 maxlen: 24
185.4.149.0/24 maxlen: 24
185.4.148.0/24 maxlen: 24
185.4.151.0/24 maxlen: 24
141.101.255.0/24 maxlen: 24
46.243.139.0/24 maxlen: 24
46.243.138.0/24 maxlen: 24
37.230.134.0/24 maxlen: 24
188.72.73.0/24 maxlen: 24
188.72.83.0/24 maxlen: 24
188.72.81.0/24 maxlen: 24
188.72.80.0/24 maxlen: 24
188.72.85.0/24 maxlen: 24
188.72.84.0/24 maxlen: 24
37.230.163.0/24 maxlen: 24
188.72.86.0/24 maxlen: 24
37.230.170.0/24 maxlen: 24
37.230.171.0/24 maxlen: 24
37.230.176.0/24 maxlen: 24
37.230.183.0/24 maxlen: 24
37.230.182.0/24 maxlen: 24
46.243.204.0/24 maxlen: 24
46.243.208.0/24 maxlen: 24
46.243.207.0/24 maxlen: 24
46.243.214.0/24 maxlen: 24
46.243.217.0/24 maxlen: 24
46.243.216.0/24 maxlen: 24
46.243.222.0/24 maxlen: 24
46.243.221.0/24 maxlen: 24
46.243.225.0/24 maxlen: 24
46.243.223.0/24 maxlen: 24
46.243.232.0/24 maxlen: 24
46.243.233.0/24 maxlen: 24
37.18.63.0/24 maxlen: 24
46.243.240.0/24 maxlen: 24
46.243.236.0/24 maxlen: 24
46.243.235.0/24 maxlen: 24
46.243.234.0/24 maxlen: 24
46.243.238.0/24 maxlen: 24
46.243.237.0/24 maxlen: 24
46.243.243.0/24 maxlen: 24
46.243.242.0/24 maxlen: 24
46.243.241.0/24 maxlen: 24
46.243.246.0/24 maxlen: 24
46.243.250.0/24 maxlen: 24
46.243.249.0/24 maxlen: 24
46.243.248.0/24 maxlen: 24
46.243.247.0/24 maxlen: 24
37.230.131.0/24 maxlen: 24
46.243.251.0/24 maxlen: 24
128.0.71.0/24 maxlen: 24
141.101.191.0/24 maxlen: 24
141.101.132.0/24 maxlen: 24
141.101.133.0/24 maxlen: 24
141.101.135.0/24 maxlen: 24
141.101.145.0/24 maxlen: 24
141.101.143.0/24 maxlen: 24
141.101.148.0/24 maxlen: 24
141.101.147.0/24 maxlen: 24
141.101.150.0/24 maxlen: 24
141.101.149.0/24 maxlen: 24
141.101.155.0/24 maxlen: 24
141.101.154.0/24 maxlen: 24
141.101.153.0/24 maxlen: 24
141.101.159.0/24 maxlen: 24
141.101.158.0/24 maxlen: 24
141.101.156.0/24 maxlen: 24
141.101.162.0/24 maxlen: 24
141.101.161.0/24 maxlen: 24
141.101.160.0/24 maxlen: 24
141.101.166.0/24 maxlen: 24
141.101.165.0/24 maxlen: 24
141.101.164.0/24 maxlen: 24
141.101.168.0/24 maxlen: 24
141.101.167.0/24 maxlen: 24
141.101.171.0/24 maxlen: 24
141.101.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 410316450 (0x1874eea2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jun 2 09:41:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e3902903a7bb55ae4589729fe6e984bdf4f788b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:1a:7f:4a:91:c1:41:92:a5:1d:93:d2:c6:92:
25:e3:91:c2:fd:7d:c2:e7:f4:e0:67:0c:78:80:c2:
1f:43:9f:8d:c7:4a:df:2e:4b:4f:5b:fd:bd:c6:ba:
43:11:ea:d3:6d:cf:94:c3:03:bc:39:44:2b:dd:ff:
b6:d7:75:0b:e4:36:d8:5b:81:c0:01:44:7b:1f:e9:
92:2e:02:37:68:e1:60:87:14:3c:ee:e4:0f:0c:75:
b5:de:34:eb:09:f0:f8:04:48:9c:25:11:de:b2:bf:
c2:3e:b2:33:d0:ab:ee:7a:d0:c7:68:f0:16:46:74:
7f:24:59:36:a8:7b:d5:b0:c9:22:42:af:85:e0:b5:
f4:fb:22:3a:08:dc:1a:52:00:16:2e:0d:98:e0:44:
4e:a8:0e:23:c0:a2:7d:1f:d7:7c:20:ed:75:47:66:
6c:46:43:a0:1c:bc:8e:eb:55:7a:84:9e:a5:96:34:
54:00:77:33:eb:d1:2f:2d:86:fa:e2:98:5d:3a:a6:
09:38:bd:9b:bd:df:b1:f1:d8:94:fd:01:4e:8f:b0:
da:10:9f:e1:f2:08:d7:5a:1d:81:fc:50:f0:db:6f:
9a:9a:91:a3:ea:1b:fd:52:e7:d8:91:10:11:13:35:
9e:33:c3:10:0b:dc:81:4d:c2:97:66:3e:36:02:f9:
15:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:39:02:90:3A:7B:B5:5A:E4:58:97:29:FE:6E:98:4B:DF:4F:78:8B
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/TjkCkDp7tVrkWJcp_m6YS99PeIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.0.0/24
37.18.15.0/24
37.18.63.0/24
37.230.131.0/24
37.230.134.0/24
37.230.163.0/24
37.230.170.0/23
37.230.176.0/24
37.230.182.0/23
37.230.187.0/24
46.243.138.0/23
46.243.149.0/24
46.243.204.0/24
46.243.207.0-46.243.208.255
46.243.214.0/24
46.243.216.0/23
46.243.221.0-46.243.223.255
46.243.225.0/24
46.243.232.0-46.243.238.255
46.243.240.0/22
46.243.246.0-46.243.251.255
128.0.71.0/24
141.101.132.0/23
141.101.135.0/24
141.101.143.0/24
141.101.145.0/24
141.101.147.0-141.101.150.255
141.101.153.0-141.101.156.255
141.101.158.0-141.101.162.255
141.101.164.0-141.101.168.255
141.101.170.0/23
141.101.191.0/24
141.101.255.0/24
178.170.137.0/24
178.170.139.0-178.170.140.255
178.170.231.0/24
185.4.148.0/22
188.72.73.0/24
188.72.80.0/23
188.72.83.0-188.72.86.255
188.72.119.0/24
217.150.88.0/21
Signature Algorithm: sha256WithRSAEncryption
7e:4c:5d:56:69:ca:2a:03:57:4d:9f:03:61:96:e6:7e:d7:c3:
ca:5c:c8:cd:e4:bc:6b:f1:ab:6c:aa:e0:5f:d7:e6:96:9d:5a:
ae:ba:84:bf:2d:28:fa:61:42:62:62:93:f1:3e:ea:66:54:fb:
9a:9e:b1:4d:e2:01:d3:fd:2c:f9:e4:da:94:65:0f:df:61:da:
47:a0:41:a0:f1:78:df:5c:f7:4f:fa:a1:d0:fd:bf:6d:35:17:
68:81:81:3f:5d:d8:39:9e:e5:4b:93:0e:cd:43:95:89:b4:5b:
89:1b:db:80:33:c5:3e:10:bf:b7:41:ff:c3:d3:85:e9:f3:92:
16:72:a3:c6:2a:70:42:6f:cc:d6:22:a1:6c:97:f3:33:4e:68:
67:87:6b:33:67:88:f4:e1:53:dc:3b:e2:cd:98:79:e4:ae:87:
e7:f6:a4:89:25:42:bd:8a:86:2c:fe:ee:bc:2d:f4:68:e9:35:
2c:df:38:c6:d1:7d:da:7f:ac:d1:87:55:32:18:c7:cd:26:be:
5c:e9:fe:2f:3d:c6:1c:33:3f:17:fc:13:f1:80:c2:e1:18:3d:
7a:4e:25:4c:8c:81:29:13:c0:f4:24:bf:91:96:d2:8b:e8:01:
9c:5d:9a:f6:25:44:b2:ae:f2:a7:66:97:c3:e2:99:4d:08:4d:
b3:aa:0a:d2
-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgIEGHTuojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODg1ZTg4NGMyZmM3YTc1ZDEyZGQxZGVhNDljZTIzNDljNDcwNjdlMB4XDTIyMDYw
MjA5NDExOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGUzOTAyOTAzYTdi
YjU1YWU0NTg5NzI5ZmU2ZTk4NGJkZjRmNzg4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN4af0qRwUGSpR2T0saSJeORwv19wuf04GcMeIDCH0OfjcdK
3y5LT1v9vca6QxHq023PlMMDvDlEK93/ttd1C+Q22FuBwAFEex/pki4CN2jhYIcU
PO7kDwx1td406wnw+ARInCUR3rK/wj6yM9Cr7nrQx2jwFkZ0fyRZNqh71bDJIkKv
heC19PsiOgjcGlIAFi4NmOBETqgOI8CifR/XfCDtdUdmbEZDoBy8jutVeoSepZY0
VAB3M+vRLy2G+uKYXTqmCTi9m73fsfHYlP0BTo+w2hCf4fII11odgfxQ8NtvmpqR
o+ob/VLn2JEQERM1njPDEAvcgU3Cl2Y+NgL5Fd8CAwEAAaOCA1kwggNVMB0GA1Ud
DgQWBBROOQKQOnu1WuRYlyn+bphL3094izAfBgNVHSMEGDAWgBRYheiEwvx6ddEt
0d6knOI0nEcGfjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dJWG9oTUw4ZW5YUkxkSGVwSnppTkp4SEJuNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvNmMwYmY3LTVmMTMtNDRhMi05OTg5LThjOTU4MWQ5NmQ4Zi8x
L1Rqa0NrRHA3dFZya1dKY3BfbTZZUzk5UGVJcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
NmMwYmY3LTVmMTMtNDRhMi05OTg5LThjOTU4MWQ5NmQ4Zi8xL1dJWG9oTUw4ZW5Y
UkxkSGVwSnppTkp4SEJuNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AW0GCCsGAQUFBwEHAQH/BIIBXDCCAVgwggFUBAIAATCCAUwDBAAlEgADBAAlEg8D
BAAlEj8DBAAl5oMDBAAl5oYDBAAl5qMDBAEl5qoDBAAl5rADBAEl5rYDBAAl5rsD
BAEu84oDBAAu85UDBAAu88wwDAMEAC7zzwMEAC7z0AMEAC7z1gMEAS7z2DAMAwQA
LvPdAwQFLvPAAwQALvPhMAwDBAMu8+gDBAAu8+4DBAIu8/AwDAMEAS7z9gMEAi7z
+AMEAIAARwMEAY1lhAMEAI1lhwMEAI1ljwMEAI1lkTAMAwQAjWWTAwQAjWWWMAwD
BACNZZkDBACNZZwwDAMEAY1lngMEAI1lojAMAwQCjWWkAwQAjWWoAwQBjWWqAwQA
jWW/AwQAjWX/AwQAsqqJMAwDBACyqosDBACyqowDBACyqucDBAK5BJQDBAC8SEkD
BAG8SFAwDAMEALxIUwMEALxIVgMEALxIdwMEA9mWWDANBgkqhkiG9w0BAQsFAAOC
AQEAfkxdVmnKKgNXTZ8DYZbmftfDylzIzeS8a/GrbKrgX9fmlp1arrqEvy0o+mFC
YmKT8T7qZlT7mp6xTeIB0/0s+eTalGUP32HaR6BBoPF431z3T/qh0P2/bTUXaIGB
P13YOZ7lS5MOzUOVibRbiRvbgDPFPhC/t0H/w9OF6fOSFnKjxipwQm/M1iKhbJfz
M05oZ4drM2eI9OFT3DvizZh55K6H5/akiSVCvYqGLP7uvC30aOk1LN84xtF92n+s
0YdVMhjHzSa+XOn+Lz3GHDM/F/wT8YDC4Rg9ek4lTIyBKRPA9CS/kZbSi+gBnF2a
9iVEsq7yp2aXw+KZTQhNs6oK0g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:55 2023 by rpki-client on console-fra.rpki-client.org