Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/TpwMPZCOepUofPdFXUwu9qwnGno.roa
File: TpwMPZCOepUofPdFXUwu9qwnGno.roa (raw, json)
Hash identifier: J+ay0c+XxYbXPwYsRdggbtYG147wRT96021fPztTMy0=
Subject key identifier: 4E:9C:0C:3D:90:8E:7A:95:28:7C:F7:45:5D:4C:2E:F6:AC:27:1A:7A
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 05208C02
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/TpwMPZCOepUofPdFXUwu9qwnGno.roa
Signing time: Fri 18 Mar 2022 16:03:08 +0000
ROA not before: Fri 18 Mar 2022 16:03:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58061
IP address blocks: 37.252.3.0/24 maxlen: 24
37.252.14.0/23 maxlen: 23
37.252.13.0/24 maxlen: 24
185.238.170.0/23 maxlen: 23
185.238.168.0/23 maxlen: 23
37.1.200.0/21 maxlen: 21
37.1.216.0/21 maxlen: 21
5.45.72.0/22 maxlen: 22
5.45.76.0/22 maxlen: 22
5.45.84.0/22 maxlen: 22
5.45.88.0/22 maxlen: 22
5.61.48.0/22 maxlen: 22
5.61.56.0/22 maxlen: 22
5.61.52.0/22 maxlen: 22
5.45.64.0/21 maxlen: 21
45.136.48.0/22 maxlen: 22
2a02:c6c3::/32 maxlen: 32
2a02:c6c1:2::/48 maxlen: 48
2a02:c6c2::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86019074 (0x5208c02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Mar 18 16:03:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e9c0c3d908e7a95287cf7455d4c2ef6ac271a7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f7:a1:b7:32:4e:91:57:39:bc:d5:45:6b:33:
1d:c2:17:a7:28:2f:d6:f9:9d:c4:a8:34:44:4a:e5:
ae:db:a5:ff:be:27:6d:6b:64:75:2c:85:73:6e:cb:
8d:a6:78:0d:16:fc:88:5c:cf:1b:85:79:4b:59:b5:
69:1e:d4:ca:a2:86:f3:57:e4:69:87:5b:c7:55:d5:
52:1c:cd:d7:08:ef:03:b4:24:b0:70:7c:48:84:10:
80:04:37:d9:dd:5b:42:02:ff:cd:66:3e:bb:b5:ed:
29:48:f2:8b:ae:3e:2e:df:4a:22:07:19:88:1f:3c:
1b:bc:a7:56:c4:c8:e8:56:d7:2f:ef:52:ef:be:fc:
fa:e0:be:34:55:6d:31:43:e7:f7:3e:64:0a:43:4b:
ab:e5:52:aa:81:8e:20:f0:c1:45:50:f0:51:a7:70:
1b:77:d0:5f:ba:5b:fc:b8:00:21:e5:2c:8e:7b:24:
55:70:bb:e9:6c:34:46:6b:d3:90:ea:c5:ff:68:c4:
4a:21:1b:db:73:d2:3b:38:d0:e4:0e:ad:dd:33:9a:
fe:29:e7:74:ee:8b:ee:3e:75:05:4e:ec:9f:44:8b:
05:20:f0:d5:5e:b3:34:ac:5f:77:dc:f1:4a:c1:fd:
d6:00:1a:4c:ab:6e:b2:5b:78:4a:b2:0d:06:68:8e:
97:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:9C:0C:3D:90:8E:7A:95:28:7C:F7:45:5D:4C:2E:F6:AC:27:1A:7A
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/TpwMPZCOepUofPdFXUwu9qwnGno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.64.0/20
5.45.84.0-5.45.91.255
5.61.48.0-5.61.59.255
37.1.200.0/21
37.1.216.0/21
37.252.3.0/24
37.252.13.0-37.252.15.255
45.136.48.0/22
185.238.168.0/22
IPv6:
2a02:c6c1:2::/48
2a02:c6c2::/31
Signature Algorithm: sha256WithRSAEncryption
9a:91:54:88:47:4c:7d:0e:77:54:0c:3b:da:83:ee:38:a9:8c:
70:eb:36:c0:b9:4e:09:87:b1:bc:c3:26:bf:b1:ef:87:1a:a2:
8a:e5:c3:ee:82:23:48:87:ef:ff:d9:09:79:4b:07:98:96:c3:
71:1a:25:2b:f5:f7:ff:a6:1d:d8:64:09:54:2c:a0:dc:22:e7:
99:01:eb:f9:b3:20:a0:4d:80:f0:27:7d:b1:62:f3:24:db:9d:
db:24:b0:8a:88:52:77:7c:0d:93:89:b3:02:d9:8c:15:75:8d:
30:ae:65:67:96:59:bd:3a:4e:29:0f:84:ba:ab:50:00:ae:bc:
42:1f:61:93:69:41:7e:3c:39:dd:7f:59:0e:76:d9:c8:61:24:
a6:53:da:48:2c:d0:7f:b3:16:82:02:c4:95:e7:61:c2:c9:5b:
23:fc:7a:af:c3:49:34:98:62:aa:22:81:44:36:d1:b2:11:2b:
cc:e8:4f:5c:58:37:aa:b2:0c:32:d2:8d:df:b5:df:82:70:03:
59:1f:f0:d5:1e:62:d6:91:c4:53:e3:ee:62:7f:a0:11:b6:99:
42:1f:b8:6b:39:b2:6d:f8:11:72:15:e6:f6:21:a5:f7:cd:ed:
47:33:43:02:d4:aa:62:21:4c:83:b8:e6:1b:fa:5b:53:ea:73:
87:2e:30:79
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIEBSCMAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZWY1Y2IyZjU5MGQwNDE2NTRmNGRmZGI2MGEyOGY5YTE1NDRmNDQ0MB4XDTIyMDMx
ODE2MDMwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGU5YzBjM2Q5MDhl
N2E5NTI4N2NmNzQ1NWQ0YzJlZjZhYzI3MWE3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALT3obcyTpFXObzVRWszHcIXpygv1vmdxKg0RErlrtul/74n
bWtkdSyFc27LjaZ4DRb8iFzPG4V5S1m1aR7UyqKG81fkaYdbx1XVUhzN1wjvA7Qk
sHB8SIQQgAQ32d1bQgL/zWY+u7XtKUjyi64+Lt9KIgcZiB88G7ynVsTI6FbXL+9S
7778+uC+NFVtMUPn9z5kCkNLq+VSqoGOIPDBRVDwUadwG3fQX7pb/LgAIeUsjnsk
VXC76Ww0RmvTkOrF/2jESiEb23PSOzjQ5A6t3TOa/inndO6L7j51BU7sn0SLBSDw
1V6zNKxfd9zxSsH91gAaTKtuslt4SrINBmiOl2sCAwEAAaOCAmkwggJlMB0GA1Ud
DgQWBBROnAw9kI56lSh890VdTC72rCcaejAfBgNVHSMEGDAWgBQO9csvWQ0EFlT0
39tgoo+aFUT0RDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0R2WExMMWtOQkJaVTlOX2JZS0tQbWhWRTlFUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvMjI2ZjA0LWY3ZGItNDkxYS1iYWZiLWVlNDM1ZDNjZDU4NS8x
L1Rwd01QWkNPZXBVb2ZQZEZYVXd1OXF3bkduby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
MjI2ZjA0LWY3ZGItNDkxYS1iYWZiLWVlNDM1ZDNjZDU4NS8xL0R2WExMMWtOQkJa
VTlOX2JZS0tQbWhWRTlFUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB/
BggrBgEFBQcBBwEB/wRwMG4wVAQCAAEwTgMEBAUtQDAMAwQCBS1UAwQCBS1YMAwD
BAQFPTADBAIFPTgDBAMlAcgDBAMlAdgDBAAl/AMwDAMEACX8DQMEBCX8AAMEAi2I
MAMEArnuqDAWBAIAAjAQAwcAKgLGwQACAwUBKgLGwjANBgkqhkiG9w0BAQsFAAOC
AQEAmpFUiEdMfQ53VAw72oPuOKmMcOs2wLlOCYexvMMmv7HvhxqiiuXD7oIjSIfv
/9kJeUsHmJbDcRolK/X3/6Yd2GQJVCyg3CLnmQHr+bMgoE2A8Cd9sWLzJNud2ySw
iohSd3wNk4mzAtmMFXWNMK5lZ5ZZvTpOKQ+EuqtQAK68Qh9hk2lBfjw53X9ZDnbZ
yGEkplPaSCzQf7MWggLEledhwslbI/x6r8NJNJhiqiKBRDbRshErzOhPXFg3qrIM
MtKN37XfgnADWR/w1R5i1pHEU+PuYn+gEbaZQh+4azmybfgRchXm9iGl983tRzND
AtSqYiFMg7jmG/pbU+pzhy4weQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:42 2024 by rpki-client on console-ams.rpki-client.org