Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/0X4V4YwX6wPh2UIqGmlJnRGrg-s.roa
File: 0X4V4YwX6wPh2UIqGmlJnRGrg-s.roa (raw, json)
Hash identifier: MPyH0R61RmfLMP//sIQdpiUPGPQDXbeSkrwdWqWGqHQ=
Subject key identifier: D1:7E:15:E1:8C:17:EB:03:E1:D9:42:2A:1A:69:49:9D:11:AB:83:EB
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01831018F8BEC14018CBFCA722408AF53AC3
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/0X4V4YwX6wPh2UIqGmlJnRGrg-s.roa
Signing time: Tue 06 Sep 2022 00:00:15 +0000
ROA not before: Tue 06 Sep 2022 00:00:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 23959
IP address blocks: 141.98.196.0/24 maxlen: 24
141.98.198.0/24 maxlen: 24
141.98.197.0/24 maxlen: 24
45.66.216.0/22 maxlen: 24
45.159.48.0/22 maxlen: 24
45.142.125.0/24 maxlen: 24
45.142.127.0/24 maxlen: 24
45.142.126.0/24 maxlen: 24
147.78.240.0/21 maxlen: 24
185.200.64.0/24 maxlen: 24
149.62.44.0/24 maxlen: 24
94.124.119.0/24 maxlen: 24
185.200.66.0/24 maxlen: 24
149.62.47.0/24 maxlen: 24
149.62.46.0/24 maxlen: 24
193.111.30.0/23 maxlen: 24
195.245.219.0/24 maxlen: 24
45.149.156.0/22 maxlen: 24
78.142.228.0/22 maxlen: 24
45.130.21.0/24 maxlen: 24
213.232.112.0/22 maxlen: 24
176.119.148.0/22 maxlen: 24
195.245.242.0/24 maxlen: 24
195.245.241.0/24 maxlen: 24
88.214.20.0/22 maxlen: 24
194.104.155.0/24 maxlen: 24
194.104.154.0/24 maxlen: 24
194.104.153.0/24 maxlen: 24
45.147.51.0/24 maxlen: 24
45.147.48.0/24 maxlen: 24
45.147.49.0/24 maxlen: 24
194.36.24.0/24 maxlen: 24
95.214.165.0/24 maxlen: 24
95.214.164.0/24 maxlen: 24
45.143.233.0/24 maxlen: 24
194.36.27.0/24 maxlen: 24
45.143.234.0/24 maxlen: 24
45.143.235.0/24 maxlen: 24
194.169.54.0/24 maxlen: 24
45.66.128.0/22 maxlen: 24
91.200.240.0/24 maxlen: 24
185.194.54.0/24 maxlen: 24
91.200.242.0/24 maxlen: 24
91.200.243.0/24 maxlen: 24
193.32.148.0/22 maxlen: 24
2a09:7::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:10:18:f8:be:c1:40:18:cb:fc:a7:22:40:8a:f5:3a:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Sep 6 00:00:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d17e15e18c17eb03e1d9422a1a69499d11ab83eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e1:ab:b6:8f:ac:88:81:34:82:6e:54:47:c3:
57:6e:4f:51:32:8d:bb:d9:18:2a:03:c5:98:fb:bf:
8f:f7:ff:da:7e:31:33:4b:8f:70:9c:57:a8:41:0e:
62:9f:ed:fe:6f:02:02:7a:93:35:9b:94:fc:6b:d4:
48:45:76:8c:1f:06:e5:e3:87:be:03:9e:91:ef:19:
8a:3d:df:42:31:cd:46:68:42:0c:42:ae:04:c6:f6:
eb:60:75:12:cd:00:10:fa:cd:89:b1:b8:41:f8:4e:
6a:5e:27:18:c1:66:fe:70:60:8a:08:9d:eb:b4:be:
7b:b8:14:e3:2c:8a:0c:a4:95:db:dc:0f:b9:61:dc:
8e:1d:22:3c:fb:31:eb:ef:59:65:52:c4:21:c1:9a:
b2:a8:83:82:33:96:15:11:d4:66:10:94:fc:0c:bd:
59:03:5a:6a:3b:2e:57:84:62:45:68:45:43:3b:e5:
0d:db:29:e5:94:1a:90:28:4f:5e:92:9b:4a:ae:ab:
69:19:c1:3b:3c:64:f0:f5:3c:d9:cd:d5:7d:ff:ca:
55:0b:a2:2b:c0:97:40:70:62:fd:7b:54:60:0c:70:
5c:ee:06:cc:82:73:c5:f5:f7:d0:14:22:f5:ea:c5:
bb:0e:90:07:99:07:d0:c3:2e:7b:7a:90:43:ab:06:
c0:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:7E:15:E1:8C:17:EB:03:E1:D9:42:2A:1A:69:49:9D:11:AB:83:EB
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/0X4V4YwX6wPh2UIqGmlJnRGrg-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.128.0/22
45.66.216.0/22
45.130.21.0/24
45.142.125.0-45.142.127.255
45.143.233.0-45.143.235.255
45.147.48.0/23
45.147.51.0/24
45.149.156.0/22
45.159.48.0/22
78.142.228.0/22
88.214.20.0/22
91.200.240.0/24
91.200.242.0/23
94.124.119.0/24
95.214.164.0/23
141.98.196.0-141.98.198.255
147.78.240.0/21
149.62.44.0/24
149.62.46.0/23
176.119.148.0/22
185.194.54.0/24
185.200.64.0/24
185.200.66.0/24
193.32.148.0/22
193.111.30.0/23
194.36.24.0/24
194.36.27.0/24
194.104.153.0-194.104.155.255
194.169.54.0/24
195.245.219.0/24
195.245.241.0-195.245.242.255
213.232.112.0/22
IPv6:
2a09:7::/36
Signature Algorithm: sha256WithRSAEncryption
31:dc:7b:c2:f8:81:d6:b1:ae:ff:9f:39:66:6c:b2:17:76:43:
1e:04:53:0d:c7:f4:3d:71:cd:a2:c7:d1:d3:e7:a4:55:96:b4:
28:4e:90:3b:86:e6:ae:5d:f0:58:dd:c1:3c:c5:4b:08:02:57:
fc:be:01:30:bc:fc:48:40:7f:13:75:01:78:b0:3d:a0:04:0b:
70:2e:58:4e:34:9c:0a:fd:cf:6d:5d:48:d8:d8:5d:79:55:7e:
a1:c7:37:64:e6:60:2d:64:b3:20:02:bb:8b:59:a2:e8:30:46:
42:ec:80:9a:f4:b6:05:b2:46:d5:b0:41:18:e8:e4:3e:8b:4b:
a7:84:55:50:b6:69:f1:58:f2:e6:3f:d5:16:1d:25:84:ef:f8:
a1:1b:f1:1b:97:ce:c7:64:82:9d:c5:97:fe:22:92:e1:54:76:
31:62:3c:1f:92:46:60:6e:b6:0c:41:59:84:29:b4:1d:68:9f:
55:51:1c:93:14:db:84:7e:67:e5:4c:96:7b:93:55:bc:43:78:
5f:45:9e:79:83:72:65:e9:c4:d3:2d:db:e1:ea:81:83:c0:fc:
9a:34:65:1a:65:5c:e2:a9:e1:97:15:de:3b:bc:2b:f5:48:05:
cd:5a:d7:11:45:1e:81:40:c6:52:8a:11:79:3c:61:b9:78:f3:
68:41:44:84
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgISAYMQGPi+wUAYy/ynIkCK9TrDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjIwOTA2MDAwMDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTdlMTVlMThjMTdlYjAzZTFkOTQyMmExYTY5NDk5ZDExYWI4M2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneGrto+siIE0gm5UR8NXbk9RMo27
2RgqA8WY+7+P9//afjEzS49wnFeoQQ5in+3+bwICepM1m5T8a9RIRXaMHwbl44e+
A56R7xmKPd9CMc1GaEIMQq4ExvbrYHUSzQAQ+s2JsbhB+E5qXicYwWb+cGCKCJ3r
tL57uBTjLIoMpJXb3A+5YdyOHSI8+zHr71llUsQhwZqyqIOCM5YVEdRmEJT8DL1Z
A1pqOy5XhGJFaEVDO+UN2ynllBqQKE9ekptKrqtpGcE7PGTw9TzZzdV9/8pVC6Ir
wJdAcGL9e1RgDHBc7gbMgnPF9ffQFCL16sW7DpAHmQfQwy57epBDqwbAaQIDAQAB
o4IDAzCCAv8wHQYDVR0OBBYEFNF+FeGMF+sD4dlCKhppSZ0Rq4PrMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvMFg0VjRZd1g2d1BoMlVJcUdtbEpuUkdyZy1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFwYIKwYBBQUHAQcBAf8EggEGMIIBAjCB7wQCAAEwgegD
BAItQoADBAItQtgDBAAtghUwDAMEAC2OfQMEBy2OADAMAwQALY/pAwQCLY/oAwQB
LZMwAwQALZMzAwQCLZWcAwQCLZ8wAwQCTo7kAwQCWNYUAwQAW8jwAwQBW8jyAwQA
Xnx3AwQBX9akMAwDBAKNYsQDBACNYsYDBAOTTvADBACVPiwDBAGVPi4DBAKwd5QD
BAC5wjYDBAC5yEADBAC5yEIDBALBIJQDBAHBbx4DBADCJBgDBADCJBswDAMEAMJo
mQMEAsJomAMEAMKpNgMEAMP12zAMAwQAw/XxAwQAw/XyAwQC1ehwMA4EAgACMAgD
BgQqCQAHADANBgkqhkiG9w0BAQsFAAOCAQEAMdx7wviB1rGu/585ZmyyF3ZDHgRT
Dcf0PXHNosfR0+ekVZa0KE6QO4bmrl3wWN3BPMVLCAJX/L4BMLz8SEB/E3UBeLA9
oAQLcC5YTjScCv3PbV1I2NhdeVV+occ3ZOZgLWSzIAK7i1mi6DBGQuyAmvS2BbJG
1bBBGOjkPotLp4RVULZp8Vjy5j/VFh0lhO/4oRvxG5fOx2SCncWX/iKS4VR2MWI8
H5JGYG62DEFZhCm0HWifVVEckxTbhH5n5UyWe5NVvEN4X0WeeYNyZenE0y3b4eqB
g8D8mjRlGmVc4qnhlxXeO7wr9UgFzVrXEUUegUDGUooReTxhuXjzaEFEhA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:58 2023 by rpki-client on console-fra.rpki-client.org