Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/7eoKVc_7MNEXbZmScXfHmR-1nkA.roa
File: 7eoKVc_7MNEXbZmScXfHmR-1nkA.roa (raw, json)
Hash identifier: lZ5NGy4zFXIrjZRVEjPpn1acLc1fK3UHL8IJ1AMcM0E=
Subject key identifier: ED:EA:0A:55:CF:FB:30:D1:17:6D:99:92:71:77:C7:99:1F:B5:9E:40
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01836F2DAF6BA891242111DB5908DE8746CD
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/7eoKVc_7MNEXbZmScXfHmR-1nkA.roa
Signing time: Sat 24 Sep 2022 11:06:48 +0000
ROA not before: Sat 24 Sep 2022 11:06:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 23959
IP address blocks: 45.66.216.0/22 maxlen: 24
92.60.43.0/24 maxlen: 24
94.124.119.0/24 maxlen: 24
195.245.219.0/24 maxlen: 24
193.111.30.0/23 maxlen: 24
45.130.21.0/24 maxlen: 24
176.119.148.0/22 maxlen: 24
88.214.20.0/22 maxlen: 24
45.147.48.0/24 maxlen: 24
45.147.51.0/24 maxlen: 24
45.147.49.0/24 maxlen: 24
194.36.24.0/24 maxlen: 24
95.214.165.0/24 maxlen: 24
194.36.27.0/24 maxlen: 24
95.214.164.0/24 maxlen: 24
45.143.233.0/24 maxlen: 24
45.143.234.0/24 maxlen: 24
45.143.235.0/24 maxlen: 24
45.66.128.0/22 maxlen: 24
91.200.240.0/24 maxlen: 24
185.194.54.0/24 maxlen: 24
91.200.242.0/24 maxlen: 24
91.200.243.0/24 maxlen: 24
193.32.148.0/22 maxlen: 24
141.98.196.0/24 maxlen: 24
141.98.198.0/24 maxlen: 24
141.98.197.0/24 maxlen: 24
45.159.48.0/22 maxlen: 24
45.142.125.0/24 maxlen: 24
45.142.127.0/24 maxlen: 24
45.142.126.0/24 maxlen: 24
147.78.240.0/21 maxlen: 24
185.200.64.0/24 maxlen: 24
149.62.44.0/24 maxlen: 24
185.200.66.0/24 maxlen: 24
149.62.46.0/24 maxlen: 24
149.62.47.0/24 maxlen: 24
45.149.156.0/22 maxlen: 24
78.142.228.0/22 maxlen: 24
213.232.112.0/22 maxlen: 24
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
194.104.155.0/24 maxlen: 24
194.104.153.0/24 maxlen: 24
194.104.154.0/24 maxlen: 24
45.14.64.0/22 maxlen: 24
194.169.54.0/24 maxlen: 24
2a09:7::/36 maxlen: 48
2a0d:c7c1::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:6f:2d:af:6b:a8:91:24:21:11:db:59:08:de:87:46:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Sep 24 11:06:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=edea0a55cffb30d1176d99927177c7991fb59e40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:2e:66:f6:97:1a:5d:6e:ce:05:c2:e2:ae:a9:
46:dc:52:2e:96:84:f7:b7:fa:77:00:d2:6a:61:2c:
e2:9b:b3:dc:83:5e:b1:c9:6f:ce:a2:42:33:e5:a1:
f3:c5:17:7e:b5:0d:f5:8d:0e:e6:fb:f3:f7:10:7f:
8d:98:d0:52:79:80:9b:c8:d0:e6:35:91:ec:68:70:
1c:2e:c0:15:bf:f7:80:b0:40:e7:07:73:b9:31:e6:
2e:ed:ac:68:ae:06:3f:77:11:c1:f2:0e:72:fd:c4:
51:1b:a9:7e:f5:5e:9e:cb:68:bb:31:af:78:60:eb:
5b:12:41:b5:4a:b9:df:d8:fd:6e:bf:48:05:90:35:
22:7f:41:0f:94:7d:e5:1c:3d:86:a8:1d:67:10:b8:
8b:67:20:0f:68:a6:79:26:35:bc:32:88:74:b9:ab:
ec:58:2d:ec:f7:89:76:40:4c:84:27:5a:8e:0a:4a:
49:c7:11:8e:da:ae:1a:c4:7e:0e:87:a1:e5:67:ec:
8f:fd:19:78:fa:5c:4f:17:74:7a:e2:3d:6b:01:19:
fa:9f:45:d9:0e:8d:f2:fc:06:28:b2:f4:b4:9a:83:
b8:a3:10:e1:45:1b:d4:2e:31:e3:85:89:b2:27:ad:
02:c3:e0:c9:da:6f:db:c3:30:2d:31:ca:d2:13:85:
03:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:EA:0A:55:CF:FB:30:D1:17:6D:99:92:71:77:C7:99:1F:B5:9E:40
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/7eoKVc_7MNEXbZmScXfHmR-1nkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.64.0/22
45.66.128.0/22
45.66.216.0/22
45.130.21.0/24
45.142.125.0-45.142.127.255
45.143.233.0-45.143.235.255
45.147.48.0/23
45.147.51.0/24
45.149.156.0/22
45.159.48.0/22
78.142.228.0/22
88.214.20.0/22
91.200.240.0/24
91.200.242.0/23
92.60.43.0/24
94.124.119.0/24
95.214.164.0/23
141.98.196.0-141.98.198.255
147.78.240.0/21
149.62.44.0/24
149.62.46.0/23
176.119.148.0/22
185.194.54.0/24
185.200.64.0/24
185.200.66.0/24
193.32.148.0/22
193.111.30.0/23
194.36.24.0/24
194.36.27.0/24
194.104.153.0-194.104.155.255
194.169.54.0/24
195.245.219.0/24
195.245.241.0-195.245.242.255
213.232.112.0/22
IPv6:
2a09:7::/36
2a0d:c7c1::/32
Signature Algorithm: sha256WithRSAEncryption
50:75:c5:12:78:55:00:08:95:99:c7:ec:9f:e3:66:f4:f0:e3:
2f:9c:cc:ec:6a:6c:40:57:3f:08:55:9d:98:0c:d9:03:3d:b0:
ba:02:13:ee:60:61:38:2f:a9:1a:70:a3:4d:bd:2b:35:19:d3:
8e:60:e3:56:08:3d:26:8c:dd:f9:99:56:e3:99:30:79:7a:c7:
95:2b:47:15:98:17:8b:5e:69:52:d5:33:d6:62:d8:ba:99:92:
0e:e4:1b:b0:5c:b2:62:7c:d3:0e:4b:a6:c3:42:fb:d7:f3:fc:
66:b3:43:21:8a:ff:d1:27:3f:de:28:6b:a7:57:da:98:c5:59:
df:49:e8:db:c1:2a:76:83:47:ee:05:26:f2:3c:c7:8c:5e:03:
82:46:2d:7d:4c:10:9f:f5:75:47:18:d7:c4:c9:88:e0:dd:70:
f9:54:0e:f6:6e:a0:1c:98:9d:25:10:da:54:d1:49:fb:35:9d:
be:4c:ad:eb:6d:6e:2e:5c:59:09:82:6b:2c:f0:a4:54:2e:85:
ea:cc:01:c7:ac:a5:b5:53:e2:8b:32:27:dd:8b:b5:64:e3:aa:
09:b4:16:8b:79:a5:8e:f8:d6:21:e0:94:69:59:8c:ec:ce:60:
6d:45:ac:06:a7:fa:22:67:fc:6e:44:dc:d3:d3:73:08:3f:61:
1f:47:73:56
-----BEGIN CERTIFICATE-----
MIIGCjCCBPKgAwIBAgISAYNvLa9rqJEkIRHbWQjeh0bNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjIwOTI0MTEwNjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGVhMGE1NWNmZmIzMGQxMTc2ZDk5OTI3MTc3Yzc5OTFmYjU5ZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkS5m9pcaXW7OBcLirqlG3FIuloT3
t/p3ANJqYSzim7Pcg16xyW/OokIz5aHzxRd+tQ31jQ7m+/P3EH+NmNBSeYCbyNDm
NZHsaHAcLsAVv/eAsEDnB3O5MeYu7axorgY/dxHB8g5y/cRRG6l+9V6ey2i7Ma94
YOtbEkG1Srnf2P1uv0gFkDUif0EPlH3lHD2GqB1nELiLZyAPaKZ5JjW8Moh0uavs
WC3s94l2QEyEJ1qOCkpJxxGO2q4axH4Oh6HlZ+yP/Rl4+lxPF3R64j1rARn6n0XZ
Do3y/AYosvS0moO4oxDhRRvULjHjhYmyJ60Cw+DJ2m/bwzAtMcrSE4UD7wIDAQAB
o4IDFjCCAxIwHQYDVR0OBBYEFO3qClXP+zDRF22ZknF3x5kftZ5AMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvN2VvS1ZjXzdNTkVYYlptU2NYZkhtUi0xbmtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKgYIKwYBBQUHAQcBAf8EggEZMIIBFTCB+wQCAAEwgfQD
BAItDkADBAItQoADBAItQtgDBAAtghUwDAMEAC2OfQMEBy2OADAMAwQALY/pAwQC
LY/oAwQBLZMwAwQALZMzAwQCLZWcAwQCLZ8wAwQCTo7kAwQCWNYUAwQAW8jwAwQB
W8jyAwQAXDwrAwQAXnx3AwQBX9akMAwDBAKNYsQDBACNYsYDBAOTTvADBACVPiwD
BAGVPi4DBAKwd5QDBAC5wjYDBAC5yEADBAC5yEIDBALBIJQDBAHBbx4DBADCJBgD
BADCJBswDAMEAMJomQMEAsJomAMEAMKpNgMEAMP12zAMAwQAw/XxAwQAw/XyAwQC
1ehwMBUEAgACMA8DBgQqCQAHAAMFACoNx8EwDQYJKoZIhvcNAQELBQADggEBAFB1
xRJ4VQAIlZnH7J/jZvTw4y+czOxqbEBXPwhVnZgM2QM9sLoCE+5gYTgvqRpwo029
KzUZ045g41YIPSaM3fmZVuOZMHl6x5UrRxWYF4teaVLVM9Zi2LqZkg7kG7BcsmJ8
0w5LpsNC+9fz/GazQyGK/9EnP94oa6dX2pjFWd9J6NvBKnaDR+4FJvI8x4xeA4JG
LX1MEJ/1dUcY18TJiODdcPlUDvZuoByYnSUQ2lTRSfs1nb5Mrettbi5cWQmCayzw
pFQuherMAcespbVT4osyJ92LtWTjqgm0Fot5pY741iHglGlZjOzOYG1FrAan+iJn
/G5E3NPTcwg/YR9Hc1Y=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:58 2023 by rpki-client on console-fra.rpki-client.org