Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/bViV7oQ1qgQz5299VQnRpHvkcAA.roa
File: bViV7oQ1qgQz5299VQnRpHvkcAA.roa (raw, json)
Hash identifier: gLVqeEfKbxxct0x/iHyStGsh29KtDrswoBAHGMi4F1c=
Subject key identifier: 6D:58:95:EE:84:35:AA:04:33:E7:6F:7D:55:09:D1:A4:7B:E4:70:00
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01837091D3E92A9128E99DEA1679C28CA596
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/bViV7oQ1qgQz5299VQnRpHvkcAA.roa
Signing time: Sat 24 Sep 2022 17:35:48 +0000
ROA not before: Sat 24 Sep 2022 17:35:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 949
IP address blocks: 141.98.196.0/22 maxlen: 24
80.66.196.0/22 maxlen: 24
45.142.124.0/22 maxlen: 24
45.87.92.0/22 maxlen: 24
94.124.116.0/24 maxlen: 24
94.124.116.0/22 maxlen: 24
185.200.64.0/22 maxlen: 24
149.62.44.0/22 maxlen: 24
45.139.192.0/22 maxlen: 24
195.245.219.0/24 maxlen: 24
45.139.193.0/24 maxlen: 24
45.141.44.0/22 maxlen: 24
185.213.151.0/24 maxlen: 24
45.130.20.0/22 maxlen: 24
194.114.136.0/24 maxlen: 24
195.245.229.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
195.245.241.0/24 maxlen: 24
194.104.144.0/24 maxlen: 24
194.104.152.0/22 maxlen: 24
45.147.48.0/22 maxlen: 24
194.36.24.0/22 maxlen: 24
95.214.164.0/22 maxlen: 24
45.143.232.0/22 maxlen: 24
194.169.54.0/23 maxlen: 24
91.200.240.0/22 maxlen: 24
185.222.216.0/21 maxlen: 24
185.194.52.0/22 maxlen: 24
193.32.148.0/22 maxlen: 24
2a06:57c0::/29 maxlen: 48
2a07:fa00::/29 maxlen: 48
2a0d:7540::/29 maxlen: 48
2a0d:3640::/29 maxlen: 48
2a0c:ed40::/29 maxlen: 48
2a06:4fc0::/29 maxlen: 48
2a0d:4340::/29 maxlen: 48
2a0d:de80::/29 maxlen: 48
2a0e:6200::/29 maxlen: 48
2a0d:1fc0::/29 maxlen: 48
2a07:e900::/29 maxlen: 48
2a10:2600::/29 maxlen: 48
2a0d:4bc0::/29 maxlen: 48
2a09:6::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:70:91:d3:e9:2a:91:28:e9:9d:ea:16:79:c2:8c:a5:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Sep 24 17:35:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d5895ee8435aa0433e76f7d5509d1a47be47000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:20:ef:93:fe:68:05:78:af:ae:17:60:51:fb:
fe:c3:77:3e:be:21:f2:73:84:1c:b5:6d:6a:44:e0:
9c:27:3a:e7:bf:9f:9e:34:f2:a3:15:01:80:83:5c:
54:7e:a8:15:e3:2c:42:6e:1b:73:1b:e1:37:bb:87:
5d:38:67:0a:fb:d7:2a:1e:76:dd:41:2e:12:60:40:
c2:8a:5d:2f:c8:71:45:ea:72:e4:43:44:6b:48:1c:
bb:0a:9d:9b:30:ca:bc:9f:ae:a3:79:a1:12:bd:77:
38:56:e6:e9:98:68:c3:ff:80:7e:03:9c:9f:ff:3d:
dd:77:66:01:d0:3d:1d:07:7c:53:ad:55:d3:95:1b:
b2:18:4c:6e:b6:44:68:e8:bd:dd:93:f2:9a:13:46:
43:47:ff:bb:94:61:33:ab:1f:5a:9a:72:cb:e0:fe:
86:47:02:b5:b9:26:0d:c8:2f:dd:1a:41:5d:af:54:
bb:a0:85:63:55:74:f7:8c:fb:0d:28:d5:f9:12:f6:
5e:a1:0a:3e:80:f4:e2:27:6e:6e:b5:69:0a:6b:f1:
c2:50:11:e6:bb:cb:a1:01:25:87:7a:36:43:3c:db:
a8:88:f6:a5:08:0c:21:bb:b8:ec:2b:67:ab:08:26:
7e:aa:e3:e8:05:a1:e7:fa:c5:a8:f1:ac:73:76:7f:
90:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:58:95:EE:84:35:AA:04:33:E7:6F:7D:55:09:D1:A4:7B:E4:70:00
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/bViV7oQ1qgQz5299VQnRpHvkcAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.92.0/22
45.130.20.0/22
45.139.192.0/22
45.141.44.0/22
45.142.124.0/22
45.143.232.0/22
45.147.48.0/22
80.66.196.0/22
91.200.240.0/22
94.124.116.0/22
95.214.164.0/22
141.98.196.0/22
149.62.44.0/22
185.194.52.0/22
185.200.64.0/22
185.213.151.0/24
185.222.216.0/21
193.32.148.0/22
194.36.24.0/22
194.104.144.0/24
194.104.152.0/22
194.114.136.0/24
194.169.54.0/23
195.245.219.0/24
195.245.229.0/24
195.245.241.0-195.245.242.255
IPv6:
2a06:4fc0::/29
2a06:57c0::/29
2a07:e900::/29
2a07:fa00::/29
2a09:6::/32
2a0c:ed40::/29
2a0d:1fc0::/29
2a0d:3640::/29
2a0d:4340::/29
2a0d:4bc0::/29
2a0d:7540::/29
2a0d:de80::/29
2a0e:6200::/29
2a10:2600::/29
Signature Algorithm: sha256WithRSAEncryption
40:ff:c7:22:b1:05:df:ce:2d:30:f7:0f:79:cf:0e:d3:b8:af:
d4:82:3b:f9:b3:e5:48:41:e4:88:5c:8c:0b:90:0d:d8:bc:c1:
f4:ec:30:24:34:ab:55:99:11:7f:3e:1f:92:f7:ff:dc:93:45:
60:1b:23:62:18:d8:ed:f7:92:f0:47:af:80:23:a1:a9:0b:6a:
c2:c7:2d:d6:52:cd:78:08:10:d6:fa:85:ed:08:04:9d:b3:49:
90:4c:75:87:02:07:41:2d:ec:a1:a2:8c:cd:6e:be:b1:fb:3a:
20:40:c3:ce:8f:aa:4f:28:ce:73:93:df:fd:19:a7:42:a6:e8:
96:de:54:e0:61:b9:b2:24:57:11:55:8b:67:61:b7:ad:74:53:
7d:dc:76:17:aa:16:b4:6e:ca:81:04:08:9b:e0:c5:e0:d1:0a:
34:fe:d0:ed:34:7f:53:21:1d:93:a9:48:e8:0e:fe:24:99:0e:
5e:8c:e5:76:7f:21:de:56:4c:eb:77:d4:94:59:b1:6e:43:61:
81:4a:d6:84:00:c9:4e:ac:bf:9d:2e:80:98:94:4f:b3:f2:8d:
cd:fa:8a:43:43:db:35:60:f0:17:41:1f:a3:aa:e5:8a:28:26:
be:15:91:8d:3c:58:2b:0b:03:b7:03:b3:a2:04:94:dd:7c:12:
9a:7a:50:8e
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAYNwkdPpKpEo6Z3qFnnCjKWWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjIwOTI0MTczNTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDU4OTVlZTg0MzVhYTA0MzNlNzZmN2Q1NTA5ZDFhNDdiZTQ3MDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyDvk/5oBXivrhdgUfv+w3c+viHy
c4QctW1qROCcJzrnv5+eNPKjFQGAg1xUfqgV4yxCbhtzG+E3u4ddOGcK+9cqHnbd
QS4SYEDCil0vyHFF6nLkQ0RrSBy7Cp2bMMq8n66jeaESvXc4VubpmGjD/4B+A5yf
/z3dd2YB0D0dB3xTrVXTlRuyGExutkRo6L3dk/KaE0ZDR/+7lGEzqx9amnLL4P6G
RwK1uSYNyC/dGkFdr1S7oIVjVXT3jPsNKNX5EvZeoQo+gPTiJ25utWkKa/HCUBHm
u8uhASWHejZDPNuoiPalCAwhu7jsK2erCCZ+quPoBaHn+sWo8axzdn+QFwIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFG1Yle6ENaoEM+dvfVUJ0aR75HAAMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvYlZpVjdvUTFxZ1F6NTI5OVZRblJwSHZrY0FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCBqwQCAAEwgaQD
BAItV1wDBAItghQDBAIti8ADBAItjSwDBAItjnwDBAItj+gDBAItkzADBAJQQsQD
BAJbyPADBAJefHQDBAJf1qQDBAKNYsQDBAKVPiwDBAK5wjQDBAK5yEADBAC51ZcD
BAO53tgDBALBIJQDBALCJBgDBADCaJADBALCaJgDBADCcogDBAHCqTYDBADD9dsD
BADD9eUwDAMEAMP18QMEAMP18jBoBAIAAjBiAwUDKgZPwAMFAyoGV8ADBQMqB+kA
AwUDKgf6AAMFACoJAAYDBQMqDO1AAwUDKg0fwAMFAyoNNkADBQMqDUNAAwUDKg1L
wAMFAyoNdUADBQMqDd6AAwUDKg5iAAMFAyoQJgAwDQYJKoZIhvcNAQELBQADggEB
AED/xyKxBd/OLTD3D3nPDtO4r9SCO/mz5UhB5IhcjAuQDdi8wfTsMCQ0q1WZEX8+
H5L3/9yTRWAbI2IY2O33kvBHr4AjoakLasLHLdZSzXgIENb6he0IBJ2zSZBMdYcC
B0Et7KGijM1uvrH7OiBAw86Pqk8oznOT3/0Zp0Km6JbeVOBhubIkVxFVi2dht610
U33cdheqFrRuyoEECJvgxeDRCjT+0O00f1MhHZOpSOgO/iSZDl6M5XZ/Id5WTOt3
1JRZsW5DYYFK1oQAyU6sv50ugJiUT7Pyjc36ikND2zVg8BdBH6Oq5YooJr4VkY08
WCsLA7cDs6IElN18Epp6UI4=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:36 2023 by rpki-client on console-ams.rpki-client.org