Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/e-S31bv7hW0UOrldo3LoDo0vCao.roa
File: e-S31bv7hW0UOrldo3LoDo0vCao.roa (raw, json)
Hash identifier: ti3zoomIETuv4VoygydzGx+/3biurk/QotI2z8zKj5E=
Subject key identifier: 7B:E4:B7:D5:BB:FB:85:6D:14:3A:B9:5D:A3:72:E8:0E:8D:2F:09:AA
Certificate issuer: /CN=237f7db033314c473cda194e0df79f1c375da3f4
Certificate serial: 01821608AC546029D8C187C3CEE378554722
Authority key identifier: 23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/e-S31bv7hW0UOrldo3LoDo0vCao.roa
Signing time: Tue 19 Jul 2022 10:37:23 +0000
ROA not before: Tue 19 Jul 2022 10:37:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3225
IP address blocks: 91.140.221.0/24 maxlen: 24
91.140.220.0/24 maxlen: 24
91.140.224.0/24 maxlen: 24
91.140.222.0/24 maxlen: 24
91.140.223.0/24 maxlen: 24
91.140.224.0/22 maxlen: 22
91.140.226.0/24 maxlen: 24
91.140.233.0/24 maxlen: 24
91.140.228.0/22 maxlen: 22
91.140.232.0/24 maxlen: 24
91.140.240.0/24 maxlen: 24
91.140.235.0/24 maxlen: 24
91.140.234.0/24 maxlen: 24
91.140.238.0/24 maxlen: 24
91.140.239.0/24 maxlen: 24
91.140.236.0/24 maxlen: 24
91.140.237.0/24 maxlen: 24
91.140.242.0/24 maxlen: 24
91.140.241.0/24 maxlen: 24
91.140.244.0/22 maxlen: 22
91.140.246.0/24 maxlen: 24
91.140.248.0/24 maxlen: 24
91.140.249.0/24 maxlen: 24
91.140.248.0/22 maxlen: 22
91.140.252.0/24 maxlen: 24
91.140.253.0/24 maxlen: 24
91.140.250.0/24 maxlen: 24
91.140.252.0/22 maxlen: 22
91.140.251.0/24 maxlen: 24
91.140.255.0/24 maxlen: 24
91.140.254.0/24 maxlen: 24
91.140.164.0/22 maxlen: 22
185.16.4.0/22 maxlen: 22
91.140.160.0/22 maxlen: 22
91.140.172.0/22 maxlen: 22
94.187.224.0/19 maxlen: 24
91.140.180.0/22 maxlen: 22
91.140.192.0/22 maxlen: 22
94.187.232.0/22 maxlen: 22
91.140.188.0/22 maxlen: 22
94.187.228.0/22 maxlen: 22
94.187.236.0/22 maxlen: 22
91.140.196.0/22 maxlen: 22
94.187.240.0/22 maxlen: 22
91.140.201.0/24 maxlen: 24
91.140.200.0/22 maxlen: 22
91.140.203.0/24 maxlen: 24
94.187.244.0/22 maxlen: 22
91.140.204.0/22 maxlen: 22
91.140.202.0/24 maxlen: 24
91.140.212.0/22 maxlen: 22
94.187.252.0/22 maxlen: 22
91.140.207.0/24 maxlen: 24
94.187.248.0/22 maxlen: 22
91.140.208.0/22 maxlen: 22
91.140.128.0/22 maxlen: 22
91.140.128.0/17 maxlen: 17
91.140.132.0/22 maxlen: 22
91.140.140.0/22 maxlen: 22
91.140.152.0/22 maxlen: 22
91.140.148.0/22 maxlen: 22
194.54.241.0/24 maxlen: 24
194.54.244.0/22 maxlen: 22
194.54.248.0/22 maxlen: 22
194.54.252.0/22 maxlen: 22
194.54.192.0/19 maxlen: 24
194.54.192.0/18 maxlen: 18
194.54.194.0/23 maxlen: 23
194.54.196.0/22 maxlen: 22
194.54.204.0/22 maxlen: 22
194.54.200.0/22 maxlen: 22
194.54.202.0/24 maxlen: 24
194.54.209.0/24 maxlen: 24
194.54.208.0/22 maxlen: 22
194.54.208.0/24 maxlen: 24
194.54.212.0/22 maxlen: 22
194.54.216.0/22 maxlen: 22
194.54.224.0/19 maxlen: 19
194.54.220.0/24 maxlen: 24
194.54.220.0/22 maxlen: 22
194.54.224.0/22 maxlen: 22
194.54.232.0/22 maxlen: 22
194.54.228.0/22 maxlen: 22
194.54.234.0/24 maxlen: 24
194.54.236.0/22 maxlen: 22
194.54.240.0/22 maxlen: 22
2a01:7780::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:16:08:ac:54:60:29:d8:c1:87:c3:ce:e3:78:55:47:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=237f7db033314c473cda194e0df79f1c375da3f4
Validity
Not Before: Jul 19 10:37:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7be4b7d5bbfb856d143ab95da372e80e8d2f09aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b3:b8:d9:22:54:65:b2:b6:40:a8:db:aa:4d:
9b:b6:26:13:db:d6:2a:e3:2b:b9:7a:55:d6:4e:31:
8e:d5:3e:a0:0a:6c:5a:38:ca:74:00:41:76:62:c7:
3e:d3:c2:4d:72:a0:df:53:b2:2e:94:17:af:e3:b7:
8a:23:97:4d:5d:fd:ef:e3:e2:ef:01:92:60:0a:e4:
01:c5:84:33:ae:62:41:af:4a:97:a2:61:5f:73:1b:
84:bc:46:7d:10:ef:14:8c:e0:3f:72:c0:e8:fd:32:
1c:87:39:fb:f9:52:d8:b8:82:5d:0d:8e:a7:7d:4e:
2d:42:b1:c2:b1:23:91:f6:5a:32:b9:03:21:00:42:
ce:b1:0e:33:47:29:9b:c6:80:14:b1:af:4b:82:09:
8b:ce:ca:31:63:81:0d:35:12:4b:c9:44:4b:62:79:
d4:cd:d3:97:0a:90:7c:02:66:0a:c1:ab:26:9c:e2:
f9:44:df:a8:b8:dc:fc:61:2d:e1:c6:a5:48:39:e5:
5e:09:67:e7:a2:4d:7f:00:e5:13:11:86:55:e1:72:
33:20:92:bd:c1:a0:a4:00:07:fe:05:77:63:3a:a9:
34:ac:f2:b4:21:83:89:d2:79:ec:e6:35:c1:b3:ff:
38:ca:47:81:2f:a3:8f:9f:a1:e4:0b:a3:f0:36:b0:
d8:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:E4:B7:D5:BB:FB:85:6D:14:3A:B9:5D:A3:72:E8:0E:8D:2F:09:AA
X509v3 Authority Key Identifier:
keyid:23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/e-S31bv7hW0UOrldo3LoDo0vCao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/I399sDMxTEc82hlODfefHDddo_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.140.128.0/17
94.187.224.0/19
185.16.4.0/22
194.54.192.0/18
IPv6:
2a01:7780::/32
Signature Algorithm: sha256WithRSAEncryption
87:58:be:c3:c1:ee:67:5c:75:ca:79:95:36:82:de:6d:0f:42:
5b:0e:78:6a:a6:c1:1d:c3:8d:dc:a6:75:03:bd:3e:76:e7:97:
36:04:9b:ad:7f:c1:3e:7f:d2:d4:75:5d:1e:ea:82:b8:47:ad:
6a:60:fb:27:69:97:6b:26:1b:35:2e:87:60:21:8f:be:c6:6f:
3e:18:49:c5:21:d2:9a:6f:5c:9b:c2:22:40:27:86:05:f2:ca:
ee:ad:40:6f:32:8c:1d:a8:d9:14:5d:4b:c3:b3:36:60:0e:e2:
9e:b3:18:9c:8c:42:fa:4d:7a:58:99:5b:aa:e5:c5:a8:be:e0:
d0:e1:37:dc:d8:e5:a3:6b:9b:45:d0:e2:62:5a:82:c0:8c:59:
f6:d9:37:f3:54:90:ea:21:9d:6a:57:05:53:a6:4f:bb:7a:f3:
e9:db:e4:4f:2f:e0:66:62:50:b7:07:a4:5b:bc:30:7b:83:73:
a4:44:08:77:8e:3b:a5:91:85:4c:cc:a1:31:e7:c9:91:1a:83:
27:cb:e7:36:2b:5f:98:14:92:64:71:24:9d:78:21:d2:d5:b0:
93:a8:2b:57:f0:05:ed:22:bb:17:fb:98:7d:9f:a6:fc:46:c5:
24:6a:71:2e:10:94:af:17:1b:fe:72:b5:ea:45:bd:21:9d:03:
b5:fa:b5:2e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYIWCKxUYCnYwYfDzuN4VUciMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzN2Y3ZGIwMzMzMTRjNDczY2RhMTk0ZTBkZjc5ZjFjMzc1
ZGEzZjQwHhcNMjIwNzE5MTAzNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmU0YjdkNWJiZmI4NTZkMTQzYWI5NWRhMzcyZTgwZThkMmYwOWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7O42SJUZbK2QKjbqk2btiYT29Yq
4yu5elXWTjGO1T6gCmxaOMp0AEF2Ysc+08JNcqDfU7IulBev47eKI5dNXf3v4+Lv
AZJgCuQBxYQzrmJBr0qXomFfcxuEvEZ9EO8UjOA/csDo/TIchzn7+VLYuIJdDY6n
fU4tQrHCsSOR9loyuQMhAELOsQ4zRymbxoAUsa9LggmLzsoxY4ENNRJLyURLYnnU
zdOXCpB8AmYKwasmnOL5RN+ouNz8YS3hxqVIOeVeCWfnok1/AOUTEYZV4XIzIJK9
waCkAAf+BXdjOqk0rPK0IYOJ0nns5jXBs/84ykeBL6OPn6HkC6PwNrDYwQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHvkt9W7+4VtFDq5XaNy6A6NLwmqMB8GA1UdIwQY
MBaAFCN/fbAzMUxHPNoZTg33nxw3XaP0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTM5OXNETXhURWM4MmhsT0RmZWZIRGRkb19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9lZWY1NTctMGUxMC00MGNlLWE0OGYt
ZWUwNjAzOTQ5ZjkzLzEvZS1TMzFidjdoVzBVT3JsZG8zTG9EbzB2Q2FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9lZWY1NTctMGUxMC00MGNlLWE0OGYtZWUwNjAzOTQ5Zjkz
LzEvSTM5OXNETXhURWM4MmhsT0RmZWZIRGRkb19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQHW4yAAwQF
XrvgAwQCuRAEAwQGwjbAMA0EAgACMAcDBQAqAXeAMA0GCSqGSIb3DQEBCwUAA4IB
AQCHWL7Dwe5nXHXKeZU2gt5tD0JbDnhqpsEdw43cpnUDvT5255c2BJutf8E+f9LU
dV0e6oK4R61qYPsnaZdrJhs1LodgIY++xm8+GEnFIdKab1ybwiJAJ4YF8srurUBv
MowdqNkUXUvDszZgDuKesxicjEL6TXpYmVuq5cWovuDQ4Tfc2OWja5tF0OJiWoLA
jFn22TfzVJDqIZ1qVwVTpk+7evPp2+RPL+BmYlC3B6RbvDB7g3OkRAh3jjulkYVM
zKEx58mRGoMny+c2K1+YFJJkcSSdeCHS1bCTqCtX8AXtIrsX+5h9n6b8RsUkanEu
EJSvFxv+crXqRb0hnQO1+rUu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:58 2024 by rpki-client on console-fra.rpki-client.org