Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/16571f-c485-4e73-9cdf-cc3db54f6a47/1/od2RHDHrTTIN8Neg95NBgqVZ-Eo.roa
File: od2RHDHrTTIN8Neg95NBgqVZ-Eo.roa (raw, json)
Hash identifier: SIRtlSGiwDGA3IR9CS1n2ZVeH79brRRCnrdXmqTJkJE=
Subject key identifier: A1:DD:91:1C:31:EB:4D:32:0D:F0:D7:A0:F7:93:41:82:A5:59:F8:4A
Certificate issuer: /CN=19a6857c5ba3f51dbe38f4c4a0c77c84ff0fb355
Certificate serial: 0503F355
Authority key identifier: 19:A6:85:7C:5B:A3:F5:1D:BE:38:F4:C4:A0:C7:7C:84:FF:0F:B3:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GaaFfFuj9R2-OPTEoMd8hP8Ps1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/16571f-c485-4e73-9cdf-cc3db54f6a47/1/od2RHDHrTTIN8Neg95NBgqVZ-Eo.roa
Signing time: Fri 08 Apr 2022 10:25:37 +0000
ROA not before: Fri 08 Apr 2022 10:25:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206065
IP address blocks: 185.172.0.0/22 maxlen: 24
185.197.68.0/22 maxlen: 24
188.121.128.0/19 maxlen: 24
92.61.184.0/21 maxlen: 24
37.221.0.0/18 maxlen: 24
37.235.16.0/20 maxlen: 24
91.184.64.0/20 maxlen: 24
94.139.160.0/20 maxlen: 24
37.19.80.0/20 maxlen: 24
37.19.81.0/24 maxlen: 24
185.30.76.0/22 maxlen: 24
92.119.68.0/22 maxlen: 24
45.128.140.0/22 maxlen: 24
213.207.192.0/20 maxlen: 24
81.91.144.0/20 maxlen: 24
2a0c:100::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84144981 (0x503f355)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19a6857c5ba3f51dbe38f4c4a0c77c84ff0fb355
Validity
Not Before: Apr 8 10:25:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1dd911c31eb4d320df0d7a0f7934182a559f84a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2a:bc:3b:38:ae:8f:9a:47:83:3b:68:bc:3d:
4c:cc:af:25:37:f2:3a:86:e6:15:07:e2:89:8d:26:
c1:01:dc:f9:a7:0e:4d:5d:0f:80:d2:b5:51:3b:8b:
00:ff:6e:5d:6f:cb:5c:63:ee:ad:52:f7:bf:ee:b4:
72:67:70:4f:8c:0c:cf:3c:e6:b9:1d:52:c1:5d:05:
dd:a5:d5:85:f4:ff:c5:44:bd:46:56:1e:95:63:68:
73:51:2b:c0:8c:4d:ed:c5:25:10:df:23:78:64:20:
03:9b:b6:55:bf:b5:03:9d:5f:90:f5:fa:71:da:36:
1c:10:11:7c:b6:5e:3e:18:ba:40:85:91:a7:45:98:
a6:bd:72:df:58:d4:c0:98:f8:bf:b5:b2:79:27:1a:
f0:ca:20:d1:5e:22:04:f0:ee:ab:ea:60:c6:68:0c:
fa:07:18:b4:0b:16:84:e9:8a:02:25:6c:3b:b4:d5:
60:77:2b:4b:02:96:e7:0e:88:5b:13:31:97:8b:87:
dc:8d:2b:34:75:d4:0b:bd:f7:5e:37:f0:39:cd:94:
4d:5a:87:44:c6:89:f2:88:64:55:32:46:ef:38:1a:
06:c6:b2:2e:e4:73:29:1b:ea:f4:0b:d7:8f:1f:2b:
dd:c0:2a:84:ae:ee:5c:b8:cd:5c:21:1c:20:61:e7:
24:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:DD:91:1C:31:EB:4D:32:0D:F0:D7:A0:F7:93:41:82:A5:59:F8:4A
X509v3 Authority Key Identifier:
keyid:19:A6:85:7C:5B:A3:F5:1D:BE:38:F4:C4:A0:C7:7C:84:FF:0F:B3:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GaaFfFuj9R2-OPTEoMd8hP8Ps1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/16571f-c485-4e73-9cdf-cc3db54f6a47/1/od2RHDHrTTIN8Neg95NBgqVZ-Eo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/16571f-c485-4e73-9cdf-cc3db54f6a47/1/GaaFfFuj9R2-OPTEoMd8hP8Ps1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.80.0/20
37.221.0.0/18
37.235.16.0/20
45.128.140.0/22
81.91.144.0/20
91.184.64.0/20
92.61.184.0/21
92.119.68.0/22
94.139.160.0/20
185.30.76.0/22
185.172.0.0/22
185.197.68.0/22
188.121.128.0/19
213.207.192.0/20
IPv6:
2a0c:100::/29
Signature Algorithm: sha256WithRSAEncryption
b1:52:9e:8e:26:ac:bc:aa:2c:11:f4:d7:3e:8c:5e:94:e6:a3:
ea:0b:6e:cc:1c:9c:9e:2a:78:43:2c:39:50:f4:95:83:11:6f:
00:a6:66:52:5c:cf:ff:c1:d4:2f:49:e4:4c:84:89:a0:46:6a:
f3:88:f4:45:06:e7:de:11:ea:fc:e8:7c:0d:37:16:8c:5f:09:
29:55:48:bf:99:52:a2:ea:90:38:38:7f:11:28:74:04:ab:8c:
45:3d:37:65:bf:1b:14:03:ce:e5:cc:4b:95:20:82:ea:a8:78:
01:99:9c:4a:50:ac:bc:55:b2:b5:88:07:77:8d:ac:39:ec:0a:
be:e5:4f:e6:4d:42:1f:12:dc:7e:9a:da:10:05:d3:a0:a0:22:
b9:f1:7a:cc:d4:c6:7e:fd:f9:d6:ba:6c:1e:a6:37:d8:45:50:
aa:bb:2d:f4:79:91:ce:6b:0b:ce:84:2b:b4:52:52:64:61:99:
06:f4:81:37:a4:2d:a6:b7:d3:8a:87:cf:a8:bb:59:fe:13:81:
33:fb:10:05:b7:bf:fe:d6:bd:ec:11:03:bb:3c:05:f2:86:b3:
b3:ef:2a:7b:da:d4:cb:4a:30:72:82:94:de:4f:af:28:ce:a5:
45:de:79:62:3c:3d:54:aa:34:26:39:93:ec:9b:62:e4:dc:49:
e7:99:00:ab
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgIEBQPzVTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OWE2ODU3YzViYTNmNTFkYmUzOGY0YzRhMGM3N2M4NGZmMGZiMzU1MB4XDTIyMDQw
ODEwMjUzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTFkZDkxMWMzMWVi
NGQzMjBkZjBkN2EwZjc5MzQxODJhNTU5Zjg0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcqvDs4ro+aR4M7aLw9TMyvJTfyOobmFQfiiY0mwQHc+acO
TV0PgNK1UTuLAP9uXW/LXGPurVL3v+60cmdwT4wMzzzmuR1SwV0F3aXVhfT/xUS9
RlYelWNoc1ErwIxN7cUlEN8jeGQgA5u2Vb+1A51fkPX6cdo2HBARfLZePhi6QIWR
p0WYpr1y31jUwJj4v7WyeSca8Mog0V4iBPDuq+pgxmgM+gcYtAsWhOmKAiVsO7TV
YHcrSwKW5w6IWxMxl4uH3I0rNHXUC733XjfwOc2UTVqHRMaJ8ohkVTJG7zgaBsay
LuRzKRvq9AvXjx8r3cAqhK7uXLjNXCEcIGHnJE8CAwEAAaOCAmYwggJiMB0GA1Ud
DgQWBBSh3ZEcMetNMg3w16D3k0GCpVn4SjAfBgNVHSMEGDAWgBQZpoV8W6P1Hb44
9MSgx3yE/w+zVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dhYUZmRnVqOVIyLU9QVEVvTWQ4aFA4UHMxVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvMTY1NzFmLWM0ODUtNGU3My05Y2RmLWNjM2RiNTRmNmE0Ny8x
L29kMlJIREhyVFRJTjhOZWc5NU5CZ3FWWi1Fby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
MTY1NzFmLWM0ODUtNGU3My05Y2RmLWNjM2RiNTRmNmE0Ny8xL0dhYUZmRnVqOVIy
LU9QVEVvTWQ4aFA4UHMxVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB8
BggrBgEFBQcBBwEB/wRtMGswWgQCAAEwVAMEBCUTUAMEBiXdAAMEBCXrEAMEAi2A
jAMEBFFbkAMEBFu4QAMEA1w9uAMEAlx3RAMEBF6LoAMEArkeTAMEArmsAAMEArnF
RAMEBbx5gAMEBNXPwDANBAIAAjAHAwUDKgwBADANBgkqhkiG9w0BAQsFAAOCAQEA
sVKejiasvKosEfTXPoxelOaj6gtuzBycnip4Qyw5UPSVgxFvAKZmUlzP/8HUL0nk
TISJoEZq84j0RQbn3hHq/Oh8DTcWjF8JKVVIv5lSouqQODh/ESh0BKuMRT03Zb8b
FAPO5cxLlSCC6qh4AZmcSlCsvFWytYgHd42sOewKvuVP5k1CHxLcfpraEAXToKAi
ufF6zNTGfv351rpsHqY32EVQqrst9HmRzmsLzoQrtFJSZGGZBvSBN6QtprfTiofP
qLtZ/hOBM/sQBbe//ta97BEDuzwF8oazs+8qe9rUy0owcoKU3k+vKM6lRd55Yjw9
VKo0JjmT7Jti5NxJ55kAqw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:40 2023 by rpki-client on console-ams.rpki-client.org