Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/dwXGqhZuIh5qCPL_Ck2TYAV3nQY.roa
File: dwXGqhZuIh5qCPL_Ck2TYAV3nQY.roa (raw, json)
Hash identifier: WUTtbNSXgkRVl9phxTsdoxOmBoFeDeJqgixy+CMYWDM=
Subject key identifier: 77:05:C6:AA:16:6E:22:1E:6A:08:F2:FF:0A:4D:93:60:05:77:9D:06
Certificate issuer: /CN=4866d4027de3c27e897d72adb2c86d87ab7e5ac2
Certificate serial: 018B95D6AD106816D1DB44A5ED9E2F9FF865
Authority key identifier: 48:66:D4:02:7D:E3:C2:7E:89:7D:72:AD:B2:C8:6D:87:AB:7E:5A:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SGbUAn3jwn6JfXKtsshth6t-WsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/dwXGqhZuIh5qCPL_Ck2TYAV3nQY.roa
Signing time: Fri 03 Nov 2023 15:39:15 +0000
ROA not before: Fri 03 Nov 2023 15:39:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208808
IP address blocks: 103.43.40.0/22 maxlen: 22
103.208.72.0/22 maxlen: 22
212.73.152.0/24 maxlen: 24
94.156.26.0/23 maxlen: 23
212.73.153.0/24 maxlen: 24
87.120.203.0/24 maxlen: 24
92.243.94.0/23 maxlen: 23
185.201.76.0/22 maxlen: 22
45.140.196.0/22 maxlen: 22
213.255.210.0/23 maxlen: 23
213.255.216.0/23 maxlen: 23
213.255.224.0/23 maxlen: 23
213.255.244.0/23 maxlen: 23
78.138.18.0/23 maxlen: 23
31.13.210.0/24 maxlen: 24
78.138.26.0/23 maxlen: 23
78.138.28.0/23 maxlen: 23
103.104.108.0/22 maxlen: 22
78.138.42.0/23 maxlen: 23
92.243.71.0/24 maxlen: 24
87.120.80.0/23 maxlen: 23
92.243.68.0/24 maxlen: 24
92.243.86.0/23 maxlen: 23
92.243.90.0/23 maxlen: 23
160.202.156.0/22 maxlen: 22
2a0a:bd40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:95:d6:ad:10:68:16:d1:db:44:a5:ed:9e:2f:9f:f8:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4866d4027de3c27e897d72adb2c86d87ab7e5ac2
Validity
Not Before: Nov 3 15:39:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7705c6aa166e221e6a08f2ff0a4d936005779d06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:81:79:4e:50:54:05:d8:6a:3c:5f:f8:f7:44:
a4:d8:80:89:06:c0:8e:1d:30:3e:a4:a2:d4:4d:3d:
28:79:e0:86:85:13:a3:50:87:60:4b:ed:bf:7d:09:
63:75:aa:f5:c2:99:cb:ce:1f:55:e0:58:bd:19:d4:
18:d4:4a:73:5b:e5:64:b0:e8:0b:98:9c:a1:d9:ed:
8a:2a:26:97:a3:c5:7d:de:8d:a6:1b:35:12:19:ee:
2a:ed:29:67:8f:a9:29:7d:a0:22:77:d4:fa:3e:ed:
73:8c:12:77:6a:83:1b:e0:f4:33:f1:df:5c:15:4e:
9a:0e:96:45:94:4a:01:cd:a4:9e:f8:b7:dd:48:b8:
55:96:b5:b4:f1:50:4d:b2:e3:10:1c:d2:88:68:a2:
5e:76:dc:5c:cb:f7:57:5f:d8:ca:b0:8a:7b:78:0f:
1b:21:b4:73:d6:1a:26:57:36:8d:f1:39:bb:96:e5:
d8:2c:f9:21:4b:fe:c5:18:f0:b2:b9:0b:bf:fe:6c:
ce:4b:5d:f2:38:95:6a:49:6b:a6:90:61:85:90:b1:
60:cd:50:59:2e:4a:be:2a:9f:a1:43:e6:ec:0c:00:
7c:33:68:c0:f1:2e:3e:42:6d:9c:65:cd:f7:aa:49:
7a:af:0c:5d:1d:d3:c7:b1:1f:cd:12:f3:d3:35:28:
86:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:05:C6:AA:16:6E:22:1E:6A:08:F2:FF:0A:4D:93:60:05:77:9D:06
X509v3 Authority Key Identifier:
keyid:48:66:D4:02:7D:E3:C2:7E:89:7D:72:AD:B2:C8:6D:87:AB:7E:5A:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SGbUAn3jwn6JfXKtsshth6t-WsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/dwXGqhZuIh5qCPL_Ck2TYAV3nQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/SGbUAn3jwn6JfXKtsshth6t-WsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.210.0/24
45.140.196.0/22
78.138.18.0/23
78.138.26.0-78.138.29.255
78.138.42.0/23
87.120.80.0/23
87.120.203.0/24
92.243.68.0/24
92.243.71.0/24
92.243.86.0/23
92.243.90.0/23
92.243.94.0/23
94.156.26.0/23
103.43.40.0/22
103.104.108.0/22
103.208.72.0/22
160.202.156.0/22
185.201.76.0/22
212.73.152.0/23
213.255.210.0/23
213.255.216.0/23
213.255.224.0/23
213.255.244.0/23
IPv6:
2a0a:bd40::/29
Signature Algorithm: sha256WithRSAEncryption
5c:f1:ee:73:be:67:88:90:1e:f6:fb:22:11:42:8c:d1:41:8e:
14:0a:71:53:20:30:82:df:87:32:4d:d0:fb:07:c1:67:5c:1d:
8d:3e:18:f6:a6:7b:7b:7e:01:3e:d7:c7:fa:76:5e:ec:d8:a4:
b7:00:77:5a:30:74:66:3c:f6:be:e7:4b:70:60:28:69:ba:f3:
d7:e7:7d:fd:a8:53:47:c6:b3:8a:89:61:9a:39:bf:00:98:f0:
ff:ba:7b:b1:f8:b2:56:e8:24:aa:af:0e:c2:49:60:69:a8:76:
f1:89:cf:c0:8d:3b:b2:42:85:36:81:24:a0:79:70:7a:72:84:
45:92:13:39:e0:d9:a9:dd:62:04:d8:b0:f5:24:9e:66:27:48:
5a:03:71:b3:33:69:cb:30:6c:97:c1:30:85:87:d6:3f:4d:52:
98:f3:a7:b6:49:c5:8c:ef:4d:e1:dd:a3:dd:6a:11:1d:e6:a1:
da:9a:3e:0d:a8:37:44:ac:52:b3:05:07:2c:4c:2a:bf:00:40:
8f:13:55:32:a2:1c:ac:62:e4:6a:95:33:13:03:42:c4:d2:32:
3a:33:e9:cc:48:9b:31:e5:71:df:95:4a:d3:a0:ef:9d:6a:18:
4c:76:5a:33:75:c6:16:9f:50:70:95:de:3b:33:89:d8:55:d9:
a2:c9:94:05
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAYuV1q0QaBbR20Sl7Z4vn/hlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NjZkNDAyN2RlM2MyN2U4OTdkNzJhZGIyYzg2ZDg3YWI3
ZTVhYzIwHhcNMjMxMTAzMTUzOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzA1YzZhYTE2NmUyMjFlNmEwOGYyZmYwYTRkOTM2MDA1Nzc5ZDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIF5TlBUBdhqPF/490Sk2ICJBsCO
HTA+pKLUTT0oeeCGhROjUIdgS+2/fQljdar1wpnLzh9V4Fi9GdQY1EpzW+VksOgL
mJyh2e2KKiaXo8V93o2mGzUSGe4q7Slnj6kpfaAid9T6Pu1zjBJ3aoMb4PQz8d9c
FU6aDpZFlEoBzaSe+LfdSLhVlrW08VBNsuMQHNKIaKJedtxcy/dXX9jKsIp7eA8b
IbRz1homVzaN8Tm7luXYLPkhS/7FGPCyuQu//mzOS13yOJVqSWumkGGFkLFgzVBZ
Lkq+Kp+hQ+bsDAB8M2jA8S4+Qm2cZc33qkl6rwxdHdPHsR/NEvPTNSiGZwIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFHcFxqoWbiIeagjy/wpNk2AFd50GMB8GA1UdIwQY
MBaAFEhm1AJ948J+iX1yrbLIbYerflrCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0diVUFuM2p3bjZKZlhLdHNzaHRoNnQtV3NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni81NTZhZDUtMmU2Yi00ZDUxLTg1NmMt
NjFjOWMyOWMyNzVkLzEvZHdYR3FoWnVJaDVxQ1BMX0NrMlRZQVYzblFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni81NTZhZDUtMmU2Yi00ZDUxLTg1NmMtNjFjOWMyOWMyNzVk
LzEvU0diVUFuM2p3bjZKZlhLdHNzaHRoNnQtV3NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzCBmQQCAAEwgZIDBAAf
DdIDBAItjMQDBAFOihIwDAMEAU6KGgMEAU6KHAMEAU6KKgMEAVd4UAMEAFd4ywME
AFzzRAMEAFzzRwMEAVzzVgMEAVzzWgMEAVzzXgMEAV6cGgMEAmcrKAMEAmdobAME
AmfQSAMEAqDKnAMEArnJTAMEAdRJmAMEAdX/0gMEAdX/2AMEAdX/4AMEAdX/9DAN
BAIAAjAHAwUDKgq9QDANBgkqhkiG9w0BAQsFAAOCAQEAXPHuc75niJAe9vsiEUKM
0UGOFApxUyAwgt+HMk3Q+wfBZ1wdjT4Y9qZ7e34BPtfH+nZe7NiktwB3WjB0Zjz2
vudLcGAoabrz1+d9/ahTR8aziolhmjm/AJjw/7p7sfiyVugkqq8Owklgaah28YnP
wI07skKFNoEkoHlwenKERZITOeDZqd1iBNiw9SSeZidIWgNxszNpyzBsl8EwhYfW
P01SmPOntknFjO9N4d2j3WoRHeah2po+Dag3RKxSswUHLEwqvwBAjxNVMqIcrGLk
apUzEwNCxNIyOjPpzEibMeVx35VK06DvnWoYTHZaM3XGFp9QcJXeOzOJ2FXZosmU
BQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:50 2025 by rpki-client