Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/OJoxj4AaZgJjFxfhZcTAwp_Xqgk.roa
File: OJoxj4AaZgJjFxfhZcTAwp_Xqgk.roa (raw, json)
Hash identifier: g4sGLy5Y6EHxXQX0uE1ctTvF3g5PJS5FgstmGyCFSIs=
Subject key identifier: 38:9A:31:8F:80:1A:66:02:63:17:17:E1:65:C4:C0:C2:9F:D7:AA:09
Certificate issuer: /CN=f62eeb879085c94194297dd9e4cd249cd2516515
Certificate serial: 173CA893
Authority key identifier: F6:2E:EB:87:90:85:C9:41:94:29:7D:D9:E4:CD:24:9C:D2:51:65:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9i7rh5CFyUGUKX3Z5M0knNJRZRU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/OJoxj4AaZgJjFxfhZcTAwp_Xqgk.roa
Signing time: Wed 02 Feb 2022 06:42:38 +0000
ROA not before: Wed 02 Feb 2022 06:42:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197540
IP address blocks: 45.157.176.0/22 maxlen: 22
37.120.160.0/19 maxlen: 32
185.16.60.0/22 maxlen: 32
37.221.192.0/21 maxlen: 32
85.235.64.0/22 maxlen: 22
185.228.136.0/22 maxlen: 32
92.60.36.0/22 maxlen: 22
194.59.204.0/22 maxlen: 22
45.83.104.0/22 maxlen: 22
185.194.140.0/22 maxlen: 22
81.16.16.0/22 maxlen: 22
5.181.48.0/22 maxlen: 22
194.13.80.0/22 maxlen: 22
46.38.240.0/21 maxlen: 32
46.38.248.0/22 maxlen: 32
185.207.104.0/22 maxlen: 32
46.38.252.0/22 maxlen: 32
185.170.112.0/22 maxlen: 32
91.204.44.0/22 maxlen: 22
93.177.64.0/22 maxlen: 22
45.129.180.0/22 maxlen: 22
185.183.156.0/22 maxlen: 32
185.163.116.0/22 maxlen: 22
152.89.104.0/22 maxlen: 22
46.38.224.0/20 maxlen: 32
213.109.160.0/22 maxlen: 22
45.90.4.0/22 maxlen: 22
2.56.96.0/22 maxlen: 22
45.9.60.0/22 maxlen: 22
185.244.192.0/22 maxlen: 32
194.55.12.0/22 maxlen: 22
91.132.144.0/22 maxlen: 22
45.142.176.0/22 maxlen: 22
89.58.28.0/22 maxlen: 22
89.58.36.0/22 maxlen: 22
89.58.32.0/22 maxlen: 22
185.233.104.0/22 maxlen: 32
5.45.96.0/20 maxlen: 32
45.132.244.0/22 maxlen: 22
185.162.248.0/22 maxlen: 32
45.136.28.0/22 maxlen: 22
5.252.224.0/22 maxlen: 22
192.145.44.0/22 maxlen: 22
85.209.48.0/22 maxlen: 22
195.128.100.0/22 maxlen: 22
193.30.120.0/22 maxlen: 22
89.58.4.0/22 maxlen: 22
89.58.0.0/22 maxlen: 22
193.31.24.0/22 maxlen: 22
89.58.8.0/22 maxlen: 22
188.68.32.0/19 maxlen: 32
89.58.16.0/21 maxlen: 21
89.58.12.0/22 maxlen: 22
89.58.24.0/22 maxlen: 22
185.243.8.0/22 maxlen: 32
46.232.248.0/22 maxlen: 22
2a0a:4cc0::/40 maxlen: 40
2a03:4001::/32 maxlen: 48
2a03:4000::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 389851283 (0x173ca893)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f62eeb879085c94194297dd9e4cd249cd2516515
Validity
Not Before: Feb 2 06:42:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=389a318f801a6602631717e165c4c0c29fd7aa09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d5:5f:b5:ca:90:51:e3:04:b4:95:26:a3:c7:
91:02:4c:d3:d1:20:3d:c3:28:20:54:c5:a8:d5:f6:
27:2e:e6:e0:c2:0d:75:35:bd:8a:f9:ad:50:80:66:
9a:c0:eb:6a:54:b6:63:18:23:1d:2b:9d:25:ec:25:
52:1a:31:b6:de:f6:4f:b2:ac:36:ba:8b:c9:39:16:
00:74:91:27:42:17:d6:a2:3d:ad:ec:63:c1:f3:b6:
a5:71:63:49:cb:f4:b9:fb:41:7b:a4:f3:d6:6c:de:
4a:39:19:c7:72:a9:23:1b:69:24:1d:26:4d:94:c5:
f4:3e:d2:2e:1f:7a:58:5e:94:4e:7c:c2:41:ff:da:
46:23:d4:f2:f6:2a:70:8c:16:a4:08:39:fb:de:75:
28:23:f7:8e:2b:37:8d:81:39:b3:46:5b:ea:74:89:
a5:89:c2:50:59:f6:d1:e1:fb:95:41:82:11:41:99:
37:87:eb:c8:4b:40:b9:c8:ad:8c:08:01:62:75:7e:
31:48:c5:27:06:4c:4c:f6:25:08:a8:4d:b9:ce:4f:
0e:a7:21:21:08:23:a8:f3:89:95:1c:35:be:6e:8f:
98:01:30:ce:6d:be:33:27:d4:9a:54:22:0e:f0:f4:
04:bf:34:cd:77:21:f8:08:06:b3:cc:d8:d5:ae:06:
00:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:9A:31:8F:80:1A:66:02:63:17:17:E1:65:C4:C0:C2:9F:D7:AA:09
X509v3 Authority Key Identifier:
keyid:F6:2E:EB:87:90:85:C9:41:94:29:7D:D9:E4:CD:24:9C:D2:51:65:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9i7rh5CFyUGUKX3Z5M0knNJRZRU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/OJoxj4AaZgJjFxfhZcTAwp_Xqgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/9i7rh5CFyUGUKX3Z5M0knNJRZRU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.96.0/22
5.45.96.0/20
5.181.48.0/22
5.252.224.0/22
37.120.160.0/19
37.221.192.0/21
45.9.60.0/22
45.83.104.0/22
45.90.4.0/22
45.129.180.0/22
45.132.244.0/22
45.136.28.0/22
45.142.176.0/22
45.157.176.0/22
46.38.224.0/19
46.232.248.0/22
81.16.16.0/22
85.209.48.0/22
85.235.64.0/22
89.58.0.0-89.58.39.255
91.132.144.0/22
91.204.44.0/22
92.60.36.0/22
93.177.64.0/22
152.89.104.0/22
185.16.60.0/22
185.162.248.0/22
185.163.116.0/22
185.170.112.0/22
185.183.156.0/22
185.194.140.0/22
185.207.104.0/22
185.228.136.0/22
185.233.104.0/22
185.243.8.0/22
185.244.192.0/22
188.68.32.0/19
192.145.44.0/22
193.30.120.0/22
193.31.24.0/22
194.13.80.0/22
194.55.12.0/22
194.59.204.0/22
195.128.100.0/22
213.109.160.0/22
IPv6:
2a03:4000::/31
2a0a:4cc0::/40
Signature Algorithm: sha256WithRSAEncryption
62:ef:20:99:89:3f:1a:47:a7:bd:19:fa:09:c9:f4:76:6e:e1:
60:7e:1f:9f:4a:a8:0a:cb:13:0a:b7:26:03:de:68:03:2f:4e:
f8:bd:36:38:97:e6:b3:ab:b4:7d:54:0e:22:09:ed:58:ae:66:
62:da:c8:03:72:ab:e7:e1:f5:51:2a:25:2d:e1:5f:9c:f6:85:
02:88:72:c1:0c:8d:83:d5:05:bc:4c:e6:a5:10:e8:2e:1d:1e:
1e:e3:e1:32:61:3d:33:2d:d8:8d:73:0f:47:bf:4b:3e:04:2b:
c4:ed:59:41:9a:93:98:49:d3:bf:58:f1:20:d2:e6:74:d0:65:
4d:df:ad:ed:5a:cf:e8:d7:c8:e4:de:98:c1:a2:5e:a6:60:6e:
ab:d6:29:91:97:db:34:21:00:c5:bd:3d:41:43:e0:8b:09:1d:
fa:8c:36:30:bb:04:20:28:7d:81:01:97:c9:d0:57:24:de:df:
6e:88:cf:41:cf:66:d9:b7:b0:8d:59:1d:9f:7a:35:d1:f8:90:
2f:91:b5:21:81:94:02:0b:85:47:52:c5:11:09:a6:b4:21:87:
80:4f:a0:90:e6:a1:cc:3d:af:03:b8:3d:6e:e4:2e:6c:75:83:
d4:30:fd:07:d5:d9:67:ac:23:3d:5b:f8:b4:aa:1c:fe:7d:26:
9c:ba:d3:f5
-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgIEFzyokzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NjJlZWI4NzkwODVjOTQxOTQyOTdkZDllNGNkMjQ5Y2QyNTE2NTE1MB4XDTIyMDIw
MjA2NDIzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzg5YTMxOGY4MDFh
NjYwMjYzMTcxN2UxNjVjNGMwYzI5ZmQ3YWEwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHVX7XKkFHjBLSVJqPHkQJM09EgPcMoIFTFqNX2Jy7m4MIN
dTW9ivmtUIBmmsDralS2YxgjHSudJewlUhoxtt72T7KsNrqLyTkWAHSRJ0IX1qI9
rexjwfO2pXFjScv0uftBe6Tz1mzeSjkZx3KpIxtpJB0mTZTF9D7SLh96WF6UTnzC
Qf/aRiPU8vYqcIwWpAg5+951KCP3jis3jYE5s0Zb6nSJpYnCUFn20eH7lUGCEUGZ
N4fryEtAucitjAgBYnV+MUjFJwZMTPYlCKhNuc5PDqchIQgjqPOJlRw1vm6PmAEw
zm2+MyfUmlQiDvD0BL80zXch+AgGs8zY1a4GAPECAwEAAaOCAzkwggM1MB0GA1Ud
DgQWBBQ4mjGPgBpmAmMXF+FlxMDCn9eqCTAfBgNVHSMEGDAWgBT2LuuHkIXJQZQp
fdnkzSSc0lFlFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlpN3JoNUNGeVVHVUtYM1o1TTBrbk5KUlpSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvOTFkYThiLTA1MDItNDhkZi04NTMyLTVmYmY5YTI5YjZlMS8x
L09Kb3hqNEFhWmdKakZ4ZmhaY1RBd3BfWHFnay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
OTFkYThiLTA1MDItNDhkZi04NTMyLTVmYmY5YTI5YjZlMS8xLzlpN3JoNUNGeVVH
VUtYM1o1TTBrbk5KUlpSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AU0GCCsGAQUFBwEHAQH/BIIBPDCCATgwggEdBAIAATCCARUDBAICOGADBAQFLWAD
BAIFtTADBAIF/OADBAUleKADBAMl3cADBAItCTwDBAItU2gDBAItWgQDBAItgbQD
BAIthPQDBAItiBwDBAItjrADBAItnbADBAUuJuADBAIu6PgDBAJREBADBAJV0TAD
BAJV60AwCwMDAVk6AwQDWTogAwQCW4SQAwQCW8wsAwQCXDwkAwQCXbFAAwQCmFlo
AwQCuRA8AwQCuaL4AwQCuaN0AwQCuapwAwQCubecAwQCucKMAwQCuc9oAwQCueSI
AwQCueloAwQCufMIAwQCufTAAwQFvEQgAwQCwJEsAwQCwR54AwQCwR8YAwQCwg1Q
AwQCwjcMAwQCwjvMAwQCw4BkAwQC1W2gMBUEAgACMA8DBQEqA0AAAwYAKgpMwAAw
DQYJKoZIhvcNAQELBQADggEBAGLvIJmJPxpHp70Z+gnJ9HZu4WB+H59KqArLEwq3
JgPeaAMvTvi9NjiX5rOrtH1UDiIJ7ViuZmLayANyq+fh9VEqJS3hX5z2hQKIcsEM
jYPVBbxM5qUQ6C4dHh7j4TJhPTMt2I1zD0e/Sz4EK8TtWUGak5hJ079Y8SDS5nTQ
ZU3fre1az+jXyOTemMGiXqZgbqvWKZGX2zQhAMW9PUFD4IsJHfqMNjC7BCAofYEB
l8nQVyTe326Iz0HPZtm3sI1ZHZ96NdH4kC+RtSGBlAILhUdSxREJprQhh4BPoJDm
ocw9rwO4PW7kLmx1g9Qw/QfV2WesIz1b+LSqHP59Jpy60/U=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:36 2023 by rpki-client on console-ams.rpki-client.org