Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/P0WT8OWNehQgpVJCYUgUl8ROKj0.roa
File: P0WT8OWNehQgpVJCYUgUl8ROKj0.roa (raw, json)
Hash identifier: i4pHP2gNqqy80KodEDOcXv1Pap462tAQLbB+2rtwW3M=
Subject key identifier: 3F:45:93:F0:E5:8D:7A:14:20:A5:52:42:61:48:14:97:C4:4E:2A:3D
Certificate issuer: /CN=f62eeb879085c94194297dd9e4cd249cd2516515
Certificate serial: 16F6D7D0
Authority key identifier: F6:2E:EB:87:90:85:C9:41:94:29:7D:D9:E4:CD:24:9C:D2:51:65:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9i7rh5CFyUGUKX3Z5M0knNJRZRU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/P0WT8OWNehQgpVJCYUgUl8ROKj0.roa
Signing time: Tue 04 Jan 2022 06:34:55 +0000
ROA not before: Tue 04 Jan 2022 06:34:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197540
IP address blocks: 45.157.176.0/22 maxlen: 22
37.120.160.0/19 maxlen: 32
185.16.60.0/22 maxlen: 32
37.221.192.0/21 maxlen: 32
85.235.64.0/22 maxlen: 22
185.228.136.0/22 maxlen: 32
92.60.36.0/22 maxlen: 22
194.59.204.0/22 maxlen: 22
45.83.104.0/22 maxlen: 22
185.194.140.0/22 maxlen: 22
81.16.16.0/22 maxlen: 22
5.181.48.0/22 maxlen: 22
194.13.80.0/22 maxlen: 22
46.38.240.0/21 maxlen: 32
46.38.248.0/22 maxlen: 32
185.207.104.0/22 maxlen: 32
46.38.252.0/22 maxlen: 32
185.170.112.0/22 maxlen: 32
91.204.44.0/22 maxlen: 22
93.177.64.0/22 maxlen: 22
45.129.180.0/22 maxlen: 22
185.183.156.0/22 maxlen: 32
185.163.116.0/22 maxlen: 22
152.89.104.0/22 maxlen: 22
46.38.224.0/20 maxlen: 32
213.109.160.0/22 maxlen: 22
45.90.4.0/22 maxlen: 22
2.56.96.0/22 maxlen: 22
45.9.60.0/22 maxlen: 22
185.244.192.0/22 maxlen: 32
194.55.12.0/22 maxlen: 22
91.132.144.0/22 maxlen: 22
45.142.176.0/22 maxlen: 22
89.58.28.0/22 maxlen: 22
185.233.104.0/22 maxlen: 32
5.45.96.0/20 maxlen: 32
45.132.244.0/22 maxlen: 22
185.162.248.0/22 maxlen: 32
45.136.28.0/22 maxlen: 22
5.252.224.0/22 maxlen: 22
192.145.44.0/22 maxlen: 22
85.209.48.0/22 maxlen: 22
195.128.100.0/22 maxlen: 22
193.30.120.0/22 maxlen: 22
89.58.4.0/22 maxlen: 22
89.58.0.0/22 maxlen: 22
193.31.24.0/22 maxlen: 22
89.58.8.0/22 maxlen: 22
188.68.32.0/19 maxlen: 32
89.58.16.0/21 maxlen: 21
89.58.12.0/22 maxlen: 22
89.58.24.0/22 maxlen: 22
185.243.8.0/22 maxlen: 32
46.232.248.0/22 maxlen: 22
2a0a:4cc0::/40 maxlen: 40
2a03:4001::/32 maxlen: 48
2a03:4000::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 385275856 (0x16f6d7d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f62eeb879085c94194297dd9e4cd249cd2516515
Validity
Not Before: Jan 4 06:34:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f4593f0e58d7a1420a5524261481497c44e2a3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:86:be:9f:c2:14:f1:43:38:b1:98:80:66:bc:
19:fa:11:9f:21:c7:a6:49:95:8e:cf:1e:a7:a5:d2:
ea:b9:6b:c9:05:fa:0e:31:e7:fb:88:e1:77:ad:8e:
08:3b:5c:ba:87:7b:e9:92:94:03:4e:a1:d0:e8:15:
0c:b1:25:36:40:b9:b8:43:93:66:d7:d4:15:65:ac:
b5:26:33:59:46:5a:37:61:c2:a7:b0:9e:3b:0b:40:
32:04:d0:69:f8:60:cf:41:be:c1:71:f1:ad:86:d5:
be:18:7a:72:e9:29:68:91:4f:62:75:66:3e:7f:48:
08:43:e1:58:12:42:87:00:57:84:be:3a:b0:cc:25:
df:07:50:c8:8d:a7:62:25:9c:68:3a:a7:ec:fe:87:
56:8d:1b:6d:98:b0:6e:39:de:c6:01:5d:0c:7b:e3:
13:57:09:36:f7:e4:26:7e:bd:66:c4:c2:91:56:ee:
bf:c0:de:37:bb:d1:e5:1d:88:b2:e3:c8:5b:f6:c1:
80:c3:83:56:70:6e:e0:1a:38:52:f3:e0:86:ad:a6:
bd:1e:ed:04:d1:51:c8:d6:17:26:ff:23:c6:f6:a7:
17:51:e6:3e:24:62:6d:61:11:fb:81:e7:df:04:27:
d6:78:8b:ae:81:1f:dc:e9:79:77:2f:7e:0c:54:f2:
26:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:45:93:F0:E5:8D:7A:14:20:A5:52:42:61:48:14:97:C4:4E:2A:3D
X509v3 Authority Key Identifier:
keyid:F6:2E:EB:87:90:85:C9:41:94:29:7D:D9:E4:CD:24:9C:D2:51:65:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9i7rh5CFyUGUKX3Z5M0knNJRZRU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/P0WT8OWNehQgpVJCYUgUl8ROKj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/9i7rh5CFyUGUKX3Z5M0knNJRZRU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.96.0/22
5.45.96.0/20
5.181.48.0/22
5.252.224.0/22
37.120.160.0/19
37.221.192.0/21
45.9.60.0/22
45.83.104.0/22
45.90.4.0/22
45.129.180.0/22
45.132.244.0/22
45.136.28.0/22
45.142.176.0/22
45.157.176.0/22
46.38.224.0/19
46.232.248.0/22
81.16.16.0/22
85.209.48.0/22
85.235.64.0/22
89.58.0.0/19
91.132.144.0/22
91.204.44.0/22
92.60.36.0/22
93.177.64.0/22
152.89.104.0/22
185.16.60.0/22
185.162.248.0/22
185.163.116.0/22
185.170.112.0/22
185.183.156.0/22
185.194.140.0/22
185.207.104.0/22
185.228.136.0/22
185.233.104.0/22
185.243.8.0/22
185.244.192.0/22
188.68.32.0/19
192.145.44.0/22
193.30.120.0/22
193.31.24.0/22
194.13.80.0/22
194.55.12.0/22
194.59.204.0/22
195.128.100.0/22
213.109.160.0/22
IPv6:
2a03:4000::/31
2a0a:4cc0::/40
Signature Algorithm: sha256WithRSAEncryption
94:1f:e6:b7:ce:a4:90:d4:f1:c5:ac:60:e6:d0:a5:4f:6d:d2:
c2:ac:b4:8f:23:11:b4:e8:84:b2:0b:bc:d2:ca:ef:71:f1:ab:
00:e9:47:d3:3b:19:99:cb:d4:60:39:fb:73:bc:a7:c0:9e:ff:
0a:f7:fc:a1:01:e0:83:e1:df:eb:37:50:e0:ce:05:5e:1d:3e:
33:29:9e:e9:e8:fc:95:f7:c0:2f:cc:c6:94:5a:27:62:70:4b:
15:48:39:1d:16:a8:28:9a:db:c6:d5:2a:6e:4c:da:f7:d5:75:
8c:fc:5b:3a:14:4d:39:3c:2f:77:4e:d7:5e:5c:80:54:f2:d4:
94:e4:88:01:79:90:5a:c2:d2:cb:85:b6:d4:c3:5d:30:e4:ba:
35:71:a5:e9:4c:c9:c2:30:7a:87:40:84:f9:11:1a:e4:37:11:
b2:7c:3c:81:82:b9:f8:f9:d0:e5:9f:c6:5b:fc:6d:6f:6b:3c:
46:1a:2c:b9:91:a3:80:52:b1:72:7f:b9:16:3b:97:53:10:7f:
2c:a2:d3:27:81:dc:31:18:a9:dc:39:3c:23:77:09:5c:39:f0:
3a:22:f2:f9:fb:95:91:fb:ff:86:66:51:4a:aa:3c:eb:e9:2d:
44:ba:1f:66:02:b1:da:26:59:63:13:2f:9b:45:6a:af:d8:4f:
06:69:90:57
-----BEGIN CERTIFICATE-----
MIIGGDCCBQCgAwIBAgIEFvbX0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NjJlZWI4NzkwODVjOTQxOTQyOTdkZDllNGNkMjQ5Y2QyNTE2NTE1MB4XDTIyMDEw
NDA2MzQ1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2Y0NTkzZjBlNThk
N2ExNDIwYTU1MjQyNjE0ODE0OTdjNDRlMmEzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJuGvp/CFPFDOLGYgGa8GfoRnyHHpkmVjs8ep6XS6rlryQX6
DjHn+4jhd62OCDtcuod76ZKUA06h0OgVDLElNkC5uEOTZtfUFWWstSYzWUZaN2HC
p7CeOwtAMgTQafhgz0G+wXHxrYbVvhh6cukpaJFPYnVmPn9ICEPhWBJChwBXhL46
sMwl3wdQyI2nYiWcaDqn7P6HVo0bbZiwbjnexgFdDHvjE1cJNvfkJn69ZsTCkVbu
v8DeN7vR5R2IsuPIW/bBgMODVnBu4Bo4UvPghq2mvR7tBNFRyNYXJv8jxvanF1Hm
PiRibWER+4Hn3wQn1niLroEf3Ol5dy9+DFTyJpMCAwEAAaOCAzIwggMuMB0GA1Ud
DgQWBBQ/RZPw5Y16FCClUkJhSBSXxE4qPTAfBgNVHSMEGDAWgBT2LuuHkIXJQZQp
fdnkzSSc0lFlFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlpN3JoNUNGeVVHVUtYM1o1TTBrbk5KUlpSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvOTFkYThiLTA1MDItNDhkZi04NTMyLTVmYmY5YTI5YjZlMS8x
L1AwV1Q4T1dOZWhRZ3BWSkNZVWdVbDhST0tqMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
OTFkYThiLTA1MDItNDhkZi04NTMyLTVmYmY5YTI5YjZlMS8xLzlpN3JoNUNGeVVH
VUtYM1o1TTBrbk5KUlpSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AUYGCCsGAQUFBwEHAQH/BIIBNTCCATEwggEWBAIAATCCAQ4DBAICOGADBAQFLWAD
BAIFtTADBAIF/OADBAUleKADBAMl3cADBAItCTwDBAItU2gDBAItWgQDBAItgbQD
BAIthPQDBAItiBwDBAItjrADBAItnbADBAUuJuADBAIu6PgDBAJREBADBAJV0TAD
BAJV60ADBAVZOgADBAJbhJADBAJbzCwDBAJcPCQDBAJdsUADBAKYWWgDBAK5EDwD
BAK5ovgDBAK5o3QDBAK5qnADBAK5t5wDBAK5wowDBAK5z2gDBAK55IgDBAK56WgD
BAK58wgDBAK59MADBAW8RCADBALAkSwDBALBHngDBALBHxgDBALCDVADBALCNwwD
BALCO8wDBALDgGQDBALVbaAwFQQCAAIwDwMFASoDQAADBgAqCkzAADANBgkqhkiG
9w0BAQsFAAOCAQEAlB/mt86kkNTxxaxg5tClT23Swqy0jyMRtOiEsgu80srvcfGr
AOlH0zsZmcvUYDn7c7ynwJ7/Cvf8oQHgg+Hf6zdQ4M4FXh0+Myme6ej8lffAL8zG
lFonYnBLFUg5HRaoKJrbxtUqbkza99V1jPxbOhRNOTwvd07XXlyAVPLUlOSIAXmQ
WsLSy4W21MNdMOS6NXGl6UzJwjB6h0CE+REa5DcRsnw8gYK5+PnQ5Z/GW/xtb2s8
RhosuZGjgFKxcn+5FjuXUxB/LKLTJ4HcMRip3Dk8I3cJXDnwOiLy+fuVkfv/hmZR
Sqo86+ktRLofZgKx2iZZYxMvm0Vqr9hPBmmQVw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:36 2023 by rpki-client on console-ams.rpki-client.org