Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/nIHPXUo6Aha1G4-PSxtAlIkA-bE.roa
File: nIHPXUo6Aha1G4-PSxtAlIkA-bE.roa (raw, json)
Hash identifier: DGxi7hjnoauWHnecomhXie9lAvsqZgRHhT4ZG8e5Vw4=
Subject key identifier: 9C:81:CF:5D:4A:3A:02:16:B5:1B:8F:8F:4B:1B:40:94:89:00:F9:B1
Certificate issuer: /CN=80a9fff63a3477957ff75ccdc003dab68cf9d155
Certificate serial: 0182EF57C51891E249A316F9787CF8AACED4
Authority key identifier: 80:A9:FF:F6:3A:34:77:95:7F:F7:5C:CD:C0:03:DA:B6:8C:F9:D1:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/nIHPXUo6Aha1G4-PSxtAlIkA-bE.roa
Signing time: Tue 30 Aug 2022 15:21:22 +0000
ROA not before: Tue 30 Aug 2022 15:21:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16276
IP address blocks: 152.228.128.0/17 maxlen: 17
94.23.0.0/16 maxlen: 16
141.95.128.0/17 maxlen: 17
51.178.0.0/16 maxlen: 16
51.210.0.0/16 maxlen: 16
51.77.0.0/16 maxlen: 16
135.125.128.0/17 maxlen: 17
213.186.32.0/19 maxlen: 19
51.75.0.0/16 maxlen: 16
193.70.0.0/17 maxlen: 17
162.19.128.0/17 maxlen: 17
51.38.0.0/16 maxlen: 16
54.38.0.0/16 maxlen: 16
91.134.0.0/16 maxlen: 16
145.239.0.0/16 maxlen: 16
149.202.0.0/16 maxlen: 16
137.74.0.0/16 maxlen: 16
54.37.0.0/16 maxlen: 16
188.165.0.0/16 maxlen: 16
51.195.0.0/16 maxlen: 16
92.222.0.0/16 maxlen: 16
141.94.0.0/16 maxlen: 16
91.121.0.0/16 maxlen: 16
51.89.0.0/16 maxlen: 16
5.39.0.0/17 maxlen: 17
198.244.128.0/17 maxlen: 17
5.135.0.0/16 maxlen: 16
135.125.0.0/17 maxlen: 17
57.128.0.0/17 maxlen: 17
213.32.0.0/17 maxlen: 17
51.91.0.0/16 maxlen: 16
37.187.0.0/16 maxlen: 16
37.59.0.0/16 maxlen: 16
217.182.0.0/16 maxlen: 16
164.132.0.0/16 maxlen: 16
5.196.0.0/16 maxlen: 16
51.68.0.0/16 maxlen: 16
54.36.0.0/16 maxlen: 16
141.95.0.0/17 maxlen: 17
147.135.128.0/17 maxlen: 17
162.19.0.0/17 maxlen: 17
57.128.128.0/18 maxlen: 18
51.83.0.0/16 maxlen: 16
213.251.128.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ef:57:c5:18:91:e2:49:a3:16:f9:78:7c:f8:aa:ce:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80a9fff63a3477957ff75ccdc003dab68cf9d155
Validity
Not Before: Aug 30 15:21:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c81cf5d4a3a0216b51b8f8f4b1b40948900f9b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e8:98:96:16:ec:97:ca:2a:9a:2a:c3:82:9b:
4c:72:97:01:4b:bc:2d:7f:91:c7:7f:a6:e7:85:d5:
72:a3:66:67:a3:c5:3a:e7:58:2a:c9:75:b3:73:bd:
ce:f3:da:90:9e:df:56:02:be:4d:a6:64:e9:87:61:
df:d0:df:41:c0:09:db:11:ae:0c:a7:b8:74:fb:f1:
57:74:e7:18:e6:0f:5b:e8:15:76:94:2a:c2:ab:53:
db:51:94:b1:9e:39:a0:3a:e7:33:58:90:ff:b2:86:
85:c9:a8:4d:00:51:cf:ea:50:72:9b:8c:88:fa:5c:
32:b6:21:33:d1:ca:d0:56:38:89:44:db:94:d0:69:
95:4d:62:66:91:f6:d3:76:d5:d9:9d:e1:59:70:9f:
d2:a0:7f:d6:c0:94:61:06:07:41:16:0b:60:90:cb:
f3:a9:a1:48:49:78:4a:9b:0b:37:75:27:9f:e1:9f:
87:06:6b:02:dd:f2:f8:51:4b:d1:2d:fc:57:d3:61:
14:c2:bc:5d:e8:12:48:44:82:5b:cc:13:65:ee:34:
78:55:32:93:b7:23:c7:21:95:0e:77:b2:79:58:0d:
79:30:50:f6:0a:8d:4a:ee:1a:af:41:28:b9:57:63:
83:2a:51:dd:53:32:5b:18:2c:56:01:07:23:e3:0e:
8d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:81:CF:5D:4A:3A:02:16:B5:1B:8F:8F:4B:1B:40:94:89:00:F9:B1
X509v3 Authority Key Identifier:
keyid:80:A9:FF:F6:3A:34:77:95:7F:F7:5C:CD:C0:03:DA:B6:8C:F9:D1:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/nIHPXUo6Aha1G4-PSxtAlIkA-bE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/gKn_9jo0d5V_91zNwAPatoz50VU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.0.0/17
5.135.0.0/16
5.196.0.0/16
37.59.0.0/16
37.187.0.0/16
51.38.0.0/16
51.68.0.0/16
51.75.0.0/16
51.77.0.0/16
51.83.0.0/16
51.89.0.0/16
51.91.0.0/16
51.178.0.0/16
51.195.0.0/16
51.210.0.0/16
54.36.0.0-54.38.255.255
57.128.0.0-57.128.191.255
91.121.0.0/16
91.134.0.0/16
92.222.0.0/16
94.23.0.0/16
135.125.0.0/16
137.74.0.0/16
141.94.0.0/15
145.239.0.0/16
147.135.128.0/17
149.202.0.0/16
152.228.128.0/17
162.19.0.0/16
164.132.0.0/16
188.165.0.0/16
193.70.0.0/17
198.244.128.0/17
213.32.0.0/17
213.186.32.0/19
213.251.128.0/18
217.182.0.0/16
Signature Algorithm: sha256WithRSAEncryption
73:51:6d:9e:56:89:88:22:66:51:dc:45:60:b5:ee:7e:af:c3:
c1:7b:17:cd:83:f3:6f:09:36:5c:ef:04:dd:74:88:54:34:11:
cc:73:59:5c:04:74:6e:a2:f6:e1:18:48:43:30:39:bc:8a:27:
bf:0f:b4:64:71:ec:eb:57:e3:9a:2e:3b:89:5e:5d:af:1a:e1:
9f:b3:27:da:a1:75:9c:9b:fd:8f:7e:be:aa:8e:ca:c7:83:01:
2a:25:cf:a2:97:b4:3a:d2:ad:a6:bd:20:3a:b1:77:77:95:81:
65:42:a8:e4:55:44:bc:54:0f:06:c4:35:5c:22:98:40:48:d7:
80:dd:e7:77:2b:77:d7:68:2c:71:14:7f:69:d9:36:0f:66:47:
9e:ad:94:56:d6:47:57:1e:55:84:12:bb:6d:93:b5:60:2b:df:
e6:e4:d9:64:74:cf:c9:8e:60:27:76:2e:50:4b:25:a5:51:d5:
dd:eb:5e:0f:4f:e5:2d:4c:67:21:bc:82:ea:46:c6:f3:5b:82:
bb:13:25:f3:54:1f:07:ad:8d:8b:3c:ac:5e:0e:c6:07:57:b4:
43:40:ae:e5:25:d8:7e:80:c9:9d:b3:89:59:34:c4:20:ea:bc:
2d:96:03:c2:e9:97:a5:75:cb:d8:73:c8:3c:95:97:1a:d9:67:
2b:3e:d2:7c
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAYLvV8UYkeJJoxb5eHz4qs7UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYTlmZmY2M2EzNDc3OTU3ZmY3NWNjZGMwMDNkYWI2OGNm
OWQxNTUwHhcNMjIwODMwMTUyMTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzgxY2Y1ZDRhM2EwMjE2YjUxYjhmOGY0YjFiNDA5NDg5MDBmOWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+iYlhbsl8oqmirDgptMcpcBS7wt
f5HHf6bnhdVyo2Zno8U651gqyXWzc73O89qQnt9WAr5NpmTph2Hf0N9BwAnbEa4M
p7h0+/FXdOcY5g9b6BV2lCrCq1PbUZSxnjmgOuczWJD/soaFyahNAFHP6lBym4yI
+lwytiEz0crQVjiJRNuU0GmVTWJmkfbTdtXZneFZcJ/SoH/WwJRhBgdBFgtgkMvz
qaFISXhKmws3dSef4Z+HBmsC3fL4UUvRLfxX02EUwrxd6BJIRIJbzBNl7jR4VTKT
tyPHIZUOd7J5WA15MFD2Co1K7hqvQSi5V2ODKlHdUzJbGCxWAQcj4w6NOwIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFJyBz11KOgIWtRuPj0sbQJSJAPmxMB8GA1UdIwQY
MBaAFICp//Y6NHeVf/dczcAD2raM+dFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0tuXzlqbzBkNVZfOTF6TndBUGF0b3o1MFZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9iMDg0YmYtYTQ1NC00M2NmLWFjOTIt
NDdkOThlNTg1NDVhLzEvbklIUFhVbzZBaGExRzQtUFN4dEFsSWtBLWJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9iMDg0YmYtYTQ1NC00M2NmLWFjOTItNDdkOThlNTg1NDVh
LzEvZ0tuXzlqbzBkNVZfOTF6TndBUGF0b3o1MFZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCB1wQCAAEwgdADBAcF
JwADAwAFhwMDAAXEAwMAJTsDAwAluwMDADMmAwMAM0QDAwAzSwMDADNNAwMAM1MD
AwAzWQMDADNbAwMAM7IDAwAzwwMDADPSMAoDAwI2JAMDADYmMAsDAwc5gAMEBjmA
gAMDAFt5AwMAW4YDAwBc3gMDAF4XAwMAh30DAwCJSgMDAY1eAwMAke8DBAeTh4AD
AwCVygMEB5jkgAMDAKITAwMApIQDAwC8pQMEB8FGAAMEB8b0gAMEB9UgAAMEBdW6
IAMEBtX7gAMDANm2MA0GCSqGSIb3DQEBCwUAA4IBAQBzUW2eVomIImZR3EVgte5+
r8PBexfNg/NvCTZc7wTddIhUNBHMc1lcBHRuovbhGEhDMDm8iie/D7RkcezrV+Oa
LjuJXl2vGuGfsyfaoXWcm/2Pfr6qjsrHgwEqJc+il7Q60q2mvSA6sXd3lYFlQqjk
VUS8VA8GxDVcIphASNeA3ed3K3fXaCxxFH9p2TYPZkeerZRW1kdXHlWEErttk7Vg
K9/m5NlkdM/JjmAndi5QSyWlUdXd614PT+UtTGchvILqRsbzW4K7EyXzVB8HrY2L
PKxeDsYHV7RDQK7lJdh+gMmds4lZNMQg6rwtlgPC6ZeldcvYc8g8lZca2WcrPtJ8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:19 2024 by rpki-client on console-ams.rpki-client.org