Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/VDJac9qmCX81IVwUJOEPod5yz1I.roa
File: VDJac9qmCX81IVwUJOEPod5yz1I.roa (raw, json)
Hash identifier: 0bJ9DJN7C9kb1a6HHIbkZhi7iqzqvkoD8xZOizFO9YU=
Subject key identifier: 54:32:5A:73:DA:A6:09:7F:35:21:5C:14:24:E1:0F:A1:DE:72:CF:52
Certificate issuer: /CN=2ba1cfd757f51f2feb74509e9c39be46806be642
Certificate serial: 060451AE
Authority key identifier: 2B:A1:CF:D7:57:F5:1F:2F:EB:74:50:9E:9C:39:BE:46:80:6B:E6:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K6HP11f1Hy_rdFCenDm-RoBr5kI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/VDJac9qmCX81IVwUJOEPod5yz1I.roa
Signing time: Sun 29 May 2022 21:20:13 +0000
ROA not before: Sun 29 May 2022 21:20:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25441
IP address blocks: 89.124.0.0/17 maxlen: 17
89.127.128.0/18 maxlen: 18
85.134.136.0/21 maxlen: 21
83.141.64.0/18 maxlen: 18
85.134.144.0/21 maxlen: 21
85.134.152.0/21 maxlen: 21
89.127.224.0/20 maxlen: 20
89.124.128.0/18 maxlen: 18
85.134.160.0/21 maxlen: 21
85.134.168.0/21 maxlen: 21
89.127.240.0/21 maxlen: 21
85.134.176.0/21 maxlen: 21
85.134.184.0/21 maxlen: 21
89.127.248.0/22 maxlen: 22
87.232.0.0/19 maxlen: 19
89.127.192.0/19 maxlen: 19
85.134.128.0/21 maxlen: 21
85.134.128.0/17 maxlen: 17
62.231.32.0/19 maxlen: 19
89.127.0.0/17 maxlen: 17
78.135.208.0/21 maxlen: 21
78.135.216.0/21 maxlen: 21
78.135.224.0/21 maxlen: 21
78.135.232.0/21 maxlen: 21
78.135.240.0/21 maxlen: 21
78.135.248.0/21 maxlen: 21
87.192.216.0/22 maxlen: 22
87.192.224.0/19 maxlen: 19
87.192.222.0/23 maxlen: 23
89.126.28.0/22 maxlen: 22
185.247.52.0/22 maxlen: 22
89.126.0.0/22 maxlen: 22
89.126.4.0/22 maxlen: 22
89.126.0.0/16 maxlen: 16
89.126.8.0/22 maxlen: 22
89.126.12.0/22 maxlen: 22
89.126.16.0/22 maxlen: 22
89.126.20.0/22 maxlen: 22
89.126.24.0/22 maxlen: 22
85.134.240.0/21 maxlen: 21
87.232.160.0/19 maxlen: 19
87.192.64.0/20 maxlen: 20
89.124.224.0/20 maxlen: 20
85.134.248.0/21 maxlen: 21
89.124.246.0/23 maxlen: 23
87.192.84.0/22 maxlen: 22
89.124.245.0/24 maxlen: 24
87.232.192.0/24 maxlen: 24
87.192.82.0/23 maxlen: 23
87.232.194.0/23 maxlen: 23
89.124.248.0/21 maxlen: 21
87.232.196.0/22 maxlen: 22
87.192.88.0/21 maxlen: 21
87.232.200.0/21 maxlen: 21
87.192.96.0/19 maxlen: 19
87.232.208.0/20 maxlen: 20
89.125.0.0/16 maxlen: 16
87.192.0.0/18 maxlen: 18
85.134.192.0/21 maxlen: 21
89.127.254.0/23 maxlen: 23
85.134.200.0/21 maxlen: 21
85.134.208.0/21 maxlen: 21
89.124.192.0/19 maxlen: 19
85.134.216.0/21 maxlen: 21
87.232.144.0/20 maxlen: 20
85.134.224.0/21 maxlen: 21
85.134.232.0/21 maxlen: 21
87.192.192.0/20 maxlen: 20
78.135.128.0/17 maxlen: 17
87.192.208.0/21 maxlen: 21
87.232.226.0/23 maxlen: 23
87.232.225.0/24 maxlen: 24
87.232.228.0/22 maxlen: 22
87.232.232.0/21 maxlen: 21
87.192.128.0/18 maxlen: 18
87.232.240.0/21 maxlen: 21
87.232.248.0/23 maxlen: 23
2001:4d68::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100946350 (0x60451ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ba1cfd757f51f2feb74509e9c39be46806be642
Validity
Not Before: May 29 21:20:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=54325a73daa6097f35215c1424e10fa1de72cf52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:00:16:45:3f:3b:d8:70:9a:a5:30:5e:37:4c:
eb:81:a0:1d:ac:6b:9e:4e:5c:87:5f:1d:0f:a7:18:
1f:25:ca:9b:e8:a5:ff:29:36:29:10:4a:f2:2e:6c:
25:a9:aa:6a:0e:5e:1e:b6:67:c7:a8:29:ad:2e:2a:
4e:07:ca:24:7c:05:72:00:35:82:cb:34:85:7a:bb:
eb:28:c7:8e:1b:ae:ed:2d:f0:ab:6b:a5:b2:99:82:
be:73:1e:78:1b:d9:c3:b4:ff:1f:8d:91:07:97:5f:
ef:62:e2:a4:58:f5:53:bd:11:d2:dd:3f:8a:23:fb:
8e:9a:bb:9e:0b:b3:89:3f:b0:b5:ba:19:29:e8:08:
79:b1:1b:6a:4b:51:b5:ce:66:92:50:0d:ca:20:f3:
c2:04:a1:a4:83:6f:61:97:a5:47:74:af:d4:9c:a3:
67:1b:19:0d:21:23:72:69:08:e5:ec:57:0b:fb:d2:
c5:f6:8f:71:44:ac:02:63:55:a6:ec:0c:9e:bd:0e:
83:0c:51:d2:8f:f9:1b:11:23:65:ff:c3:3a:fb:f0:
b9:61:e8:6f:79:e5:1b:10:b8:c2:4e:94:97:46:1d:
29:a3:e3:2d:7f:42:a2:a9:d1:6a:f3:a4:2a:ac:6e:
76:e3:fc:ff:7d:1f:05:f6:a9:8a:3e:f2:41:6b:79:
64:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:32:5A:73:DA:A6:09:7F:35:21:5C:14:24:E1:0F:A1:DE:72:CF:52
X509v3 Authority Key Identifier:
keyid:2B:A1:CF:D7:57:F5:1F:2F:EB:74:50:9E:9C:39:BE:46:80:6B:E6:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K6HP11f1Hy_rdFCenDm-RoBr5kI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/VDJac9qmCX81IVwUJOEPod5yz1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/K6HP11f1Hy_rdFCenDm-RoBr5kI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.231.32.0/19
78.135.128.0/17
83.141.64.0/18
85.134.128.0/17
87.192.0.0-87.192.79.255
87.192.82.0-87.192.219.255
87.192.222.0-87.192.255.255
87.232.0.0/19
87.232.144.0-87.232.192.255
87.232.194.0-87.232.223.255
87.232.225.0-87.232.249.255
89.124.0.0-89.124.239.255
89.124.245.0-89.127.251.255
89.127.254.0/23
185.247.52.0/22
IPv6:
2001:4d68::/32
Signature Algorithm: sha256WithRSAEncryption
88:b8:e8:49:56:df:e0:48:4e:39:0f:fa:92:0a:ce:cb:59:64:
f9:f5:5f:09:b7:1a:94:4d:2b:e3:c1:4f:80:6f:71:de:5f:f1:
56:eb:dc:42:1d:10:ab:b3:4b:02:19:5d:bf:f8:f2:11:ae:29:
f9:df:6d:41:da:0e:0d:73:20:b2:6f:ab:a7:e3:72:2c:87:33:
52:08:15:02:7e:e6:86:0e:82:62:ae:54:39:74:ec:08:86:74:
a4:ab:e4:94:c0:94:67:4c:47:20:23:4a:96:0d:b1:ac:1e:23:
e9:de:d0:1c:60:b3:33:b2:e5:1a:ef:fa:8f:fa:81:8d:bf:6d:
eb:04:e1:42:72:f4:5e:68:17:59:a2:e4:9a:a0:00:08:6d:59:
47:5f:fe:0c:b5:14:9f:b4:b3:60:4c:da:32:72:9a:db:c2:2d:
79:c6:41:45:9f:1f:43:a1:a7:da:30:0c:2b:9d:b0:84:50:6b:
f7:cf:fa:f3:19:38:9a:be:79:e0:97:af:32:e3:75:65:6f:76:
5d:06:bb:f1:39:db:56:b3:11:9c:9b:98:2e:e8:59:4d:48:8c:
04:1e:58:4d:4e:b8:c5:55:06:7c:99:5d:3c:9c:04:32:5c:fe:
93:c2:5d:38:82:20:1c:fb:67:f2:9a:d3:35:7b:34:f5:d8:f3:
d4:ea:86:43
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgIEBgRRrjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YmExY2ZkNzU3ZjUxZjJmZWI3NDUwOWU5YzM5YmU0NjgwNmJlNjQyMB4XDTIyMDUy
OTIxMjAxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTQzMjVhNzNkYWE2
MDk3ZjM1MjE1YzE0MjRlMTBmYTFkZTcyY2Y1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIwAFkU/O9hwmqUwXjdM64GgHaxrnk5ch18dD6cYHyXKm+il
/yk2KRBK8i5sJamqag5eHrZnx6gprS4qTgfKJHwFcgA1gss0hXq76yjHjhuu7S3w
q2ulspmCvnMeeBvZw7T/H42RB5df72LipFj1U70R0t0/iiP7jpq7nguziT+wtboZ
KegIebEbaktRtc5mklANyiDzwgShpINvYZelR3Sv1JyjZxsZDSEjcmkI5exXC/vS
xfaPcUSsAmNVpuwMnr0OgwxR0o/5GxEjZf/DOvvwuWHob3nlGxC4wk6Ul0YdKaPj
LX9CoqnRavOkKqxuduP8/30fBfapij7yQWt5ZCUCAwEAAaOCAq4wggKqMB0GA1Ud
DgQWBBRUMlpz2qYJfzUhXBQk4Q+h3nLPUjAfBgNVHSMEGDAWgBQroc/XV/UfL+t0
UJ6cOb5GgGvmQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0s2SFAxMWYxSHlfcmRGQ2VuRG0tUm9CcjVrSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvNzQ1OTEwLTg2YzYtNDNkMS05NzY1LTU3ODlkZTQyNGE0Mi8x
L1ZESmFjOXFtQ1g4MUlWd1VKT0VQb2Q1eXoxSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
NzQ1OTEwLTg2YzYtNDNkMS05NzY1LTU3ODlkZTQyNGE0Mi8xL0s2SFAxMWYxSHlf
cmRGQ2VuRG0tUm9CcjVrSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
wwYIKwYBBQUHAQcBAf8EgbMwgbAwgZ4EAgABMIGXAwQFPucgAwQHToeAAwQGU41A
AwQHVYaAMAsDAwZXwAMEBFfAQDAMAwQBV8BSAwQCV8DYMAsDBAFXwN4DAwBXwAME
BVfoADAMAwQEV+iQAwQAV+jAMAwDBAFX6MIDBAVX6MAwDAMEAFfo4QMEAVfo+DAL
AwMCWXwDBARZfOAwDAMEAFl89QMEAll/+AMEAVl//gMEArn3NDANBAIAAjAHAwUA
IAFNaDANBgkqhkiG9w0BAQsFAAOCAQEAiLjoSVbf4EhOOQ/6kgrOy1lk+fVfCbca
lE0r48FPgG9x3l/xVuvcQh0Qq7NLAhldv/jyEa4p+d9tQdoODXMgsm+rp+NyLIcz
UggVAn7mhg6CYq5UOXTsCIZ0pKvklMCUZ0xHICNKlg2xrB4j6d7QHGCzM7LlGu/6
j/qBjb9t6wThQnL0XmgXWaLkmqAACG1ZR1/+DLUUn7SzYEzaMnKa28ItecZBRZ8f
Q6Gn2jAMK52whFBr98/68xk4mr554JevMuN1ZW92XQa78TnbVrMRnJuYLuhZTUiM
BB5YTU64xVUGfJldPJwEMlz+k8JdOIIgHPtn8prTNXs09djz1OqGQw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:22 2024 by rpki-client on console-ams.rpki-client.org