Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/9DUBMjFlfzi22UQ4MaAMewi1kHY.roa
File: 9DUBMjFlfzi22UQ4MaAMewi1kHY.roa (raw, json)
Hash identifier: ddtjg363ceQRfwmateud6ETP81zFJlYh1o/r+6sGXiw=
Subject key identifier: F4:35:01:32:31:65:7F:38:B6:D9:44:38:31:A0:0C:7B:08:B5:90:76
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 0183A6839A8EB18FF989D6A46C088501849D
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/9DUBMjFlfzi22UQ4MaAMewi1kHY.roa
Signing time: Wed 05 Oct 2022 04:59:46 +0000
ROA not before: Wed 05 Oct 2022 04:59:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8447
IP address blocks: 212.183.0.0/17 maxlen: 17
80.75.56.0/21 maxlen: 21
192.164.128.0/19 maxlen: 19
178.188.0.0/14 maxlen: 14
93.82.0.0/15 maxlen: 15
213.33.63.0/24 maxlen: 24
188.45.0.0/16 maxlen: 16
192.164.64.0/21 maxlen: 21
193.187.216.0/21 maxlen: 21
193.187.224.0/20 maxlen: 20
192.164.80.0/20 maxlen: 20
91.112.0.0/14 maxlen: 14
193.187.240.0/22 maxlen: 22
192.164.96.0/19 maxlen: 19
213.33.0.0/17 maxlen: 17
80.75.34.0/24 maxlen: 24
80.75.32.0/19 maxlen: 19
192.164.224.0/19 maxlen: 19
88.116.0.0/15 maxlen: 15
93.111.0.0/16 maxlen: 16
195.3.64.0/18 maxlen: 18
188.20.0.0/14 maxlen: 14
89.144.192.0/18 maxlen: 18
46.74.0.0/15 maxlen: 15
194.48.124.0/22 maxlen: 22
194.48.128.0/21 maxlen: 21
194.48.136.0/22 maxlen: 22
194.48.136.0/24 maxlen: 24
192.164.208.0/20 maxlen: 20
176.66.0.0/18 maxlen: 18
80.240.224.0/20 maxlen: 20
192.164.0.0/19 maxlen: 19
88.116.217.0/24 maxlen: 24
192.164.32.0/22 maxlen: 22
192.164.40.0/21 maxlen: 21
192.164.39.0/24 maxlen: 24
176.66.128.0/17 maxlen: 17
192.164.48.0/20 maxlen: 20
92.248.0.0/17 maxlen: 17
84.20.160.0/19 maxlen: 19
80.120.0.0/14 maxlen: 14
46.206.0.0/15 maxlen: 15
62.46.0.0/15 maxlen: 15
2001:4bb8::/29 maxlen: 29
2001:890::/29 maxlen: 29
2001:870::/29 maxlen: 29
2001:850::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a6:83:9a:8e:b1:8f:f9:89:d6:a4:6c:08:85:01:84:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Oct 5 04:59:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f435013231657f38b6d9443831a00c7b08b59076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6f:c2:7a:91:8f:96:55:ff:d7:36:0c:7b:51:
c1:fd:d3:92:5f:2d:37:a1:ee:8a:ef:fb:bb:e0:26:
b6:e1:be:31:8d:53:92:31:b6:5a:2b:15:4f:7b:4b:
09:fe:ee:31:13:69:e2:6f:e8:e8:90:cd:bd:5f:8e:
0e:b8:09:0c:21:23:93:08:28:76:fa:36:ed:2f:26:
ef:e2:33:68:32:19:51:af:6d:24:ef:c1:94:f7:11:
30:bf:7f:f8:b3:6c:a5:d0:d9:df:91:c4:10:25:c1:
e5:e2:d2:0b:08:ce:bf:5a:34:25:89:b2:81:38:50:
f1:0b:e3:15:80:b1:94:f7:47:e6:bb:1f:27:5d:53:
85:4d:cd:d2:b8:6f:7e:25:ad:36:89:c5:a3:00:6b:
39:06:93:8d:b6:58:d7:70:82:d3:df:69:54:f3:4a:
47:6c:7e:0d:25:59:3c:f6:ea:fe:ba:ad:7c:02:9d:
1f:13:73:38:08:77:43:8e:a4:0d:0a:0c:77:fc:90:
a9:35:8c:3a:14:0d:95:01:ea:13:57:e9:c1:ca:d1:
0f:6b:51:c5:db:d1:a7:fd:cd:e7:fc:9e:16:7b:03:
4b:ef:2b:66:f6:31:67:fd:5c:13:00:99:51:b7:1c:
81:b7:e7:06:25:ff:5c:27:1a:0f:23:f0:b3:67:84:
53:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:35:01:32:31:65:7F:38:B6:D9:44:38:31:A0:0C:7B:08:B5:90:76
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/9DUBMjFlfzi22UQ4MaAMewi1kHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.74.0.0/15
46.206.0.0/15
62.46.0.0/15
80.75.32.0/19
80.120.0.0/14
80.240.224.0/20
84.20.160.0/19
88.116.0.0/15
89.144.192.0/18
91.112.0.0/14
92.248.0.0/17
93.82.0.0/15
93.111.0.0/16
176.66.0.0/18
176.66.128.0/17
178.188.0.0/14
188.20.0.0/14
188.45.0.0/16
192.164.0.0-192.164.35.255
192.164.39.0-192.164.71.255
192.164.80.0-192.164.159.255
192.164.208.0-192.164.255.255
193.187.216.0-193.187.243.255
194.48.124.0-194.48.139.255
195.3.64.0/18
212.183.0.0/17
213.33.0.0/17
IPv6:
2001:850::/29
2001:870::/29
2001:890::/29
2001:4bb8::/29
Signature Algorithm: sha256WithRSAEncryption
33:dd:87:15:38:6f:81:78:f7:fd:18:d5:74:f6:71:5c:be:af:
1c:b4:50:13:d1:31:ad:ba:b6:1a:74:d8:a2:99:f3:88:72:94:
53:4c:7c:8d:8b:aa:b5:6d:07:46:f2:8e:4f:63:49:77:ee:01:
50:a7:91:c7:2f:5c:10:c0:dc:6d:70:03:b7:68:1b:9c:59:ed:
d5:6d:12:cc:90:ad:78:f5:8e:93:f2:b6:35:e5:67:2e:2a:cc:
d7:1d:6a:e7:72:ab:2c:6a:72:fe:3c:e6:01:31:24:73:6c:1e:
28:f3:1d:ea:14:19:bd:53:36:20:6a:a6:2e:db:38:0c:1c:0e:
71:c2:b6:01:8e:2d:78:0c:a5:1b:b9:60:2d:9e:01:ae:55:6f:
45:93:ef:a7:99:6d:75:f1:f2:51:4e:51:1b:ed:ce:19:50:0b:
5f:e3:07:d1:03:50:e1:c3:83:6f:29:fa:64:ff:22:81:62:17:
5d:4b:6d:76:80:1b:4b:5b:45:27:dd:8c:a6:6b:61:32:3d:d2:
c6:f9:16:89:69:90:69:f9:5b:80:37:73:a1:14:38:e9:6d:43:
a2:4d:7f:61:62:9e:02:b8:7d:16:6e:3b:2c:fc:27:fb:e9:a0:
92:ff:f3:78:c2:fd:36:c7:5b:ba:79:51:4a:81:14:5b:97:a8:
4f:03:4f:29
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgISAYOmg5qOsY/5idakbAiFAYSdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjIxMDA1MDQ1OTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDM1MDEzMjMxNjU3ZjM4YjZkOTQ0MzgzMWEwMGM3YjA4YjU5MDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxG/CepGPllX/1zYMe1HB/dOSXy03
oe6K7/u74Ca24b4xjVOSMbZaKxVPe0sJ/u4xE2nib+jokM29X44OuAkMISOTCCh2
+jbtLybv4jNoMhlRr20k78GU9xEwv3/4s2yl0NnfkcQQJcHl4tILCM6/WjQlibKB
OFDxC+MVgLGU90fmux8nXVOFTc3SuG9+Ja02icWjAGs5BpONtljXcILT32lU80pH
bH4NJVk89ur+uq18Ap0fE3M4CHdDjqQNCgx3/JCpNYw6FA2VAeoTV+nBytEPa1HF
29Gn/c3n/J4WewNL7ytm9jFn/VwTAJlRtxyBt+cGJf9cJxoPI/CzZ4RTOwIDAQAB
o4IC8jCCAu4wHQYDVR0OBBYEFPQ1ATIxZX84ttlEODGgDHsItZB2MB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvOURVQk1qRmxmemkyMlVRNE1hQU1ld2kxa0hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBgYIKwYBBQUHAQcBAf8EgfYwgfMwgcwEAgABMIHFAwMB
LkoDAwEuzgMDAT4uAwQFUEsgAwMCUHgDBARQ8OADBAVUFKADAwFYdAMEBlmQwAMD
AltwAwQHXPgAAwMBXVIDAwBdbwMEBrBCAAMEB7BCgAMDArK8AwMCvBQDAwC8LTAL
AwMCwKQDBALApCAwDAMEAMCkJwMEA8CkQDAMAwQEwKRQAwQFwKSAMAsDBATApNAD
AwDApDAMAwQDwbvYAwQCwbvwMAwDBALCMHwDBALCMIgDBAbDA0ADBAfUtwADBAfV
IQAwIgQCAAIwHAMFAyABCFADBQMgAQhwAwUDIAEIkAMFAyABS7gwDQYJKoZIhvcN
AQELBQADggEBADPdhxU4b4F49/0Y1XT2cVy+rxy0UBPRMa26thp02KKZ84hylFNM
fI2LqrVtB0byjk9jSXfuAVCnkccvXBDA3G1wA7doG5xZ7dVtEsyQrXj1jpPytjXl
Zy4qzNcdaudyqyxqcv485gExJHNsHijzHeoUGb1TNiBqpi7bOAwcDnHCtgGOLXgM
pRu5YC2eAa5Vb0WT76eZbXXx8lFOURvtzhlQC1/jB9EDUOHDg28p+mT/IoFiF11L
bXaAG0tbRSfdjKZrYTI90sb5FolpkGn5W4A3c6EUOOltQ6JNf2FingK4fRZuOyz8
J/vpoJL/83jC/TbHW7p5UUqBFFuXqE8DTyk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:38 2024 by rpki-client on console-fra.rpki-client.org