Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/23p4Jb-1COpKNuLC-su3ZhuEubo.roa
File: 23p4Jb-1COpKNuLC-su3ZhuEubo.roa (raw, json)
Hash identifier: H9HVKWhZLhNs4xtUo1uRKrDwLuCT3kzJhcPUAlSNAGo=
Subject key identifier: DB:7A:78:25:BF:B5:08:EA:4A:36:E2:C2:FA:CB:B7:66:1B:84:B9:BA
Certificate issuer: /CN=d79785de62dcf9e7930babd7b1d39c5853d1944f
Certificate serial: 33BA0B87
Authority key identifier: D7:97:85:DE:62:DC:F9:E7:93:0B:AB:D7:B1:D3:9C:58:53:D1:94:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/23p4Jb-1COpKNuLC-su3ZhuEubo.roa
Signing time: Sat 01 Jan 2022 04:55:48 +0000
ROA not before: Sat 01 Jan 2022 04:55:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43996
IP address blocks: 5.57.17.0/24 maxlen: 24
5.57.16.0/22 maxlen: 22
5.57.16.0/21 maxlen: 21
5.57.16.0/24 maxlen: 24
5.57.23.0/24 maxlen: 24
5.57.18.0/24 maxlen: 24
5.57.22.0/24 maxlen: 24
5.57.19.0/24 maxlen: 24
37.10.4.0/24 maxlen: 24
37.10.4.0/22 maxlen: 22
37.10.0.0/24 maxlen: 24
37.10.5.0/24 maxlen: 24
37.10.6.0/24 maxlen: 24
37.10.7.0/24 maxlen: 24
37.10.24.0/24 maxlen: 24
37.10.24.0/23 maxlen: 23
185.28.223.0/24 maxlen: 24
185.28.221.0/24 maxlen: 24
185.28.222.0/24 maxlen: 24
185.28.220.0/24 maxlen: 24
185.28.220.0/23 maxlen: 23
91.206.232.0/23 maxlen: 23
91.206.232.0/24 maxlen: 24
91.206.233.0/24 maxlen: 24
37.10.26.0/24 maxlen: 24
37.10.25.0/24 maxlen: 24
37.10.27.0/24 maxlen: 24
37.10.28.0/24 maxlen: 24
37.10.38.0/24 maxlen: 24
37.10.33.0/24 maxlen: 24
37.10.32.0/24 maxlen: 24
37.10.36.0/24 maxlen: 24
37.10.37.0/24 maxlen: 24
37.10.34.0/24 maxlen: 24
37.10.35.0/24 maxlen: 24
37.10.57.0/24 maxlen: 24
37.10.58.0/24 maxlen: 24
37.10.56.0/23 maxlen: 23
37.10.56.0/24 maxlen: 24
37.10.60.0/23 maxlen: 23
37.10.60.0/24 maxlen: 24
37.10.61.0/24 maxlen: 24
37.10.63.0/24 maxlen: 24
91.195.237.0/24 maxlen: 24
91.195.236.0/24 maxlen: 24
2a01:5040:40::/48 maxlen: 48
2a01:5040:1000::/48 maxlen: 48
2a01:5040::/48 maxlen: 48
2a01:5040:a100::/48 maxlen: 48
2a01:5040:a000::/48 maxlen: 48
2a01:5040:2000::/48 maxlen: 48
2a01:5042:202::/48 maxlen: 48
2a01:5041:200::/40 maxlen: 40
2a01:5041:100::/40 maxlen: 40
2a01:5042:100::/40 maxlen: 40
2a01:5042:200::/40 maxlen: 40
2a01:5042::/32 maxlen: 32
2a01:5041:2002::/48 maxlen: 48
2a01:5041:2::/48 maxlen: 48
2a01:5043::/32 maxlen: 32
2a01:5043:2000::/36 maxlen: 36
2a01:5040:6000::/36 maxlen: 36
2a01:5040:2000::/36 maxlen: 36
2a01:5040:a000::/36 maxlen: 36
2a01:5040::/36 maxlen: 36
2a01:5040:1000::/36 maxlen: 36
2a01:5040:2020::/48 maxlen: 48
2a01:5040:20::/48 maxlen: 48
2a01:5040:1020::/48 maxlen: 48
2a01:5041:2001::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 867830663 (0x33ba0b87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79785de62dcf9e7930babd7b1d39c5853d1944f
Validity
Not Before: Jan 1 04:55:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db7a7825bfb508ea4a36e2c2facbb7661b84b9ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:38:b8:b0:c6:14:c2:f4:5f:07:26:67:a5:83:
a5:b9:c8:2b:dc:6c:e4:8f:09:39:1f:eb:db:84:bf:
6f:35:c3:fd:ea:c4:aa:16:8f:b6:c2:50:ec:05:8d:
43:44:e5:ad:fb:57:d5:83:ea:46:a6:e2:27:da:f3:
74:9b:5e:4a:38:c3:7c:9a:9b:40:e2:bb:6b:7d:4e:
e2:80:45:e9:e0:35:c6:30:b7:7c:a6:fc:57:42:60:
cb:ae:dc:8f:87:2a:e4:02:81:c9:6d:5c:45:6c:3f:
17:0a:31:50:c3:71:df:b9:a2:7f:a7:fc:b8:a6:e7:
21:b1:bc:a7:55:2a:ac:7f:e1:c2:af:64:b4:a1:b0:
2f:c4:0d:f2:e1:f9:57:91:ba:9f:28:5e:da:e5:df:
43:10:11:46:0d:e6:20:8f:1c:90:09:9f:25:38:c7:
82:81:7f:2f:37:ad:b1:83:a6:4f:4f:b8:b2:d4:af:
2b:b8:89:a7:d3:6b:60:28:15:b7:19:43:59:3d:0a:
0e:d7:18:08:d7:1c:4a:d9:39:01:77:d2:58:68:19:
1b:44:63:5f:a3:6e:c6:08:82:d8:63:c9:2c:04:70:
c4:35:75:d0:a1:aa:39:9e:e7:74:db:dc:f1:ee:d6:
9a:db:9e:f8:15:58:ca:78:fa:4c:32:4a:f3:12:34:
0c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:7A:78:25:BF:B5:08:EA:4A:36:E2:C2:FA:CB:B7:66:1B:84:B9:BA
X509v3 Authority Key Identifier:
keyid:D7:97:85:DE:62:DC:F9:E7:93:0B:AB:D7:B1:D3:9C:58:53:D1:94:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/23p4Jb-1COpKNuLC-su3ZhuEubo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/15eF3mLc-eeTC6vXsdOcWFPRlE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.16.0/21
37.10.0.0/24
37.10.4.0/22
37.10.24.0-37.10.28.255
37.10.32.0-37.10.38.255
37.10.56.0-37.10.58.255
37.10.60.0/23
37.10.63.0/24
91.195.236.0/23
91.206.232.0/23
185.28.220.0/22
IPv6:
2a01:5040::-2a01:5040:2fff:ffff:ffff:ffff:ffff:ffff
2a01:5040:6000::/36
2a01:5040:a000::/36
2a01:5041:2::/48
2a01:5041:100::-2a01:5041:2ff:ffff:ffff:ffff:ffff:ffff
2a01:5041:2001::-2a01:5041:2002:ffff:ffff:ffff:ffff:ffff
2a01:5042::/31
Signature Algorithm: sha256WithRSAEncryption
ec:5b:af:c8:3d:f2:65:88:b1:e8:1f:cf:d2:7a:06:bb:46:79:
27:4c:05:76:d9:59:f4:a8:d0:92:15:76:3b:8a:ef:12:c4:cd:
59:38:95:9a:f4:9f:9f:dc:39:dd:27:e4:8a:d4:0c:5b:70:b4:
f2:db:59:1e:6e:61:28:73:52:6a:b0:7f:fe:32:4e:da:a9:5a:
e0:49:9e:f8:46:cb:90:58:d6:df:ed:20:12:5e:28:e8:0f:43:
f7:ae:f9:e9:85:f5:eb:e1:95:3e:44:f1:e4:32:ee:e6:ed:e1:
97:fe:bc:20:f4:07:dc:66:5c:8c:89:19:20:c3:a2:84:ec:b0:
c4:d1:3d:98:0b:e7:37:35:9c:fc:96:57:4e:6a:aa:cd:f4:08:
f0:3d:33:91:84:71:2f:b0:56:70:8c:b8:11:97:92:78:06:d9:
61:4a:06:d6:27:91:eb:e4:5e:18:0f:7f:5f:88:b4:62:9e:51:
0e:45:86:e5:9c:6f:c5:ca:05:ab:cb:00:68:67:3d:73:fc:65:
17:0d:7e:16:d8:68:ea:58:2b:21:71:da:75:97:1a:87:d4:67:
11:8e:88:ad:f4:5c:f3:7e:3c:3e:00:a0:04:f1:60:bc:84:c5:
60:f3:2e:10:5e:7d:c4:21:bd:a7:cc:93:ab:8b:39:b1:dd:10:
c7:e6:9e:4e
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgIEM7oLhzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Nzk3ODVkZTYyZGNmOWU3OTMwYmFiZDdiMWQzOWM1ODUzZDE5NDRmMB4XDTIyMDEw
MTA0NTU0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGI3YTc4MjViZmI1
MDhlYTRhMzZlMmMyZmFjYmI3NjYxYjg0YjliYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIs4uLDGFML0XwcmZ6WDpbnIK9xs5I8JOR/r24S/bzXD/erE
qhaPtsJQ7AWNQ0TlrftX1YPqRqbiJ9rzdJteSjjDfJqbQOK7a31O4oBF6eA1xjC3
fKb8V0Jgy67cj4cq5AKByW1cRWw/FwoxUMNx37mif6f8uKbnIbG8p1UqrH/hwq9k
tKGwL8QN8uH5V5G6nyhe2uXfQxARRg3mII8ckAmfJTjHgoF/LzetsYOmT0+4stSv
K7iJp9NrYCgVtxlDWT0KDtcYCNccStk5AXfSWGgZG0RjX6NuxgiC2GPJLARwxDV1
0KGqOZ7ndNvc8e7Wmtue+BVYynj6TDJK8xI0DCcCAwEAAaOCAr8wggK7MB0GA1Ud
DgQWBBTbenglv7UI6ko24sL6y7dmG4S5ujAfBgNVHSMEGDAWgBTXl4XeYtz555ML
q9ex05xYU9GUTzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzE1ZUYzbUxjLWVlVEM2dlhzZE9jV0ZQUmxFOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvN2Y5NzI4LTk1NTktNDI2My1iY2ZhLTc1ODU1ZGI3MTUxZi8x
LzIzcDRKYi0xQ09wS051TEMtc3UzWmh1RXViby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
N2Y5NzI4LTk1NTktNDI2My1iY2ZhLTc1ODU1ZGI3MTUxZi8xLzE1ZUYzbUxjLWVl
VEM2dlhzZE9jV0ZQUmxFOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
1AYIKwYBBQUHAQcBAf8EgcQwgcEwYAQCAAEwWgMEAwU5EAMEACUKAAMEAiUKBDAM
AwQDJQoYAwQAJQocMAwDBAUlCiADBAAlCiYwDAMEAyUKOAMEACUKOgMEASUKPAME
ACUKPwMEAVvD7AMEAVvO6AMEArkc3DBdBAIAAjBXMA8DBQYqAVBAAwYEKgFQQCAD
BgQqAVBAYAMGBCoBUECgAwcAKgFQQQACMBADBgAqAVBBAQMGACoBUEECMBIDBwAq
AVBBIAEDBwAqAVBBIAIDBQEqAVBCMA0GCSqGSIb3DQEBCwUAA4IBAQDsW6/IPfJl
iLHoH8/Sega7RnknTAV22Vn0qNCSFXY7iu8SxM1ZOJWa9J+f3DndJ+SK1AxbcLTy
21kebmEoc1JqsH/+Mk7aqVrgSZ74RsuQWNbf7SASXijoD0P3rvnphfXr4ZU+RPHk
Mu7m7eGX/rwg9AfcZlyMiRkgw6KE7LDE0T2YC+c3NZz8lldOaqrN9AjwPTORhHEv
sFZwjLgRl5J4BtlhSgbWJ5Hr5F4YD39fiLRinlEORYblnG/FygWrywBoZz1z/GUX
DX4W2GjqWCshcdp1lxqH1GcRjoit9Fzzfjw+AKAE8WC8hMVg8y4QXn3EIb2nzJOr
izmx3RDH5p5O
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:09 2023 by rpki-client on console-ams.rpki-client.org