Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/tXwdcaUcDMzABF5EnKUsOmWrjrc.roa
File: tXwdcaUcDMzABF5EnKUsOmWrjrc.roa (raw, json)
Hash identifier: shTU4uNWZt59eLCbj9wwT6kGxS+IeoawfEHSIycUt6k=
Subject key identifier: B5:7C:1D:71:A5:1C:0C:CC:C0:04:5E:44:9C:A5:2C:3A:65:AB:8E:B7
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 0188CEEB8FC60ACB6F1BF66E271ECA97D322
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/tXwdcaUcDMzABF5EnKUsOmWrjrc.roa
Signing time: Sun 18 Jun 2023 14:32:04 +0000
ROA not before: Sun 18 Jun 2023 14:32:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58305
IP address blocks: 198.105.124.0/23 maxlen: 24
45.43.64.0/19 maxlen: 24
45.43.74.0/23 maxlen: 24
45.43.80.0/22 maxlen: 24
198.105.96.0/19 maxlen: 24
198.105.116.0/23 maxlen: 24
155.254.32.0/22 maxlen: 24
155.254.32.0/19 maxlen: 24
155.254.48.0/23 maxlen: 23
155.254.63.0/24 maxlen: 24
155.254.61.0/24 maxlen: 24
107.161.160.0/24 maxlen: 24
107.161.165.0/24 maxlen: 24
107.161.161.0/24 maxlen: 24
107.161.162.0/24 maxlen: 24
107.161.163.0/24 maxlen: 24
107.161.164.0/24 maxlen: 24
107.161.172.0/24 maxlen: 24
107.161.168.0/24 maxlen: 24
107.161.169.0/24 maxlen: 24
107.161.170.0/24 maxlen: 24
107.161.171.0/24 maxlen: 24
107.181.128.0/19 maxlen: 24
162.220.240.0/24 maxlen: 24
162.220.242.0/24 maxlen: 24
162.220.240.0/21 maxlen: 24
162.220.241.0/24 maxlen: 24
113.20.156.0/22 maxlen: 24
107.161.173.0/24 maxlen: 24
107.161.174.0/23 maxlen: 24
162.217.248.0/24 maxlen: 24
162.217.249.0/24 maxlen: 24
162.217.250.0/24 maxlen: 24
162.217.251.0/24 maxlen: 24
2a05:9f40::/29 maxlen: 48
2a07:9944:20::/48 maxlen: 48
2a07:9942:39d7::/48 maxlen: 48
2a07:9944:1111::/48 maxlen: 48
2a07:9944:2222::/48 maxlen: 48
2a07:9940::/29 maxlen: 48
2a07:9944:10::/48 maxlen: 48
2a07:9944:30::/48 maxlen: 48
2a02:2ca7:2e::/48 maxlen: 48
2a07:9942:39d6::/48 maxlen: 48
2a02:2ca0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ce:eb:8f:c6:0a:cb:6f:1b:f6:6e:27:1e:ca:97:d3:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jun 18 14:32:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b57c1d71a51c0cccc0045e449ca52c3a65ab8eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:57:2b:fc:c3:20:3f:6c:1b:92:82:55:c7:ed:
1d:fb:99:7c:5f:cd:93:77:bb:ec:94:bf:15:28:0b:
df:e3:10:24:67:53:6e:ce:a1:55:f8:ed:24:0c:4d:
48:e5:34:90:e5:c7:ed:72:80:29:02:f5:7c:48:6e:
80:71:42:da:54:44:e1:00:8b:e5:9c:f2:60:64:51:
89:ab:af:f2:34:5d:98:d3:96:c9:64:75:23:4d:07:
73:0b:83:bb:de:6d:e4:9d:c2:38:93:0f:ff:96:91:
17:71:c3:31:db:1d:1a:99:b0:6b:96:d3:2c:28:27:
cd:d2:04:3e:80:5f:d1:e9:f5:84:0c:db:d2:e6:77:
7c:b1:22:c8:c4:e2:89:c7:9a:a2:2f:93:96:7a:4c:
26:08:99:49:e2:ac:10:a9:6f:82:bd:19:9a:fe:97:
7b:9c:32:f5:be:63:06:8a:77:ee:1d:18:09:90:dd:
33:63:2a:7c:61:af:8b:ec:31:e9:23:cd:e5:1a:b8:
d0:7a:c4:a1:55:24:88:68:aa:4a:0d:b3:5c:1b:32:
1c:a0:48:7e:dc:73:2d:85:88:2d:74:5c:20:ae:11:
c7:0c:2e:56:ff:5b:fc:b7:63:90:f7:80:4f:6e:b3:
32:86:32:db:e0:61:c6:db:b6:cf:61:6d:ec:fa:15:
a7:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:7C:1D:71:A5:1C:0C:CC:C0:04:5E:44:9C:A5:2C:3A:65:AB:8E:B7
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/tXwdcaUcDMzABF5EnKUsOmWrjrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.64.0/19
107.161.160.0-107.161.165.255
107.161.168.0/21
107.181.128.0/19
113.20.156.0/22
155.254.32.0/19
162.217.248.0/22
162.220.240.0/21
198.105.96.0/19
IPv6:
2a02:2ca0::/29
2a05:9f40::/29
2a07:9940::/29
Signature Algorithm: sha256WithRSAEncryption
60:b0:76:97:8a:0a:33:7d:e8:35:9b:ab:79:2a:e7:58:c9:ed:
b9:3d:79:48:ce:76:c0:1b:69:bf:4a:37:36:18:da:54:7f:3f:
3a:37:93:dd:24:9a:2e:e1:0f:a5:fb:22:cc:cc:61:ab:8b:79:
fc:63:7c:92:00:94:db:b2:be:46:28:25:ea:67:13:a0:49:02:
f3:9f:9c:a7:39:fc:14:82:86:54:1d:72:a2:ce:38:3b:e3:75:
f6:e4:e0:44:f6:50:16:4f:d3:c3:e9:bf:ad:78:e2:e6:df:a2:
cc:f4:da:0d:3f:30:e7:15:b7:84:ac:31:aa:1d:e3:2a:aa:1d:
42:af:6b:38:3b:a6:35:f4:9e:7c:9e:1a:81:a6:52:22:e9:f6:
58:23:ca:66:c2:ae:83:b9:23:bb:24:ac:2f:e0:24:4f:95:ca:
ae:10:62:67:7f:8d:c3:11:54:1a:65:98:99:58:d0:8a:86:16:
3a:cc:21:7c:bf:f4:e6:88:60:ce:bd:59:e3:ff:50:7e:0e:cf:
45:15:8b:38:6a:57:6c:38:9b:c8:70:8f:37:c1:b9:29:58:5b:
d7:12:f8:26:cf:f1:67:17:88:d5:00:9c:4c:d3:cb:bc:08:68:
66:d9:6a:5a:d5:40:01:71:3e:63:e1:e2:80:5d:85:e9:4f:7d:
d8:e0:02:17
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYjO64/GCstvG/ZuJx7Kl9MiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjMwNjE4MTQzMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTdjMWQ3MWE1MWMwY2NjYzAwNDVlNDQ5Y2E1MmMzYTY1YWI4ZWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFcr/MMgP2wbkoJVx+0d+5l8X82T
d7vslL8VKAvf4xAkZ1NuzqFV+O0kDE1I5TSQ5cftcoApAvV8SG6AcULaVEThAIvl
nPJgZFGJq6/yNF2Y05bJZHUjTQdzC4O73m3kncI4kw//lpEXccMx2x0ambBrltMs
KCfN0gQ+gF/R6fWEDNvS5nd8sSLIxOKJx5qiL5OWekwmCJlJ4qwQqW+CvRma/pd7
nDL1vmMGinfuHRgJkN0zYyp8Ya+L7DHpI83lGrjQesShVSSIaKpKDbNcGzIcoEh+
3HMthYgtdFwgrhHHDC5W/1v8t2OQ94BPbrMyhjLb4GHG27bPYW3s+hWnCQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFLV8HXGlHAzMwAReRJylLDplq463MB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvdFh3ZGNhVWNETXpBQkY1RW5LVXNPbVdyanJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBEBAIAATA+AwQFLStAMAwD
BAVroaADBAFroaQDBANroagDBAVrtYADBAJxFJwDBAWb/iADBAKi2fgDBAOi3PAD
BAXGaWAwGwQCAAIwFQMFAyoCLKADBQMqBZ9AAwUDKgeZQDANBgkqhkiG9w0BAQsF
AAOCAQEAYLB2l4oKM33oNZureSrnWMntuT15SM52wBtpv0o3NhjaVH8/OjeT3SSa
LuEPpfsizMxhq4t5/GN8kgCU27K+Rigl6mcToEkC85+cpzn8FIKGVB1yos44O+N1
9uTgRPZQFk/Tw+m/rXji5t+izPTaDT8w5xW3hKwxqh3jKqodQq9rODumNfSefJ4a
gaZSIun2WCPKZsKug7kjuySsL+AkT5XKrhBiZ3+NwxFUGmWYmVjQioYWOswhfL/0
5ohgzr1Z4/9Qfg7PRRWLOGpXbDibyHCPN8G5KVhb1xL4Js/xZxeI1QCcTNPLvAho
ZtlqWtVAAXE+Y+HigF2F6U992OACFw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:08 2025 by rpki-client