Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/48kwqfxoNjhquvIMObryJRyyywQ.roa
File: 48kwqfxoNjhquvIMObryJRyyywQ.roa (raw, json)
Hash identifier: 6AaGIUuzWCbG3uVByFsgUduYf5znZ7okoBF8ydPrTR0=
Subject key identifier: E3:C9:30:A9:FC:68:36:38:6A:BA:F2:0C:39:BA:F2:25:1C:B2:CB:04
Certificate issuer: /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial: 43A74F37
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/48kwqfxoNjhquvIMObryJRyyywQ.roa
Signing time: Sat 01 Jan 2022 14:00:57 +0000
ROA not before: Sat 01 Jan 2022 14:00:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43754
IP address blocks: 46.245.64.0/18 maxlen: 32
46.245.68.0/22 maxlen: 32
46.245.72.0/22 maxlen: 32
46.245.76.0/22 maxlen: 32
46.245.80.0/22 maxlen: 32
46.245.84.0/22 maxlen: 32
185.147.160.0/24 maxlen: 32
185.147.161.0/24 maxlen: 32
185.147.162.0/24 maxlen: 32
185.147.163.0/24 maxlen: 32
46.245.88.0/22 maxlen: 32
46.245.92.0/22 maxlen: 32
46.245.96.0/22 maxlen: 32
46.245.100.0/22 maxlen: 32
46.245.104.0/22 maxlen: 32
46.245.108.0/22 maxlen: 32
46.245.112.0/22 maxlen: 32
46.245.116.0/22 maxlen: 32
77.238.104.0/21 maxlen: 32
77.238.104.0/22 maxlen: 32
77.238.110.0/24 maxlen: 24
77.238.111.0/24 maxlen: 24
77.238.108.0/24 maxlen: 24
77.238.109.0/24 maxlen: 24
77.238.120.0/22 maxlen: 32
46.245.64.0/22 maxlen: 32
193.151.128.0/20 maxlen: 32
193.151.128.0/19 maxlen: 32
193.151.144.0/20 maxlen: 32
46.245.120.0/22 maxlen: 32
46.245.124.0/22 maxlen: 32
89.235.96.0/22 maxlen: 32
185.120.220.0/22 maxlen: 32
185.120.248.0/22 maxlen: 32
31.25.128.0/21 maxlen: 32
176.65.240.0/22 maxlen: 32
176.65.252.0/23 maxlen: 32
176.65.254.0/23 maxlen: 32
128.65.176.0/20 maxlen: 32
79.127.0.0/17 maxlen: 32
185.99.212.0/22 maxlen: 32
185.109.244.0/22 maxlen: 32
185.49.84.0/22 maxlen: 32
185.109.248.0/22 maxlen: 32
178.22.120.0/21 maxlen: 32
37.156.8.0/22 maxlen: 32
37.156.8.0/21 maxlen: 32
37.156.15.0/24 maxlen: 24
37.156.13.0/24 maxlen: 24
37.156.14.0/24 maxlen: 24
37.156.12.0/24 maxlen: 24
188.0.240.0/23 maxlen: 32
185.112.32.0/21 maxlen: 32
185.112.32.0/22 maxlen: 32
185.112.36.0/22 maxlen: 32
93.115.144.0/21 maxlen: 32
46.143.0.0/17 maxlen: 32
109.122.224.0/20 maxlen: 32
37.156.144.0/22 maxlen: 32
178.216.251.0/24 maxlen: 32
178.216.248.0/24 maxlen: 32
178.216.248.0/22 maxlen: 32
178.216.249.0/24 maxlen: 32
178.216.250.0/24 maxlen: 32
185.141.212.0/24 maxlen: 32
185.141.213.0/24 maxlen: 32
185.141.214.0/24 maxlen: 32
185.141.215.0/24 maxlen: 32
5.134.192.0/21 maxlen: 32
212.33.192.0/22 maxlen: 32
212.33.196.0/22 maxlen: 32
212.33.204.0/22 maxlen: 32
212.33.200.0/22 maxlen: 32
185.141.168.0/24 maxlen: 32
185.141.169.0/24 maxlen: 32
185.141.170.0/24 maxlen: 32
185.141.171.0/24 maxlen: 32
185.98.112.0/22 maxlen: 32
89.41.40.0/22 maxlen: 32
93.118.180.0/24 maxlen: 24
93.118.180.0/22 maxlen: 32
31.7.64.0/20 maxlen: 32
31.7.64.0/21 maxlen: 32
31.7.72.0/21 maxlen: 32
2a06:5484::/30 maxlen: 128
2a05:1a00::/26 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1135038263 (0x43a74f37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Validity
Not Before: Jan 1 14:00:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e3c930a9fc6836386abaf20c39baf2251cb2cb04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:89:84:3c:21:b4:17:03:f5:af:2c:3f:f5:42:
a6:6d:9d:dd:37:ba:d6:68:f8:a4:ff:62:e9:d3:43:
0e:70:5f:8d:20:b5:e2:8f:48:27:30:6e:9a:3e:b8:
5b:84:59:8b:b3:fb:2d:09:f2:3a:2e:07:d6:ab:9d:
50:07:ec:71:cf:e3:c5:b6:b8:34:bc:3e:31:04:38:
84:4a:e7:e8:1e:98:26:34:0a:f6:8f:d4:35:c6:e9:
c2:94:8b:d3:36:0b:02:58:a4:b9:47:35:05:f9:2c:
06:31:fe:7b:46:42:25:2b:5d:68:d6:30:ff:96:9a:
27:52:da:b8:28:07:4e:3a:61:a2:d0:f7:b4:7b:77:
b0:b2:6d:14:a5:70:6a:33:44:51:b8:56:57:e6:ba:
02:8e:11:18:9c:2d:59:0a:51:9e:91:f7:49:7b:06:
48:68:1c:92:16:0e:89:5d:54:0e:7c:f1:a4:a7:b7:
29:85:4e:cd:2f:b1:ce:f9:86:2e:60:17:0c:d2:44:
41:3d:33:b8:04:f0:d0:50:be:bd:3b:3e:7f:63:57:
e8:38:99:9f:40:b3:c1:5b:dd:29:1f:f7:b5:28:fd:
ad:4d:3b:cf:2e:15:79:10:5e:56:97:18:f2:a9:a1:
70:44:a8:d7:f4:2a:48:91:29:3e:ed:97:88:b3:74:
48:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:C9:30:A9:FC:68:36:38:6A:BA:F2:0C:39:BA:F2:25:1C:B2:CB:04
X509v3 Authority Key Identifier:
keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/48kwqfxoNjhquvIMObryJRyyywQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.192.0/21
31.7.64.0/20
31.25.128.0/21
37.156.8.0/21
37.156.144.0/22
46.143.0.0/17
46.245.64.0/18
77.238.104.0/21
77.238.120.0/22
79.127.0.0/17
89.41.40.0/22
89.235.96.0/22
93.115.144.0/21
93.118.180.0/22
109.122.224.0/20
128.65.176.0/20
176.65.240.0/22
176.65.252.0/22
178.22.120.0/21
178.216.248.0/22
185.49.84.0/22
185.98.112.0/22
185.99.212.0/22
185.109.244.0-185.109.251.255
185.112.32.0/21
185.120.220.0/22
185.120.248.0/22
185.141.168.0/22
185.141.212.0/22
185.147.160.0/22
188.0.240.0/23
193.151.128.0/19
212.33.192.0/20
IPv6:
2a05:1a00::/26
2a06:5484::/30
Signature Algorithm: sha256WithRSAEncryption
aa:bd:02:12:87:36:80:87:5a:74:86:11:74:2b:0c:97:1e:59:
38:56:eb:a7:66:85:8d:6c:5b:0b:8a:49:cc:68:31:18:87:d5:
5e:65:ef:ba:50:eb:24:6d:1f:ce:f6:ab:fa:26:50:1d:9b:ba:
f6:47:01:ac:12:72:f7:39:41:02:56:cb:e4:a1:f0:66:6e:7f:
b9:f2:06:dc:57:a0:cd:f2:96:c8:87:f7:a1:d8:31:be:d9:9c:
95:8f:44:d9:db:77:8a:a4:26:09:47:1c:99:d0:4c:4d:ff:17:
1c:e6:bd:75:70:7d:b8:3d:60:37:d4:30:29:9b:63:ab:a4:3c:
79:e9:8b:b1:5e:0a:e6:12:d6:1b:1a:82:bc:8c:e8:ad:b6:5f:
05:5e:4f:d5:54:f1:d1:0e:de:27:d8:d6:4f:e5:1a:76:96:f8:
9e:c9:bb:2c:a0:c9:f8:a6:77:20:81:63:8d:a4:46:41:f0:12:
99:04:08:ed:98:f3:0e:37:de:42:2e:09:6e:b4:f0:76:11:ed:
5f:2c:77:35:50:ea:5d:7a:8b:1e:94:88:5f:36:50:77:9c:2b:
70:82:82:97:88:6c:05:0b:17:27:79:8b:23:95:ee:1f:00:56:
27:09:39:2b:ca:34:ce:d2:0a:70:6e:75:bf:1b:09:bb:76:ca:
98:63:ea:6e
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgIEQ6dPNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YjUyNjM0YTJlYjAzZjg1NjViNWUzM2RjMmI5ZjQ5MDQxZjdjZmIwMB4XDTIyMDEw
MTE0MDA1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTNjOTMwYTlmYzY4
MzYzODZhYmFmMjBjMzliYWYyMjUxY2IyY2IwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKaJhDwhtBcD9a8sP/VCpm2d3Te61mj4pP9i6dNDDnBfjSC1
4o9IJzBumj64W4RZi7P7LQnyOi4H1qudUAfscc/jxba4NLw+MQQ4hErn6B6YJjQK
9o/UNcbpwpSL0zYLAlikuUc1BfksBjH+e0ZCJStdaNYw/5aaJ1LauCgHTjphotD3
tHt3sLJtFKVwajNEUbhWV+a6Ao4RGJwtWQpRnpH3SXsGSGgckhYOiV1UDnzxpKe3
KYVOzS+xzvmGLmAXDNJEQT0zuATw0FC+vTs+f2NX6DiZn0CzwVvdKR/3tSj9rU07
zy4VeRBeVpcY8qmhcESo1/QqSJEpPu2XiLN0SI0CAwEAAaOCAu0wggLpMB0GA1Ud
DgQWBBTjyTCp/Gg2OGq68gw5uvIlHLLLBDAfBgNVHSMEGDAWgBRbUmNKLrA/hWW1
4z3CufSQQffPsDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1cxSmpTaTZ3UDRWbHRlTTl3cm4wa0VIM3o3QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvN2E1YjQ0LTZiMTgtNDJkMy1hOGQ1LWRjNjU1NGZkMTIzNS8x
LzQ4a3dxZnhvTmpocXV2SU1PYnJ5SlJ5eXl3US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
N2E1YjQ0LTZiMTgtNDJkMy1hOGQ1LWRjNjU1NGZkMTIzNS8xL1cxSmpTaTZ3UDRW
bHRlTTl3cm4wa0VIM3o3QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AQEGCCsGAQUFBwEHAQH/BIHxMIHuMIHVBAIAATCBzgMEAwWGwAMEBB8HQAMEAx8Z
gAMEAyWcCAMEAiWckAMEBy6PAAMEBi71QAMEA03uaAMEAk3ueAMEB09/AAMEAlkp
KAMEAlnrYAMEA11zkAMEAl12tAMEBG164AMEBIBBsAMEArBB8AMEArBB/AMEA7IW
eAMEArLY+AMEArkxVAMEArlicAMEArlj1DAMAwQCuW30AwQCuW34AwQDuXAgAwQC
uXjcAwQCuXj4AwQCuY2oAwQCuY3UAwQCuZOgAwQBvADwAwQFwZeAAwQE1CHAMBQE
AgACMA4DBQYqBRoAAwUCKgZUhDANBgkqhkiG9w0BAQsFAAOCAQEAqr0CEoc2gIda
dIYRdCsMlx5ZOFbrp2aFjWxbC4pJzGgxGIfVXmXvulDrJG0fzvar+iZQHZu69kcB
rBJy9zlBAlbL5KHwZm5/ufIG3FegzfKWyIf3odgxvtmclY9E2dt3iqQmCUccmdBM
Tf8XHOa9dXB9uD1gN9QwKZtjq6Q8eemLsV4K5hLWGxqCvIzorbZfBV5P1VTx0Q7e
J9jWT+Uadpb4nsm7LKDJ+KZ3IIFjjaRGQfASmQQI7ZjzDjfeQi4JbrTwdhHtXyx3
NVDqXXqLHpSIXzZQd5wrcIKCl4hsBQsXJ3mLI5XuHwBWJwk5K8o0ztIKcG51vxsJ
u3bKmGPqbg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:07 2024 by rpki-client on console-fra.rpki-client.org