Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/7QcUgGMzbrtjHS9hmRKUyut3f5U.roa
File: 7QcUgGMzbrtjHS9hmRKUyut3f5U.roa (raw, json)
Hash identifier: CDwjpvrYwpvcR3QPtJPatWH4NrpT/bFaxKPF1SgNNEU=
Subject key identifier: ED:07:14:80:63:33:6E:BB:63:1D:2F:61:99:12:94:CA:EB:77:7F:95
Certificate issuer: /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial: 018895046131B3835834E1C314EB5B4F399C
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/7QcUgGMzbrtjHS9hmRKUyut3f5U.roa
Signing time: Wed 07 Jun 2023 08:41:12 +0000
ROA not before: Wed 07 Jun 2023 08:41:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43754
IP address blocks: 46.245.64.0/18 maxlen: 32
46.245.68.0/22 maxlen: 32
46.245.72.0/22 maxlen: 32
46.245.76.0/22 maxlen: 32
46.245.80.0/22 maxlen: 32
46.245.84.0/22 maxlen: 32
185.147.160.0/24 maxlen: 32
185.147.161.0/24 maxlen: 32
185.147.162.0/24 maxlen: 32
185.147.163.0/24 maxlen: 32
46.245.88.0/22 maxlen: 32
46.245.92.0/22 maxlen: 32
46.245.96.0/22 maxlen: 32
46.245.100.0/22 maxlen: 32
46.245.104.0/22 maxlen: 32
46.245.108.0/22 maxlen: 32
46.245.112.0/22 maxlen: 32
46.245.116.0/22 maxlen: 32
77.238.104.0/22 maxlen: 32
77.238.104.0/21 maxlen: 32
77.238.110.0/24 maxlen: 24
77.238.111.0/24 maxlen: 24
77.238.108.0/24 maxlen: 24
77.238.109.0/24 maxlen: 24
77.238.120.0/22 maxlen: 32
46.245.64.0/22 maxlen: 32
46.245.120.0/22 maxlen: 32
46.245.124.0/22 maxlen: 32
89.235.96.0/22 maxlen: 32
185.120.220.0/22 maxlen: 32
185.120.248.0/22 maxlen: 32
31.25.128.0/21 maxlen: 32
176.65.240.0/22 maxlen: 32
176.65.252.0/23 maxlen: 32
176.65.254.0/23 maxlen: 32
176.65.255.0/24 maxlen: 32
128.65.176.0/20 maxlen: 32
79.127.0.0/17 maxlen: 32
185.99.212.0/22 maxlen: 32
185.109.244.0/22 maxlen: 32
185.49.84.0/22 maxlen: 32
185.109.248.0/22 maxlen: 32
178.22.120.0/21 maxlen: 32
37.156.8.0/21 maxlen: 32
37.156.8.0/22 maxlen: 32
37.156.15.0/24 maxlen: 24
37.156.13.0/24 maxlen: 24
37.156.14.0/24 maxlen: 24
37.156.12.0/24 maxlen: 24
188.0.240.0/23 maxlen: 32
185.112.32.0/21 maxlen: 32
185.112.32.0/22 maxlen: 32
185.112.36.0/22 maxlen: 32
93.115.144.0/21 maxlen: 32
46.143.0.0/17 maxlen: 32
109.122.224.0/20 maxlen: 32
37.156.144.0/22 maxlen: 32
178.216.251.0/24 maxlen: 32
178.216.248.0/22 maxlen: 32
178.216.248.0/24 maxlen: 32
178.216.249.0/24 maxlen: 32
178.216.250.0/24 maxlen: 32
185.129.116.0/23 maxlen: 32
185.129.116.0/22 maxlen: 32
185.129.118.0/23 maxlen: 32
185.141.212.0/24 maxlen: 32
185.141.213.0/24 maxlen: 32
185.141.214.0/24 maxlen: 32
185.141.215.0/24 maxlen: 32
5.134.192.0/21 maxlen: 32
212.33.192.0/22 maxlen: 32
212.33.196.0/22 maxlen: 32
212.33.204.0/22 maxlen: 32
212.33.200.0/22 maxlen: 32
185.141.168.0/24 maxlen: 32
185.141.169.0/24 maxlen: 32
185.141.170.0/24 maxlen: 32
185.141.171.0/24 maxlen: 32
185.98.112.0/22 maxlen: 32
89.41.40.0/22 maxlen: 32
93.118.180.0/24 maxlen: 24
93.118.180.0/22 maxlen: 32
31.7.64.0/20 maxlen: 32
31.7.64.0/21 maxlen: 32
31.7.72.0/21 maxlen: 32
2a06:5484::/30 maxlen: 128
2a05:1a00::/26 maxlen: 128
2a05:1a10::/29 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:95:04:61:31:b3:83:58:34:e1:c3:14:eb:5b:4f:39:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Validity
Not Before: Jun 7 08:41:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed07148063336ebb631d2f61991294caeb777f95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:49:1e:d9:ac:48:a7:a8:31:92:b2:b7:18:aa:
f5:35:4a:56:59:e0:58:37:2c:bc:97:22:9c:70:33:
26:0e:37:54:e7:e8:a1:d1:f6:40:33:72:57:27:c4:
09:0f:e6:f8:76:04:4e:b8:ea:ae:67:73:26:00:c9:
5b:4d:c5:39:c9:96:d7:92:16:fe:3f:de:a4:98:e9:
e4:ee:9b:18:4f:33:a0:11:97:a9:a3:4e:e0:1d:7e:
c6:47:a9:92:6a:c8:8b:b9:cd:1b:ee:18:8e:c3:3f:
4c:cd:45:f9:ff:43:f3:b5:b8:dc:c6:77:42:ea:d1:
86:69:1c:60:98:cd:2c:ac:9d:ec:92:66:e6:66:31:
ed:80:37:6d:a1:35:40:58:9f:7c:0e:89:d3:58:2b:
7f:80:89:b7:b4:d7:6c:d2:67:05:08:28:78:2f:64:
72:0d:26:19:1b:f3:b4:21:ec:f6:40:43:50:c0:ff:
1a:1c:72:df:99:3d:4e:6f:29:45:82:3c:de:5d:e5:
b6:7e:96:08:f6:ec:40:ed:5d:56:62:8b:49:27:7a:
83:67:ff:8b:17:3c:3e:38:a4:ac:ad:68:27:a3:c6:
82:1f:84:0e:2f:16:7b:2b:5d:92:71:ab:cf:e0:90:
92:d1:56:10:6c:51:3a:52:71:e5:e7:b3:0b:6c:66:
42:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:07:14:80:63:33:6E:BB:63:1D:2F:61:99:12:94:CA:EB:77:7F:95
X509v3 Authority Key Identifier:
keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/7QcUgGMzbrtjHS9hmRKUyut3f5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.192.0/21
31.7.64.0/20
31.25.128.0/21
37.156.8.0/21
37.156.144.0/22
46.143.0.0/17
46.245.64.0/18
77.238.104.0/21
77.238.120.0/22
79.127.0.0/17
89.41.40.0/22
89.235.96.0/22
93.115.144.0/21
93.118.180.0/22
109.122.224.0/20
128.65.176.0/20
176.65.240.0/22
176.65.252.0/22
178.22.120.0/21
178.216.248.0/22
185.49.84.0/22
185.98.112.0/22
185.99.212.0/22
185.109.244.0-185.109.251.255
185.112.32.0/21
185.120.220.0/22
185.120.248.0/22
185.129.116.0/22
185.141.168.0/22
185.141.212.0/22
185.147.160.0/22
188.0.240.0/23
212.33.192.0/20
IPv6:
2a05:1a00::/26
2a06:5484::/30
Signature Algorithm: sha256WithRSAEncryption
9d:d7:66:53:e8:2c:ed:18:61:41:e3:56:f8:89:d3:ed:f4:7b:
4e:8b:3a:01:0c:5f:5c:34:26:22:e2:b3:9a:fa:09:5f:a9:41:
38:f6:96:0d:98:a8:7e:b9:95:80:e5:33:16:1d:3e:b0:dd:ee:
4d:47:80:9a:b1:bd:f8:bb:d2:8e:d3:4c:d5:97:df:9f:36:4b:
7f:7f:5c:0e:7c:e3:42:67:cf:db:7c:8c:4c:e7:98:b8:16:0c:
16:96:a4:ba:96:7c:f1:e3:ce:ef:ce:87:67:2b:67:6b:44:bb:
0c:9f:df:03:ad:3e:c4:4c:0a:0a:a3:e5:4f:74:38:10:f4:5e:
8a:37:72:41:47:c3:a7:e3:f6:58:f3:b1:b3:dd:95:c3:ea:a1:
4f:1b:f9:81:23:83:b4:8d:fc:dd:be:13:dc:35:2f:bd:a0:ce:
cf:a7:79:0d:0c:6b:d7:a7:28:93:26:5b:f9:97:6f:49:05:cf:
d0:8a:1d:e4:d0:fd:e8:ac:ad:99:0d:1c:32:87:b2:6a:ac:c0:
80:c2:a7:81:66:42:85:4d:0a:52:fa:30:bd:72:1d:f7:a0:a4:
ce:d9:b3:35:e6:b8:ab:6d:d0:0b:f9:fe:a4:f8:52:e6:99:ad:
48:cd:d9:db:76:5e:d1:7c:ac:2a:e7:b2:b8:05:68:c1:5f:01:
34:00:5a:13
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAYiVBGExs4NYNOHDFOtbTzmcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNTI2MzRhMmViMDNmODU2NWI1ZTMzZGMyYjlmNDkwNDFm
N2NmYjAwHhcNMjMwNjA3MDg0MTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDA3MTQ4MDYzMzM2ZWJiNjMxZDJmNjE5OTEyOTRjYWViNzc3Zjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUke2axIp6gxkrK3GKr1NUpWWeBY
Nyy8lyKccDMmDjdU5+ih0fZAM3JXJ8QJD+b4dgROuOquZ3MmAMlbTcU5yZbXkhb+
P96kmOnk7psYTzOgEZepo07gHX7GR6mSasiLuc0b7hiOwz9MzUX5/0PztbjcxndC
6tGGaRxgmM0srJ3skmbmZjHtgDdtoTVAWJ98DonTWCt/gIm3tNds0mcFCCh4L2Ry
DSYZG/O0Iez2QENQwP8aHHLfmT1ObylFgjzeXeW2fpYI9uxA7V1WYotJJ3qDZ/+L
Fzw+OKSsrWgno8aCH4QOLxZ7K12ScavP4JCS0VYQbFE6UnHl57MLbGZCeQIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFO0HFIBjM267Yx0vYZkSlMrrd3+VMB8GA1UdIwQY
MBaAFFtSY0ousD+FZbXjPcK59JBB98+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUt
ZGM2NTU0ZmQxMjM1LzEvN1FjVWdHTXpicnRqSFM5aG1SS1V5dXQzZjVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUtZGM2NTU0ZmQxMjM1
LzEvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgdUEAgABMIHOAwQD
BYbAAwQEHwdAAwQDHxmAAwQDJZwIAwQCJZyQAwQHLo8AAwQGLvVAAwQDTe5oAwQC
Te54AwQHT38AAwQCWSkoAwQCWetgAwQDXXOQAwQCXXa0AwQEbXrgAwQEgEGwAwQC
sEHwAwQCsEH8AwQDshZ4AwQCstj4AwQCuTFUAwQCuWJwAwQCuWPUMAwDBAK5bfQD
BAK5bfgDBAO5cCADBAK5eNwDBAK5ePgDBAK5gXQDBAK5jagDBAK5jdQDBAK5k6AD
BAG8APADBATUIcAwFAQCAAIwDgMFBioFGgADBQIqBlSEMA0GCSqGSIb3DQEBCwUA
A4IBAQCd12ZT6CztGGFB41b4idPt9HtOizoBDF9cNCYi4rOa+glfqUE49pYNmKh+
uZWA5TMWHT6w3e5NR4Casb34u9KO00zVl9+fNkt/f1wOfONCZ8/bfIxM55i4FgwW
lqS6lnzx487vzodnK2drRLsMn98DrT7ETAoKo+VPdDgQ9F6KN3JBR8On4/ZY87Gz
3ZXD6qFPG/mBI4O0jfzdvhPcNS+9oM7Pp3kNDGvXpyiTJlv5l29JBc/Qih3k0P3o
rK2ZDRwyh7JqrMCAwqeBZkKFTQpS+jC9ch33oKTO2bM15rirbdAL+f6k+FLmma1I
zdnbdl7RfKwq57K4BWjBXwE0AFoT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:08 2025 by rpki-client