Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/aaTRLDq0Zs45YsQpSHRWjJEjJaw.roa
File: aaTRLDq0Zs45YsQpSHRWjJEjJaw.roa (raw, json)
Hash identifier: hKGc90HiVLNWHuQGZXqLNWeqfSF6l8PuT19PikBtnc8=
Subject key identifier: 69:A4:D1:2C:3A:B4:66:CE:39:62:C4:29:48:74:56:8C:91:23:25:AC
Certificate issuer: /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial: 43A562A2
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/aaTRLDq0Zs45YsQpSHRWjJEjJaw.roa
Signing time: Sat 01 Jan 2022 14:00:56 +0000
ROA not before: Sat 01 Jan 2022 14:00:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41689
IP address blocks: 188.0.240.0/23 maxlen: 32
185.112.36.0/22 maxlen: 32
185.112.32.0/22 maxlen: 32
77.238.120.0/22 maxlen: 32
93.115.144.0/21 maxlen: 32
46.143.0.0/17 maxlen: 32
37.156.144.0/22 maxlen: 32
89.235.96.0/22 maxlen: 32
185.120.220.0/22 maxlen: 32
185.120.248.0/22 maxlen: 32
176.65.240.0/22 maxlen: 32
31.25.128.0/21 maxlen: 32
176.65.252.0/23 maxlen: 32
176.65.254.0/23 maxlen: 32
128.65.176.0/20 maxlen: 32
185.141.171.99/32 maxlen: 32
79.127.0.0/17 maxlen: 32
185.98.112.0/22 maxlen: 32
89.41.40.0/22 maxlen: 32
93.118.180.0/22 maxlen: 32
185.99.212.0/22 maxlen: 32
185.109.244.0/22 maxlen: 32
185.49.84.0/22 maxlen: 32
185.109.248.0/22 maxlen: 32
31.7.64.0/20 maxlen: 32
178.22.120.0/21 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1134912162 (0x43a562a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Validity
Not Before: Jan 1 14:00:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69a4d12c3ab466ce3962c4294874568c912325ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:12:8b:48:af:57:20:db:3a:fd:0c:5c:a9:30:
35:d7:58:4f:4b:83:33:e4:50:5f:94:6f:6d:f9:ef:
7e:2d:bd:a1:f8:8f:ee:32:37:4d:20:57:67:ee:88:
d5:75:c5:fb:88:aa:f2:40:fc:9e:37:fc:7e:07:22:
12:0d:9f:bf:d8:dd:26:87:b7:8a:e8:83:8c:af:77:
3e:5b:ba:b3:83:0b:71:39:96:ea:d0:9a:32:5f:4e:
76:5c:14:e9:c7:16:d1:e1:cd:05:e4:03:64:52:7c:
64:d6:05:fa:28:76:1d:fc:1e:ac:88:29:39:d5:01:
38:38:61:fb:0c:16:39:03:d7:99:1d:73:2d:d0:2a:
91:03:66:80:b1:7f:19:fd:79:30:d3:a6:4c:0d:b2:
e0:66:a0:95:90:fc:09:98:d8:de:86:90:b1:9d:4a:
04:77:18:7d:49:09:db:c3:b1:b1:cf:44:8b:8a:95:
e4:19:3d:58:4d:cb:05:c7:1e:58:0c:18:e0:57:fc:
42:d9:a5:8a:b0:0d:a0:9b:c4:6e:84:2d:f5:00:5a:
a9:99:ff:8c:cc:13:aa:c9:71:a4:5c:83:0a:52:bc:
ec:75:5d:08:d5:19:be:f5:f5:ba:36:05:6e:18:97:
6a:4e:20:9f:07:f8:c3:75:0b:3f:21:5c:c2:8c:4c:
ae:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A4:D1:2C:3A:B4:66:CE:39:62:C4:29:48:74:56:8C:91:23:25:AC
X509v3 Authority Key Identifier:
keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/aaTRLDq0Zs45YsQpSHRWjJEjJaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.64.0/20
31.25.128.0/21
37.156.144.0/22
46.143.0.0/17
77.238.120.0/22
79.127.0.0/17
89.41.40.0/22
89.235.96.0/22
93.115.144.0/21
93.118.180.0/22
128.65.176.0/20
176.65.240.0/22
176.65.252.0/22
178.22.120.0/21
185.49.84.0/22
185.98.112.0/22
185.99.212.0/22
185.109.244.0-185.109.251.255
185.112.32.0/21
185.120.220.0/22
185.120.248.0/22
185.141.171.99/32
188.0.240.0/23
Signature Algorithm: sha256WithRSAEncryption
04:d4:28:92:82:a3:db:e0:d9:54:52:f6:64:a8:1d:55:56:11:
b9:50:ff:dc:84:ee:37:1d:f0:66:a5:7c:db:fc:e0:30:4f:81:
e8:7f:ae:d8:7a:34:18:61:47:aa:18:20:2d:6b:43:d9:b3:61:
28:00:7b:d5:21:ed:9f:cd:b8:01:09:62:39:4e:6d:e8:9b:96:
03:55:3d:cf:eb:37:c1:50:35:33:a8:2e:50:e4:09:28:64:4c:
dc:02:76:a2:90:82:b9:a7:fc:d4:aa:75:ad:33:d9:08:b3:8b:
d5:80:c8:01:e4:02:5a:eb:e7:cc:bc:f2:1b:c0:f5:72:ba:a0:
70:6f:72:51:58:63:34:ba:95:6d:dd:81:e6:cc:05:d8:73:d2:
3d:13:e3:c2:9c:33:5e:38:2f:7e:88:c8:c2:bf:76:16:08:55:
aa:6e:8d:62:ee:07:d2:b9:a6:6b:92:ac:11:20:1b:e0:dd:cc:
7c:9b:05:b4:01:ae:b2:39:8e:16:8e:52:01:03:20:51:fb:69:
d5:82:7f:f9:55:24:f2:c1:85:3b:c0:bf:bd:ea:37:2a:db:1d:
65:ac:15:c4:dc:49:3e:d9:b1:14:f2:f9:dd:62:9f:c7:db:c8:
26:df:aa:3c:93:00:c1:d3:4e:13:47:4b:da:46:06:29:47:f4:
e8:81:e1:d4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIEQ6ViojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YjUyNjM0YTJlYjAzZjg1NjViNWUzM2RjMmI5ZjQ5MDQxZjdjZmIwMB4XDTIyMDEw
MTE0MDA1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjlhNGQxMmMzYWI0
NjZjZTM5NjJjNDI5NDg3NDU2OGM5MTIzMjVhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPESi0ivVyDbOv0MXKkwNddYT0uDM+RQX5Rvbfnvfi29ofiP
7jI3TSBXZ+6I1XXF+4iq8kD8njf8fgciEg2fv9jdJoe3iuiDjK93Plu6s4MLcTmW
6tCaMl9OdlwU6ccW0eHNBeQDZFJ8ZNYF+ih2HfwerIgpOdUBODhh+wwWOQPXmR1z
LdAqkQNmgLF/Gf15MNOmTA2y4GaglZD8CZjY3oaQsZ1KBHcYfUkJ28Oxsc9Ei4qV
5Bk9WE3LBcceWAwY4Ff8QtmlirANoJvEboQt9QBaqZn/jMwTqslxpFyDClK87HVd
CNUZvvX1ujYFbhiXak4gnwf4w3ULPyFcwoxMrrkCAwEAAaOCApswggKXMB0GA1Ud
DgQWBBRppNEsOrRmzjlixClIdFaMkSMlrDAfBgNVHSMEGDAWgBRbUmNKLrA/hWW1
4z3CufSQQffPsDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1cxSmpTaTZ3UDRWbHRlTTl3cm4wa0VIM3o3QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvN2E1YjQ0LTZiMTgtNDJkMy1hOGQ1LWRjNjU1NGZkMTIzNS8x
L2FhVFJMRHEwWnM0NVlzUXBTSFJXakpFakphdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
N2E1YjQ0LTZiMTgtNDJkMy1hOGQ1LWRjNjU1NGZkMTIzNS8xL1cxSmpTaTZ3UDRW
bHRlTTl3cm4wa0VIM3o3QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
sAYIKwYBBQUHAQcBAf8EgaAwgZ0wgZoEAgABMIGTAwQEHwdAAwQDHxmAAwQCJZyQ
AwQHLo8AAwQCTe54AwQHT38AAwQCWSkoAwQCWetgAwQDXXOQAwQCXXa0AwQEgEGw
AwQCsEHwAwQCsEH8AwQDshZ4AwQCuTFUAwQCuWJwAwQCuWPUMAwDBAK5bfQDBAK5
bfgDBAO5cCADBAK5eNwDBAK5ePgDBQC5jatjAwQBvADwMA0GCSqGSIb3DQEBCwUA
A4IBAQAE1CiSgqPb4NlUUvZkqB1VVhG5UP/chO43HfBmpXzb/OAwT4Hof67YejQY
YUeqGCAta0PZs2EoAHvVIe2fzbgBCWI5Tm3om5YDVT3P6zfBUDUzqC5Q5AkoZEzc
AnaikIK5p/zUqnWtM9kIs4vVgMgB5AJa6+fMvPIbwPVyuqBwb3JRWGM0upVt3YHm
zAXYc9I9E+PCnDNeOC9+iMjCv3YWCFWqbo1i7gfSuaZrkqwRIBvg3cx8mwW0Aa6y
OY4WjlIBAyBR+2nVgn/5VSTywYU7wL+96jcq2x1lrBXE3Ek+2bEU8vndYp/H28gm
36o8kwDB004TR0vaRgYpR/TogeHU
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:00 2025 by rpki-client