Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/f1lP6Fhua3Ht3n0J7yRqJutaJe0.roa
File: f1lP6Fhua3Ht3n0J7yRqJutaJe0.roa (raw, json)
Hash identifier: t358U+JycTyQfLftPXg1LVpv6cxBK3YP06NaiSUjgDE=
Subject key identifier: 7F:59:4F:E8:58:6E:6B:71:ED:DE:7D:09:EF:24:6A:26:EB:5A:25:ED
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01825ECFA89B5B3C10AEDC36FA485C9E2973
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/f1lP6Fhua3Ht3n0J7yRqJutaJe0.roa
Signing time: Tue 02 Aug 2022 13:47:23 +0000
ROA not before: Tue 02 Aug 2022 13:47:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 45.88.160.0/22 maxlen: 24
45.88.168.0/22 maxlen: 24
2.56.172.0/22 maxlen: 24
2.56.176.0/22 maxlen: 24
194.33.36.0/22 maxlen: 24
185.149.20.0/22 maxlen: 24
45.83.140.0/22 maxlen: 24
185.156.108.0/22 maxlen: 24
45.92.124.0/22 maxlen: 24
185.166.152.0/22 maxlen: 24
185.166.160.0/22 maxlen: 24
185.161.69.0/24 maxlen: 24
185.161.70.0/23 maxlen: 24
92.119.40.0/22 maxlen: 24
45.128.72.0/22 maxlen: 24
45.15.124.0/22 maxlen: 24
45.86.64.0/22 maxlen: 24
45.15.128.0/22 maxlen: 24
45.86.76.0/22 maxlen: 24
45.86.72.0/22 maxlen: 24
45.92.160.0/22 maxlen: 24
45.92.192.0/22 maxlen: 24
45.89.100.0/22 maxlen: 24
45.12.108.0/22 maxlen: 24
45.12.112.0/22 maxlen: 24
45.12.128.0/22 maxlen: 24
45.12.136.0/22 maxlen: 24
45.82.244.0/22 maxlen: 24
185.153.180.0/22 maxlen: 24
45.82.248.0/22 maxlen: 24
45.89.196.0/22 maxlen: 24
213.59.112.0/20 maxlen: 24
45.15.176.0/22 maxlen: 24
45.15.184.0/22 maxlen: 24
31.12.92.0/22 maxlen: 24
171.22.120.0/22 maxlen: 24
2a09:b440::/48 maxlen: 48
2a09:96c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5e:cf:a8:9b:5b:3c:10:ae:dc:36:fa:48:5c:9e:29:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Aug 2 13:47:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7f594fe8586e6b71edde7d09ef246a26eb5a25ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:56:6c:95:f9:d2:a3:13:da:f0:d4:7e:81:0e:
bc:6e:3a:d0:b0:a3:5f:d5:53:44:29:9e:6f:1a:47:
7b:b3:df:b7:75:7c:91:72:77:e5:d1:0d:94:2e:67:
62:69:ad:dd:97:c8:c3:69:cd:c4:bd:fd:5f:85:2a:
b0:1e:77:44:71:e5:be:be:b0:18:04:76:83:b8:70:
06:d1:94:c1:b2:0a:33:43:fc:50:49:53:c4:f2:e7:
79:d8:64:41:2a:e2:5d:aa:e3:32:da:41:dd:64:c3:
e4:51:03:02:37:59:74:c1:41:0a:2c:de:0a:49:1f:
8b:68:1f:d9:6a:eb:30:56:19:e3:ac:c1:c7:f1:b8:
e5:fe:5f:e1:97:78:9f:77:07:4b:c7:a1:a7:1f:1c:
bf:6f:fe:83:37:91:79:f2:34:8e:c0:c4:39:62:90:
60:3f:3a:bc:a1:4b:fa:88:dc:ad:0b:31:b2:4e:0b:
23:8b:8b:ca:9f:3d:5b:d0:7a:5a:f7:35:c1:7b:ef:
36:eb:a6:d2:a5:76:16:b9:a0:79:cd:77:01:6b:b1:
94:b6:a9:ad:f1:cf:ff:10:c5:47:89:98:fa:17:e4:
9c:b5:2c:77:cc:a8:d0:ab:7a:db:44:03:dc:70:ab:
85:9c:c6:6d:29:d8:0c:a2:f3:1f:cf:f2:31:1c:85:
73:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:59:4F:E8:58:6E:6B:71:ED:DE:7D:09:EF:24:6A:26:EB:5A:25:ED
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/f1lP6Fhua3Ht3n0J7yRqJutaJe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.172.0-2.56.179.255
31.12.92.0/22
45.12.108.0-45.12.115.255
45.12.128.0/22
45.12.136.0/22
45.15.124.0-45.15.131.255
45.15.176.0/22
45.15.184.0/22
45.82.244.0-45.82.251.255
45.83.140.0/22
45.86.64.0/22
45.86.72.0/21
45.88.160.0/22
45.88.168.0/22
45.89.100.0/22
45.89.196.0/22
45.92.124.0/22
45.92.160.0/22
45.92.192.0/22
45.128.72.0/22
92.119.40.0/22
171.22.120.0/22
185.149.20.0/22
185.153.180.0/22
185.156.108.0/22
185.161.69.0-185.161.71.255
185.166.152.0/22
185.166.160.0/22
194.33.36.0/22
213.59.112.0/20
IPv6:
2a09:96c0::/29
2a09:b440::/48
Signature Algorithm: sha256WithRSAEncryption
75:9d:cd:b4:96:56:22:2d:e4:f6:7b:53:08:0e:14:09:8e:52:
95:ea:f2:dd:60:bd:31:93:99:a0:58:01:75:51:66:0f:4e:13:
c0:b5:20:84:32:9a:58:e9:e5:68:c3:86:ef:69:a1:81:cd:17:
98:c5:63:91:32:20:67:c2:b9:18:fe:e6:3b:59:20:7e:d0:a6:
91:bb:ba:c7:6b:0a:c0:60:89:8b:b3:0a:95:d0:6b:1c:45:02:
bb:06:85:47:df:18:87:c4:99:fc:6b:eb:c1:1a:74:ce:ca:a3:
51:03:49:aa:e5:c9:6a:87:f9:4e:db:25:9c:dc:31:6e:5a:bc:
bd:d2:3b:bc:02:21:dd:2a:7d:5c:20:11:c9:5f:76:95:d5:69:
6a:8c:34:9e:ff:a6:5a:3a:ff:9c:e6:fe:c1:7a:14:9b:16:58:
d4:72:db:80:e4:39:e3:a0:d5:e8:37:3f:e8:74:15:0b:21:98:
cc:5f:42:4b:f3:4d:f3:31:17:1e:bd:41:87:4e:f8:c6:27:29:
fd:22:7f:c2:71:25:fa:b1:9a:d4:ec:5c:0b:87:3f:b3:35:c9:
b8:b3:5f:f8:6d:c4:d2:e3:66:0a:cf:05:b3:b5:79:5c:05:41:
bb:ab:2f:60:01:25:c2:41:6c:68:41:7f:10:65:5f:80:76:41:
39:82:9f:58
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgISAYJez6ibWzwQrtw2+khcnilzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjIwODAyMTM0NzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjU5NGZlODU4NmU2YjcxZWRkZTdkMDllZjI0NmEyNmViNWEyNWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1ZslfnSoxPa8NR+gQ68bjrQsKNf
1VNEKZ5vGkd7s9+3dXyRcnfl0Q2ULmdiaa3dl8jDac3Evf1fhSqwHndEceW+vrAY
BHaDuHAG0ZTBsgozQ/xQSVPE8ud52GRBKuJdquMy2kHdZMPkUQMCN1l0wUEKLN4K
SR+LaB/ZauswVhnjrMHH8bjl/l/hl3ifdwdLx6GnHxy/b/6DN5F58jSOwMQ5YpBg
Pzq8oUv6iNytCzGyTgsji4vKnz1b0Hpa9zXBe+8266bSpXYWuaB5zXcBa7GUtqmt
8c//EMVHiZj6F+SctSx3zKjQq3rbRAPccKuFnMZtKdgMovMfz/IxHIVzVwIDAQAB
o4IC/jCCAvowHQYDVR0OBBYEFH9ZT+hYbmtx7d59Ce8kaibrWiXtMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvZjFsUDZGaHVhM0h0M24wSjd5UnFKdXRhSmUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEgYIKwYBBQUHAQcBAf8EggEBMIH+MIHjBAIAATCB3DAM
AwQCAjisAwQCAjiwAwQCHwxcMAwDBAItDGwDBAItDHADBAItDIADBAItDIgwDAME
Ai0PfAMEAi0PgAMEAi0PsAMEAi0PuDAMAwQCLVL0AwQCLVL4AwQCLVOMAwQCLVZA
AwQDLVZIAwQCLVigAwQCLVioAwQCLVlkAwQCLVnEAwQCLVx8AwQCLVygAwQCLVzA
AwQCLYBIAwQCXHcoAwQCqxZ4AwQCuZUUAwQCuZm0AwQCuZxsMAwDBAC5oUUDBAO5
oUADBAK5ppgDBAK5pqADBALCISQDBATVO3AwFgQCAAIwEAMFAyoJlsADBwAqCbRA
AAAwDQYJKoZIhvcNAQELBQADggEBAHWdzbSWViIt5PZ7UwgOFAmOUpXq8t1gvTGT
maBYAXVRZg9OE8C1IIQymljp5WjDhu9poYHNF5jFY5EyIGfCuRj+5jtZIH7QppG7
usdrCsBgiYuzCpXQaxxFArsGhUffGIfEmfxr68EadM7Ko1EDSarlyWqH+U7bJZzc
MW5avL3SO7wCId0qfVwgEclfdpXVaWqMNJ7/plo6/5zm/sF6FJsWWNRy24DkOeOg
1eg3P+h0FQshmMxfQkvzTfMxFx69QYdO+MYnKf0if8JxJfqxmtTsXAuHP7M1ybiz
X/htxNLjZgrPBbO1eVwFQburL2ABJcJBbGhBfxBlX4B2QTmCn1g=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:29 2023 by rpki-client on console-fra.rpki-client.org