Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/0JA0rr6RG-XmfvCIeepaFJGWSEc.roa
File: 0JA0rr6RG-XmfvCIeepaFJGWSEc.roa (raw, json)
Hash identifier: mhbanweElNtvKhu3jDr9yPfFlyaho+KBCthu4U9/xBY=
Subject key identifier: D0:90:34:AE:BE:91:1B:E5:E6:7E:F0:88:79:EA:5A:14:91:96:48:47
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 42044982
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/0JA0rr6RG-XmfvCIeepaFJGWSEc.roa
Signing time: Sat 01 Jan 2022 16:11:22 +0000
ROA not before: Sat 01 Jan 2022 16:11:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 45012
IP address blocks: 193.22.255.0/24 maxlen: 24
185.80.92.0/24 maxlen: 24
185.80.93.0/24 maxlen: 24
185.80.94.0/23 maxlen: 23
185.137.168.0/22 maxlen: 24
128.127.65.0/24 maxlen: 24
128.127.66.0/24 maxlen: 24
194.145.226.0/24 maxlen: 24
91.203.108.0/22 maxlen: 24
178.250.170.0/24 maxlen: 24
93.90.178.0/24 maxlen: 24
178.250.174.0/24 maxlen: 24
37.218.252.0/24 maxlen: 24
37.218.248.0/22 maxlen: 22
37.218.254.0/24 maxlen: 24
178.20.96.0/21 maxlen: 24
192.162.87.0/24 maxlen: 24
185.207.230.0/24 maxlen: 24
185.207.228.0/22 maxlen: 24
185.207.228.0/24 maxlen: 24
31.47.240.0/20 maxlen: 24
89.22.100.0/22 maxlen: 24
89.22.108.0/24 maxlen: 24
89.22.110.0/23 maxlen: 24
89.22.112.0/22 maxlen: 24
89.22.116.0/22 maxlen: 24
89.22.122.0/23 maxlen: 24
89.22.124.0/22 maxlen: 24
5.44.100.0/23 maxlen: 24
5.44.104.0/22 maxlen: 24
2a00:fa40:3000::/36 maxlen: 36
2a00:fa40:4000::/36 maxlen: 36
2a01:64c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1107577218 (0x42044982)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Jan 1 16:11:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d09034aebe911be5e67ef08879ea5a1491964847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c9:78:2f:ba:63:8e:66:24:a1:98:81:d1:ef:
93:2d:a9:f2:41:ce:20:e4:dc:c2:13:ae:26:8a:d5:
18:ea:ef:6c:1d:77:9e:ee:0f:99:90:81:46:54:da:
a1:15:ac:75:4b:14:e8:f5:45:20:33:ee:06:e4:84:
de:76:86:59:d1:46:f7:c2:3d:66:66:e3:92:13:4e:
09:e2:32:cb:a1:d7:29:f7:9a:10:ee:b4:ff:47:20:
80:f2:29:32:6e:01:2c:b7:2d:bb:8a:9c:97:1a:75:
96:c1:5c:a8:29:12:d6:65:ce:ea:88:99:c8:3b:08:
73:73:b4:94:f3:25:dd:24:62:48:56:a1:a1:cc:15:
0b:55:f3:3c:e7:49:23:67:c3:bc:4d:1c:7e:02:c5:
e7:65:89:11:21:03:63:4d:55:68:44:d2:b7:80:16:
56:07:02:13:a9:52:bc:bf:15:63:0e:44:55:c6:0b:
97:b5:25:12:97:f7:10:85:60:6c:fe:be:25:a0:4d:
7b:03:2a:68:d3:ad:7f:8d:ec:3a:81:cd:50:c7:90:
7b:5a:62:ca:2e:2f:73:a7:89:b2:28:e7:3c:b1:9c:
66:e9:53:3f:dc:2d:f8:6c:c4:bb:b0:71:67:36:cb:
3a:2e:04:35:56:55:e4:fe:68:6a:f6:02:03:d2:7e:
fd:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:90:34:AE:BE:91:1B:E5:E6:7E:F0:88:79:EA:5A:14:91:96:48:47
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/0JA0rr6RG-XmfvCIeepaFJGWSEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.100.0/23
5.44.104.0/22
31.47.240.0/20
37.218.248.0-37.218.252.255
37.218.254.0/24
89.22.100.0/22
89.22.108.0/24
89.22.110.0-89.22.119.255
89.22.122.0-89.22.127.255
91.203.108.0/22
93.90.178.0/24
128.127.65.0-128.127.66.255
178.20.96.0/21
178.250.170.0/24
178.250.174.0/24
185.80.92.0/22
185.137.168.0/22
185.207.228.0/22
192.162.87.0/24
193.22.255.0/24
194.145.226.0/24
IPv6:
2a00:fa40:3000::-2a00:fa40:4fff:ffff:ffff:ffff:ffff:ffff
2a01:64c0::/32
Signature Algorithm: sha256WithRSAEncryption
6b:45:04:e2:27:8b:05:c7:7a:64:b0:d2:e4:fe:fb:13:70:af:
a0:fe:8f:2c:33:18:f8:be:cc:29:f9:f2:a8:ed:61:88:7c:bd:
b4:39:d3:0d:9d:5e:22:4b:1c:31:e3:16:82:0b:4d:25:f4:bf:
da:bf:13:73:9a:2e:64:72:35:1a:af:8f:69:ab:4a:4e:ba:7d:
58:bc:a8:09:ad:5b:b9:96:4e:84:59:8d:d8:1d:8a:4b:f6:02:
c1:bb:56:88:16:39:95:3d:7d:89:ab:ae:ed:99:85:aa:43:f0:
dc:84:07:e0:e3:20:24:04:b7:10:2b:17:07:83:9d:78:ef:e4:
6c:71:76:4f:01:8c:d2:eb:a6:79:55:76:d3:60:a8:1c:4d:52:
03:7f:5d:35:a7:1e:2d:ea:4e:b2:ae:1b:9a:1a:9d:20:a3:93:
2b:8a:eb:ef:f7:22:46:37:71:66:94:7b:af:2e:33:4c:fd:07:
48:12:1f:b5:32:eb:b3:c0:ab:4d:84:d4:bc:84:9f:8c:2b:4e:
d0:b4:3b:9c:c6:72:73:94:ce:1c:de:db:88:49:8e:e2:88:eb:
a3:9a:1f:7b:d8:b2:d0:94:75:ef:45:45:8c:c6:86:e4:36:cc:
5a:4e:75:a0:f6:01:43:58:5d:b3:9e:a6:45:ac:46:5f:c6:0c:
eb:bd:05:b5
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgIEQgRJgjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDI3MDhkZjkzOTU0YWFjNjAxYWVmMTgzNWJkNWQ2OTI0NWZiMDJmMB4XDTIyMDEw
MTE2MTEyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDA5MDM0YWViZTkx
MWJlNWU2N2VmMDg4NzllYTVhMTQ5MTk2NDg0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTJeC+6Y45mJKGYgdHvky2p8kHOIOTcwhOuJorVGOrvbB13
nu4PmZCBRlTaoRWsdUsU6PVFIDPuBuSE3naGWdFG98I9ZmbjkhNOCeIyy6HXKfea
EO60/0cggPIpMm4BLLctu4qclxp1lsFcqCkS1mXO6oiZyDsIc3O0lPMl3SRiSFah
ocwVC1XzPOdJI2fDvE0cfgLF52WJESEDY01VaETSt4AWVgcCE6lSvL8VYw5EVcYL
l7UlEpf3EIVgbP6+JaBNewMqaNOtf43sOoHNUMeQe1piyi4vc6eJsijnPLGcZulT
P9wt+GzEu7BxZzbLOi4ENVZV5P5oavYCA9J+/XsCAwEAAaOCAscwggLDMB0GA1Ud
DgQWBBTQkDSuvpEb5eZ+8Ih56loUkZZIRzAfBgNVHSMEGDAWgBTEJwjfk5VKrGAa
7xg1vV1pJF+wLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hDY0kzNU9WU3F4Z0d1OFlOYjFkYVNSZnNDOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvZjYxN2E1LTMyNDAtNDhjNC1iNzE2LTc0MWMxZDhkZWEyYi8x
LzBKQTBycjZSRy1YbWZ2Q0llZXBhRkpHV1NFYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
ZjYxN2E1LTMyNDAtNDhjNC1iNzE2LTc0MWMxZDhkZWEyYi8xL3hDY0kzNU9WU3F4
Z0d1OFlOYjFkYVNSZnNDOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
3AYIKwYBBQUHAQcBAf8EgcwwgckwgaUEAgABMIGeAwQBBSxkAwQCBSxoAwQEHy/w
MAwDBAMl2vgDBAAl2vwDBAAl2v4DBAJZFmQDBABZFmwwDAMEAVkWbgMEA1kWcDAM
AwQBWRZ6AwQHWRYAAwQCW8tsAwQAXVqyMAwDBACAf0EDBACAf0IDBAOyFGADBACy
+qoDBACy+q4DBAK5UFwDBAK5iagDBAK5z+QDBADAolcDBADBFv8DBADCkeIwHwQC
AAIwGTAQAwYEKgD6QDADBgQqAPpAQAMFACoBZMAwDQYJKoZIhvcNAQELBQADggEB
AGtFBOIniwXHemSw0uT++xNwr6D+jywzGPi+zCn58qjtYYh8vbQ50w2dXiJLHDHj
FoILTSX0v9q/E3OaLmRyNRqvj2mrSk66fVi8qAmtW7mWToRZjdgdikv2AsG7VogW
OZU9fYmrru2ZhapD8NyEB+DjICQEtxArFweDnXjv5Gxxdk8BjNLrpnlVdtNgqBxN
UgN/XTWnHi3qTrKuG5oanSCjkyuK6+/3IkY3cWaUe68uM0z9B0gSH7Uy67PAq02E
1LyEn4wrTtC0O5zGcnOUzhze24hJjuKI66OaH3vYstCUde9FRYzGhuQ2zFpOdaD2
AUNYXbOepkWsRl/GDOu9BbU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:44 2024 by rpki-client on console-ams.rpki-client.org