Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/ImQdeKmbjcdP3YuoWMJf21GDgI8.roa
File: ImQdeKmbjcdP3YuoWMJf21GDgI8.roa (raw, json)
Hash identifier: cuW9bHjKYL2X6t426ZNYfcxaKC1vPrI5PVS+y8dVDAg=
Subject key identifier: 22:64:1D:78:A9:9B:8D:C7:4F:DD:8B:A8:58:C2:5F:DB:51:83:80:8F
Certificate issuer: /CN=85d0e763f935c171694f172056eb44209db2e2cd
Certificate serial: 01856E79029958EA92E28CD8F158EC733236
Authority key identifier: 85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/ImQdeKmbjcdP3YuoWMJf21GDgI8.roa
Signing time: Sun 01 Jan 2023 17:55:02 +0000
ROA not before: Sun 01 Jan 2023 17:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15704
IP address blocks: 119.12.224.0/23 maxlen: 23
119.12.226.0/23 maxlen: 23
119.12.228.0/23 maxlen: 23
119.12.230.0/23 maxlen: 23
119.12.232.0/23 maxlen: 23
217.113.240.0/20 maxlen: 20
119.12.236.0/23 maxlen: 23
119.12.238.0/23 maxlen: 23
119.12.240.0/23 maxlen: 23
119.12.234.0/23 maxlen: 23
119.12.242.0/23 maxlen: 23
119.12.244.0/23 maxlen: 23
119.12.246.0/23 maxlen: 23
119.12.250.0/23 maxlen: 23
119.12.248.0/23 maxlen: 23
185.228.152.0/23 maxlen: 23
185.228.154.0/23 maxlen: 23
195.160.224.0/22 maxlen: 22
207.188.130.0/24 maxlen: 24
213.94.0.0/18 maxlen: 23
193.53.160.0/22 maxlen: 22
137.59.58.0/24 maxlen: 24
185.153.164.0/23 maxlen: 23
185.153.166.0/23 maxlen: 23
89.39.32.0/19 maxlen: 24
94.73.32.0/19 maxlen: 19
185.227.212.0/23 maxlen: 23
89.39.52.0/24 maxlen: 24
185.227.214.0/23 maxlen: 23
91.194.62.0/23 maxlen: 23
91.106.16.0/21 maxlen: 21
170.253.0.0/20 maxlen: 20
185.145.64.0/22 maxlen: 22
170.253.16.0/20 maxlen: 20
170.253.32.0/20 maxlen: 20
170.253.48.0/20 maxlen: 20
185.252.12.0/22 maxlen: 22
185.197.240.0/23 maxlen: 23
213.177.192.0/19 maxlen: 21
185.197.242.0/23 maxlen: 23
188.212.23.0/24 maxlen: 24
93.177.120.0/22 maxlen: 23
93.115.152.0/24 maxlen: 24
181.41.128.0/21 maxlen: 21
212.14.96.0/19 maxlen: 23
93.115.128.0/22 maxlen: 22
93.115.132.0/22 maxlen: 22
93.176.160.0/20 maxlen: 20
93.176.176.0/20 maxlen: 20
89.35.62.0/23 maxlen: 23
93.115.202.0/24 maxlen: 24
93.176.128.0/18 maxlen: 18
93.176.128.0/21 maxlen: 21
93.176.136.0/21 maxlen: 21
93.176.144.0/21 maxlen: 21
93.176.152.0/21 maxlen: 21
93.115.242.0/24 maxlen: 24
207.188.160.0/21 maxlen: 21
188.208.219.0/24 maxlen: 24
207.188.168.0/21 maxlen: 21
91.242.152.0/21 maxlen: 21
93.115.37.0/24 maxlen: 24
2a00:d100:1800::/37 maxlen: 37
2a00:d100:3800::/37 maxlen: 37
2a00:d100:2000::/37 maxlen: 37
2a00:d100:4800::/37 maxlen: 37
2a00:d100:2800::/37 maxlen: 37
2a00:d100:5000::/37 maxlen: 37
2a00:d100::/37 maxlen: 37
2a00:d100:5800::/37 maxlen: 37
2a01:8480:2004::/48 maxlen: 48
2a00:d100:6000::/37 maxlen: 37
2a00:d100:3000::/37 maxlen: 37
2a00:d100:800::/37 maxlen: 37
2a00:d100:4000::/37 maxlen: 37
2a00:d100:1000::/37 maxlen: 37
2a00:d100:6800::/37 maxlen: 37
2a00:d103:2800::/37 maxlen: 37
2a00:d103:2000::/37 maxlen: 37
2a00:d103:1800::/37 maxlen: 37
2a00:d103:1000::/37 maxlen: 37
2a00:d103:800::/37 maxlen: 37
2a00:d103::/37 maxlen: 37
2a00:d102:2800::/37 maxlen: 37
2a00:d102:2000::/37 maxlen: 37
2a00:d102:1800::/37 maxlen: 37
2a00:d102:1000::/37 maxlen: 37
2a00:d102:800::/37 maxlen: 37
2a00:d102::/37 maxlen: 37
2a00:d101:4000::/37 maxlen: 37
2a00:d101:1000::/37 maxlen: 37
2a00:d101:1800::/37 maxlen: 37
2a00:d101::/37 maxlen: 37
2a00:d101:2800::/37 maxlen: 37
2a00:d101:2000::/37 maxlen: 37
2a00:d101:4800::/37 maxlen: 37
2a00:d101:3000::/37 maxlen: 37
2a00:d101:800::/37 maxlen: 37
2a01:8480::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:79:02:99:58:ea:92:e2:8c:d8:f1:58:ec:73:32:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85d0e763f935c171694f172056eb44209db2e2cd
Validity
Not Before: Jan 1 17:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22641d78a99b8dc74fdd8ba858c25fdb5183808f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:6b:30:cd:94:21:74:3e:ff:5c:74:78:08:a7:
a4:ef:a8:65:18:04:71:20:84:17:26:54:6c:d3:c6:
fb:bf:5e:66:31:0e:5d:56:f3:62:39:56:64:5c:04:
53:27:bb:4b:ea:6e:f0:d9:60:1b:73:88:c5:e5:91:
66:1c:d6:7c:27:44:19:35:62:1e:09:bc:30:88:19:
6d:a7:03:00:35:7e:b5:79:e6:1d:6c:0e:49:08:1b:
50:d3:3e:71:e5:17:8d:bc:d8:f8:fe:24:96:be:7f:
25:f9:90:46:9b:41:59:fd:67:09:32:e1:1b:3b:30:
7a:60:c8:9d:01:fa:e0:47:04:40:33:b1:34:ff:3c:
76:4a:6f:20:55:25:d1:1d:42:c9:64:65:dd:17:8a:
56:fd:04:c5:47:23:9d:c6:9b:99:ff:9f:db:02:82:
35:49:a0:2e:47:38:79:0d:8d:e3:8c:56:9e:68:86:
a7:35:38:26:6b:54:81:3e:6a:9e:a9:39:3f:1e:22:
8f:55:d7:af:25:28:8a:a8:b0:3a:2e:69:e9:e3:18:
56:38:d9:50:35:11:31:4f:c6:ef:83:d8:6a:00:8d:
a6:3c:dc:1e:6c:b1:da:11:f7:fb:df:3e:23:2b:66:
d0:e3:bb:dd:e9:fa:8d:c9:e8:b0:95:c2:26:99:ed:
97:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:64:1D:78:A9:9B:8D:C7:4F:DD:8B:A8:58:C2:5F:DB:51:83:80:8F
X509v3 Authority Key Identifier:
keyid:85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/ImQdeKmbjcdP3YuoWMJf21GDgI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.62.0/23
89.39.32.0/19
91.106.16.0/21
91.194.62.0/23
91.242.152.0/21
93.115.37.0/24
93.115.128.0/21
93.115.152.0/24
93.115.202.0/24
93.115.242.0/24
93.176.128.0/18
93.177.120.0/22
94.73.32.0/19
119.12.224.0-119.12.251.255
137.59.58.0/24
170.253.0.0/18
181.41.128.0/21
185.145.64.0/22
185.153.164.0/22
185.197.240.0/22
185.227.212.0/22
185.228.152.0/22
185.252.12.0/22
188.208.219.0/24
188.212.23.0/24
193.53.160.0/22
195.160.224.0/22
207.188.130.0/24
207.188.160.0/20
212.14.96.0/19
213.94.0.0/18
213.177.192.0/19
217.113.240.0/20
IPv6:
2a00:d100::-2a00:d100:6fff:ffff:ffff:ffff:ffff:ffff
2a00:d101::-2a00:d101:37ff:ffff:ffff:ffff:ffff:ffff
2a00:d101:4000::/36
2a00:d102::-2a00:d102:2fff:ffff:ffff:ffff:ffff:ffff
2a00:d103::-2a00:d103:2fff:ffff:ffff:ffff:ffff:ffff
2a01:8480::/32
Signature Algorithm: sha256WithRSAEncryption
41:ac:f4:2b:55:af:e5:c1:a4:db:ca:06:c5:c6:68:1f:19:d0:
c2:66:58:1b:79:df:a9:c4:ab:1a:53:4b:8b:9d:4a:79:73:fa:
85:2c:8b:d9:a0:34:86:c9:66:88:72:50:08:87:45:79:fb:93:
6b:78:6b:0c:1a:bd:4d:61:9e:6b:bb:58:0f:61:07:3b:f9:4c:
33:7a:91:34:33:49:ed:30:ac:c1:0a:c6:b1:6d:02:a5:5d:49:
e6:90:83:54:25:ed:60:bd:fd:49:90:0f:ec:76:8b:a7:fc:26:
32:e8:4a:08:e4:c9:80:41:5a:00:f5:65:5a:85:2d:15:0f:04:
86:7d:d0:12:91:52:10:2a:e6:82:20:9f:8b:57:c7:27:f2:64:
30:94:6b:70:48:0d:c2:1a:45:8d:88:6f:e9:b7:48:8f:d5:14:
de:7e:63:2a:e5:75:3b:be:d5:7f:99:2a:d1:1e:7b:af:63:01:
39:3b:28:73:a1:32:eb:ab:77:f1:a6:96:f8:0d:36:4f:44:98:
79:ef:56:67:5e:02:7a:bd:5f:57:a5:45:09:0f:f7:ba:99:58:
e9:3d:6d:72:4a:a7:d8:1a:df:a5:e0:05:07:26:4d:c1:dc:f9:
d1:2b:cd:b0:f4:11:48:03:93:4b:04:45:94:4d:72:bd:1e:4b:
d5:1e:33:aa
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgISAYVueQKZWOqS4ozY8VjsczI2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZDBlNzYzZjkzNWMxNzE2OTRmMTcyMDU2ZWI0NDIwOWRi
MmUyY2QwHhcNMjMwMTAxMTc1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjY0MWQ3OGE5OWI4ZGM3NGZkZDhiYTg1OGMyNWZkYjUxODM4MDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12swzZQhdD7/XHR4CKek76hlGARx
IIQXJlRs08b7v15mMQ5dVvNiOVZkXARTJ7tL6m7w2WAbc4jF5ZFmHNZ8J0QZNWIe
CbwwiBltpwMANX61eeYdbA5JCBtQ0z5x5ReNvNj4/iSWvn8l+ZBGm0FZ/WcJMuEb
OzB6YMidAfrgRwRAM7E0/zx2Sm8gVSXRHULJZGXdF4pW/QTFRyOdxpuZ/5/bAoI1
SaAuRzh5DY3jjFaeaIanNTgma1SBPmqeqTk/HiKPVdevJSiKqLA6Lmnp4xhWONlQ
NRExT8bvg9hqAI2mPNwebLHaEff73z4jK2bQ47vd6fqNyeiwlcImme2XYQIDAQAB
o4IDMzCCAy8wHQYDVR0OBBYEFCJkHXipm43HT92LqFjCX9tRg4CPMB8GA1UdIwQY
MBaAFIXQ52P5NcFxaU8XIFbrRCCdsuLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2Qt
ZjEyODM1ZjAyNDdiLzEvSW1RZGVLbWJqY2RQM1l1b1dNSmYyMUdEZ0k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2QtZjEyODM1ZjAyNDdi
LzEvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRwYIKwYBBQUHAQcBAf8EggE2MIIBMjCB1QQCAAEwgc4D
BAFZIz4DBAVZJyADBANbahADBAFbwj4DBANb8pgDBABdcyUDBANdc4ADBABdc5gD
BABdc8oDBABdc/IDBAZdsIADBAJdsXgDBAVeSSAwDAMEBXcM4AMEAncM+AMEAIk7
OgMEBqr9AAMEA7UpgAMEArmRQAMEArmZpAMEArnF8AMEArnj1AMEArnkmAMEArn8
DAMEALzQ2wMEALzUFwMEAsE1oAMEAsOg4AMEAM+8ggMEBM+8oAMEBdQOYAMEBtVe
AAMEBdWxwAMEBNlx8DBYBAIAAjBSMA4DBAAqANEDBgQqANEAYDAPAwUAKgDRAQMG
AyoA0QEwAwYEKgDRAUAwDwMFASoA0QIDBgQqANECIDAPAwUAKgDRAwMGBCoA0QMg
AwUAKgGEgDANBgkqhkiG9w0BAQsFAAOCAQEAQaz0K1Wv5cGk28oGxcZoHxnQwmZY
G3nfqcSrGlNLi51KeXP6hSyL2aA0hslmiHJQCIdFefuTa3hrDBq9TWGea7tYD2EH
O/lMM3qRNDNJ7TCswQrGsW0CpV1J5pCDVCXtYL39SZAP7HaLp/wmMuhKCOTJgEFa
APVlWoUtFQ8Ehn3QEpFSECrmgiCfi1fHJ/JkMJRrcEgNwhpFjYhv6bdIj9UU3n5j
KuV1O77Vf5kq0R57r2MBOTsoc6Ey66t38aaW+A02T0SYee9WZ14Cer1fV6VFCQ/3
uplY6T1tckqn2BrfpeAFByZNwdz50SvNsPQRSAOTSwRFlE1yvR5L1R4zqg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:49 2025 by rpki-client