Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/JMfDtQS1plA9uDsFZgbQohw9lPg.roa
File: JMfDtQS1plA9uDsFZgbQohw9lPg.roa (raw, json)
Hash identifier: a4uNUbN5rzsveFeISh69/Ozz1E0VDdUv5nj4cZyPXQc=
Subject key identifier: 24:C7:C3:B5:04:B5:A6:50:3D:B8:3B:05:66:06:D0:A2:1C:3D:94:F8
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 029C5A01
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/JMfDtQS1plA9uDsFZgbQohw9lPg.roa
Signing time: Sat 02 Apr 2022 12:19:33 +0000
ROA not before: Sat 02 Apr 2022 12:19:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60781
IP address blocks: 193.39.209.0/24 maxlen: 24
194.33.32.0/24 maxlen: 24
185.164.59.0/24 maxlen: 24
45.137.86.0/24 maxlen: 24
193.111.4.0/24 maxlen: 24
193.111.5.0/24 maxlen: 24
193.111.19.0/24 maxlen: 24
193.111.18.0/24 maxlen: 24
45.154.230.0/24 maxlen: 24
45.130.253.0/24 maxlen: 24
45.137.41.0/24 maxlen: 24
45.157.38.0/24 maxlen: 24
45.157.37.0/24 maxlen: 24
45.153.219.0/24 maxlen: 24
45.147.31.0/24 maxlen: 24
45.147.30.0/24 maxlen: 24
45.95.98.0/24 maxlen: 24
45.152.197.0/24 maxlen: 24
45.91.211.0/24 maxlen: 24
45.91.208.0/24 maxlen: 24
45.153.23.0/24 maxlen: 24
45.153.21.0/24 maxlen: 24
91.212.107.0/24 maxlen: 24
45.13.186.0/24 maxlen: 24
113.30.152.0/24 maxlen: 24
45.128.77.0/24 maxlen: 24
113.30.155.0/24 maxlen: 24
113.30.154.0/24 maxlen: 24
113.30.153.0/24 maxlen: 24
193.41.39.0/24 maxlen: 24
45.158.197.0/24 maxlen: 24
2a0f:ac00::/29 maxlen: 29
2a0f:e1c2::/32 maxlen: 32
2a0f:1f80::/29 maxlen: 29
2a0f:e940::/29 maxlen: 29
2a0f:dac0::/29 maxlen: 29
2a0e:2240:2::/48 maxlen: 48
2a0f:e6c0:fe1::/48 maxlen: 48
2a0f:e1c0::/32 maxlen: 32
2a0f:a03::/32 maxlen: 32
2a0f:da40::/29 maxlen: 29
2a0f:e1c7::/32 maxlen: 32
2a0e:f200:2::/48 maxlen: 48
2a0f:e6c0:991::/48 maxlen: 48
2a0e:2440::/29 maxlen: 29
2a0e:e980::/29 maxlen: 29
2a0f:df40::/29 maxlen: 29
2a0f:a02::/32 maxlen: 32
2a0f:e600:1::/48 maxlen: 48
2a0f:e6c0:123::/48 maxlen: 48
2a0f:a04::/32 maxlen: 32
2a0f:e143::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43801089 (0x29c5a01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 2 12:19:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=24c7c3b504b5a6503db83b056606d0a21c3d94f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:85:d7:dc:8d:37:01:a8:b5:63:e9:78:55:d8:
d2:ad:a1:0f:92:21:22:e6:bf:d1:77:60:8f:b7:a7:
b3:ed:fa:90:14:16:af:e2:22:44:e6:02:73:31:ff:
aa:23:4f:6a:8a:f8:c0:71:bb:b5:56:ea:c4:ff:67:
80:85:4b:8d:0c:69:e8:4d:0d:13:90:e5:32:b1:b5:
35:49:9e:91:3b:7d:01:4f:5b:32:f0:1e:17:84:42:
0f:31:7f:2d:11:1f:80:11:ae:74:cc:12:98:0d:5e:
b2:3f:8b:fb:a1:dd:cc:e2:13:21:f7:bf:9a:73:16:
90:27:14:d1:79:87:a2:8f:b3:77:c5:73:73:e9:7f:
32:73:84:f2:b1:d8:31:8a:dc:06:9c:7d:5e:da:e6:
26:ad:3b:0a:b5:4b:a3:10:b1:fa:58:9a:c6:c2:bb:
87:33:25:d1:72:72:38:fa:60:df:73:13:e5:7a:e2:
1d:f5:b0:14:a2:9a:01:7d:c8:83:c0:6a:02:52:77:
a7:11:e7:b1:c8:ce:01:bf:9d:55:90:fb:8c:88:c0:
1f:fd:3b:50:43:84:b5:b8:ac:bf:e3:10:9a:95:44:
78:cf:c7:3c:a9:8b:74:2f:3b:c4:07:52:34:f9:0a:
76:2f:cd:ab:c0:8d:ee:e8:63:9c:88:7a:fe:a1:b5:
b1:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:C7:C3:B5:04:B5:A6:50:3D:B8:3B:05:66:06:D0:A2:1C:3D:94:F8
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/JMfDtQS1plA9uDsFZgbQohw9lPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.186.0/24
45.91.208.0/24
45.91.211.0/24
45.95.98.0/24
45.128.77.0/24
45.130.253.0/24
45.137.41.0/24
45.137.86.0/24
45.147.30.0/23
45.152.197.0/24
45.153.21.0/24
45.153.23.0/24
45.153.219.0/24
45.154.230.0/24
45.157.37.0-45.157.38.255
45.158.197.0/24
91.212.107.0/24
113.30.152.0/22
185.164.59.0/24
193.39.209.0/24
193.41.39.0/24
193.111.4.0/23
193.111.18.0/23
194.33.32.0/24
IPv6:
2a0e:2240:2::/48
2a0e:2440::/29
2a0e:e980::/29
2a0e:f200:2::/48
2a0f:a02::-2a0f:a04:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:1f80::/29
2a0f:ac00::/29
2a0f:da40::/29
2a0f:dac0::/29
2a0f:df40::/29
2a0f:e143::/32
2a0f:e1c0::/32
2a0f:e1c2::/32
2a0f:e1c7::/32
2a0f:e600:1::/48
2a0f:e6c0:123::/48
2a0f:e6c0:991::/48
2a0f:e6c0:fe1::/48
2a0f:e940::/29
Signature Algorithm: sha256WithRSAEncryption
8a:02:d2:74:53:3b:1c:a5:08:a7:71:aa:c7:49:f5:ba:1c:c6:
1e:82:c6:82:c5:2e:af:bc:14:f0:c9:ef:b3:e8:66:e9:2a:cd:
c5:b7:c9:08:72:42:53:e6:35:a1:3c:a0:ce:cb:5c:c3:67:4c:
24:d4:04:29:49:24:7d:5e:d7:8f:d4:78:28:85:ee:0c:22:44:
1a:db:0e:6a:49:8c:78:1d:fa:5e:89:5b:85:fd:48:31:6c:be:
a7:19:ab:b5:3a:7f:8e:04:6f:a0:68:9a:23:3d:ea:49:6d:bc:
0a:95:d6:37:65:d0:0f:ae:46:4a:79:3f:3f:d7:c2:d1:6e:f6:
15:dd:6d:50:6a:b7:22:02:8c:9a:17:4c:52:13:e2:7f:72:eb:
64:52:1f:6f:8b:18:e9:8b:c1:7f:88:c6:51:d7:64:2f:dc:63:
43:00:e4:04:ab:cf:91:aa:0c:80:99:fe:19:ed:43:bd:73:28:
79:b7:56:fa:6b:9b:79:d3:96:37:dd:5d:54:2f:14:1f:74:88:
1b:32:70:b2:1d:37:01:a4:74:10:57:f4:f8:8b:5f:8f:a4:ff:
72:80:43:c6:14:03:71:e0:52:48:50:02:7a:48:d2:45:c7:5d:
2a:fb:fd:d3:93:8b:d0:48:6e:3d:b5:19:df:fc:f9:16:49:b3:
19:71:1c:a9
-----BEGIN CERTIFICATE-----
MIIGLTCCBRWgAwIBAgIEApxaATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDU1OWFhZmJmYzA5MzEyNDJlMWQ2MzcyOThjZjFkZDIyM2U0YzI2MB4XDTIyMDQw
MjEyMTkzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjRjN2MzYjUwNGI1
YTY1MDNkYjgzYjA1NjYwNmQwYTIxYzNkOTRmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJyF19yNNwGotWPpeFXY0q2hD5IhIua/0Xdgj7ens+36kBQW
r+IiROYCczH/qiNPaor4wHG7tVbqxP9ngIVLjQxp6E0NE5DlMrG1NUmekTt9AU9b
MvAeF4RCDzF/LREfgBGudMwSmA1esj+L+6HdzOITIfe/mnMWkCcU0XmHoo+zd8Vz
c+l/MnOE8rHYMYrcBpx9XtrmJq07CrVLoxCx+liaxsK7hzMl0XJyOPpg33MT5Xri
HfWwFKKaAX3Ig8BqAlJ3pxHnscjOAb+dVZD7jIjAH/07UEOEtbisv+MQmpVEeM/H
PKmLdC87xAdSNPkKdi/Nq8CN7uhjnIh6/qG1scMCAwEAAaOCA0cwggNDMB0GA1Ud
DgQWBBQkx8O1BLWmUD24OwVmBtCiHD2U+DAfBgNVHSMEGDAWgBR9VZqvv8CTEkLh
1jcpjPHdIj5MJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZWV2FyN19Ba3hKQzRkWTNLWXp4M1NJLVRDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvNDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8x
L0pNZkR0UVMxcGxBOXVEc0ZaZ2JRb2h3OWxQZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
NDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8xL2ZWV2FyN19Ba3hK
QzRkWTNLWXp4M1NJLVRDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AVsGCCsGAQUFBwEHAQH/BIIBSjCCAUYwgZ8EAgABMIGYAwQALQ26AwQALVvQAwQA
LVvTAwQALV9iAwQALYBNAwQALYL9AwQALYkpAwQALYlWAwQBLZMeAwQALZjFAwQA
LZkVAwQALZkXAwQALZnbAwQALZrmMAwDBAAtnSUDBAAtnSYDBAAtnsUDBABb1GsD
BAJxHpgDBAC5pDsDBADBJ9EDBADBKScDBAHBbwQDBAHBbxIDBADCISAwgaEEAgAC
MIGaAwcAKg4iQAACAwUDKg4kQAMFAyoO6YADBwAqDvIAAAIwDgMFASoPCgIDBQAq
DwoEAwUDKg8fgAMFAyoPrAADBQMqD9pAAwUDKg/awAMFAyoP30ADBQAqD+FDAwUA
Kg/hwAMFACoP4cIDBQAqD+HHAwcAKg/mAAABAwcAKg/mwAEjAwcAKg/mwAmRAwcA
Kg/mwA/hAwUDKg/pQDANBgkqhkiG9w0BAQsFAAOCAQEAigLSdFM7HKUIp3Gqx0n1
uhzGHoLGgsUur7wU8Mnvs+hm6SrNxbfJCHJCU+Y1oTygzstcw2dMJNQEKUkkfV7X
j9R4KIXuDCJEGtsOakmMeB36Xolbhf1IMWy+pxmrtTp/jgRvoGiaIz3qSW28CpXW
N2XQD65GSnk/P9fC0W72Fd1tUGq3IgKMmhdMUhPif3LrZFIfb4sY6YvBf4jGUddk
L9xjQwDkBKvPkaoMgJn+Ge1DvXMoebdW+mubedOWN91dVC8UH3SIGzJwsh03AaR0
EFf0+Itfj6T/coBDxhQDceBSSFACekjSRcddKvv905OL0EhuPbUZ3/z5FkmzGXEc
qQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:04 2025 by rpki-client