Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/RdD5Wc7lbjZG2cCC89-6vgPEJzY.roa
File: RdD5Wc7lbjZG2cCC89-6vgPEJzY.roa (raw, json)
Hash identifier: H/CCm0uucsRwRx3hOOA85avJjJ0FobakpDSfHncfsiU=
Subject key identifier: 45:D0:F9:59:CE:E5:6E:36:46:D9:C0:82:F3:DF:BA:BE:03:C4:27:36
Certificate issuer: /CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Certificate serial: 01831C431B98E1A1A497B3BBC0B8CD7B6C09
Authority key identifier: 65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/RdD5Wc7lbjZG2cCC89-6vgPEJzY.roa
Signing time: Thu 08 Sep 2022 08:41:43 +0000
ROA not before: Thu 08 Sep 2022 08:41:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50304
IP address blocks: 193.28.1.0/24 maxlen: 24
193.28.4.0/24 maxlen: 24
193.28.7.0/24 maxlen: 24
178.255.144.0/21 maxlen: 32
91.90.40.0/21 maxlen: 24
91.199.193.0/24 maxlen: 24
194.99.40.0/22 maxlen: 24
185.41.240.0/22 maxlen: 24
193.138.6.0/23 maxlen: 24
176.125.232.0/22 maxlen: 22
134.90.144.0/21 maxlen: 32
134.90.148.0/24 maxlen: 24
194.127.199.0/24 maxlen: 24
194.127.198.0/23 maxlen: 23
91.205.184.0/22 maxlen: 22
193.27.45.0/24 maxlen: 24
37.202.56.0/21 maxlen: 24
31.169.48.0/21 maxlen: 32
185.35.200.0/24 maxlen: 24
185.35.200.0/22 maxlen: 24
185.12.56.0/22 maxlen: 24
194.35.228.0/22 maxlen: 24
185.152.32.0/23 maxlen: 23
185.152.32.0/22 maxlen: 24
217.197.164.0/22 maxlen: 24
45.152.48.0/22 maxlen: 22
2a02:ed01::/32 maxlen: 32
2a02:ed00::/32 maxlen: 32
2a02:ed03::/32 maxlen: 32
2a02:ed04:3400::/44 maxlen: 44
2a02:ed04:4400::/44 maxlen: 44
2a02:ed04:4500::/44 maxlen: 44
2a02:ed04:4600::/44 maxlen: 44
2a02:ed04:4700::/44 maxlen: 44
2a02:ed04:100::/44 maxlen: 44
2a02:ed06::/32 maxlen: 32
2a02:20c8::/32 maxlen: 48
2a07:7d80::/29 maxlen: 29
2a04:8d40::/29 maxlen: 32
2a02:ed05::/32 maxlen: 32
2a02:ed00::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1c:43:1b:98:e1:a1:a4:97:b3:bb:c0:b8:cd:7b:6c:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Validity
Not Before: Sep 8 08:41:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=45d0f959cee56e3646d9c082f3dfbabe03c42736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:20:92:70:8c:dd:12:34:c7:9b:19:bd:9d:71:
0a:af:7d:d7:23:81:4f:19:80:23:09:71:f7:54:a9:
e7:b2:fb:38:e9:2e:8c:a7:cc:c5:e3:07:6a:f8:fe:
23:cd:cd:7c:e1:ff:58:3c:2d:1b:94:8f:60:d4:93:
cf:8c:48:07:82:fd:7e:45:c0:2d:2c:12:fd:d5:49:
dc:4a:d5:3c:19:fa:e6:5e:a9:2b:91:9c:1e:5c:0d:
0d:14:c7:da:6f:ea:6b:20:e3:51:a2:be:70:1c:fe:
fe:a1:46:dd:8d:fe:e8:57:0e:a7:0a:9e:f1:db:d2:
62:27:f5:e9:a3:52:31:6d:06:ae:9d:c9:bf:72:ec:
57:3c:41:cf:f9:c7:45:71:d1:29:69:37:2c:d9:f7:
b1:9e:a8:d9:7e:cb:7f:e5:e5:b1:24:c4:10:f0:05:
22:5a:f1:26:ce:4a:cf:9b:15:10:86:46:89:59:a6:
56:10:93:e7:b5:90:1e:c6:d1:f8:81:96:7f:30:59:
53:65:3f:41:ae:4f:3f:d8:41:95:a0:6b:ab:fa:3e:
7e:1c:27:cf:dc:a8:f5:23:39:cb:1f:3e:1e:dc:37:
02:1f:f1:99:25:f7:8a:15:a2:ac:13:a7:b8:fe:b2:
a4:d0:5d:a8:8d:22:93:2b:2f:47:40:9d:50:50:7f:
ac:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:D0:F9:59:CE:E5:6E:36:46:D9:C0:82:F3:DF:BA:BE:03:C4:27:36
X509v3 Authority Key Identifier:
keyid:65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/RdD5Wc7lbjZG2cCC89-6vgPEJzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.48.0/21
37.202.56.0/21
45.152.48.0/22
91.90.40.0/21
91.199.193.0/24
91.205.184.0/22
134.90.144.0/21
176.125.232.0/22
178.255.144.0/21
185.12.56.0/22
185.35.200.0/22
185.41.240.0/22
185.152.32.0/22
193.27.45.0/24
193.28.1.0/24
193.28.4.0/24
193.28.7.0/24
193.138.6.0/23
194.35.228.0/22
194.99.40.0/22
194.127.198.0/23
217.197.164.0/22
IPv6:
2a02:20c8::/32
2a02:ed00::/29
2a04:8d40::/29
2a07:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
51:6c:7e:10:d8:0a:ba:41:ea:14:c1:c8:27:47:4c:53:d9:dd:
86:20:c3:33:95:c7:a1:e0:8f:19:cf:bd:85:f0:43:30:ca:7d:
ef:1d:8c:19:a1:42:e5:3f:f7:f9:d3:4a:23:0b:f7:0e:70:ef:
38:91:ec:76:18:46:88:ab:7d:c6:72:da:38:68:e2:50:20:6f:
96:e3:c5:d0:10:50:b3:8c:be:83:fb:d8:40:39:69:eb:d0:58:
d2:56:6e:fe:5c:fe:da:a4:e7:8f:6c:1e:19:da:8f:ce:db:ab:
ce:4b:fd:05:66:b7:f2:df:30:c9:8c:16:5c:2a:5e:10:05:cf:
70:05:fa:43:bd:28:5c:fb:1a:6e:61:c0:b1:fe:44:32:10:e1:
f0:3b:c9:97:02:3f:f5:0f:0a:74:e3:ba:05:3f:07:e5:37:5e:
8a:ca:72:9f:e5:8a:91:13:88:3f:06:1f:00:f5:bd:8a:6b:96:
21:89:5d:4e:89:3f:55:7f:26:6d:fc:22:b2:29:de:81:1d:9f:
25:4a:e4:ff:c7:94:33:c4:78:7e:0a:f7:29:ed:8d:ec:c4:08:
87:f8:08:81:a7:b9:da:2b:00:6e:2d:d8:10:ad:8a:15:4a:4b:
85:fb:c0:75:be:4b:f3:83:cb:46:5e:f2:71:70:3c:41:78:c1:
7d:6c:f4:0f
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYMcQxuY4aGkl7O7wLjNe2wJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YmRjZmY3N2JmMDYwZDVkYTEyZGU0NWUyMDcyZTFjZmY0
NTYwYTcwHhcNMjIwOTA4MDg0MTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWQwZjk1OWNlZTU2ZTM2NDZkOWMwODJmM2RmYmFiZTAzYzQyNzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSCScIzdEjTHmxm9nXEKr33XI4FP
GYAjCXH3VKnnsvs46S6Mp8zF4wdq+P4jzc184f9YPC0blI9g1JPPjEgHgv1+RcAt
LBL91UncStU8GfrmXqkrkZweXA0NFMfab+prIONRor5wHP7+oUbdjf7oVw6nCp7x
29JiJ/Xpo1IxbQauncm/cuxXPEHP+cdFcdEpaTcs2fexnqjZfst/5eWxJMQQ8AUi
WvEmzkrPmxUQhkaJWaZWEJPntZAextH4gZZ/MFlTZT9Brk8/2EGVoGur+j5+HCfP
3Kj1IznLHz4e3DcCH/GZJfeKFaKsE6e4/rKk0F2ojSKTKy9HQJ1QUH+sqQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFEXQ+VnO5W42RtnAgvPfur4DxCc2MB8GA1UdIwQY
MBaAFGW9z/d78GDV2hLeReIHLhz/RWCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYt
ZDcwY2Q5N2Y0ODU3LzEvUmRENVdjN2xialpHMmNDQzg5LTZ2Z1BFSnpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYtZDcwY2Q5N2Y0ODU3
LzEvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBiwQCAAEwgYQDBAMf
qTADBAMlyjgDBAItmDADBANbWigDBABbx8EDBAJbzbgDBAOGWpADBAKwfegDBAOy
/5ADBAK5DDgDBAK5I8gDBAK5KfADBAK5mCADBADBGy0DBADBHAEDBADBHAQDBADB
HAcDBAHBigYDBALCI+QDBALCYygDBAHCf8YDBALZxaQwIgQCAAIwHAMFACoCIMgD
BQMqAu0AAwUDKgSNQAMFAyoHfYAwDQYJKoZIhvcNAQELBQADggEBAFFsfhDYCrpB
6hTByCdHTFPZ3YYgwzOVx6HgjxnPvYXwQzDKfe8djBmhQuU/9/nTSiML9w5w7ziR
7HYYRoirfcZy2jho4lAgb5bjxdAQULOMvoP72EA5aevQWNJWbv5c/tqk549sHhna
j87bq85L/QVmt/LfMMmMFlwqXhAFz3AF+kO9KFz7Gm5hwLH+RDIQ4fA7yZcCP/UP
CnTjugU/B+U3XorKcp/lipETiD8GHwD1vYprliGJXU6JP1V/Jm38IrIp3oEdnyVK
5P/HlDPEeH4K9yntjezECIf4CIGnudorAG4t2BCtihVKS4X7wHW+S/ODy0Ze8nFw
PEF4wX1s9A8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:15 2023 by rpki-client on console-ams.rpki-client.org