Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/CqOxk-mAtWNxn-JZb1z17iH2NdQ.roa
File: CqOxk-mAtWNxn-JZb1z17iH2NdQ.roa (raw, json)
Hash identifier: UE359sOAUfzC3CaIbEvHFKsZ9zaH45reD7lozlXvPz0=
Subject key identifier: 0A:A3:B1:93:E9:80:B5:63:71:9F:E2:59:6F:5C:F5:EE:21:F6:35:D4
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0181F93900F9B10F94E71F0DB3241ED13E1C
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/CqOxk-mAtWNxn-JZb1z17iH2NdQ.roa
Signing time: Wed 13 Jul 2022 20:21:11 +0000
ROA not before: Wed 13 Jul 2022 20:21:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209641
IP address blocks: 45.133.245.0/24 maxlen: 24
185.5.248.0/23 maxlen: 23
185.5.248.0/22 maxlen: 22
5.252.116.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.48.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
139.28.220.0/24 maxlen: 24
139.28.221.0/24 maxlen: 24
5.180.139.0/24 maxlen: 24
5.180.137.0/24 maxlen: 24
5.180.138.0/24 maxlen: 24
5.180.136.0/24 maxlen: 24
45.89.67.0/24 maxlen: 24
45.89.66.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
95.214.10.0/24 maxlen: 24
95.214.8.0/24 maxlen: 24
95.214.11.0/24 maxlen: 24
95.214.9.0/24 maxlen: 24
195.66.87.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
185.105.119.0/24 maxlen: 24
94.142.139.0/24 maxlen: 24
94.142.143.0/24 maxlen: 24
94.142.141.0/24 maxlen: 24
94.142.140.0/24 maxlen: 24
94.142.142.0/24 maxlen: 24
185.125.216.0/22 maxlen: 22
185.105.118.0/24 maxlen: 24
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
185.58.205.0/24 maxlen: 24
185.58.206.0/24 maxlen: 24
185.58.204.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.58.207.0/24 maxlen: 24
45.89.64.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.125.229.0/24 maxlen: 24
185.125.228.0/22 maxlen: 22
185.125.228.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.196.0/22 maxlen: 22
194.67.194.0/23 maxlen: 23
194.67.193.0/24 maxlen: 24
193.124.176.0/21 maxlen: 21
193.124.176.0/20 maxlen: 20
193.124.184.0/21 maxlen: 21
45.128.176.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.176.0/22 maxlen: 22
45.128.177.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
195.47.250.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.202.0/24 maxlen: 24
194.67.200.0/23 maxlen: 23
194.67.204.0/22 maxlen: 22
194.67.208.0/20 maxlen: 20
46.17.106.0/24 maxlen: 24
2a0a:9300::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f9:39:00:f9:b1:0f:94:e7:1f:0d:b3:24:1e:d1:3e:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jul 13 20:21:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0aa3b193e980b563719fe2596f5cf5ee21f635d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:50:91:36:0c:eb:61:10:bf:2e:44:8e:1f:75:
c9:b0:26:02:9d:19:f1:24:7c:2e:5c:01:40:ed:84:
a5:33:c5:1f:65:71:49:36:8d:6b:b7:5f:3f:2c:8b:
d9:d1:33:94:d7:e9:0b:bf:13:54:99:4a:08:b4:f7:
c5:3d:0f:7d:bc:82:d0:7b:ad:2b:28:1a:65:25:fd:
08:88:6d:0b:88:be:93:91:32:09:c5:94:3b:ba:d8:
6f:92:81:53:c7:c3:20:24:c4:ec:0b:d0:3b:41:a4:
a6:53:7b:ab:4a:eb:e9:42:55:54:ed:a3:72:c2:93:
3a:4f:d5:ec:32:49:0b:b6:80:c7:86:40:06:f0:c1:
f6:a8:fb:37:ef:f6:33:c1:65:14:c2:19:9a:33:8b:
06:9c:eb:a8:a4:45:9f:ef:d3:bd:3c:b3:db:bc:ab:
f4:54:67:be:fe:cd:27:05:d5:0e:74:2b:e8:ac:fb:
67:8e:08:0f:0a:ef:ce:c0:b8:3d:2f:4c:2f:5e:71:
55:47:3c:4c:9b:5a:86:d4:4b:3e:6a:55:c4:f9:ca:
90:7e:41:11:bb:5a:fd:b5:9d:b1:39:73:cb:4d:06:
e8:38:f8:91:79:b5:27:e8:66:57:30:21:4b:f1:1e:
7f:4d:67:de:86:d6:6b:68:1f:1c:25:0d:03:1e:4e:
09:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A3:B1:93:E9:80:B5:63:71:9F:E2:59:6F:5C:F5:EE:21:F6:35:D4
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/CqOxk-mAtWNxn-JZb1z17iH2NdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/22
5.252.116.0/24
45.89.64.0/24
45.89.66.0/23
45.128.176.0/22
45.133.245.0/24
46.17.106.0/24
91.217.80.0/24
94.142.136.0/21
95.214.8.0/22
139.28.220.0/23
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/22
185.117.152.0/22
185.125.216.0/22
185.125.228.0/22
193.124.176.0/20
194.67.192.0/19
195.47.250.0/24
195.66.87.0/24
IPv6:
2a0a:9300::/48
Signature Algorithm: sha256WithRSAEncryption
9b:1b:c7:99:7b:45:fa:87:aa:83:60:82:aa:90:75:39:2c:0e:
9e:5f:8d:c0:0a:18:9f:49:ee:ec:63:e9:dc:db:53:fd:2c:45:
9b:13:d0:22:ad:17:e5:73:02:dd:f8:b6:9c:c5:7b:2a:29:e5:
3a:6a:9b:3f:6a:e6:a3:be:28:99:75:cd:e0:09:fe:f6:0c:69:
be:e4:ea:05:68:9f:7e:4a:18:25:3a:68:1a:12:41:bb:3f:bf:
82:3c:c1:9a:a6:fe:11:6e:92:01:2f:ab:2c:ce:dc:87:b3:dc:
1c:46:60:a4:97:d6:5b:51:2f:45:14:3c:b2:d5:5a:de:cc:f2:
16:fd:8d:7c:c5:63:a0:04:69:3b:02:5f:c0:f6:99:e4:27:11:
12:12:e8:42:82:61:61:9c:59:0e:05:8b:fd:13:12:1a:82:9e:
95:2e:f9:b0:9e:2a:f8:94:24:19:d7:53:aa:b9:9e:30:4f:af:
64:c4:d9:a2:d2:9f:38:64:1a:b0:2f:02:5b:0e:53:b3:86:9c:
dc:fc:79:16:a9:ba:73:a7:18:c3:19:a9:2a:ab:1c:4f:42:98:
7a:16:e9:98:13:61:e1:e6:8a:61:71:59:44:c4:5e:7e:8e:a0:
13:86:07:da:dc:8e:f1:8f:fd:07:9d:ed:96:34:36:b8:d2:eb:
0b:e6:2a:e2
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgISAYH5OQD5sQ+U5x8NsyQe0T4cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwNzEzMjAyMTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWEzYjE5M2U5ODBiNTYzNzE5ZmUyNTk2ZjVjZjVlZTIxZjYzNWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1lCRNgzrYRC/LkSOH3XJsCYCnRnx
JHwuXAFA7YSlM8UfZXFJNo1rt18/LIvZ0TOU1+kLvxNUmUoItPfFPQ99vILQe60r
KBplJf0IiG0LiL6TkTIJxZQ7uthvkoFTx8MgJMTsC9A7QaSmU3urSuvpQlVU7aNy
wpM6T9XsMkkLtoDHhkAG8MH2qPs37/YzwWUUwhmaM4sGnOuopEWf79O9PLPbvKv0
VGe+/s0nBdUOdCvorPtnjggPCu/OwLg9L0wvXnFVRzxMm1qG1Es+alXE+cqQfkER
u1r9tZ2xOXPLTQboOPiRebUn6GZXMCFL8R5/TWfehtZraB8cJQ0DHk4JywIDAQAB
o4ICnTCCApkwHQYDVR0OBBYEFAqjsZPpgLVjcZ/iWW9c9e4h9jXUMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvQ3FPeGstbUF0V054bi1KWmIxejE3aUgyTmRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGyBggrBgEFBQcBBwEB/wSBojCBnzCBiwQCAAEwgYQDBAIF
tIgDBAAF/HQDBAAtWUADBAEtWUIDBAItgLADBAAthfUDBAAuEWoDBABb2VADBANe
jogDBAJf1ggDBAGLHNwDBAK5BfgDBAK5OswDBAK5VzADBAK5aXQDBAK5dZgDBAK5
fdgDBAK5feQDBATBfLADBAXCQ8ADBADDL/oDBADDQlcwDwQCAAIwCQMHACoKkwAA
ADANBgkqhkiG9w0BAQsFAAOCAQEAmxvHmXtF+oeqg2CCqpB1OSwOnl+NwAoYn0nu
7GPp3NtT/SxFmxPQIq0X5XMC3fi2nMV7KinlOmqbP2rmo74omXXN4An+9gxpvuTq
BWiffkoYJTpoGhJBuz+/gjzBmqb+EW6SAS+rLM7ch7PcHEZgpJfWW1EvRRQ8stVa
3szyFv2NfMVjoARpOwJfwPaZ5CcREhLoQoJhYZxZDgWL/RMSGoKelS75sJ4q+JQk
GddTqrmeME+vZMTZotKfOGQasC8CWw5Ts4ac3Px5Fqm6c6cYwxmpKqscT0KYehbp
mBNh4eaKYXFZRMRefo6gE4YH2tyO8Y/9B53tljQ2uNLrC+Yq4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org