Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/TJcmB0od-jCfUKj-osjLDI-NYsE.roa
File: TJcmB0od-jCfUKj-osjLDI-NYsE.roa (raw, json)
Hash identifier: KsWXZ6pQ9t5fGHP+JbAW5juwQXTk5rmC6zQVPXaly/0=
Subject key identifier: 4C:97:26:07:4A:1D:FA:30:9F:50:A8:FE:A2:C8:CB:0C:8F:8D:62:C1
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018340E7E20620F2834BC18711552B48F61E
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/TJcmB0od-jCfUKj-osjLDI-NYsE.roa
Signing time: Thu 15 Sep 2022 11:28:01 +0000
ROA not before: Thu 15 Sep 2022 11:28:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209641
IP address blocks: 45.133.245.0/24 maxlen: 24
185.5.248.0/23 maxlen: 23
185.5.248.0/22 maxlen: 22
5.252.116.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.48.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
139.28.220.0/24 maxlen: 24
139.28.221.0/24 maxlen: 24
45.89.67.0/24 maxlen: 24
45.89.66.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
95.214.10.0/24 maxlen: 24
95.214.8.0/24 maxlen: 24
95.214.11.0/24 maxlen: 24
95.214.9.0/24 maxlen: 24
195.66.87.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
185.105.119.0/24 maxlen: 24
94.142.139.0/24 maxlen: 24
94.142.143.0/24 maxlen: 24
94.142.141.0/24 maxlen: 24
94.142.140.0/24 maxlen: 24
94.142.142.0/24 maxlen: 24
185.125.216.0/22 maxlen: 22
185.105.118.0/24 maxlen: 24
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
185.58.205.0/24 maxlen: 24
185.58.206.0/24 maxlen: 24
185.58.204.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.58.207.0/24 maxlen: 24
45.89.64.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.125.229.0/24 maxlen: 24
185.125.228.0/22 maxlen: 22
185.125.228.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.196.0/22 maxlen: 22
194.67.194.0/23 maxlen: 23
194.67.193.0/24 maxlen: 24
193.124.176.0/20 maxlen: 20
193.124.176.0/21 maxlen: 21
193.124.184.0/21 maxlen: 21
45.128.176.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.176.0/22 maxlen: 22
45.128.177.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
195.47.250.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.202.0/24 maxlen: 24
194.67.200.0/23 maxlen: 23
194.67.204.0/22 maxlen: 22
194.67.208.0/20 maxlen: 20
46.17.106.0/24 maxlen: 24
2a0a:9300:d1::/48 maxlen: 48
2a0a:9300::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9300:d2::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0a:9300:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
2a0a:9300:d0::/48 maxlen: 48
2a0a:9302:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:40:e7:e2:06:20:f2:83:4b:c1:87:11:55:2b:48:f6:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Sep 15 11:28:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4c9726074a1dfa309f50a8fea2c8cb0c8f8d62c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:aa:b5:30:7c:17:c8:80:ad:3a:6c:66:15:32:
df:4a:03:4a:4d:91:96:73:5a:96:07:0e:3a:af:63:
3e:e1:cc:9d:8b:88:6a:d3:41:f0:85:5c:74:81:dd:
46:be:04:12:d5:3b:72:d1:48:af:e3:be:e3:c5:ba:
bb:a4:0a:f6:4b:7d:c8:85:42:23:ef:0f:fb:9e:9a:
95:67:04:16:59:86:3e:38:93:27:b7:e9:5c:cf:90:
d8:36:99:b4:0a:35:d4:0c:0b:17:59:88:ba:2d:d8:
94:ba:96:e3:97:70:f3:2a:6d:9c:fd:f5:39:6e:f5:
b0:29:1d:14:23:13:ba:bf:67:63:9f:b8:16:48:99:
e5:1c:48:81:99:43:86:28:02:f2:c0:0a:dd:2c:28:
50:de:e0:b8:1e:be:e1:dc:5f:1a:3d:8d:9f:9b:22:
1f:4b:6a:e0:d4:c0:2e:f3:72:3f:18:91:a9:18:39:
e2:86:cf:c8:5f:92:17:66:44:33:ff:ea:a0:4a:11:
90:81:cc:91:39:13:52:a2:ee:43:87:d7:64:67:bf:
b3:b9:58:e1:62:37:30:05:bd:8a:ba:84:e0:bc:5b:
1a:19:c7:7e:54:f4:f6:ff:9e:7b:c8:cc:12:6c:fb:
96:e6:e8:f0:6a:38:fa:3a:d5:22:5c:b6:ee:9e:b8:
70:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:97:26:07:4A:1D:FA:30:9F:50:A8:FE:A2:C8:CB:0C:8F:8D:62:C1
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/TJcmB0od-jCfUKj-osjLDI-NYsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.116.0/24
45.89.64.0/24
45.89.66.0/23
45.128.176.0/22
45.133.245.0/24
46.17.106.0/24
91.217.80.0/24
94.142.136.0/21
95.214.8.0/22
139.28.220.0/23
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/22
185.117.152.0/22
185.125.216.0/22
185.125.228.0/22
193.124.176.0/20
194.67.192.0/19
195.47.250.0/24
195.66.87.0/24
IPv6:
2a0a:9300::/48
2a0a:9300:2::/48
2a0a:9300:d0::-2a0a:9300:d2:ffff:ffff:ffff:ffff:ffff
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
Signature Algorithm: sha256WithRSAEncryption
50:c7:bb:0f:94:32:6b:89:6e:d4:0f:b4:b5:f8:c6:60:e8:03:
dc:16:38:3d:35:41:3f:1c:58:8a:27:65:ed:97:d6:c0:ad:0b:
b0:b1:10:50:b0:c2:b5:04:8e:c8:8b:83:6a:b9:b9:18:09:fd:
94:66:35:eb:63:bc:5d:fe:23:c9:1c:5d:2b:d6:58:a1:08:f6:
e2:2c:c2:d9:5e:3d:c2:e0:71:38:1d:04:4a:d7:78:24:8e:9c:
76:5d:1f:3a:df:3b:4c:e1:02:25:69:c8:fa:0a:7c:f1:73:25:
b2:a5:57:c5:ec:eb:52:96:ee:b0:2f:d7:77:a6:8e:53:03:df:
16:91:b9:8c:28:6a:17:1b:e6:00:19:d7:d5:e2:c5:b3:c2:7a:
23:7c:87:ee:aa:53:7f:9b:63:0e:48:f1:1e:39:22:33:e7:00:
5f:df:d1:5b:4c:a4:7f:64:6b:e1:25:87:7a:a5:4b:ed:81:7a:
df:55:34:d4:83:a4:40:c3:f1:fd:50:d2:46:e9:c2:f1:f8:09:
07:57:93:20:21:88:74:0b:ba:1a:6a:8b:79:52:d0:42:40:d1:
12:e6:45:37:11:a0:c3:74:3a:20:b4:15:c5:09:fc:bc:d2:56:
53:ec:e2:a4:0d:5c:c1:de:db:2e:2f:df:8d:bc:73:38:b3:a4:
8a:00:28:04
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAYNA5+IGIPKDS8GHEVUrSPYeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwOTE1MTEyODAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yzk3MjYwNzRhMWRmYTMwOWY1MGE4ZmVhMmM4Y2IwYzhmOGQ2MmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3qq1MHwXyICtOmxmFTLfSgNKTZGW
c1qWBw46r2M+4cydi4hq00HwhVx0gd1GvgQS1Tty0Uiv477jxbq7pAr2S33IhUIj
7w/7npqVZwQWWYY+OJMnt+lcz5DYNpm0CjXUDAsXWYi6LdiUupbjl3DzKm2c/fU5
bvWwKR0UIxO6v2djn7gWSJnlHEiBmUOGKALywArdLChQ3uC4Hr7h3F8aPY2fmyIf
S2rg1MAu83I/GJGpGDnihs/IX5IXZkQz/+qgShGQgcyRORNSou5Dh9dkZ7+zuVjh
YjcwBb2KuoTgvFsaGcd+VPT2/557yMwSbPuW5ujwajj6OtUiXLbunrhw4wIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFEyXJgdKHfown1Co/qLIywyPjWLBMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvVEpjbUIwb2QtakNmVUtqLW9zakxESS1OWXNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBhAQCAAEwfgMEAAX8
dAMEAC1ZQAMEAS1ZQgMEAi2AsAMEAC2F9QMEAC4RagMEAFvZUAMEA16OiAMEAl/W
CAMEAYsc3AMEArkF+AMEArk6zAMEArlXMAMEArlpdAMEArl1mAMEArl92AMEArl9
5AMEBMF8sAMEBcJDwAMEAMMv+gMEAMNCVzBFBAIAAjA/AwcAKgqTAAAAAwcAKgqT
AAACMBIDBwQqCpMAANADBwAqCpMAANIwEAMFACoKkwEDBwAqCpMBAAIDBQAqCpMC
MA0GCSqGSIb3DQEBCwUAA4IBAQBQx7sPlDJriW7UD7S1+MZg6APcFjg9NUE/HFiK
J2Xtl9bArQuwsRBQsMK1BI7Ii4NqubkYCf2UZjXrY7xd/iPJHF0r1lihCPbiLMLZ
Xj3C4HE4HQRK13gkjpx2XR863ztM4QIlacj6CnzxcyWypVfF7OtSlu6wL9d3po5T
A98WkbmMKGoXG+YAGdfV4sWzwnojfIfuqlN/m2MOSPEeOSIz5wBf39FbTKR/ZGvh
JYd6pUvtgXrfVTTUg6RAw/H9UNJG6cLx+AkHV5MgIYh0C7oaaot5UtBCQNES5kU3
EaDDdDogtBXFCfy80lZT7OKkDVzB3tsuL9+NvHM4s6SKACgE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org