Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/ILqeta-K5pvl2vtgZou3y1U9mLM.roa
File: ILqeta-K5pvl2vtgZou3y1U9mLM.roa (raw, json)
Hash identifier: aAYfz2Ut+DgJU6iG3MKtBckQrVMf+iRz4535oJKo9Ak=
Subject key identifier: 20:BA:9E:B5:AF:8A:E6:9B:E5:DA:FB:60:66:8B:B7:CB:55:3D:98:B3
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185584F2CC5626FBEC9880555B7037CD0D9
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/ILqeta-K5pvl2vtgZou3y1U9mLM.roa
Signing time: Wed 28 Dec 2022 10:37:41 +0000
ROA not before: Wed 28 Dec 2022 10:37:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62235
IP address blocks: 89.39.167.0/24 maxlen: 24
85.204.200.0/22 maxlen: 24
85.204.200.0/21 maxlen: 24
85.204.204.0/22 maxlen: 24
89.46.247.0/24 maxlen: 24
188.212.16.0/22 maxlen: 24
188.212.16.0/23 maxlen: 24
188.212.18.0/23 maxlen: 24
185.228.244.0/22 maxlen: 24
185.228.244.0/23 maxlen: 24
185.228.246.0/23 maxlen: 24
185.87.130.0/23 maxlen: 24
185.87.128.0/23 maxlen: 24
185.87.128.0/22 maxlen: 24
194.124.56.0/22 maxlen: 24
194.124.58.0/23 maxlen: 24
194.124.56.0/23 maxlen: 24
89.45.222.0/23 maxlen: 24
89.45.220.0/23 maxlen: 24
89.45.220.0/22 maxlen: 24
94.177.0.0/22 maxlen: 24
94.177.2.0/23 maxlen: 24
94.177.0.0/23 maxlen: 24
89.46.32.0/24 maxlen: 24
89.46.35.0/24 maxlen: 24
89.46.37.0/24 maxlen: 24
89.46.39.0/24 maxlen: 24
185.56.76.0/23 maxlen: 24
185.56.78.0/23 maxlen: 24
185.56.76.0/22 maxlen: 24
45.86.184.0/23 maxlen: 24
45.86.186.0/23 maxlen: 24
45.86.184.0/22 maxlen: 24
188.214.112.0/22 maxlen: 24
89.35.231.0/24 maxlen: 24
188.214.116.0/22 maxlen: 24
188.214.112.0/21 maxlen: 24
188.214.118.0/24 maxlen: 24
188.213.80.0/23 maxlen: 24
92.119.0.0/22 maxlen: 24
188.213.82.0/23 maxlen: 24
188.213.83.0/24 maxlen: 24
188.213.80.0/22 maxlen: 24
92.119.2.0/23 maxlen: 24
92.119.0.0/23 maxlen: 24
37.156.110.0/23 maxlen: 24
37.156.108.0/23 maxlen: 24
37.156.108.0/22 maxlen: 24
185.41.244.0/22 maxlen: 24
195.82.98.0/23 maxlen: 24
195.82.98.0/24 maxlen: 24
185.41.244.0/23 maxlen: 24
185.41.246.0/23 maxlen: 24
195.82.99.0/24 maxlen: 24
87.247.130.0/23 maxlen: 24
87.247.128.0/23 maxlen: 24
87.247.128.0/22 maxlen: 24
45.14.206.0/24 maxlen: 24
5.183.58.0/23 maxlen: 24
5.183.56.0/23 maxlen: 24
45.14.204.0/23 maxlen: 24
5.183.56.0/22 maxlen: 24
45.14.204.0/22 maxlen: 24
37.156.78.0/23 maxlen: 24
37.156.76.0/23 maxlen: 24
45.14.207.0/24 maxlen: 24
37.156.76.0/22 maxlen: 24
139.28.88.0/22 maxlen: 24
89.44.82.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:58:4f:2c:c5:62:6f:be:c9:88:05:55:b7:03:7c:d0:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 28 10:37:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20ba9eb5af8ae69be5dafb60668bb7cb553d98b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9f:d1:57:73:a8:eb:da:46:7d:5c:ca:57:73:
53:3b:f5:8d:c4:0f:c3:7f:14:44:45:e2:7a:a1:05:
c3:32:26:e5:6e:73:38:4a:94:11:d9:67:c3:09:5a:
80:b9:08:0f:05:23:b0:db:25:8a:5a:b6:13:1f:43:
dd:03:80:6a:09:75:cf:e5:85:80:f8:60:1c:1e:17:
48:2f:5f:d9:96:b0:95:f3:2a:c3:dd:2a:63:c0:50:
68:f0:b0:ca:bb:1a:7f:03:67:02:10:8d:91:3c:05:
41:35:e0:e7:6f:01:7a:10:ad:1e:f6:b8:97:ff:c2:
8f:6f:7a:9d:43:62:23:30:12:f5:af:2f:85:83:08:
ed:61:88:e1:ba:13:c9:ea:52:02:1c:d2:bc:0e:d5:
13:fd:92:fc:4e:d9:79:b0:03:3f:42:fb:b0:53:b3:
f0:b5:15:61:74:f7:86:37:8d:fd:4c:f2:f6:a0:2f:
7f:00:aa:71:b7:e3:09:da:89:6b:33:1c:af:e3:7a:
70:98:fe:a6:24:14:e6:5e:06:b7:08:c0:d1:f4:cd:
0c:2e:c6:cd:53:77:fd:c7:af:43:ee:47:6a:7d:5e:
ef:73:ac:45:b4:f9:40:d3:a7:aa:03:c6:8f:c6:60:
59:1f:d9:8b:3f:4c:bc:f9:24:3b:7f:70:f1:2c:8b:
bb:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:BA:9E:B5:AF:8A:E6:9B:E5:DA:FB:60:66:8B:B7:CB:55:3D:98:B3
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/ILqeta-K5pvl2vtgZou3y1U9mLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.56.0/22
37.156.76.0/22
37.156.108.0/22
45.14.204.0/22
45.86.184.0/22
85.204.200.0/21
87.247.128.0/22
89.35.231.0/24
89.39.167.0/24
89.44.82.0/24
89.45.220.0/22
89.46.32.0/24
89.46.35.0/24
89.46.37.0/24
89.46.39.0/24
89.46.247.0/24
92.119.0.0/22
94.177.0.0/22
139.28.88.0/22
185.41.244.0/22
185.56.76.0/22
185.87.128.0/22
185.228.244.0/22
188.212.16.0/22
188.213.80.0/22
188.214.112.0/21
194.124.56.0/22
195.82.98.0/23
Signature Algorithm: sha256WithRSAEncryption
93:90:66:9e:f8:bb:a8:f2:50:6a:5a:a8:cd:31:79:74:d2:e3:
c9:ae:d0:11:fd:5e:e0:71:be:91:44:dd:72:cb:30:dd:ea:15:
7a:10:f8:7a:8f:bb:32:c3:d9:1f:5e:3a:90:d2:87:b2:4b:98:
de:fc:45:ef:b8:29:ca:69:18:04:88:19:04:6a:15:f4:5c:5d:
1f:ad:fd:75:f5:a9:64:2d:7b:0c:3b:3d:3b:35:9f:08:63:d1:
ae:50:84:74:4d:f6:6d:88:6c:22:cc:d9:b9:8d:61:d6:1d:66:
36:60:a2:cc:10:a4:5e:4f:d7:98:e1:22:52:ec:c1:e9:3e:70:
01:df:b9:88:fa:24:1b:db:2c:4e:ac:d6:c0:8c:fe:7f:c9:23:
89:57:de:9a:df:56:c0:67:b3:02:ef:12:77:c3:6c:42:5a:61:
7c:df:45:97:1e:a0:13:70:d4:41:1d:68:31:cb:df:af:84:24:
0c:07:d0:26:58:01:ac:32:6b:79:7e:65:f9:7f:3d:c4:55:79:
82:1b:57:6a:e0:81:65:f3:2b:84:a7:ee:7d:20:16:1b:fa:1a:
b2:ef:1c:2c:22:65:27:89:99:a7:57:7f:0e:27:b1:f0:d6:80:
d6:26:12:9c:29:5c:4d:8b:5a:24:9b:ce:60:7c:6a:9d:3b:09:
e9:e1:d4:f6
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYVYTyzFYm++yYgFVbcDfNDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjI4MTAzNzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGJhOWViNWFmOGFlNjliZTVkYWZiNjA2NjhiYjdjYjU1M2Q5OGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJ/RV3Oo69pGfVzKV3NTO/WNxA/D
fxREReJ6oQXDMiblbnM4SpQR2WfDCVqAuQgPBSOw2yWKWrYTH0PdA4BqCXXP5YWA
+GAcHhdIL1/ZlrCV8yrD3SpjwFBo8LDKuxp/A2cCEI2RPAVBNeDnbwF6EK0e9riX
/8KPb3qdQ2IjMBL1ry+FgwjtYYjhuhPJ6lICHNK8DtUT/ZL8Ttl5sAM/QvuwU7Pw
tRVhdPeGN439TPL2oC9/AKpxt+MJ2olrMxyv43pwmP6mJBTmXga3CMDR9M0MLsbN
U3f9x69D7kdqfV7vc6xFtPlA06eqA8aPxmBZH9mLP0y8+SQ7f3DxLIu7yQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFCC6nrWviuab5dr7YGaLt8tVPZizMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvSUxxZXRhLUs1cHZsMnZ0Z1pvdTN5MVU5bUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagDBAIF
tzgDBAIlnEwDBAIlnGwDBAItDswDBAItVrgDBANVzMgDBAJX94ADBABZI+cDBABZ
J6cDBABZLFIDBAJZLdwDBABZLiADBABZLiMDBABZLiUDBABZLicDBABZLvcDBAJc
dwADBAJesQADBAKLHFgDBAK5KfQDBAK5OEwDBAK5V4ADBAK55PQDBAK81BADBAK8
1VADBAO81nADBALCfDgDBAHDUmIwDQYJKoZIhvcNAQELBQADggEBAJOQZp74u6jy
UGpaqM0xeXTS48mu0BH9XuBxvpFE3XLLMN3qFXoQ+HqPuzLD2R9eOpDSh7JLmN78
Re+4KcppGASIGQRqFfRcXR+t/XX1qWQteww7PTs1nwhj0a5QhHRN9m2IbCLM2bmN
YdYdZjZgoswQpF5P15jhIlLswek+cAHfuYj6JBvbLE6s1sCM/n/JI4lX3prfVsBn
swLvEnfDbEJaYXzfRZceoBNw1EEdaDHL36+EJAwH0CZYAawya3l+Zfl/PcRVeYIb
V2rggWXzK4Sn7n0gFhv6GrLvHCwiZSeJmadXfw4nsfDWgNYmEpwpXE2LWiSbzmB8
ap07Cenh1PY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:36 2024 by rpki-client on console-fra.rpki-client.org