Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/7eUdTiL8DzHE2X53EVRJ1jTTfoQ.roa
File: 7eUdTiL8DzHE2X53EVRJ1jTTfoQ.roa (raw, json)
Hash identifier: iwVwM1HdbXmy6uWl2Rfcu2NMQMPiWptvgQw1tLz+jGc=
Subject key identifier: ED:E5:1D:4E:22:FC:0F:31:C4:D9:7E:77:11:54:49:D6:34:D3:7E:84
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0184C72632A63B3BC0525EFEAEB132C529BF
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/7eUdTiL8DzHE2X53EVRJ1jTTfoQ.roa
Signing time: Wed 30 Nov 2022 06:08:00 +0000
ROA not before: Wed 30 Nov 2022 06:08:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13213
IP address blocks: 162.218.89.0/24 maxlen: 24
162.218.88.0/24 maxlen: 24
162.218.91.0/24 maxlen: 24
162.218.94.0/24 maxlen: 24
162.218.93.0/24 maxlen: 24
162.218.92.0/24 maxlen: 24
212.60.14.0/24 maxlen: 24
185.187.213.0/24 maxlen: 24
185.187.215.0/24 maxlen: 24
185.187.214.0/24 maxlen: 24
79.98.182.0/24 maxlen: 24
78.31.206.0/24 maxlen: 24
78.31.207.0/24 maxlen: 24
185.171.126.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
185.230.123.0/24 maxlen: 24
185.230.121.0/24 maxlen: 24
185.230.120.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
185.208.154.0/24 maxlen: 24
45.67.146.0/24 maxlen: 24
185.205.206.0/24 maxlen: 24
185.52.137.0/24 maxlen: 24
185.52.136.0/24 maxlen: 24
185.52.139.0/24 maxlen: 24
185.52.138.0/24 maxlen: 24
185.205.207.0/24 maxlen: 24
185.161.191.0/24 maxlen: 24
185.201.40.0/24 maxlen: 24
5.182.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c7:26:32:a6:3b:3b:c0:52:5e:fe:ae:b1:32:c5:29:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Nov 30 06:08:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ede51d4e22fc0f31c4d97e77115449d634d37e84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f3:d7:d4:da:dc:d8:12:a3:fe:63:52:2b:90:
49:2b:8f:80:32:0c:05:56:06:01:80:60:ae:14:37:
a3:99:e1:63:89:04:70:e7:9c:44:7c:b9:36:de:b0:
ac:c7:f1:12:d7:7e:89:76:48:83:bb:b8:70:dd:66:
f2:ea:55:13:79:a8:fc:92:fb:b5:db:c6:d1:8e:2a:
77:87:35:e2:ab:ea:12:c0:17:69:40:aa:51:64:1f:
f6:b9:60:a3:15:29:7a:09:b7:66:30:c0:e0:db:91:
60:e5:19:29:f4:1e:90:69:7b:e5:b5:28:0b:70:12:
f8:17:d4:c6:e1:d3:2a:f6:02:74:68:9d:b4:2f:5e:
05:69:b6:7b:1e:ad:10:f6:a1:ad:32:33:b3:71:02:
7e:75:66:57:49:4d:ce:cd:88:00:39:e9:b1:34:5b:
d2:ff:63:bb:ed:c5:54:01:95:00:1f:a9:71:41:b0:
3c:2a:f0:51:98:33:f5:7c:80:c5:21:74:f6:30:56:
8f:6b:ca:3f:22:b7:47:17:96:48:6a:e5:0f:7c:2a:
07:92:c1:86:cd:73:bb:d2:e2:0d:eb:20:aa:36:cb:
78:bc:4a:1f:77:19:c5:19:f2:37:83:25:53:c6:7b:
ef:93:f5:33:b6:21:0f:f3:58:4c:f5:a1:ec:a8:95:
95:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:E5:1D:4E:22:FC:0F:31:C4:D9:7E:77:11:54:49:D6:34:D3:7E:84
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/7eUdTiL8DzHE2X53EVRJ1jTTfoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.184.0/24
45.67.146.0/24
78.31.206.0/23
79.98.182.0/24
162.218.88.0/23
162.218.91.0-162.218.94.255
185.52.136.0/22
185.161.191.0/24
185.171.126.0/24
185.187.213.0-185.187.215.255
185.201.40.0/24
185.205.206.0/23
185.208.152.0-185.208.154.255
185.230.120.0/23
185.230.123.0/24
212.60.14.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:08:a8:e2:5e:26:f3:36:ee:f3:fb:b5:f3:b8:8a:bf:dd:ee:
37:38:ed:e4:1d:10:9d:07:d5:25:6a:4f:06:c1:dc:73:ab:22:
d7:a5:78:87:3f:34:1b:0e:28:cd:18:98:d1:64:1b:f9:05:cb:
a8:69:3a:2f:6a:2a:f7:c3:c4:ff:6f:42:74:8e:a0:aa:a9:f8:
0f:d9:b5:b9:e7:21:5c:6f:34:d5:45:aa:52:b2:8f:17:79:16:
31:5d:02:38:09:6e:1e:16:84:2e:80:d9:82:72:da:bf:d6:fa:
7c:fd:4d:50:59:33:4b:44:c4:ea:27:fd:64:74:f6:b8:02:e5:
ed:30:bf:f7:85:21:33:a5:7f:ae:24:f7:db:85:5d:46:28:1b:
b7:fa:06:be:f9:b5:32:39:c2:d9:2c:96:a9:87:d0:2f:4f:ea:
4e:79:27:e3:05:a0:2b:65:90:b3:11:dc:64:86:af:6d:8c:47:
f5:d9:63:02:9a:4f:ee:a4:8e:b2:35:b6:b5:80:e0:5a:0a:79:
35:ec:12:4a:c1:cc:77:59:16:2d:4e:a8:4e:9a:e0:a6:bf:68:
a5:96:cb:f1:b5:34:e4:36:85:c7:f4:2d:ab:a5:91:ff:a3:c8:
be:92:40:b0:fb:c6:20:4f:2d:3a:a3:83:d2:d4:e0:44:db:ba:
b0:63:a0:ae
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYTHJjKmOzvAUl7+rrEyxSm/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjIxMTMwMDYwODAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGU1MWQ0ZTIyZmMwZjMxYzRkOTdlNzcxMTU0NDlkNjM0ZDM3ZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/PX1Nrc2BKj/mNSK5BJK4+AMgwF
VgYBgGCuFDejmeFjiQRw55xEfLk23rCsx/ES136JdkiDu7hw3Wby6lUTeaj8kvu1
28bRjip3hzXiq+oSwBdpQKpRZB/2uWCjFSl6CbdmMMDg25Fg5Rkp9B6QaXvltSgL
cBL4F9TG4dMq9gJ0aJ20L14FabZ7Hq0Q9qGtMjOzcQJ+dWZXSU3OzYgAOemxNFvS
/2O77cVUAZUAH6lxQbA8KvBRmDP1fIDFIXT2MFaPa8o/IrdHF5ZIauUPfCoHksGG
zXO70uIN6yCqNst4vEofdxnFGfI3gyVTxnvvk/UztiEP81hM9aHsqJWVewIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFO3lHU4i/A8xxNl+dxFUSdY0036EMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvN2VVZFRpTDhEekhFMlg1M0VWUkoxalRUZm9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQABba4
AwQALUOSAwQBTh/OAwQAT2K2AwQBotpYMAwDBACi2lsDBACi2l4DBAK5NIgDBAC5
ob8DBAC5q34wDAMEALm71QMEA7m70AMEALnJKAMEAbnNzjAMAwQDudCYAwQAudCa
AwQBueZ4AwQAueZ7AwQA1DwOMA0GCSqGSIb3DQEBCwUAA4IBAQB8CKjiXibzNu7z
+7XzuIq/3e43OO3kHRCdB9Ulak8GwdxzqyLXpXiHPzQbDijNGJjRZBv5BcuoaTov
air3w8T/b0J0jqCqqfgP2bW55yFcbzTVRapSso8XeRYxXQI4CW4eFoQugNmCctq/
1vp8/U1QWTNLRMTqJ/1kdPa4AuXtML/3hSEzpX+uJPfbhV1GKBu3+ga++bUyOcLZ
LJaph9AvT+pOeSfjBaArZZCzEdxkhq9tjEf12WMCmk/upI6yNba1gOBaCnk17BJK
wcx3WRYtTqhOmuCmv2illsvxtTTkNoXH9C2rpZH/o8i+kkCw+8YgTy06o4PS1OBE
27qwY6Cu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:16 2024 by rpki-client on console-ams.rpki-client.org