Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/iVf6RL3Jfw-XOMOUffMj3ymMV18.roa
File: iVf6RL3Jfw-XOMOUffMj3ymMV18.roa (raw, json)
Hash identifier: 2ek01yM/wUNfK7tTq2/DLAPk1w7zAmt55NukXvPg3oM=
Subject key identifier: 89:57:FA:44:BD:C9:7F:0F:97:38:C3:94:7D:F3:23:DF:29:8C:57:5F
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0A40DE19
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/iVf6RL3Jfw-XOMOUffMj3ymMV18.roa
Signing time: Mon 20 Jun 2022 12:17:52 +0000
ROA not before: Mon 20 Jun 2022 12:17:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64200
IP address blocks: 31.132.53.0/24 maxlen: 24
31.132.54.0/23 maxlen: 23
5.182.198.0/24 maxlen: 24
5.182.199.0/24 maxlen: 24
5.182.195.0/24 maxlen: 24
5.182.194.0/24 maxlen: 24
5.182.193.0/24 maxlen: 24
79.98.181.0/24 maxlen: 24
78.31.204.0/24 maxlen: 24
92.249.28.0/24 maxlen: 24
185.171.125.0/24 maxlen: 24
185.171.124.0/24 maxlen: 24
94.154.168.0/23 maxlen: 23
94.154.170.0/24 maxlen: 24
185.171.127.0/24 maxlen: 24
94.154.179.0/24 maxlen: 24
94.154.176.0/24 maxlen: 24
45.67.147.0/24 maxlen: 24
185.205.206.0/24 maxlen: 24
193.148.94.0/24 maxlen: 24
45.67.142.0/24 maxlen: 24
45.67.144.0/24 maxlen: 24
45.67.143.0/24 maxlen: 24
63.246.133.0/24 maxlen: 24
63.246.139.0/24 maxlen: 24
63.246.136.0/24 maxlen: 24
63.246.137.0/24 maxlen: 24
63.246.145.0/24 maxlen: 24
63.246.142.0/24 maxlen: 24
63.246.146.0/23 maxlen: 23
63.246.148.0/24 maxlen: 24
63.246.152.0/24 maxlen: 24
63.246.149.0/24 maxlen: 24
63.246.151.0/24 maxlen: 24
63.246.157.0/24 maxlen: 24
63.246.156.0/24 maxlen: 24
63.246.158.0/23 maxlen: 23
185.201.41.0/24 maxlen: 24
185.201.43.0/24 maxlen: 24
5.182.186.0/23 maxlen: 23
192.145.68.0/24 maxlen: 24
63.246.132.0/24 maxlen: 24
63.246.129.0/24 maxlen: 24
63.246.128.0/24 maxlen: 24
63.246.131.0/24 maxlen: 24
63.246.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172023321 (0xa40de19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jun 20 12:17:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8957fa44bdc97f0f9738c3947df323df298c575f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a0:fc:45:8a:2b:36:0c:3a:ca:9a:7e:86:09:
e1:76:37:73:8e:57:2b:68:5a:af:1a:74:95:51:42:
42:26:0e:16:4c:e1:08:c3:ee:82:53:38:81:27:22:
e8:62:48:66:ce:34:c4:e2:b1:67:0d:5a:97:93:29:
4f:74:4e:bf:68:1f:27:c2:60:31:40:44:ac:97:67:
29:67:d2:ff:34:7d:4d:5e:8d:ec:a1:5f:dc:fe:54:
57:59:8f:8a:2a:c1:cc:25:1b:3e:38:a3:4f:d8:dc:
62:63:1a:2c:b1:2d:46:40:f0:f3:8e:5f:6e:5d:6e:
85:ca:46:4c:22:8c:f1:42:d7:e9:e0:a6:09:55:5e:
8c:4e:19:5d:36:8a:dc:5d:87:8a:d9:3d:9d:83:3f:
18:60:14:98:3a:2c:7b:00:7c:95:bc:4e:24:7c:fa:
22:41:0d:14:5d:00:b6:e2:6f:e3:2c:27:80:20:ec:
9b:eb:c8:55:e6:42:39:32:56:93:eb:5c:70:87:8b:
93:b8:9e:77:e7:5b:4a:ba:9f:3d:27:f1:8e:1b:ef:
93:5a:3f:26:c4:82:a1:ff:22:d8:80:22:c5:13:6a:
b5:ac:08:e9:66:5c:85:fd:2c:6b:15:ec:e6:17:ac:
3b:be:93:af:9e:10:e0:b1:32:d2:b4:20:03:2d:fd:
32:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:57:FA:44:BD:C9:7F:0F:97:38:C3:94:7D:F3:23:DF:29:8C:57:5F
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/iVf6RL3Jfw-XOMOUffMj3ymMV18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.186.0/23
5.182.193.0-5.182.195.255
5.182.198.0/23
31.132.53.0-31.132.55.255
45.67.142.0-45.67.144.255
45.67.147.0/24
63.246.128.0-63.246.133.255
63.246.136.0/23
63.246.139.0/24
63.246.142.0/24
63.246.145.0-63.246.149.255
63.246.151.0-63.246.152.255
63.246.156.0/22
78.31.204.0/24
79.98.181.0/24
92.249.28.0/24
94.154.168.0-94.154.170.255
94.154.176.0/24
94.154.179.0/24
185.171.124.0/23
185.171.127.0/24
185.201.41.0/24
185.201.43.0/24
185.205.206.0/24
192.145.68.0/24
193.148.94.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:d2:60:cf:ad:64:fa:41:89:b4:18:77:47:53:14:fc:32:a2:
ee:e8:32:e9:94:45:30:35:30:32:fa:fa:1a:80:c2:3a:e8:c4:
57:2d:4e:1b:85:38:06:30:f6:5a:d7:ea:3c:7a:ee:21:9b:71:
10:0c:f0:00:76:4b:9a:e6:23:de:85:0c:41:cb:f1:7e:cb:fc:
fd:95:06:77:79:c3:92:d4:ea:7e:b9:43:d2:b8:fc:2d:39:f9:
ce:9f:31:36:e2:a0:85:92:3e:a9:75:7a:68:7d:69:aa:43:2d:
5e:25:f4:18:d9:2e:ac:ab:2b:23:dc:f0:90:25:29:9e:eb:f6:
dc:0f:a5:1e:af:4a:88:32:82:fe:08:0b:13:2a:ce:71:d1:59:
4d:56:39:e0:11:cd:4d:8d:f0:68:c0:20:88:53:3b:bc:69:21:
9a:ea:b1:c4:62:29:56:1d:1e:c7:a2:e0:f2:72:17:23:34:f5:
a9:b1:53:3a:c6:d4:f3:96:9e:ab:c2:aa:34:1a:6d:a8:41:1c:
72:e1:3b:a7:39:30:db:26:10:7e:71:de:aa:3b:1a:2f:1d:2d:
71:90:86:7b:4a:e5:2a:c1:68:c4:54:38:1f:dd:ab:76:bc:a8:
0b:45:8b:01:cd:61:c1:ba:37:34:22:cd:1e:28:a7:84:63:14:
45:10:ba:15
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIECkDeGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MmI3OGY2NjgyZmMzOWM1NWI0MWQ0OGY4MGI4ODM4ZDVkMmRiZjA3MB4XDTIyMDYy
MDEyMTc1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODk1N2ZhNDRiZGM5
N2YwZjk3MzhjMzk0N2RmMzIzZGYyOThjNTc1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALOg/EWKKzYMOsqafoYJ4XY3c45XK2harxp0lVFCQiYOFkzh
CMPuglM4gSci6GJIZs40xOKxZw1al5MpT3ROv2gfJ8JgMUBErJdnKWfS/zR9TV6N
7KFf3P5UV1mPiirBzCUbPjijT9jcYmMaLLEtRkDw845fbl1uhcpGTCKM8ULX6eCm
CVVejE4ZXTaK3F2Hitk9nYM/GGAUmDosewB8lbxOJHz6IkENFF0AtuJv4ywngCDs
m+vIVeZCOTJWk+tccIeLk7ied+dbSrqfPSfxjhvvk1o/JsSCof8i2IAixRNqtawI
6WZchf0saxXs5hesO76Tr54Q4LEy0rQgAy39MrMCAwEAAaOCAtwwggLYMB0GA1Ud
DgQWBBSJV/pEvcl/D5c4w5R98yPfKYxXXzAfBgNVHSMEGDAWgBRyt49mgvw5xVtB
1I+AuIONXS2/BzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NyZVBab0w4T2NWYlFkU1BnTGlEalYwdHZ3Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvM2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8x
L2lWZjZSTDNKZnctWE9NT1VmZk1qM3ltTVYxOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
M2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8xL2NyZVBab0w4T2NW
YlFkU1BnTGlEalYwdHZ3Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
8QYIKwYBBQUHAQcBAf8EgeEwgd4wgdsEAgABMIHUAwQBBba6MAwDBAAFtsEDBAIF
tsADBAEFtsYwDAMEAB+ENQMEAx+EMDAMAwQBLUOOAwQALUOQAwQALUOTMAwDBAc/
9oADBAE/9oQDBAE/9ogDBAA/9osDBAA/9o4wDAMEAD/2kQMEAT/2lDAMAwQAP/aX
AwQAP/aYAwQCP/acAwQATh/MAwQAT2K1AwQAXPkcMAwDBANemqgDBABemqoDBABe
mrADBABemrMDBAG5q3wDBAC5q38DBAC5ySkDBAC5ySsDBAC5zc4DBADAkUQDBADB
lF4wDQYJKoZIhvcNAQELBQADggEBAGrSYM+tZPpBibQYd0dTFPwyou7oMumURTA1
MDL6+hqAwjroxFctThuFOAYw9lrX6jx67iGbcRAM8AB2S5rmI96FDEHL8X7L/P2V
Bnd5w5LU6n65Q9K4/C05+c6fMTbioIWSPql1emh9aapDLV4l9BjZLqyrKyPc8JAl
KZ7r9twPpR6vSogygv4ICxMqznHRWU1WOeARzU2N8GjAIIhTO7xpIZrqscRiKVYd
Hsei4PJyFyM09amxUzrG1POWnqvCqjQabahBHHLhO6c5MNsmEH5x3qo7Gi8dLXGQ
hntK5SrBaMRUOB/dq3a8qAtFiwHNYcG6NzQizR4op4RjFEUQuhU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:58 2023 by rpki-client on console-fra.rpki-client.org