Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/48e1ae-90e8-4e42-af3d-5101be5dd615/1/KZ5R9P9flhnwvcIw0RQYq83vBv0.roa
File: KZ5R9P9flhnwvcIw0RQYq83vBv0.roa (raw, json)
Hash identifier: MQA+k/nArPfN3MQsnt+DAZxbExGlShqA22XwWzPnKLI=
Subject key identifier: 29:9E:51:F4:FF:5F:96:19:F0:BD:C2:30:D1:14:18:AB:CD:EF:06:FD
Certificate issuer: /CN=1fd5fef692b4c2d22bdd031fabfa7110b7b36e81
Certificate serial: 018331D7802D6778BF8C4708E3208BF38335
Authority key identifier: 1F:D5:FE:F6:92:B4:C2:D2:2B:DD:03:1F:AB:FA:71:10:B7:B3:6E:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9X-9pK0wtIr3QMfq_pxELezboE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/48e1ae-90e8-4e42-af3d-5101be5dd615/1/KZ5R9P9flhnwvcIw0RQYq83vBv0.roa
Signing time: Mon 12 Sep 2022 13:15:50 +0000
ROA not before: Mon 12 Sep 2022 13:15:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16086
IP address blocks: 87.100.128.0/17 maxlen: 17
85.23.0.0/16 maxlen: 16
62.241.192.0/18 maxlen: 18
37.130.160.0/19 maxlen: 19
212.90.64.0/19 maxlen: 19
37.33.0.0/16 maxlen: 16
159.255.224.0/19 maxlen: 19
213.141.96.0/19 maxlen: 19
188.94.64.0/21 maxlen: 21
212.50.128.0/19 maxlen: 19
85.131.0.0/17 maxlen: 17
188.67.0.0/16 maxlen: 16
193.143.94.0/23 maxlen: 23
193.143.93.0/24 maxlen: 24
176.93.0.0/16 maxlen: 16
212.86.0.0/19 maxlen: 19
193.143.70.0/23 maxlen: 23
193.143.73.0/24 maxlen: 24
193.143.80.0/21 maxlen: 21
193.143.79.0/24 maxlen: 24
193.143.91.0/24 maxlen: 24
193.143.88.0/23 maxlen: 23
83.100.0.0/17 maxlen: 17
185.15.212.0/22 maxlen: 22
194.100.0.0/16 maxlen: 16
62.113.160.0/19 maxlen: 19
82.181.0.0/16 maxlen: 16
62.197.160.0/19 maxlen: 19
178.55.0.0/16 maxlen: 16
84.253.192.0/18 maxlen: 18
212.146.0.0/18 maxlen: 18
87.92.0.0/14 maxlen: 14
213.216.192.0/18 maxlen: 18
62.78.96.0/19 maxlen: 19
83.102.0.0/17 maxlen: 17
89.166.0.0/17 maxlen: 17
213.243.128.0/18 maxlen: 18
62.44.192.0/18 maxlen: 18
62.78.128.0/17 maxlen: 17
213.139.160.0/19 maxlen: 19
213.186.224.0/19 maxlen: 19
213.186.224.0/24 maxlen: 24
62.183.128.0/17 maxlen: 17
217.78.192.0/19 maxlen: 19
212.149.128.0/17 maxlen: 17
37.136.0.0/16 maxlen: 16
82.203.128.0/17 maxlen: 17
178.75.128.0/18 maxlen: 18
109.108.0.0/19 maxlen: 19
62.236.0.0/15 maxlen: 15
88.148.128.0/17 maxlen: 17
78.27.64.0/18 maxlen: 18
81.175.128.0/17 maxlen: 17
195.10.128.0/18 maxlen: 18
192.107.200.0/21 maxlen: 21
80.64.0.0/20 maxlen: 20
192.107.208.0/20 maxlen: 20
89.27.0.0/17 maxlen: 17
37.219.0.0/16 maxlen: 16
192.107.224.0/21 maxlen: 21
91.145.64.0/18 maxlen: 18
62.165.128.0/18 maxlen: 18
82.128.128.0/17 maxlen: 17
2a01:a800::/29 maxlen: 29
2001:14b8::/29 maxlen: 29
2001:6e8::/29 maxlen: 29
2001:4078::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:31:d7:80:2d:67:78:bf:8c:47:08:e3:20:8b:f3:83:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd5fef692b4c2d22bdd031fabfa7110b7b36e81
Validity
Not Before: Sep 12 13:15:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=299e51f4ff5f9619f0bdc230d11418abcdef06fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ff:84:35:b0:83:5f:e5:48:b0:76:bc:07:c1:
e1:b4:c6:b8:35:42:50:28:b0:8c:50:6a:4d:07:d0:
3a:3a:99:2d:63:ce:44:8d:25:ab:79:4a:61:27:98:
52:8d:06:6d:4f:d2:86:88:14:bf:52:f3:3e:10:13:
12:96:28:76:f6:21:43:5d:ea:c4:ff:7a:87:48:52:
a6:12:d2:ab:50:b6:47:67:9e:7a:7f:a2:c7:c4:ad:
df:5c:bb:71:79:23:ab:9b:90:05:ef:40:77:6e:82:
75:83:23:b2:c2:5e:67:68:23:59:16:30:82:82:d3:
ba:69:d7:25:8a:b7:bd:5c:f7:f0:da:09:ef:49:47:
30:59:13:9d:7f:b9:8d:2a:38:5f:de:7a:e7:3d:a3:
51:09:ee:b0:63:a4:98:3f:94:e9:81:a3:4c:fb:df:
e8:15:f9:e5:cc:ad:de:c2:75:10:a5:5f:b3:92:f5:
fb:5c:92:54:9d:17:17:9d:b9:63:06:72:c0:21:62:
bf:f2:2a:b0:61:2a:a4:06:0e:39:93:4c:68:d5:3d:
c9:91:de:56:4e:a6:89:05:7f:b3:65:e0:25:26:da:
32:72:1d:85:a7:d5:2e:af:22:32:39:f4:1b:14:2b:
4e:e2:a3:c4:31:d9:e1:34:fa:9f:f9:5f:31:15:7d:
86:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:9E:51:F4:FF:5F:96:19:F0:BD:C2:30:D1:14:18:AB:CD:EF:06:FD
X509v3 Authority Key Identifier:
keyid:1F:D5:FE:F6:92:B4:C2:D2:2B:DD:03:1F:AB:FA:71:10:B7:B3:6E:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9X-9pK0wtIr3QMfq_pxELezboE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/48e1ae-90e8-4e42-af3d-5101be5dd615/1/KZ5R9P9flhnwvcIw0RQYq83vBv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/48e1ae-90e8-4e42-af3d-5101be5dd615/1/H9X-9pK0wtIr3QMfq_pxELezboE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.33.0.0/16
37.130.160.0/19
37.136.0.0/16
37.219.0.0/16
62.44.192.0/18
62.78.96.0-62.78.255.255
62.113.160.0/19
62.165.128.0/18
62.183.128.0/17
62.197.160.0/19
62.236.0.0/15
62.241.192.0/18
78.27.64.0/18
80.64.0.0/20
81.175.128.0/17
82.128.128.0/17
82.181.0.0/16
82.203.128.0/17
83.100.0.0/17
83.102.0.0/17
84.253.192.0/18
85.23.0.0/16
85.131.0.0/17
87.92.0.0/14
87.100.128.0/17
88.148.128.0/17
89.27.0.0/17
89.166.0.0/17
91.145.64.0/18
109.108.0.0/19
159.255.224.0/19
176.93.0.0/16
178.55.0.0/16
178.75.128.0/18
185.15.212.0/22
188.67.0.0/16
188.94.64.0/21
192.107.200.0-192.107.231.255
193.143.70.0/23
193.143.73.0/24
193.143.79.0-193.143.89.255
193.143.91.0/24
193.143.93.0-193.143.95.255
194.100.0.0/16
195.10.128.0/18
212.50.128.0/19
212.86.0.0/19
212.90.64.0/19
212.146.0.0/18
212.149.128.0/17
213.139.160.0/19
213.141.96.0/19
213.186.224.0/19
213.216.192.0/18
213.243.128.0/18
217.78.192.0/19
IPv6:
2001:6e8::/29
2001:14b8::/29
2001:4078::/29
2a01:a800::/29
Signature Algorithm: sha256WithRSAEncryption
6f:a4:d9:cb:89:82:0d:b5:d4:6f:47:ce:ff:f9:3a:14:e8:ec:
5b:d1:32:99:d1:ab:13:74:6e:64:0f:a5:37:d8:25:6d:85:0c:
0f:c8:bb:ef:47:2a:87:87:22:b2:9d:b7:e7:aa:da:31:2e:bb:
62:51:ef:23:37:3b:87:61:a2:ee:42:04:97:18:1f:0d:32:58:
81:b5:4a:fa:ab:fd:a7:33:1a:0e:a5:5a:dc:1b:31:3d:05:ce:
0b:3d:47:30:95:ad:1e:aa:d6:c4:7d:93:e0:72:d2:aa:a7:df:
db:53:af:37:62:cd:bc:61:de:98:07:6e:ac:bf:a8:cd:1b:0d:
40:7e:d1:88:02:05:b3:e6:69:31:65:56:55:76:ef:d2:11:2e:
78:de:00:3e:2a:6d:e8:e9:c7:8d:eb:7b:bb:93:bc:cc:66:62:
39:75:7c:94:28:a5:6f:a9:13:b9:61:d3:30:85:39:03:d9:5e:
89:4f:30:7b:6d:39:de:0a:a5:39:ae:67:46:35:43:01:a0:bb:
25:2d:9d:cc:5d:af:69:dc:2a:9a:32:d5:96:56:fa:96:73:99:
2a:9d:d9:98:1e:bd:db:7d:aa:0a:2a:d8:87:72:68:34:38:d3:
be:d7:8e:d2:6e:c3:d9:da:2f:5b:99:02:76:6b:8e:40:4a:ab:
a9:ce:8b:2a
-----BEGIN CERTIFICATE-----
MIIGiTCCBXGgAwIBAgISAYMx14AtZ3i/jEcI4yCL84M1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDVmZWY2OTJiNGMyZDIyYmRkMDMxZmFiZmE3MTEwYjdi
MzZlODEwHhcNMjIwOTEyMTMxNTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTllNTFmNGZmNWY5NjE5ZjBiZGMyMzBkMTE0MThhYmNkZWYwNmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhP+ENbCDX+VIsHa8B8HhtMa4NUJQ
KLCMUGpNB9A6OpktY85EjSWreUphJ5hSjQZtT9KGiBS/UvM+EBMSlih29iFDXerE
/3qHSFKmEtKrULZHZ556f6LHxK3fXLtxeSOrm5AF70B3boJ1gyOywl5naCNZFjCC
gtO6adclire9XPfw2gnvSUcwWROdf7mNKjhf3nrnPaNRCe6wY6SYP5TpgaNM+9/o
FfnlzK3ewnUQpV+zkvX7XJJUnRcXnbljBnLAIWK/8iqwYSqkBg45k0xo1T3Jkd5W
TqaJBX+zZeAlJtoych2Fp9UuryIyOfQbFCtO4qPEMdnhNPqf+V8xFX2GxwIDAQAB
o4IDlTCCA5EwHQYDVR0OBBYEFCmeUfT/X5YZ8L3CMNEUGKvN7wb9MB8GA1UdIwQY
MBaAFB/V/vaStMLSK90DH6v6cRC3s26BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDlYLTlwSzB3dElyM1FNZnFfcHhFTGV6Ym9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy80OGUxYWUtOTBlOC00ZTQyLWFmM2Qt
NTEwMWJlNWRkNjE1LzEvS1o1UjlQOWZsaG53dmNJdzBSUVlxODN2QnYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy80OGUxYWUtOTBlOC00ZTQyLWFmM2QtNTEwMWJlNWRkNjE1
LzEvSDlYLTlwSzB3dElyM1FNZnFfcHhFTGV6Ym9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBqQYIKwYBBQUHAQcBAf8EggGYMIIBlDCCAWwEAgABMIIB
ZAMDACUhAwQFJYKgAwMAJYgDAwAl2wMEBj4swDALAwQFPk5gAwMAPk4DBAU+caAD
BAY+pYADBAc+t4ADBAU+xaADAwE+7AMEBj7xwAMEBk4bQAMEBFBAAAMEB1GvgAME
B1KAgAMDAFK1AwQHUsuAAwQHU2QAAwQHU2YAAwQGVP3AAwMAVRcDBAdVgwADAwJX
XAMEB1dkgAMEB1iUgAMEB1kbAAMEB1mmAAMEBluRQAMEBW1sAAMEBZ//4AMDALBd
AwMAsjcDBAayS4ADBAK5D9QDAwC8QwMEA7xeQDAMAwQDwGvIAwQDwGvgAwQBwY9G
AwQAwY9JMAwDBADBj08DBAHBj1gDBADBj1swDAMEAMGPXQMEBcGPQAMDAMJkAwQG
wwqAAwQF1DKAAwQF1FYAAwQF1FpAAwQG1JIAAwQH1JWAAwQF1YugAwQF1Y1gAwQF
1brgAwQG1djAAwQG1fOAAwQF2U7AMCIEAgACMBwDBQMgAQboAwUDIAEUuAMFAyAB
QHgDBQMqAagAMA0GCSqGSIb3DQEBCwUAA4IBAQBvpNnLiYINtdRvR87/+ToU6Oxb
0TKZ0asTdG5kD6U32CVthQwPyLvvRyqHhyKynbfnqtoxLrtiUe8jNzuHYaLuQgSX
GB8NMliBtUr6q/2nMxoOpVrcGzE9Bc4LPUcwla0eqtbEfZPgctKqp9/bU683Ys28
Yd6YB26sv6jNGw1AftGIAgWz5mkxZVZVdu/SES543gA+Km3o6ceN63u7k7zMZmI5
dXyUKKVvqRO5YdMwhTkD2V6JTzB7bTneCqU5rmdGNUMBoLslLZ3MXa9p3CqaMtWW
VvqWc5kqndmYHr3bfaoKKtiHcmg0ONO+147SbsPZ2i9bmQJ2a45ASqupzosq
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:54 2023 by rpki-client on console-ams.rpki-client.org