Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/3mKefke0NFBqrvpXZD8JTV-qcLw.roa
File: 3mKefke0NFBqrvpXZD8JTV-qcLw.roa (raw, json)
Hash identifier: V6IRXflwkc620aevhC1mkV+uLXSy5QVh3cmlgaJH7xA=
Subject key identifier: DE:62:9E:7E:47:B4:34:50:6A:AE:FA:57:64:3F:09:4D:5F:AA:70:BC
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 018286370C94A6E856DF1C1EF19CBE366A81
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/3mKefke0NFBqrvpXZD8JTV-qcLw.roa
Signing time: Wed 10 Aug 2022 05:25:30 +0000
ROA not before: Wed 10 Aug 2022 05:25:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49100
IP address blocks: 185.177.232.0/22 maxlen: 22
85.9.64.0/18 maxlen: 18
194.33.122.0/23 maxlen: 23
5.202.0.0/16 maxlen: 24
109.232.7.0/24 maxlen: 24
109.232.5.0/24 maxlen: 24
109.232.6.0/24 maxlen: 24
185.131.30.0/23 maxlen: 23
185.131.28.0/22 maxlen: 22
193.32.80.0/23 maxlen: 23
185.180.52.0/22 maxlen: 22
77.237.160.0/19 maxlen: 19
185.103.128.0/22 maxlen: 22
185.83.88.0/24 maxlen: 24
185.83.89.0/24 maxlen: 24
185.83.90.0/23 maxlen: 23
109.125.176.0/22 maxlen: 22
109.125.184.0/22 maxlen: 22
109.125.182.0/23 maxlen: 23
109.125.191.0/24 maxlen: 24
109.125.189.0/24 maxlen: 24
109.125.190.0/24 maxlen: 24
91.209.242.0/24 maxlen: 24
109.125.160.0/19 maxlen: 19
185.126.40.0/22 maxlen: 22
185.125.244.0/22 maxlen: 22
185.72.24.0/22 maxlen: 22
185.125.248.0/21 maxlen: 21
185.125.255.0/24 maxlen: 24
185.72.27.0/24 maxlen: 24
185.126.0.0/20 maxlen: 20
185.126.16.0/22 maxlen: 22
185.126.16.0/23 maxlen: 23
5.202.82.0/24 maxlen: 24
5.202.100.0/24 maxlen: 24
5.202.110.0/24 maxlen: 24
95.215.160.0/22 maxlen: 22
185.155.8.0/21 maxlen: 21
185.169.20.0/22 maxlen: 22
91.239.214.0/24 maxlen: 24
185.169.36.0/22 maxlen: 22
185.169.37.0/24 maxlen: 24
5.202.166.0/23 maxlen: 23
188.253.64.0/19 maxlen: 19
2a07:8f40::/29 maxlen: 29
2a0a:4e00::/29 maxlen: 29
2a07:8f00::/29 maxlen: 29
2001:4c88::/32 maxlen: 32
2a02:cd80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:86:37:0c:94:a6:e8:56:df:1c:1e:f1:9c:be:36:6a:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Aug 10 05:25:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de629e7e47b434506aaefa57643f094d5faa70bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b5:3d:12:16:76:12:29:eb:30:72:82:c7:23:
83:4a:47:df:68:24:b0:b7:72:57:53:bc:d4:09:8c:
a4:6b:10:89:e1:b3:c4:f1:f5:ea:61:ca:e6:06:4e:
f8:cd:00:51:16:bf:ad:37:0a:d6:98:7e:92:2d:00:
e2:e7:c1:39:33:9c:7a:69:f4:15:de:ad:85:39:23:
99:cb:e6:f1:3b:1b:08:ee:3c:63:92:ac:74:c1:df:
df:e8:3e:0e:99:48:ba:a7:7b:93:78:fc:95:2d:ed:
f0:6a:3c:dc:13:7b:77:13:b1:6d:72:49:d9:dd:f1:
5a:07:13:64:a2:79:d5:63:c7:50:80:0e:7a:e6:0d:
16:15:58:98:5e:83:99:f2:4f:7f:95:95:9b:a4:f1:
59:57:35:fb:72:87:d9:60:87:f7:53:5e:f9:67:b0:
22:21:13:6e:a5:08:0c:d8:20:7e:8f:77:a0:11:eb:
89:45:e0:53:e8:ac:79:d3:f0:59:22:30:22:c1:1b:
8a:cd:65:dd:5a:a7:5a:64:17:53:b1:9f:52:28:3b:
fd:94:ab:32:11:e0:86:8f:4e:32:b6:b9:3c:fc:63:
93:92:08:f0:93:3a:b3:41:ed:e8:1a:34:a5:cc:ff:
de:84:db:18:7e:59:45:d8:81:fa:0c:83:9e:c1:17:
28:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:62:9E:7E:47:B4:34:50:6A:AE:FA:57:64:3F:09:4D:5F:AA:70:BC
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/3mKefke0NFBqrvpXZD8JTV-qcLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.0.0/16
77.237.160.0/19
85.9.64.0/18
91.209.242.0/24
91.239.214.0/24
95.215.160.0/22
109.125.160.0/19
109.232.5.0-109.232.7.255
185.72.24.0/22
185.83.88.0/22
185.103.128.0/22
185.125.244.0-185.126.19.255
185.126.40.0/22
185.131.28.0/22
185.155.8.0/21
185.169.20.0/22
185.169.36.0/22
185.177.232.0/22
185.180.52.0/22
188.253.64.0/19
193.32.80.0/23
194.33.122.0/23
IPv6:
2001:4c88::/32
2a02:cd80::/29
2a07:8f00::/29
2a07:8f40::/29
2a0a:4e00::/29
Signature Algorithm: sha256WithRSAEncryption
6b:4a:0a:ad:7f:c2:6b:84:72:db:cc:4c:d6:c5:8f:4f:39:fd:
d3:4e:1b:c1:7a:a2:64:c4:45:30:d6:28:4c:52:6e:69:de:18:
1d:00:de:2a:f7:6a:e7:23:aa:a1:97:1c:58:a5:16:c1:f6:1d:
f9:f6:5d:46:23:1b:91:02:4a:1a:00:9e:cb:e6:99:5e:97:28:
27:87:cb:0f:93:bc:f0:29:eb:90:2f:15:a5:45:3f:e3:97:f8:
77:b0:8d:7a:54:e7:8b:1f:f6:00:a6:0b:70:ce:28:05:97:05:
08:45:b9:03:01:cf:e7:06:66:1c:7a:ef:db:50:08:52:fd:36:
85:b9:25:e7:38:6f:81:a4:9a:28:dc:30:06:b3:bb:5d:0f:c8:
47:b9:42:c7:11:5f:59:13:3c:16:d8:fb:00:6c:61:87:0f:c1:
69:19:c3:16:d5:b8:d1:0d:bc:8f:09:3c:7f:57:8d:ad:e4:a0:
50:7c:68:9c:97:b3:15:ab:70:da:6f:2c:6d:2d:33:4a:0d:3f:
77:47:e8:19:0f:c1:16:d0:e2:34:e6:d5:16:9b:9c:95:25:7f:
3a:e9:30:13:e7:8c:07:0d:1c:9a:4d:d2:3a:d2:e0:28:ef:87:
1c:9b:f2:86:c3:3d:99:32:03:71:2d:0d:7b:7e:6c:a0:ca:83:
8e:17:5b:5b
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAYKGNwyUpuhW3xwe8Zy+NmqBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjIwODEwMDUyNTMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTYyOWU3ZTQ3YjQzNDUwNmFhZWZhNTc2NDNmMDk0ZDVmYWE3MGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbU9EhZ2EinrMHKCxyODSkffaCSw
t3JXU7zUCYykaxCJ4bPE8fXqYcrmBk74zQBRFr+tNwrWmH6SLQDi58E5M5x6afQV
3q2FOSOZy+bxOxsI7jxjkqx0wd/f6D4OmUi6p3uTePyVLe3wajzcE3t3E7FtcknZ
3fFaBxNkonnVY8dQgA565g0WFViYXoOZ8k9/lZWbpPFZVzX7cofZYIf3U175Z7Ai
IRNupQgM2CB+j3egEeuJReBT6Kx50/BZIjAiwRuKzWXdWqdaZBdTsZ9SKDv9lKsy
EeCGj04ytrk8/GOTkgjwkzqzQe3oGjSlzP/ehNsYfllF2IH6DIOewRcovQIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFN5inn5HtDRQaq76V2Q/CU1fqnC8MB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvM21LZWZrZTBORkJxcnZwWFpEOEpUVi1xY0x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBmgQCAAEwgZMDAwAF
ygMEBU3toAMEBlUJQAMEAFvR8gMEAFvv1gMEAl/XoAMEBW19oDAMAwQAbegFAwQD
begAAwQCuUgYAwQCuVNYAwQCuWeAMAwDBAK5ffQDBAK5fhADBAK5figDBAK5gxwD
BAO5mwgDBAK5qRQDBAK5qSQDBAK5segDBAK5tDQDBAW8/UADBAHBIFADBAHCIXow
KQQCAAIwIwMFACABTIgDBQMqAs2AAwUDKgePAAMFAyoHj0ADBQMqCk4AMA0GCSqG
SIb3DQEBCwUAA4IBAQBrSgqtf8JrhHLbzEzWxY9POf3TThvBeqJkxEUw1ihMUm5p
3hgdAN4q92rnI6qhlxxYpRbB9h359l1GIxuRAkoaAJ7L5plelygnh8sPk7zwKeuQ
LxWlRT/jl/h3sI16VOeLH/YApgtwzigFlwUIRbkDAc/nBmYceu/bUAhS/TaFuSXn
OG+BpJoo3DAGs7tdD8hHuULHEV9ZEzwW2PsAbGGHD8FpGcMW1bjRDbyPCTx/V42t
5KBQfGicl7MVq3DabyxtLTNKDT93R+gZD8EW0OI05tUWm5yVJX866TAT54wHDRya
TdI60uAo74ccm/KGwz2ZMgNxLQ17fmygyoOOF1tb
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:54 2023 by rpki-client on console-fra.rpki-client.org