Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/ql2RYz1lhLvZfv6jk1CIadM6YbE.roa
File: ql2RYz1lhLvZfv6jk1CIadM6YbE.roa (raw, json)
Hash identifier: fE4XrFR2IviKjGoYHpNErfQsx+lXvePI5XhEk8U1mYc=
Subject key identifier: AA:5D:91:63:3D:65:84:BB:D9:7E:FE:A3:93:50:88:69:D3:3A:61:B1
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 01834FD699BEEE9C929E0218BA08BBF2B9DF
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/ql2RYz1lhLvZfv6jk1CIadM6YbE.roa
Signing time: Sun 18 Sep 2022 09:03:27 +0000
ROA not before: Sun 18 Sep 2022 09:03:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49100
IP address blocks: 185.177.232.0/22 maxlen: 22
85.9.64.0/18 maxlen: 18
194.33.122.0/23 maxlen: 23
5.202.0.0/16 maxlen: 24
109.232.7.0/24 maxlen: 24
109.232.5.0/24 maxlen: 24
109.232.6.0/24 maxlen: 24
185.131.30.0/23 maxlen: 23
185.131.28.0/22 maxlen: 22
193.32.80.0/23 maxlen: 23
185.180.52.0/22 maxlen: 22
77.237.160.0/19 maxlen: 19
185.103.128.0/22 maxlen: 22
185.83.88.0/24 maxlen: 24
185.83.89.0/24 maxlen: 24
185.83.90.0/23 maxlen: 23
109.125.176.0/22 maxlen: 22
109.125.184.0/22 maxlen: 22
109.125.182.0/23 maxlen: 23
109.125.191.0/24 maxlen: 24
109.125.189.0/24 maxlen: 24
109.125.190.0/24 maxlen: 24
91.209.242.0/24 maxlen: 24
109.125.160.0/19 maxlen: 19
185.126.40.0/22 maxlen: 22
185.125.244.0/22 maxlen: 22
185.72.24.0/22 maxlen: 22
185.125.248.0/21 maxlen: 21
185.125.255.0/24 maxlen: 24
185.72.27.0/24 maxlen: 24
185.126.0.0/20 maxlen: 20
185.126.16.0/22 maxlen: 22
185.126.16.0/23 maxlen: 23
5.202.82.0/24 maxlen: 24
5.202.100.0/24 maxlen: 24
5.202.110.0/24 maxlen: 24
95.215.160.0/22 maxlen: 22
185.155.8.0/21 maxlen: 21
185.169.20.0/22 maxlen: 22
91.239.214.0/24 maxlen: 24
185.169.36.0/22 maxlen: 22
185.169.37.0/24 maxlen: 24
188.253.32.0/19 maxlen: 24
5.202.166.0/23 maxlen: 23
188.253.64.0/19 maxlen: 24
2a07:8f40::/29 maxlen: 29
2a0a:4e00::/29 maxlen: 29
2a07:8f00::/29 maxlen: 29
2001:4c88::/32 maxlen: 32
2a02:cd80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:4f:d6:99:be:ee:9c:92:9e:02:18:ba:08:bb:f2:b9:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Sep 18 09:03:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa5d91633d6584bbd97efea393508869d33a61b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3d:10:2d:f6:59:20:28:84:a1:ae:be:63:34:
6e:24:37:2f:bc:dd:5e:c8:30:aa:dc:6e:2e:df:dc:
0f:fc:02:54:fc:d2:d1:6c:92:dc:ab:79:d5:87:69:
0c:de:49:e4:30:12:6d:56:85:30:24:2e:24:ae:0e:
52:f9:93:bf:75:7f:59:ca:1b:b5:63:ac:61:89:bf:
1e:0a:b6:ff:5f:2e:71:68:56:c0:74:f2:48:48:c5:
c0:89:9c:f2:d0:8b:4a:2d:a8:b1:c9:13:43:a5:c0:
64:67:49:63:e9:ea:df:87:ef:fc:86:50:f2:63:1a:
11:f6:8e:7b:67:74:73:ba:7b:ee:28:6b:46:9e:28:
fd:bd:b3:65:95:47:58:71:80:f3:26:4e:f2:e2:57:
ee:84:54:e7:68:82:13:6d:39:71:48:af:75:f6:22:
72:72:a7:65:90:b3:2e:93:19:a7:dc:6f:67:36:53:
c6:1f:ed:59:9a:6d:8a:af:f9:2b:3d:4a:67:d5:9c:
3f:80:e3:60:a7:10:95:d6:07:48:6c:a6:a0:44:9f:
ff:cc:00:6a:1a:6e:c9:75:3d:d5:ff:fa:3c:38:4b:
8a:1f:c2:27:ca:73:66:f8:aa:5e:4d:e2:74:47:8a:
ca:0f:2d:5f:31:d3:40:38:fd:c4:90:d5:00:32:b6:
28:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:5D:91:63:3D:65:84:BB:D9:7E:FE:A3:93:50:88:69:D3:3A:61:B1
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/ql2RYz1lhLvZfv6jk1CIadM6YbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.0.0/16
77.237.160.0/19
85.9.64.0/18
91.209.242.0/24
91.239.214.0/24
95.215.160.0/22
109.125.160.0/19
109.232.5.0-109.232.7.255
185.72.24.0/22
185.83.88.0/22
185.103.128.0/22
185.125.244.0-185.126.19.255
185.126.40.0/22
185.131.28.0/22
185.155.8.0/21
185.169.20.0/22
185.169.36.0/22
185.177.232.0/22
185.180.52.0/22
188.253.32.0-188.253.95.255
193.32.80.0/23
194.33.122.0/23
IPv6:
2001:4c88::/32
2a02:cd80::/29
2a07:8f00::/29
2a07:8f40::/29
2a0a:4e00::/29
Signature Algorithm: sha256WithRSAEncryption
4a:3c:5a:12:fe:c3:54:ec:be:9d:d6:4b:04:e8:7d:81:94:4e:
72:b2:03:70:d8:ce:a4:c3:47:a8:86:77:85:a9:61:fd:f5:5d:
82:6f:48:08:3e:ae:1e:84:a7:4d:f5:67:db:bd:91:a7:23:ed:
02:d7:b4:26:30:13:18:ba:cf:aa:46:de:ac:43:bf:8b:23:e3:
98:63:d6:96:94:44:88:fd:b1:a8:fc:a0:ed:28:0f:ca:13:d6:
6b:e5:4a:2e:b2:1b:33:ef:f4:6b:4a:1b:05:7a:ed:29:2b:09:
87:47:f2:c6:98:ff:70:b2:b7:f6:10:f2:c5:2c:e8:05:36:50:
cc:3c:f0:48:4b:1f:c2:e9:ef:b1:67:fe:14:d9:b1:30:43:85:
6b:2d:f6:62:f9:78:21:f8:a5:5d:17:68:b3:6a:ac:a3:68:7f:
75:39:58:01:62:6f:0e:dc:d7:6e:97:ef:82:93:f4:fb:c6:56:
2a:85:b3:81:b6:56:f1:94:93:fd:eb:34:95:10:86:3b:47:fd:
2a:8c:90:df:f5:b4:40:34:bf:e9:bd:bd:16:c9:8a:5b:25:51:
6c:15:86:6b:16:b7:b8:13:a8:44:14:bb:1c:05:3d:2c:88:37:
90:bb:66:34:1d:01:16:c6:ee:e5:ca:cb:d6:77:e7:75:2f:dd:
f4:ea:de:68
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAYNP1pm+7pySngIYugi78rnfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjIwOTE4MDkwMzI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTVkOTE2MzNkNjU4NGJiZDk3ZWZlYTM5MzUwODg2OWQzM2E2MWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqT0QLfZZICiEoa6+YzRuJDcvvN1e
yDCq3G4u39wP/AJU/NLRbJLcq3nVh2kM3knkMBJtVoUwJC4krg5S+ZO/dX9Zyhu1
Y6xhib8eCrb/Xy5xaFbAdPJISMXAiZzy0ItKLaixyRNDpcBkZ0lj6erfh+/8hlDy
YxoR9o57Z3RzunvuKGtGnij9vbNllUdYcYDzJk7y4lfuhFTnaIITbTlxSK919iJy
cqdlkLMukxmn3G9nNlPGH+1Zmm2Kr/krPUpn1Zw/gONgpxCV1gdIbKagRJ//zABq
Gm7JdT3V//o8OEuKH8InynNm+KpeTeJ0R4rKDy1fMdNAOP3EkNUAMrYoJQIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFKpdkWM9ZYS72X7+o5NQiGnTOmGxMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvcWwyUll6MWxoTHZaZnY2amsxQ0lhZE02WWJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DCBogQCAAEwgZsDAwAF
ygMEBU3toAMEBlUJQAMEAFvR8gMEAFvv1gMEAl/XoAMEBW19oDAMAwQAbegFAwQD
begAAwQCuUgYAwQCuVNYAwQCuWeAMAwDBAK5ffQDBAK5fhADBAK5figDBAK5gxwD
BAO5mwgDBAK5qRQDBAK5qSQDBAK5segDBAK5tDQwDAMEBbz9IAMEBbz9QAMEAcEg
UAMEAcIhejApBAIAAjAjAwUAIAFMiAMFAyoCzYADBQMqB48AAwUDKgePQAMFAyoK
TgAwDQYJKoZIhvcNAQELBQADggEBAEo8WhL+w1Tsvp3WSwTofYGUTnKyA3DYzqTD
R6iGd4WpYf31XYJvSAg+rh6Ep031Z9u9kacj7QLXtCYwExi6z6pG3qxDv4sj45hj
1paURIj9saj8oO0oD8oT1mvlSi6yGzPv9GtKGwV67SkrCYdH8saY/3Cyt/YQ8sUs
6AU2UMw88EhLH8Lp77Fn/hTZsTBDhWst9mL5eCH4pV0XaLNqrKNof3U5WAFibw7c
126X74KT9PvGViqFs4G2VvGUk/3rNJUQhjtH/SqMkN/1tEA0v+m9vRbJilslUWwV
hmsWt7gTqEQUuxwFPSyIN5C7ZjQdARbG7uXKy9Z353Uv3fTq3mg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org