Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/sg35GCtytL7D2vUoyizv5maRzfY.roa
File: sg35GCtytL7D2vUoyizv5maRzfY.roa (raw, json)
Hash identifier: 7mW5cWYD38ZIyplp7ZmhqhawuIGRo0CGzPTuEixzG+0=
Subject key identifier: B2:0D:F9:18:2B:72:B4:BE:C3:DA:F5:28:CA:2C:EF:E6:66:91:CD:F6
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 0183306585F793DDF7DFED65E544616E82DB
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/sg35GCtytL7D2vUoyizv5maRzfY.roa
Signing time: Mon 12 Sep 2022 06:31:43 +0000
ROA not before: Mon 12 Sep 2022 06:31:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49100
IP address blocks: 185.177.232.0/22 maxlen: 22
85.9.64.0/18 maxlen: 18
194.33.122.0/23 maxlen: 23
5.202.0.0/16 maxlen: 24
109.232.7.0/24 maxlen: 24
109.232.5.0/24 maxlen: 24
109.232.6.0/24 maxlen: 24
185.131.30.0/23 maxlen: 23
185.131.28.0/22 maxlen: 22
193.32.80.0/23 maxlen: 23
185.180.52.0/22 maxlen: 22
77.237.160.0/19 maxlen: 19
185.103.128.0/22 maxlen: 22
185.83.88.0/24 maxlen: 24
185.83.89.0/24 maxlen: 24
185.83.90.0/23 maxlen: 23
109.125.176.0/22 maxlen: 22
109.125.184.0/22 maxlen: 22
109.125.182.0/23 maxlen: 23
109.125.191.0/24 maxlen: 24
109.125.189.0/24 maxlen: 24
109.125.190.0/24 maxlen: 24
91.209.242.0/24 maxlen: 24
109.125.160.0/19 maxlen: 19
185.126.40.0/22 maxlen: 22
185.125.244.0/22 maxlen: 22
185.72.24.0/22 maxlen: 22
185.125.248.0/21 maxlen: 21
185.125.255.0/24 maxlen: 24
185.72.27.0/24 maxlen: 24
185.126.0.0/20 maxlen: 20
185.126.16.0/22 maxlen: 22
185.126.16.0/23 maxlen: 23
5.202.82.0/24 maxlen: 24
5.202.100.0/24 maxlen: 24
5.202.110.0/24 maxlen: 24
95.215.160.0/22 maxlen: 22
185.155.8.0/21 maxlen: 21
185.169.20.0/22 maxlen: 22
91.239.214.0/24 maxlen: 24
185.169.36.0/22 maxlen: 22
185.169.37.0/24 maxlen: 24
188.253.32.0/19 maxlen: 24
5.202.166.0/23 maxlen: 23
188.253.64.0/19 maxlen: 19
2a07:8f40::/29 maxlen: 29
2a0a:4e00::/29 maxlen: 29
2a07:8f00::/29 maxlen: 29
2001:4c88::/32 maxlen: 32
2a02:cd80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:30:65:85:f7:93:dd:f7:df:ed:65:e5:44:61:6e:82:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Sep 12 06:31:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b20df9182b72b4bec3daf528ca2cefe66691cdf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1f:1b:5d:1d:2f:7b:d8:13:a8:3c:4f:2f:8f:
6c:0b:59:a3:c9:46:5d:77:ec:df:4e:95:06:ed:a4:
bc:f5:51:4a:e4:9c:3b:1f:68:15:3a:0f:a3:01:73:
7c:7d:7f:9e:55:9c:06:98:88:05:19:dc:f1:3d:09:
b0:69:fa:3f:27:ad:ce:f8:bf:40:e1:46:93:12:f7:
b1:e0:e4:f4:af:8e:c8:4a:96:33:c0:92:b0:2f:85:
da:02:db:09:fe:ca:52:00:ee:22:7e:16:90:26:67:
f1:50:e0:d7:34:d6:17:f1:f3:12:b2:9e:a6:bf:db:
32:28:9b:90:c9:5b:4c:05:39:c0:90:10:15:d6:50:
81:eb:be:1d:25:36:1b:71:bd:45:ce:c8:de:a4:7d:
cf:69:9c:b9:6a:29:ba:dd:dd:10:7a:85:36:97:b7:
2d:a9:27:b4:a3:0f:12:38:30:ab:e5:9b:6f:34:a9:
a3:00:13:6f:12:9c:41:95:62:98:ca:30:d1:85:ac:
7e:03:5c:81:d2:0a:ed:f8:95:65:db:13:12:b4:51:
21:06:33:54:8f:4a:3a:26:a7:b0:2e:95:7c:b7:26:
a9:63:d5:48:a4:63:eb:b0:03:3e:07:c7:24:1b:1a:
7f:3f:6e:41:eb:40:93:8d:3b:c6:0e:84:40:7c:6c:
2b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:0D:F9:18:2B:72:B4:BE:C3:DA:F5:28:CA:2C:EF:E6:66:91:CD:F6
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/sg35GCtytL7D2vUoyizv5maRzfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.0.0/16
77.237.160.0/19
85.9.64.0/18
91.209.242.0/24
91.239.214.0/24
95.215.160.0/22
109.125.160.0/19
109.232.5.0-109.232.7.255
185.72.24.0/22
185.83.88.0/22
185.103.128.0/22
185.125.244.0-185.126.19.255
185.126.40.0/22
185.131.28.0/22
185.155.8.0/21
185.169.20.0/22
185.169.36.0/22
185.177.232.0/22
185.180.52.0/22
188.253.32.0-188.253.95.255
193.32.80.0/23
194.33.122.0/23
IPv6:
2001:4c88::/32
2a02:cd80::/29
2a07:8f00::/29
2a07:8f40::/29
2a0a:4e00::/29
Signature Algorithm: sha256WithRSAEncryption
02:a2:55:a7:63:4e:c4:0f:5c:4e:0a:71:4a:e3:48:17:52:85:
52:46:57:20:cf:72:e9:d5:b3:3e:65:1b:d0:dd:58:c6:e9:9b:
80:d5:44:21:2a:7c:55:68:01:fd:5b:31:31:9d:ba:30:96:2f:
c0:a6:0d:f1:66:a9:db:41:82:a6:c3:42:9d:d6:1c:b1:b7:2f:
bb:b6:d4:e0:5c:f1:eb:bd:b2:8b:f7:09:2a:3b:98:30:75:dd:
52:dc:a9:d5:64:30:57:0c:9a:4e:47:a3:cf:82:ea:3f:a2:c4:
b1:52:c4:4b:df:c6:96:c0:13:57:0b:fd:94:48:2b:1a:ed:d9:
28:02:2a:fb:c3:9c:72:16:40:43:ce:a6:d4:5c:05:ab:88:25:
a4:68:28:35:00:cc:0f:0a:46:1e:f6:ce:6f:cd:31:c1:8f:f8:
3d:b2:a6:0c:90:23:9c:f7:c7:10:93:73:8c:83:85:a3:73:f6:
e2:4d:92:59:7e:f5:89:41:79:d8:9f:1d:95:41:75:72:a2:48:
03:10:aa:49:33:23:e3:57:a9:7e:e8:6c:00:56:0d:f6:ef:26:
b4:a3:6b:f7:92:2d:6f:92:bc:b1:8e:01:f9:b2:94:68:10:19:
f4:7f:3f:84:69:d8:c6:ae:96:f6:f3:c6:75:0b:1d:c1:62:0f:
01:d1:8b:5f
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAYMwZYX3k9333+1l5URhboLbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjIwOTEyMDYzMTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjBkZjkxODJiNzJiNGJlYzNkYWY1MjhjYTJjZWZlNjY2OTFjZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmB8bXR0ve9gTqDxPL49sC1mjyUZd
d+zfTpUG7aS89VFK5Jw7H2gVOg+jAXN8fX+eVZwGmIgFGdzxPQmwafo/J63O+L9A
4UaTEvex4OT0r47ISpYzwJKwL4XaAtsJ/spSAO4ifhaQJmfxUODXNNYX8fMSsp6m
v9syKJuQyVtMBTnAkBAV1lCB674dJTYbcb1FzsjepH3PaZy5aim63d0QeoU2l7ct
qSe0ow8SODCr5ZtvNKmjABNvEpxBlWKYyjDRhax+A1yB0grt+JVl2xMStFEhBjNU
j0o6JqewLpV8tyapY9VIpGPrsAM+B8ckGxp/P25B60CTjTvGDoRAfGwrnQIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFLIN+RgrcrS+w9r1KMos7+Zmkc32MB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvc2czNUdDdHl0TDdEMnZVb3lpenY1bWFSemZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DCBogQCAAEwgZsDAwAF
ygMEBU3toAMEBlUJQAMEAFvR8gMEAFvv1gMEAl/XoAMEBW19oDAMAwQAbegFAwQD
begAAwQCuUgYAwQCuVNYAwQCuWeAMAwDBAK5ffQDBAK5fhADBAK5figDBAK5gxwD
BAO5mwgDBAK5qRQDBAK5qSQDBAK5segDBAK5tDQwDAMEBbz9IAMEBbz9QAMEAcEg
UAMEAcIhejApBAIAAjAjAwUAIAFMiAMFAyoCzYADBQMqB48AAwUDKgePQAMFAyoK
TgAwDQYJKoZIhvcNAQELBQADggEBAAKiVadjTsQPXE4KcUrjSBdShVJGVyDPcunV
sz5lG9DdWMbpm4DVRCEqfFVoAf1bMTGdujCWL8CmDfFmqdtBgqbDQp3WHLG3L7u2
1OBc8eu9sov3CSo7mDB13VLcqdVkMFcMmk5Ho8+C6j+ixLFSxEvfxpbAE1cL/ZRI
Kxrt2SgCKvvDnHIWQEPOptRcBauIJaRoKDUAzA8KRh72zm/NMcGP+D2ypgyQI5z3
xxCTc4yDhaNz9uJNkll+9YlBedifHZVBdXKiSAMQqkkzI+NXqX7obABWDfbvJrSj
a/eSLW+SvLGOAfmylGgQGfR/P4Rp2MaulvbzxnULHcFiDwHRi18=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org