Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/tGPDn03XqY2o2esPeuIKUzVzoYs.roa
File: tGPDn03XqY2o2esPeuIKUzVzoYs.roa (raw, json)
Hash identifier: f3Ncywvm2j6ho1+rjpbDePqU0kHFXkf3BmeikhSQJcE=
Subject key identifier: B4:63:C3:9F:4D:D7:A9:8D:A8:D9:EB:0F:7A:E2:0A:53:35:73:A1:8B
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 12A415E7
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/tGPDn03XqY2o2esPeuIKUzVzoYs.roa
Signing time: Sun 09 Jan 2022 12:43:14 +0000
ROA not before: Sun 09 Jan 2022 12:43:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49100
IP address blocks: 109.125.176.0/22 maxlen: 22
185.177.232.0/22 maxlen: 22
109.125.184.0/22 maxlen: 22
109.125.182.0/23 maxlen: 23
109.125.191.0/24 maxlen: 24
109.125.189.0/24 maxlen: 24
109.125.190.0/24 maxlen: 24
91.209.242.0/24 maxlen: 24
85.9.64.0/18 maxlen: 18
109.125.160.0/19 maxlen: 19
194.33.122.0/23 maxlen: 23
185.126.40.0/22 maxlen: 22
5.202.0.0/16 maxlen: 24
109.232.7.0/24 maxlen: 24
109.232.5.0/24 maxlen: 24
109.232.6.0/24 maxlen: 24
185.125.244.0/22 maxlen: 22
185.72.24.0/22 maxlen: 22
185.125.248.0/21 maxlen: 21
185.125.255.0/24 maxlen: 24
185.72.27.0/24 maxlen: 24
185.126.0.0/20 maxlen: 20
185.131.30.0/23 maxlen: 23
185.131.28.0/22 maxlen: 22
185.126.16.0/23 maxlen: 23
5.202.82.0/24 maxlen: 24
5.202.100.0/24 maxlen: 24
5.202.110.0/24 maxlen: 24
193.32.80.0/23 maxlen: 23
185.180.52.0/22 maxlen: 22
95.215.160.0/22 maxlen: 22
185.155.8.0/21 maxlen: 21
77.237.160.0/19 maxlen: 19
185.169.20.0/22 maxlen: 22
91.239.214.0/24 maxlen: 24
185.169.36.0/22 maxlen: 22
185.169.37.0/24 maxlen: 24
185.103.128.0/22 maxlen: 22
185.83.88.0/24 maxlen: 24
185.83.89.0/24 maxlen: 24
185.83.90.0/23 maxlen: 23
5.202.166.0/23 maxlen: 23
188.253.64.0/19 maxlen: 19
2a0a:4e00::/29 maxlen: 29
2a07:8f00::/29 maxlen: 29
2001:4c88::/32 maxlen: 32
2a07:8f40::/29 maxlen: 29
2a02:cd80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 312743399 (0x12a415e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jan 9 12:43:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b463c39f4dd7a98da8d9eb0f7ae20a533573a18b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:04:fe:df:f6:b0:4c:48:45:f8:2e:29:ca:fe:
a9:03:8e:44:6d:7d:3f:04:63:22:c8:7b:e3:75:11:
aa:2b:8e:c2:98:80:32:b7:85:29:34:52:46:08:24:
47:31:2a:27:92:1f:d4:ee:2e:6f:19:49:6b:f4:2b:
76:70:89:25:c0:11:53:96:53:38:13:07:d6:8f:eb:
db:d9:d1:a9:be:48:41:53:7d:e6:14:b7:88:16:ed:
a2:11:6c:7b:19:66:4a:65:4b:aa:0a:c8:39:4e:d0:
cc:bf:8b:d7:58:e7:40:3c:2e:a0:34:41:9d:28:7b:
f1:7b:3b:9f:a4:9b:9a:bf:ea:b0:2b:ca:12:3c:15:
49:64:f4:42:3c:22:b2:b8:09:88:bd:48:c5:dc:de:
e4:e7:71:82:a6:3f:b9:af:00:bf:9e:ce:29:bb:f6:
17:29:1a:70:ea:09:a7:4b:77:3e:1f:9c:fd:80:1e:
60:47:e8:69:19:40:6f:d9:20:1e:8e:8a:63:a3:2d:
29:dd:c9:84:ef:51:5a:52:4d:73:81:ff:83:20:00:
f9:33:a5:54:80:f0:99:dc:78:78:b7:95:28:f5:77:
0b:5c:d4:0f:e9:c6:7d:8c:d3:98:fb:99:40:0c:a6:
6a:20:63:b6:75:63:d6:c5:53:b2:99:53:fc:76:ce:
43:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:63:C3:9F:4D:D7:A9:8D:A8:D9:EB:0F:7A:E2:0A:53:35:73:A1:8B
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/tGPDn03XqY2o2esPeuIKUzVzoYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.0.0/16
77.237.160.0/19
85.9.64.0/18
91.209.242.0/24
91.239.214.0/24
95.215.160.0/22
109.125.160.0/19
109.232.5.0-109.232.7.255
185.72.24.0/22
185.83.88.0/22
185.103.128.0/22
185.125.244.0-185.126.17.255
185.126.40.0/22
185.131.28.0/22
185.155.8.0/21
185.169.20.0/22
185.169.36.0/22
185.177.232.0/22
185.180.52.0/22
188.253.64.0/19
193.32.80.0/23
194.33.122.0/23
IPv6:
2001:4c88::/32
2a02:cd80::/29
2a07:8f00::/29
2a07:8f40::/29
2a0a:4e00::/29
Signature Algorithm: sha256WithRSAEncryption
b3:bc:b9:08:67:8c:8d:61:91:3b:3c:62:6c:1d:67:08:81:db:
d2:d7:09:46:1b:70:ec:68:84:e3:14:d4:64:be:4d:e0:36:0c:
d5:c1:40:de:b9:48:c8:73:3c:b3:00:df:5f:85:82:bd:2c:6e:
c5:52:9a:1b:0d:60:bb:88:56:a9:db:79:a9:29:da:f3:44:16:
c2:b4:26:83:79:81:6e:ff:0c:06:ca:83:eb:7d:5c:46:00:ec:
38:1f:5d:e4:6f:35:41:32:7a:8c:c8:96:7c:2a:8e:bf:b7:7a:
8a:03:e6:25:53:f1:ff:8b:ec:b7:16:01:4d:09:df:29:25:27:
c7:99:b5:6b:68:c3:00:a6:d7:0a:f2:d8:85:c6:de:83:08:0b:
71:32:fc:5a:4f:fd:17:8f:5d:09:f3:87:ed:63:3b:85:98:7f:
4f:e4:b9:1f:f9:33:7a:2f:24:90:0f:fa:2a:bc:a5:eb:71:b0:
a7:c4:16:c4:18:cd:2b:7d:7e:0c:62:69:63:3d:29:89:91:0f:
bf:b1:a5:93:e7:9b:68:f9:5e:cc:59:42:4d:28:8c:e9:f8:7f:
58:1b:8d:ed:77:04:4c:2f:7f:82:81:10:82:de:73:95:53:07:
49:7c:1c:0d:67:dc:fc:36:e0:fc:5b:85:c7:40:8c:ba:2d:f2:
fa:8a:94:7c
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIEEqQV5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTFlNjkzNjhhYmQzNDUzOGZlNzdkZGFhYmNkYzgzNWFmNTk1ZWJhMB4XDTIyMDEw
OTEyNDMxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjQ2M2MzOWY0ZGQ3
YTk4ZGE4ZDllYjBmN2FlMjBhNTMzNTczYTE4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMAE/t/2sExIRfguKcr+qQOORG19PwRjIsh743URqiuOwpiA
MreFKTRSRggkRzEqJ5If1O4ubxlJa/QrdnCJJcARU5ZTOBMH1o/r29nRqb5IQVN9
5hS3iBbtohFsexlmSmVLqgrIOU7QzL+L11jnQDwuoDRBnSh78Xs7n6Sbmr/qsCvK
EjwVSWT0QjwisrgJiL1Ixdze5OdxgqY/ua8Av57OKbv2FykacOoJp0t3Ph+c/YAe
YEfoaRlAb9kgHo6KY6MtKd3JhO9RWlJNc4H/gyAA+TOlVIDwmdx4eLeVKPV3C1zU
D+nGfYzTmPuZQAymaiBjtnVj1sVTsplT/HbOQ3kCAwEAAaOCAsYwggLCMB0GA1Ud
DgQWBBS0Y8OfTdepjajZ6w964gpTNXOhizAfBgNVHSMEGDAWgBSaHmk2ir00U4/n
fdqrzcg1r1leujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21oNXBOb3E5TkZPUDUzM2FxODNJTmE5Wlhyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvNzg4NmY0LTVmY2MtNGQ0NC1iZDYyLTEwOTgyZTA0MGQ1My8x
L3RHUERuMDNYcVkybzJlc1BldUlLVXpWem9Zcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
Nzg4NmY0LTVmY2MtNGQ0NC1iZDYyLTEwOTgyZTA0MGQ1My8xL21oNXBOb3E5TkZP
UDUzM2FxODNJTmE5Wlhyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
2wYIKwYBBQUHAQcBAf8EgcswgcgwgZoEAgABMIGTAwMABcoDBAVN7aADBAZVCUAD
BABb0fIDBABb79YDBAJf16ADBAVtfaAwDAMEAG3oBQMEA23oAAMEArlIGAMEArlT
WAMEArlngDAMAwQCuX30AwQBuX4QAwQCuX4oAwQCuYMcAwQDuZsIAwQCuakUAwQC
uakkAwQCubHoAwQCubQ0AwQFvP1AAwQBwSBQAwQBwiF6MCkEAgACMCMDBQAgAUyI
AwUDKgLNgAMFAyoHjwADBQMqB49AAwUDKgpOADANBgkqhkiG9w0BAQsFAAOCAQEA
s7y5CGeMjWGROzxibB1nCIHb0tcJRhtw7GiE4xTUZL5N4DYM1cFA3rlIyHM8swDf
X4WCvSxuxVKaGw1gu4hWqdt5qSna80QWwrQmg3mBbv8MBsqD631cRgDsOB9d5G81
QTJ6jMiWfCqOv7d6igPmJVPx/4vstxYBTQnfKSUnx5m1a2jDAKbXCvLYhcbegwgL
cTL8Wk/9F49dCfOH7WM7hZh/T+S5H/kzei8kkA/6Kryl63Gwp8QWxBjNK31+DGJp
Yz0piZEPv7Glk+ebaPlezFlCTSiM6fh/WBuN7XcETC9/goEQgt5zlVMHSXwcDWfc
/Dbg/FuFx0CMui3y+oqUfA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:54 2023 by rpki-client on console-fra.rpki-client.org