Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ulBWYwN7FBAtg8FywtM_ajCdR0U.roa
File: ulBWYwN7FBAtg8FywtM_ajCdR0U.roa (raw, json)
Hash identifier: Aw0XOAYSPpHoYhXF2M+goMUQ9JAWb59uOrDKV77zJLg=
Subject key identifier: BA:50:56:63:03:7B:14:10:2D:83:C1:72:C2:D3:3F:6A:30:9D:47:45
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 0753E41B
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ulBWYwN7FBAtg8FywtM_ajCdR0U.roa
Signing time: Wed 29 Jun 2022 07:41:02 +0000
ROA not before: Wed 29 Jun 2022 07:41:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25211
IP address blocks: 94.26.79.0/24 maxlen: 24
94.26.90.0/24 maxlen: 24
94.26.28.0/24 maxlen: 24
94.26.29.0/24 maxlen: 24
185.96.253.0/24 maxlen: 24
185.96.252.0/24 maxlen: 24
185.96.255.0/24 maxlen: 24
94.26.76.0/24 maxlen: 24
94.26.78.0/24 maxlen: 24
94.26.77.0/24 maxlen: 24
91.92.33.0/24 maxlen: 24
78.159.130.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
78.159.128.0/24 maxlen: 24
91.92.35.0/24 maxlen: 24
78.159.129.0/24 maxlen: 24
78.159.137.0/24 maxlen: 24
91.92.40.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
78.159.138.0/24 maxlen: 24
91.92.44.0/24 maxlen: 24
93.152.205.0/24 maxlen: 24
91.92.41.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
78.159.136.0/24 maxlen: 24
78.159.139.0/24 maxlen: 24
91.92.46.0/24 maxlen: 24
93.152.213.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
91.92.47.0/24 maxlen: 24
91.92.45.0/24 maxlen: 24
91.92.50.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
91.92.51.0/24 maxlen: 24
93.152.212.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
91.92.53.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
91.92.52.0/24 maxlen: 24
78.159.152.0/22 maxlen: 22
78.159.149.0/24 maxlen: 24
78.159.150.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
78.159.158.0/24 maxlen: 24
93.152.225.0/24 maxlen: 24
93.152.226.0/24 maxlen: 24
93.152.224.0/24 maxlen: 24
78.159.157.0/24 maxlen: 24
93.152.230.0/24 maxlen: 24
45.141.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122938395 (0x753e41b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jun 29 07:41:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba505663037b14102d83c172c2d33f6a309d4745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a3:7c:d6:0d:79:c9:a8:57:8f:86:de:62:4c:
7d:07:27:7c:18:e4:35:c2:f3:68:76:bb:02:1d:81:
64:e7:3c:84:88:16:af:9a:cf:2d:b2:ed:4f:d3:e7:
fd:17:69:45:f7:6e:19:da:ca:fa:bf:72:2c:f8:6b:
2f:b0:91:56:bb:33:bc:f8:d8:37:31:4e:7c:e8:bd:
d4:3b:25:5a:51:dc:08:ba:91:59:f4:df:80:f0:94:
91:9a:bd:5e:df:6b:bc:e1:60:89:cb:65:17:12:a7:
5f:26:c2:c5:d1:58:3e:60:9f:70:50:57:41:0e:6e:
21:e0:b1:18:85:b8:48:c4:41:b8:de:bd:4e:87:6a:
97:25:a3:3f:92:08:e7:71:c9:6f:b8:4b:6b:5c:5d:
23:11:8f:7d:2e:7e:bb:41:91:3f:c3:43:9f:18:d0:
db:0b:62:79:db:00:02:95:0f:78:3f:2e:15:36:a1:
92:d9:39:3c:8b:77:65:11:4a:c8:09:bd:38:c5:b8:
de:b0:55:94:a0:b2:fc:3c:de:87:e2:bc:02:6e:37:
03:85:b7:f8:6c:f8:f4:e0:d7:c8:dd:4d:a4:05:cd:
d8:76:bb:2b:f5:2c:e1:63:e4:7f:c2:c9:38:94:d3:
4d:24:d6:13:28:f5:74:c0:de:85:70:a2:c6:9e:5f:
68:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:50:56:63:03:7B:14:10:2D:83:C1:72:C2:D3:3F:6A:30:9D:47:45
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ulBWYwN7FBAtg8FywtM_ajCdR0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.234.0/24
78.159.128.0/22
78.159.136.0/22
78.159.149.0-78.159.150.255
78.159.152.0/22
78.159.157.0-78.159.158.255
91.92.33.0/24
91.92.35.0/24
91.92.40.0/21
91.92.49.0-91.92.53.255
93.152.205.0/24
93.152.209.0-93.152.210.255
93.152.212.0/22
93.152.220.0/23
93.152.224.0-93.152.226.255
93.152.230.0/24
94.26.28.0/23
94.26.76.0/22
94.26.90.0/24
185.96.252.0/23
185.96.255.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:51:51:8d:ce:81:e0:a5:68:d0:b3:9d:b5:48:53:65:a7:9e:
3c:be:cc:af:21:b1:44:53:2f:b3:27:31:b4:fd:64:ce:d7:fd:
49:32:40:23:77:45:d7:f7:cb:6d:4d:a0:cf:eb:01:4a:f1:12:
cc:f1:e6:23:19:7a:d3:76:90:72:47:04:01:d3:ca:49:ea:8b:
5e:5c:35:e1:ab:78:95:64:cd:b2:ee:88:cd:5f:8f:05:10:bb:
64:3d:e8:1e:0e:57:c8:ea:72:6b:7a:d7:ca:7d:4c:e6:7c:a0:
92:1b:f0:1a:60:37:6d:47:26:7a:b3:09:ae:c6:a1:d5:71:ef:
18:86:f6:77:04:b8:b5:a4:23:7d:d9:de:8d:e6:94:a2:eb:f3:
56:73:7d:19:85:65:77:5e:f1:01:86:2b:05:95:61:4f:a7:47:
c8:d4:5a:8c:e8:97:ac:50:be:ca:93:2d:b6:2c:6f:4f:88:7f:
f8:4a:bf:bb:01:d1:db:97:d4:b5:7a:84:b3:20:fe:50:db:f8:
aa:55:77:7d:92:8c:3e:eb:12:07:9f:dc:b0:6a:b2:77:ec:76:
bc:3e:13:56:50:88:78:11:c3:63:75:33:9b:30:4c:69:55:5d:
05:ff:39:f3:c3:0a:8b:c6:20:1f:4b:17:b6:1c:28:5e:8c:b7:
a6:1e:1e:93
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgIEB1PkGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDFjYWE2OTM1OGY4Yzk4ZjdhNzE5ZjI1OTdkNWRhZGRiZDAwMThjMB4XDTIyMDYy
OTA3NDEwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmE1MDU2NjMwMzdi
MTQxMDJkODNjMTcyYzJkMzNmNmEzMDlkNDc0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIqjfNYNecmoV4+G3mJMfQcnfBjkNcLzaHa7Ah2BZOc8hIgW
r5rPLbLtT9Pn/RdpRfduGdrK+r9yLPhrL7CRVrszvPjYNzFOfOi91DslWlHcCLqR
WfTfgPCUkZq9Xt9rvOFgictlFxKnXybCxdFYPmCfcFBXQQ5uIeCxGIW4SMRBuN69
TodqlyWjP5II53HJb7hLa1xdIxGPfS5+u0GRP8NDnxjQ2wtiedsAApUPeD8uFTah
ktk5PIt3ZRFKyAm9OMW43rBVlKCy/Dzeh+K8Am43A4W3+Gz49ODXyN1NpAXN2Ha7
K/Us4WPkf8LJOJTTTSTWEyj1dMDehXCixp5faPkCAwEAAaOCAq4wggKqMB0GA1Ud
DgQWBBS6UFZjA3sUEC2DwXLC0z9qMJ1HRTAfBgNVHSMEGDAWgBQtHKppNY+MmPen
GfJZfV2t29ABjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8x
L3VsQldZd043RkJBdGc4Rnl3dE1fYWpDZFIwVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8xL0xSeXFhVFdQakpq
M3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
wwYIKwYBBQUHAQcBAf8EgbMwgbAwga0EAgABMIGmAwQALY3qAwQCTp+AAwQCTp+I
MAwDBABOn5UDBABOn5YDBAJOn5gwDAMEAE6fnQMEAE6fngMEAFtcIQMEAFtcIwME
A1tcKDAMAwQAW1wxAwQBW1w0AwQAXZjNMAwDBABdmNEDBABdmNIDBAJdmNQDBAFd
mNwwDAMEBV2Y4AMEAF2Y4gMEAF2Y5gMEAV4aHAMEAl4aTAMEAF4aWgMEAblg/AME
ALlg/zANBgkqhkiG9w0BAQsFAAOCAQEAC1FRjc6B4KVo0LOdtUhTZaeePL7MryGx
RFMvsycxtP1kztf9STJAI3dF1/fLbU2gz+sBSvESzPHmIxl603aQckcEAdPKSeqL
Xlw14at4lWTNsu6IzV+PBRC7ZD3oHg5XyOpya3rXyn1M5nygkhvwGmA3bUcmerMJ
rsah1XHvGIb2dwS4taQjfdnejeaUouvzVnN9GYVld17xAYYrBZVhT6dHyNRajOiX
rFC+ypMttixvT4h/+Eq/uwHR25fUtXqEsyD+UNv4qlV3fZKMPusSB5/csGqyd+x2
vD4TVlCIeBHDY3UzmzBMaVVdBf8588MKi8YgH0sXthwoXoy3ph4ekw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:07 2023 by rpki-client on console-fra.rpki-client.org