Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/N-jB0C0jl3AvkN5_brSEAYzl2fQ.roa
File: N-jB0C0jl3AvkN5_brSEAYzl2fQ.roa (raw, json)
Hash identifier: yCkUhBuWOPrDlMKwDAuLExYnLurmk5KMVYVI2zW1fkM=
Subject key identifier: 37:E8:C1:D0:2D:23:97:70:2F:90:DE:7F:6E:B4:84:01:8C:E5:D9:F4
Certificate issuer: /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial: 0182438F594BEB6F71004B1C9F3EF277E6C0
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/N-jB0C0jl3AvkN5_brSEAYzl2fQ.roa
Signing time: Thu 28 Jul 2022 06:47:24 +0000
ROA not before: Thu 28 Jul 2022 06:47:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44709
IP address blocks: 91.228.126.0/23 maxlen: 23
194.36.91.0/24 maxlen: 24
194.36.90.0/24 maxlen: 24
194.36.89.0/24 maxlen: 24
5.100.250.0/23 maxlen: 23
5.100.251.0/24 maxlen: 24
5.100.250.0/24 maxlen: 24
5.100.252.0/23 maxlen: 23
5.100.253.0/24 maxlen: 24
5.100.252.0/24 maxlen: 24
5.100.249.0/24 maxlen: 24
5.100.248.0/23 maxlen: 23
5.100.248.0/24 maxlen: 24
212.80.204.0/24 maxlen: 24
212.80.206.0/24 maxlen: 24
212.80.205.0/24 maxlen: 24
5.100.254.0/24 maxlen: 24
5.100.254.0/23 maxlen: 23
5.100.255.0/24 maxlen: 24
212.80.207.0/24 maxlen: 24
188.191.147.0/24 maxlen: 24
31.133.103.0/24 maxlen: 24
31.133.102.0/24 maxlen: 24
31.133.100.0/24 maxlen: 24
195.28.181.0/24 maxlen: 24
195.28.180.0/24 maxlen: 24
109.207.76.0/24 maxlen: 24
185.241.4.0/24 maxlen: 24
109.207.79.0/24 maxlen: 24
185.241.7.0/24 maxlen: 24
185.241.6.0/24 maxlen: 24
185.241.5.0/24 maxlen: 24
185.220.207.0/24 maxlen: 24
45.83.40.0/24 maxlen: 24
45.83.43.0/24 maxlen: 24
45.83.42.0/24 maxlen: 24
45.93.95.0/24 maxlen: 24
45.93.92.0/24 maxlen: 24
45.93.94.0/24 maxlen: 24
81.28.7.0/24 maxlen: 24
91.223.106.0/24 maxlen: 24
63.250.63.0/24 maxlen: 24
63.250.61.0/24 maxlen: 24
63.250.62.0/24 maxlen: 24
185.28.152.0/24 maxlen: 24
185.28.154.0/24 maxlen: 24
185.28.153.0/24 maxlen: 24
185.28.155.0/24 maxlen: 24
83.229.71.0/24 maxlen: 24
83.229.70.0/24 maxlen: 24
83.229.74.0/24 maxlen: 24
83.229.73.0/24 maxlen: 24
83.229.72.0/24 maxlen: 24
185.253.75.0/24 maxlen: 24
185.253.73.0/24 maxlen: 24
185.162.125.0/24 maxlen: 24
185.162.124.0/24 maxlen: 24
185.162.126.0/24 maxlen: 24
91.202.171.0/24 maxlen: 24
91.202.168.0/24 maxlen: 24
91.202.170.0/24 maxlen: 24
91.202.169.0/24 maxlen: 24
91.226.72.0/24 maxlen: 24
2a06:c5c0:900::/48 maxlen: 48
2a06:c5c0:700::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:43:8f:59:4b:eb:6f:71:00:4b:1c:9f:3e:f2:77:e6:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Validity
Not Before: Jul 28 06:47:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=37e8c1d02d2397702f90de7f6eb484018ce5d9f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:64:ed:16:10:88:7c:76:e7:c7:8d:c4:ce:e9:
70:6c:86:8c:2a:2d:c3:82:c5:10:1c:48:12:75:39:
46:5a:71:66:3f:57:a1:7c:c2:1b:63:94:d2:35:bf:
58:00:21:76:30:15:81:91:51:1b:e4:1b:42:5a:2b:
00:fd:3d:55:c0:ac:5d:c8:0c:b0:1d:ab:4c:12:f2:
5d:b2:b9:de:2c:02:97:7c:88:6d:5c:ad:70:53:99:
66:c6:f7:7e:e9:57:75:02:9d:93:74:06:61:f0:a6:
a4:9d:53:aa:ed:cc:e5:f6:42:c3:29:2c:c4:0a:1e:
f0:59:2e:21:07:27:08:49:73:03:b8:e6:93:97:40:
ff:a3:4f:e0:4c:06:4a:35:97:9b:86:bd:0c:fe:f0:
ab:1a:65:5b:24:1b:50:72:5a:8e:8a:9d:d2:e4:3c:
87:31:ba:63:76:0c:27:94:1f:d6:97:82:32:c3:9a:
e9:be:b6:5d:d0:17:74:ba:87:6f:cb:56:b7:b3:69:
a8:77:9f:b1:98:3e:94:55:aa:aa:b8:78:40:ad:3f:
b6:86:ac:99:72:4f:58:5b:a8:64:a7:77:c3:a6:5f:
29:19:7d:2f:18:95:6e:17:60:46:38:f2:6c:6a:04:
61:2c:07:f6:06:12:75:b3:04:a0:ef:4d:d0:6a:82:
7b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:E8:C1:D0:2D:23:97:70:2F:90:DE:7F:6E:B4:84:01:8C:E5:D9:F4
X509v3 Authority Key Identifier:
keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/N-jB0C0jl3AvkN5_brSEAYzl2fQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.248.0/21
31.133.100.0/24
31.133.102.0/23
45.83.40.0/24
45.83.42.0/23
45.93.92.0/24
45.93.94.0/23
63.250.61.0-63.250.63.255
81.28.7.0/24
83.229.70.0-83.229.74.255
91.202.168.0/22
91.223.106.0/24
91.226.72.0/24
91.228.126.0/23
109.207.76.0/24
109.207.79.0/24
185.28.152.0/22
185.162.124.0-185.162.126.255
185.220.207.0/24
185.241.4.0/22
185.253.73.0/24
185.253.75.0/24
188.191.147.0/24
194.36.89.0-194.36.91.255
195.28.180.0/23
212.80.204.0/22
IPv6:
2a06:c5c0:700::/48
2a06:c5c0:900::/48
Signature Algorithm: sha256WithRSAEncryption
ca:ec:19:95:3d:53:ee:47:af:d6:6a:b9:97:21:7c:31:e9:ee:
d0:74:5e:c7:f3:1d:79:bc:e7:d3:3b:8f:9e:b4:76:ec:6b:63:
9a:23:47:6d:4b:98:c2:12:57:16:c0:fd:f4:04:8f:ed:25:72:
d2:54:e8:8c:e7:6b:92:89:4a:c1:56:07:d5:b0:1b:23:fe:d6:
1e:60:06:03:60:49:d3:46:df:26:f0:5d:51:79:64:7f:cf:bf:
e5:38:5b:c9:40:ae:e6:03:ee:3e:fc:eb:45:d1:46:ee:a3:9e:
ff:38:33:95:8a:4b:96:fb:84:b6:b5:f5:98:7e:27:04:8b:90:
24:aa:4f:2b:50:18:ce:97:3c:e0:17:ba:81:f8:2b:41:84:b3:
55:19:76:0a:e3:1b:cb:0c:44:fe:fa:cc:c0:2e:3b:b7:f6:f3:
91:75:e2:47:1d:56:a0:02:4b:ed:78:83:4f:99:7a:0d:a2:5b:
59:be:3f:45:0b:db:29:11:d3:5a:34:d6:3d:c6:a8:14:2c:22:
af:4b:d9:87:d6:e2:62:4b:a9:71:1a:4b:01:54:92:ef:40:c3:
48:23:28:61:5b:09:6c:7e:51:55:24:d5:f2:ae:42:9c:b3:25:
5e:37:2d:1d:fa:45:24:b7:39:81:cd:1e:df:91:97:5d:8a:1c:
57:0f:73:67
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAYJDj1lL629xAEscnz7yd+bAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjIwNzI4MDY0NzI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2U4YzFkMDJkMjM5NzcwMmY5MGRlN2Y2ZWI0ODQwMThjZTVkOWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWTtFhCIfHbnx43EzulwbIaMKi3D
gsUQHEgSdTlGWnFmP1ehfMIbY5TSNb9YACF2MBWBkVEb5BtCWisA/T1VwKxdyAyw
HatMEvJdsrneLAKXfIhtXK1wU5lmxvd+6Vd1Ap2TdAZh8KaknVOq7czl9kLDKSzE
Ch7wWS4hBycISXMDuOaTl0D/o0/gTAZKNZebhr0M/vCrGmVbJBtQclqOip3S5DyH
MbpjdgwnlB/Wl4Iyw5rpvrZd0Bd0uodvy1a3s2mod5+xmD6UVaqquHhArT+2hqyZ
ck9YW6hkp3fDpl8pGX0vGJVuF2BGOPJsagRhLAf2BhJ1swSg703QaoJ76wIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFDfowdAtI5dwL5Def260hAGM5dn0MB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvTi1qQjBDMGpsM0F2a041X2JyU0VBWXpsMmZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCBwwQCAAEwgbwDBAMF
ZPgDBAAfhWQDBAEfhWYDBAAtUygDBAEtUyoDBAAtXVwDBAEtXV4wDAMEAD/6PQME
Bj/6AAMEAFEcBzAMAwQBU+VGAwQAU+VKAwQCW8qoAwQAW99qAwQAW+JIAwQBW+R+
AwQAbc9MAwQAbc9PAwQCuRyYMAwDBAK5onwDBAC5on4DBAC53M8DBAK58QQDBAC5
/UkDBAC5/UsDBAC8v5MwDAMEAMIkWQMEAsIkWAMEAcMctAMEAtRQzDAYBAIAAjAS
AwcAKgbFwAcAAwcAKgbFwAkAMA0GCSqGSIb3DQEBCwUAA4IBAQDK7BmVPVPuR6/W
armXIXwx6e7QdF7H8x15vOfTO4+etHbsa2OaI0dtS5jCElcWwP30BI/tJXLSVOiM
52uSiUrBVgfVsBsj/tYeYAYDYEnTRt8m8F1ReWR/z7/lOFvJQK7mA+4+/OtF0Ubu
o57/ODOVikuW+4S2tfWYficEi5Akqk8rUBjOlzzgF7qB+CtBhLNVGXYK4xvLDET+
+szALju39vORdeJHHVagAkvteINPmXoNoltZvj9FC9spEdNaNNY9xqgULCKvS9mH
1uJiS6lxGksBVJLvQMNIIyhhWwlsflFVJNXyrkKcsyVeNy0d+kUktzmBzR7fkZdd
ihxXD3Nn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:36 2024 by rpki-client on console-ams.rpki-client.org