Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/0erSZmogsfoQvAfabYTQA9ydKh0.roa
File: 0erSZmogsfoQvAfabYTQA9ydKh0.roa (raw, json)
Hash identifier: 2hmkfT7ltiy+LrOoweNS7PTbOIAnWs9f0L0A+uGpRmE=
Subject key identifier: D1:EA:D2:66:6A:20:B1:FA:10:BC:07:DA:6D:84:D0:03:DC:9D:2A:1D
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018A6B1E2DCEB1A59C22CFE27E7F0A6949A5
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/0erSZmogsfoQvAfabYTQA9ydKh0.roa
Signing time: Wed 06 Sep 2023 15:30:54 +0000
ROA not before: Wed 06 Sep 2023 15:30:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 45.88.160.0/22 maxlen: 24
45.83.148.0/22 maxlen: 24
45.88.168.0/22 maxlen: 24
2.56.172.0/22 maxlen: 24
2.56.176.0/22 maxlen: 24
45.83.140.0/22 maxlen: 24
185.156.108.0/22 maxlen: 24
45.92.124.0/22 maxlen: 24
185.166.152.0/22 maxlen: 24
185.161.69.0/24 maxlen: 24
185.161.70.0/23 maxlen: 24
45.128.72.0/22 maxlen: 24
45.15.124.0/22 maxlen: 24
45.15.128.0/22 maxlen: 24
45.86.76.0/22 maxlen: 24
45.86.72.0/22 maxlen: 24
45.92.160.0/22 maxlen: 24
45.89.96.0/22 maxlen: 24
45.92.192.0/22 maxlen: 24
45.12.108.0/22 maxlen: 24
45.12.112.0/22 maxlen: 24
45.9.16.0/22 maxlen: 24
45.12.128.0/22 maxlen: 24
45.12.136.0/22 maxlen: 24
194.76.136.0/22 maxlen: 24
45.83.84.0/22 maxlen: 24
45.82.244.0/22 maxlen: 24
185.153.180.0/22 maxlen: 24
45.82.248.0/22 maxlen: 24
45.89.196.0/22 maxlen: 24
213.59.112.0/20 maxlen: 24
171.22.116.0/22 maxlen: 24
45.15.184.0/22 maxlen: 24
171.22.120.0/22 maxlen: 24
2a0b:a0c0::/29 maxlen: 48
2a0d:e000::/29 maxlen: 48
2a13:4bc0::/29 maxlen: 48
2a09:b440::/48 maxlen: 48
2a09:96c0::/29 maxlen: 48
2a09:ae80::/29 maxlen: 48
2a06:e5c0::/29 maxlen: 48
2a0a:d040::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6b:1e:2d:ce:b1:a5:9c:22:cf:e2:7e:7f:0a:69:49:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Sep 6 15:30:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1ead2666a20b1fa10bc07da6d84d003dc9d2a1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e5:37:a7:3c:b7:8a:86:84:5d:d1:56:6f:4e:
ee:5c:fa:79:f9:99:4d:46:f6:d5:4c:b7:5c:ea:d7:
3d:96:2f:9d:4e:95:b0:81:19:ec:a6:fc:b1:2a:7f:
41:ce:fa:c7:ea:e2:cf:75:f8:e9:51:a6:ee:1f:f5:
e7:b4:04:9c:82:3b:0d:1e:08:17:50:92:e3:90:ec:
5c:b2:ca:5f:0b:b2:a4:7a:f7:42:2b:37:d5:e1:fe:
5a:10:ee:60:79:04:77:16:7e:28:9f:9d:6f:b8:11:
e0:a8:c0:93:81:63:78:ce:ac:77:32:b6:b5:55:cd:
3a:47:ac:e1:eb:13:a7:45:fa:c6:65:43:6f:17:56:
05:d4:c0:d2:72:45:c5:fc:e3:23:68:ed:96:68:f0:
72:f8:1a:a4:9c:0a:bb:ae:44:10:1c:64:ca:92:dc:
dc:a8:0d:c6:c3:77:2b:f7:93:ca:03:ec:f0:59:b6:
e7:1f:07:e5:fa:da:32:cb:07:e8:4b:40:fd:ac:f2:
1a:16:8f:83:b6:b3:ac:13:ad:0c:ab:fe:79:a7:4d:
43:fc:6f:e2:a7:c1:65:71:b7:1f:bb:07:24:a8:55:
2b:2b:86:2b:65:8e:bf:cf:c0:30:75:5f:b5:5a:0f:
c5:82:10:2c:94:f5:13:e9:2d:b8:2c:b2:e5:13:a5:
ea:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:EA:D2:66:6A:20:B1:FA:10:BC:07:DA:6D:84:D0:03:DC:9D:2A:1D
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/0erSZmogsfoQvAfabYTQA9ydKh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.172.0-2.56.179.255
45.9.16.0/22
45.12.108.0-45.12.115.255
45.12.128.0/22
45.12.136.0/22
45.15.124.0-45.15.131.255
45.15.184.0/22
45.82.244.0-45.82.251.255
45.83.84.0/22
45.83.140.0/22
45.83.148.0/22
45.86.72.0/21
45.88.160.0/22
45.88.168.0/22
45.89.96.0/22
45.89.196.0/22
45.92.124.0/22
45.92.160.0/22
45.92.192.0/22
45.128.72.0/22
171.22.116.0-171.22.123.255
185.153.180.0/22
185.156.108.0/22
185.161.69.0-185.161.71.255
185.166.152.0/22
194.76.136.0/22
213.59.112.0/20
IPv6:
2a06:e5c0::/29
2a09:96c0::/29
2a09:ae80::/29
2a09:b440::/48
2a0a:d040::/29
2a0b:a0c0::/29
2a0d:e000::/29
2a13:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
4c:92:d5:90:a6:54:e0:54:0e:81:e8:4f:8b:22:67:e5:e2:e6:
30:7d:c6:1a:ea:cc:8b:fa:a5:9c:de:df:a5:b6:9f:0a:65:8b:
89:bb:43:89:ec:56:10:56:d1:62:67:10:01:08:d9:9e:06:ac:
83:8c:a7:88:7f:23:d9:1e:be:96:f3:33:05:0c:0a:f5:3b:dc:
d5:ea:df:f3:0f:49:62:31:f3:c2:09:b5:c2:dc:67:82:f6:0d:
ef:7d:63:44:f9:8a:d6:64:1c:a2:2a:16:56:6c:6f:ef:0a:33:
f5:0f:d7:bc:71:38:33:a4:fc:76:d6:dc:2d:e5:43:96:87:6b:
97:83:49:89:1a:b3:0a:a9:23:84:ec:fc:6c:d7:bb:af:4b:21:
55:af:17:13:b3:5a:17:a8:43:53:2e:f6:d5:bf:3d:57:e6:89:
a3:ee:42:68:f5:22:b9:90:6d:ea:9c:c4:81:f4:73:89:2c:b8:
46:33:ed:83:92:52:e3:b0:ac:ff:c8:5d:36:0f:9b:c9:ad:a5:
74:ce:1f:ff:7c:9a:22:21:32:7f:92:c7:30:13:45:75:60:46:
6a:70:fa:b8:fc:c0:d0:2e:ef:c3:c5:3d:c0:de:22:c0:22:19:
29:b8:c3:fa:93:28:b4:fc:30:90:91:ca:16:c3:f1:62:02:6d:
f0:78:44:f3
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgISAYprHi3OsaWcIs/ifn8KaUmlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwOTA2MTUzMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWVhZDI2NjZhMjBiMWZhMTBiYzA3ZGE2ZDg0ZDAwM2RjOWQyYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+U3pzy3ioaEXdFWb07uXPp5+ZlN
RvbVTLdc6tc9li+dTpWwgRnspvyxKn9BzvrH6uLPdfjpUabuH/XntAScgjsNHggX
UJLjkOxcsspfC7KkevdCKzfV4f5aEO5geQR3Fn4on51vuBHgqMCTgWN4zqx3Mra1
Vc06R6zh6xOnRfrGZUNvF1YF1MDSckXF/OMjaO2WaPBy+BqknAq7rkQQHGTKktzc
qA3Gw3cr95PKA+zwWbbnHwfl+toyywfoS0D9rPIaFo+DtrOsE60Mq/55p01D/G/i
p8FlcbcfuwckqFUrK4YrZY6/z8AwdV+1Wg/FghAslPUT6S24LLLlE6XqBwIDAQAB
o4IDHzCCAxswHQYDVR0OBBYEFNHq0mZqILH6ELwH2m2E0APcnSodMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvMGVyU1ptb2dzZm9RdkFmYWJZVFFBOXlkS2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMwYIKwYBBQUHAQcBAf8EggEiMIIBHjCB2QQCAAEwgdIw
DAMEAgI4rAMEAgI4sAMEAi0JEDAMAwQCLQxsAwQCLQxwAwQCLQyAAwQCLQyIMAwD
BAItD3wDBAItD4ADBAItD7gwDAMEAi1S9AMEAi1S+AMEAi1TVAMEAi1TjAMEAi1T
lAMEAy1WSAMEAi1YoAMEAi1YqAMEAi1ZYAMEAi1ZxAMEAi1cfAMEAi1coAMEAi1c
wAMEAi2ASDAMAwQCqxZ0AwQCqxZ4AwQCuZm0AwQCuZxsMAwDBAC5oUUDBAO5oUAD
BAK5ppgDBALCTIgDBATVO3AwQAQCAAIwOgMFAyoG5cADBQMqCZbAAwUDKgmugAMH
ACoJtEAAAAMFAyoK0EADBQMqC6DAAwUDKg3gAAMFAyoTS8AwDQYJKoZIhvcNAQEL
BQADggEBAEyS1ZCmVOBUDoHoT4siZ+Xi5jB9xhrqzIv6pZze36W2nwpli4m7Q4ns
VhBW0WJnEAEI2Z4GrIOMp4h/I9kevpbzMwUMCvU73NXq3/MPSWIx88IJtcLcZ4L2
De99Y0T5itZkHKIqFlZsb+8KM/UP17xxODOk/HbW3C3lQ5aHa5eDSYkaswqpI4Ts
/GzXu69LIVWvFxOzWheoQ1Mu9tW/PVfmiaPuQmj1IrmQbeqcxIH0c4ksuEYz7YOS
UuOwrP/IXTYPm8mtpXTOH/98miIhMn+SxzATRXVgRmpw+rj8wNAu78PFPcDeIsAi
GSm4w/qTKLT8MJCRyhbD8WICbfB4RPM=
-----END CERTIFICATE-----
Generated at Tue Apr 29 21:19:04 2025 by rpki-client