Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/JXelOYZIfUtxCoRgCoPfQj1VNUU.roa
File: JXelOYZIfUtxCoRgCoPfQj1VNUU.roa (raw, json)
Hash identifier: auhLXjnpNeIvFKD+wx//5DY0KLRBT3LxOQv++genk7k=
Subject key identifier: 25:77:A5:39:86:48:7D:4B:71:0A:84:60:0A:83:DF:42:3D:55:35:45
Certificate issuer: /CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Certificate serial: 01843D153155E7EF7B7916AEE60148E34D1A
Authority key identifier: 99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/JXelOYZIfUtxCoRgCoPfQj1VNUU.roa
Signing time: Thu 03 Nov 2022 10:41:49 +0000
ROA not before: Thu 03 Nov 2022 10:41:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16333
IP address blocks: 185.2.188.0/22 maxlen: 22
217.16.64.0/19 maxlen: 19
217.16.64.0/20 maxlen: 20
217.16.80.0/20 maxlen: 20
217.16.88.0/22 maxlen: 22
217.16.87.0/24 maxlen: 24
212.110.80.0/21 maxlen: 21
212.110.88.0/22 maxlen: 22
146.255.69.0/24 maxlen: 24
146.255.86.0/24 maxlen: 24
185.80.164.0/22 maxlen: 22
185.100.244.0/22 maxlen: 22
85.30.64.0/19 maxlen: 19
85.30.64.0/21 maxlen: 21
85.30.64.0/18 maxlen: 18
85.30.72.0/22 maxlen: 22
78.157.4.0/24 maxlen: 24
78.157.3.0/24 maxlen: 24
78.157.2.0/24 maxlen: 24
78.157.1.0/24 maxlen: 24
78.157.0.0/24 maxlen: 24
78.157.9.0/24 maxlen: 24
78.157.7.0/24 maxlen: 24
78.157.6.0/24 maxlen: 24
78.157.5.0/24 maxlen: 24
109.69.40.0/21 maxlen: 21
79.126.128.0/18 maxlen: 18
79.126.128.0/17 maxlen: 17
5.32.178.0/23 maxlen: 23
185.89.244.0/22 maxlen: 22
5.32.180.0/24 maxlen: 24
5.32.182.0/24 maxlen: 24
212.110.64.0/23 maxlen: 23
79.126.192.0/18 maxlen: 18
78.157.24.0/24 maxlen: 24
78.157.23.0/24 maxlen: 24
78.157.22.0/24 maxlen: 24
78.157.21.0/24 maxlen: 24
78.157.20.0/24 maxlen: 24
78.157.31.0/24 maxlen: 24
78.157.30.0/24 maxlen: 24
78.157.29.0/24 maxlen: 24
78.157.28.0/24 maxlen: 24
78.157.27.0/24 maxlen: 24
78.157.26.0/24 maxlen: 24
78.157.25.0/24 maxlen: 24
31.11.68.0/22 maxlen: 22
31.11.64.0/18 maxlen: 19
31.11.72.0/21 maxlen: 21
31.11.80.0/21 maxlen: 21
31.11.88.0/21 maxlen: 21
185.5.4.0/22 maxlen: 22
89.31.152.0/21 maxlen: 21
31.11.96.0/21 maxlen: 21
31.11.104.0/21 maxlen: 21
31.11.112.0/21 maxlen: 21
217.196.192.0/20 maxlen: 20
31.11.120.0/21 maxlen: 21
212.158.176.0/20 maxlen: 24
85.30.80.0/22 maxlen: 22
85.30.92.0/22 maxlen: 22
85.30.96.0/19 maxlen: 19
85.30.96.0/22 maxlen: 22
85.30.101.0/24 maxlen: 24
85.30.104.0/22 maxlen: 22
85.30.112.0/24 maxlen: 24
85.30.110.0/24 maxlen: 24
85.30.120.0/21 maxlen: 21
85.30.119.0/24 maxlen: 24
95.128.186.0/24 maxlen: 24
2a01:5b8::/29 maxlen: 29
2a01:5b8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3d:15:31:55:e7:ef:7b:79:16:ae:e6:01:48:e3:4d:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Validity
Not Before: Nov 3 10:41:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2577a53986487d4b710a84600a83df423d553545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e7:67:29:ee:6f:aa:8f:26:03:7d:23:9e:a8:
2e:c7:19:7e:0b:1f:2b:ea:6b:4c:e0:db:a1:1e:4d:
4a:6c:56:70:2c:18:b5:4f:30:69:f9:9e:7f:67:e9:
17:01:fe:a6:d1:89:ef:9c:60:55:6f:85:9d:16:6d:
93:20:55:4f:be:05:84:73:a6:ae:96:1e:13:39:5b:
47:33:8c:d6:f9:79:4e:ed:e3:e9:43:f3:6d:fb:54:
cc:f4:7e:3c:f5:dd:76:0d:7e:fd:5d:69:c9:f9:12:
6e:82:71:a3:7a:dd:40:02:40:33:9a:7c:a9:35:4b:
6c:40:58:b0:17:d7:39:29:e6:8a:de:7f:22:f5:bc:
3c:ea:79:8e:46:e2:1b:65:5a:b0:9b:5a:c7:87:03:
da:fc:5d:1b:f5:11:93:f3:93:46:c6:7b:39:63:55:
7c:c1:2c:f3:9d:75:c4:21:90:ed:4b:58:8a:95:77:
bf:46:67:a0:2c:31:04:1d:b1:94:4e:05:c1:f5:6d:
c8:e6:56:a6:95:b6:b8:f0:87:e4:65:b4:d8:f9:1c:
11:eb:34:1c:b0:cb:3c:00:5f:46:68:8f:c4:61:5f:
c1:4d:57:3c:15:be:61:92:a6:25:53:71:e5:f8:aa:
8f:d6:ad:29:20:b0:36:1e:0a:10:7c:9e:c2:b4:81:
94:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:77:A5:39:86:48:7D:4B:71:0A:84:60:0A:83:DF:42:3D:55:35:45
X509v3 Authority Key Identifier:
keyid:99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/JXelOYZIfUtxCoRgCoPfQj1VNUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.32.178.0-5.32.180.255
5.32.182.0/24
31.11.64.0/18
78.157.0.0/21
78.157.9.0/24
78.157.20.0-78.157.31.255
79.126.128.0/17
85.30.64.0/18
89.31.152.0/21
95.128.186.0/24
109.69.40.0/21
146.255.69.0/24
146.255.86.0/24
185.2.188.0/22
185.5.4.0/22
185.80.164.0/22
185.89.244.0/22
185.100.244.0/22
212.110.64.0/23
212.110.80.0-212.110.91.255
212.158.176.0/20
217.16.64.0/19
217.196.192.0/20
IPv6:
2a01:5b8::/29
Signature Algorithm: sha256WithRSAEncryption
a8:15:b9:83:dd:62:52:96:29:b5:a1:9f:bb:2a:ae:dc:90:13:
35:24:f7:e9:a5:73:b9:67:30:e8:cf:a4:d5:39:b3:76:f1:ed:
17:f0:e5:f1:5b:91:b6:2a:08:f5:a9:be:09:c1:07:c4:4f:86:
ff:ea:46:a2:d8:af:7f:7e:3f:a1:7a:0b:27:31:18:da:cd:ed:
9a:74:68:81:05:86:9e:38:84:d8:81:2f:31:62:4d:70:0a:05:
8f:9d:11:ff:bf:67:55:79:28:eb:96:85:2d:af:7f:96:bd:e7:
9f:2b:c0:f5:ab:34:25:b6:86:1d:16:ad:2b:b4:c3:8e:c8:da:
d2:d5:05:88:a7:c1:e5:01:88:2a:cf:fa:40:c8:d4:e2:6b:1f:
c7:a8:d4:88:ea:c4:c9:c1:b0:3c:f8:87:2b:8f:da:89:08:3f:
9f:e8:fe:df:00:b2:a2:f2:8d:b1:89:2e:9d:4a:fc:22:22:c6:
2c:60:89:39:27:76:f3:be:30:01:c2:88:f0:89:51:54:bf:24:
7e:04:cf:46:dc:9d:65:29:4a:93:b1:69:e9:a4:5b:62:46:5f:
43:67:6b:78:7f:b5:ec:a7:42:3f:ac:3a:fe:19:02:68:a4:96:
b3:b2:6d:ed:40:52:bb:ec:80:cc:6f:59:39:7b:82:78:f1:c2:
1c:12:c3:81
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYQ9FTFV5+97eRau5gFI400aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZTcyMDlhOGM5YjE3NmZiZjYyM2VkZjNlZTBiODIwMDdm
YzJjNDAwHhcNMjIxMTAzMTA0MTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTc3YTUzOTg2NDg3ZDRiNzEwYTg0NjAwYTgzZGY0MjNkNTUzNTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOdnKe5vqo8mA30jnqguxxl+Cx8r
6mtM4NuhHk1KbFZwLBi1TzBp+Z5/Z+kXAf6m0YnvnGBVb4WdFm2TIFVPvgWEc6au
lh4TOVtHM4zW+XlO7ePpQ/Nt+1TM9H489d12DX79XWnJ+RJugnGjet1AAkAzmnyp
NUtsQFiwF9c5KeaK3n8i9bw86nmORuIbZVqwm1rHhwPa/F0b9RGT85NGxns5Y1V8
wSzznXXEIZDtS1iKlXe/RmegLDEEHbGUTgXB9W3I5lamlba48IfkZbTY+RwR6zQc
sMs8AF9GaI/EYV/BTVc8Fb5hkqYlU3Hl+KqP1q0pILA2HgoQfJ7CtIGUlwIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFCV3pTmGSH1LcQqEYAqD30I9VTVFMB8GA1UdIwQY
MBaAFJnnIJqMmxdvv2I+3z7guCAH/CxAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWVjZ21veWJGMi1fWWo3ZlB1QzRJQWY4TEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lZjU4NTYtYmJjMC00NWE0LTg5MWUt
YjJkY2MxODYzZThiLzEvSlhlbE9ZWklmVXR4Q29SZ0NvUGZRajFWTlVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lZjU4NTYtYmJjMC00NWE0LTg5MWUtYjJkY2MxODYzZThi
LzEvbWVjZ21veWJGMi1fWWo3ZlB1QzRJQWY4TEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBqQQCAAEwgaIwDAME
AQUgsgMEAAUgtAMEAAUgtgMEBh8LQAMEA06dAAMEAE6dCTAMAwQCTp0UAwQFTp0A
AwQHT36AAwQGVR5AAwQDWR+YAwQAX4C6AwQDbUUoAwQAkv9FAwQAkv9WAwQCuQK8
AwQCuQUEAwQCuVCkAwQCuVn0AwQCuWT0AwQB1G5AMAwDBATUblADBALUblgDBATU
nrADBAXZEEADBATZxMAwDQQCAAIwBwMFAyoBBbgwDQYJKoZIhvcNAQELBQADggEB
AKgVuYPdYlKWKbWhn7sqrtyQEzUk9+mlc7lnMOjPpNU5s3bx7Rfw5fFbkbYqCPWp
vgnBB8RPhv/qRqLYr39+P6F6CycxGNrN7Zp0aIEFhp44hNiBLzFiTXAKBY+dEf+/
Z1V5KOuWhS2vf5a9558rwPWrNCW2hh0WrSu0w47I2tLVBYinweUBiCrP+kDI1OJr
H8eo1IjqxMnBsDz4hyuP2okIP5/o/t8AsqLyjbGJLp1K/CIixixgiTkndvO+MAHC
iPCJUVS/JH4Ez0bcnWUpSpOxaemkW2JGX0Nna3h/teynQj+sOv4ZAmiklrOybe1A
UrvsgMxvWTl7gnjxwhwSw4E=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:32 2023 by rpki-client on console.sobornost.net