Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/DW7EZjzSaBOhj-DyrfvvjUs2s1k.roa
File: DW7EZjzSaBOhj-DyrfvvjUs2s1k.roa (raw, json)
Hash identifier: b8K490D34awLBOqRH+fmGujTd5FuFIvP8YH2tj+6tto=
Subject key identifier: 0D:6E:C4:66:3C:D2:68:13:A1:8F:E0:F2:AD:FB:EF:8D:4B:36:B3:59
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 44721DC4
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/DW7EZjzSaBOhj-DyrfvvjUs2s1k.roa
Signing time: Sat 01 Jan 2022 03:58:20 +0000
ROA not before: Sat 01 Jan 2022 03:58:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12479
IP address blocks: 92.178.0.0/16 maxlen: 24
90.77.0.0/16 maxlen: 24
92.176.0.0/16 maxlen: 24
90.75.0.0/16 maxlen: 24
90.74.0.0/16 maxlen: 24
90.106.0.0/16 maxlen: 24
90.69.0.0/19 maxlen: 19
90.69.0.0/16 maxlen: 24
92.190.0.0/16 maxlen: 24
90.94.0.0/16 maxlen: 24
92.185.0.0/16 maxlen: 24
92.172.0.0/16 maxlen: 24
90.69.80.0/21 maxlen: 21
90.71.0.0/16 maxlen: 24
92.189.0.0/16 maxlen: 24
90.69.112.0/21 maxlen: 21
90.69.32.0/19 maxlen: 19
92.187.0.0/16 maxlen: 24
90.69.64.0/20 maxlen: 20
92.177.0.0/16 maxlen: 24
90.69.176.0/21 maxlen: 21
90.69.184.0/22 maxlen: 22
90.68.0.0/16 maxlen: 24
90.69.188.0/22 maxlen: 22
90.69.192.0/20 maxlen: 20
92.191.0.0/16 maxlen: 24
92.186.0.0/16 maxlen: 24
90.69.208.0/20 maxlen: 20
90.69.224.0/19 maxlen: 19
90.69.124.0/22 maxlen: 22
90.69.128.0/19 maxlen: 19
90.69.160.0/21 maxlen: 21
2a01:c500::/28 maxlen: 46
2a01:c500::/31 maxlen: 42
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1148329412 (0x44721dc4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 03:58:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d6ec4663cd26813a18fe0f2adfbef8d4b36b359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8e:c4:3c:7f:f0:97:02:22:af:d6:8c:ea:af:
dd:fb:e9:8b:1f:13:ee:23:56:5c:c7:a3:d2:c5:40:
83:1e:c9:c6:eb:6c:f3:fa:f8:d9:63:5a:46:ad:22:
10:a9:a8:37:02:5f:ce:cf:ed:32:74:e6:79:41:4e:
8a:8e:e2:25:ff:84:d2:2e:08:32:6d:e8:d2:b5:22:
bf:da:9f:95:e1:8a:65:ee:3e:11:c5:61:cc:7a:4f:
6e:7e:b0:1f:bc:2b:40:eb:a4:01:59:fb:cb:31:e8:
16:98:83:40:4e:a3:de:38:17:8b:5f:98:d4:d0:bf:
fe:1b:5a:96:25:50:6e:b5:c6:4d:03:d1:d5:fd:1b:
68:41:cc:bd:44:f0:e4:f4:1e:e4:0a:07:12:32:63:
82:a1:dc:53:2b:c6:3d:6e:fc:b3:ab:e6:3f:db:e5:
8e:10:33:b0:f6:6a:93:32:01:39:91:28:10:c8:3d:
98:5a:33:40:99:8c:27:60:c1:9f:5d:a0:e9:4e:f6:
91:ad:fd:18:6c:c8:77:90:3d:63:f6:03:11:c8:c1:
da:3e:45:85:13:0f:21:12:ff:75:b4:05:db:54:e9:
a4:c6:e3:bb:13:76:ef:a7:86:11:f7:d0:66:dc:2c:
06:e9:66:f7:01:fa:0e:cd:ea:4e:68:23:b4:13:7a:
b9:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:6E:C4:66:3C:D2:68:13:A1:8F:E0:F2:AD:FB:EF:8D:4B:36:B3:59
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/DW7EZjzSaBOhj-DyrfvvjUs2s1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.68.0.0/15
90.71.0.0/16
90.74.0.0/15
90.77.0.0/16
90.94.0.0/16
90.106.0.0/16
92.172.0.0/16
92.176.0.0-92.178.255.255
92.185.0.0-92.187.255.255
92.189.0.0-92.191.255.255
IPv6:
2a01:c500::/28
Signature Algorithm: sha256WithRSAEncryption
42:fe:63:f3:1d:91:69:d6:9b:c1:b3:d8:81:f3:b8:f9:7c:b6:
bf:9b:de:26:69:b4:89:e7:c1:e1:2d:75:ee:9b:91:cf:76:4d:
46:be:5f:92:db:a8:fe:b2:78:b0:54:e0:8b:7e:3c:ee:ab:d7:
98:13:22:72:02:72:a8:b0:91:ed:bb:99:cd:1b:d9:f8:df:c3:
95:ca:b4:c7:c6:37:fc:11:3b:2a:15:bc:41:96:52:4c:58:59:
4b:1c:46:a2:d7:4b:85:be:5a:bf:0e:83:b0:f6:a6:95:da:b6:
f2:05:02:d6:9e:c0:af:d5:84:86:1a:da:58:dc:e8:5f:55:3c:
6a:d8:40:b2:37:a7:3c:2a:04:ba:20:f6:d0:41:45:0b:bd:05:
04:98:11:bc:73:2a:6c:0c:3d:2d:e8:12:ec:3c:64:50:c4:aa:
21:27:24:a7:85:d8:c4:b4:12:ff:4a:ab:51:33:30:86:03:35:
69:96:1e:70:2a:b4:08:5a:81:e4:62:d5:d3:11:6f:29:a8:72:
e1:b1:8a:28:06:0d:47:45:28:7d:6a:6e:21:31:7d:b2:ff:32:
62:98:21:eb:d5:60:6c:54:7d:11:fe:c3:1b:e7:3e:b7:92:25:
d6:b5:29:de:0a:fa:1c:78:2a:6e:f6:5f:4b:59:2c:76:21:cc:
1c:ca:a0:b6
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIERHIdxDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWYwOWJhMzNiNWFlNTgxYjBkMjkzMjMyNDkzMTRmNzZhYTEwNTExMB4XDTIyMDEw
MTAzNTgyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGQ2ZWM0NjYzY2Qy
NjgxM2ExOGZlMGYyYWRmYmVmOGQ0YjM2YjM1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALeOxDx/8JcCIq/WjOqv3fvpix8T7iNWXMej0sVAgx7Jxuts
8/r42WNaRq0iEKmoNwJfzs/tMnTmeUFOio7iJf+E0i4IMm3o0rUiv9qfleGKZe4+
EcVhzHpPbn6wH7wrQOukAVn7yzHoFpiDQE6j3jgXi1+Y1NC//htaliVQbrXGTQPR
1f0baEHMvUTw5PQe5AoHEjJjgqHcUyvGPW78s6vmP9vljhAzsPZqkzIBOZEoEMg9
mFozQJmMJ2DBn12g6U72ka39GGzId5A9Y/YDEcjB2j5FhRMPIRL/dbQF21TppMbj
uxN276eGEffQZtwsBulm9wH6Ds3qTmgjtBN6uf0CAwEAAaOCAlkwggJVMB0GA1Ud
DgQWBBQNbsRmPNJoE6GP4PKt+++NSzazWTAfBgNVHSMEGDAWgBQ68JujO1rlgbDS
kyMkkxT3aqEFETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L092Q2JvenRhNVlHdzBwTWpKSk1VOTJxaEJSRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvMzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8x
L0RXN0VaanpTYUJPaGotRHlyZnZ2alVzMnMxay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
MzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8xL092Q2JvenRhNVlH
dzBwTWpKSk1VOTJxaEJSRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBv
BggrBgEFBQcBBwEB/wRgMF4wTQQCAAEwRwMDAVpEAwMAWkcDAwFaSgMDAFpNAwMA
Wl4DAwBaagMDAFysMAoDAwRcsAMDAFyyMAoDAwBcuQMDAly4MAoDAwBcvQMDBlyA
MA0EAgACMAcDBQQqAcUAMA0GCSqGSIb3DQEBCwUAA4IBAQBC/mPzHZFp1pvBs9iB
87j5fLa/m94mabSJ58HhLXXum5HPdk1Gvl+S26j+sniwVOCLfjzuq9eYEyJyAnKo
sJHtu5nNG9n438OVyrTHxjf8ETsqFbxBllJMWFlLHEai10uFvlq/DoOw9qaV2rby
BQLWnsCv1YSGGtpY3OhfVTxq2ECyN6c8KgS6IPbQQUULvQUEmBG8cypsDD0t6BLs
PGRQxKohJySnhdjEtBL/SqtRMzCGAzVplh5wKrQIWoHkYtXTEW8pqHLhsYooBg1H
RSh9am4hMX2y/zJimCHr1WBsVH0R/sMb5z63kiXWtSneCvoceCpu9l9LWSx2Icwc
yqC2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org