Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/376853-2abf-4232-91ff-09a5e8d960dd/1/itsOkudYPNn_4XJhVzsFZbOlDWo.roa
File: itsOkudYPNn_4XJhVzsFZbOlDWo.roa (raw, json)
Hash identifier: r7Xq6ZSMvs1jFG3dOx799JiUWvkkHoOfu2/xYudPJe4=
Subject key identifier: 8A:DB:0E:92:E7:58:3C:D9:FF:E1:72:61:57:3B:05:65:B3:A5:0D:6A
Certificate issuer: /CN=ebdb225471f2d6e41060b34185725485481014b8
Certificate serial: 0574C4F2
Authority key identifier: EB:DB:22:54:71:F2:D6:E4:10:60:B3:41:85:72:54:85:48:10:14:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/69siVHHy1uQQYLNBhXJUhUgQFLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/376853-2abf-4232-91ff-09a5e8d960dd/1/itsOkudYPNn_4XJhVzsFZbOlDWo.roa
Signing time: Sat 01 Jan 2022 06:00:53 +0000
ROA not before: Sat 01 Jan 2022 06:00:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12996
IP address blocks: 185.201.125.0/24 maxlen: 24
185.201.124.0/22 maxlen: 24
185.201.124.0/24 maxlen: 24
185.201.126.0/24 maxlen: 24
185.201.127.0/24 maxlen: 24
193.57.14.0/23 maxlen: 23
193.57.22.0/23 maxlen: 23
194.63.251.0/24 maxlen: 24
194.63.252.0/24 maxlen: 24
194.63.253.0/24 maxlen: 24
194.63.248.0/21 maxlen: 24
194.63.248.0/23 maxlen: 24
194.63.248.0/24 maxlen: 24
194.63.249.0/24 maxlen: 24
194.63.250.0/24 maxlen: 24
151.249.125.0/24 maxlen: 24
151.249.121.0/24 maxlen: 24
151.249.122.0/24 maxlen: 24
185.134.244.0/22 maxlen: 22
151.249.123.0/24 maxlen: 24
151.249.124.0/24 maxlen: 24
151.249.120.0/21 maxlen: 24
151.249.120.0/24 maxlen: 24
151.249.127.0/24 maxlen: 24
194.63.254.0/24 maxlen: 24
194.63.255.0/24 maxlen: 24
2a01:5b40::/48 maxlen: 48
2a01:5b40:5::/48 maxlen: 48
2a01:5b40::/32 maxlen: 48
2a0f:c180::/29 maxlen: 29
2a01:5b40:c::/48 maxlen: 48
2a01:5b40:ac2::/48 maxlen: 48
2a0a:c340::/32 maxlen: 32
2a01:5b40:ac1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91538674 (0x574c4f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebdb225471f2d6e41060b34185725485481014b8
Validity
Not Before: Jan 1 06:00:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8adb0e92e7583cd9ffe17261573b0565b3a50d6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:88:c5:fb:e9:c3:a0:f1:bc:0b:12:02:46:f9:
84:78:19:90:59:97:ff:19:43:95:6a:cb:b7:15:15:
20:ff:f6:33:de:b6:c9:9c:46:fc:f1:79:ed:85:e8:
04:21:ae:76:d4:87:ff:66:a4:33:e3:59:57:13:6c:
42:89:64:45:4f:be:a2:69:bd:bf:29:b1:0a:8e:98:
09:1b:db:fe:1a:1d:25:c2:ed:e1:47:60:b1:55:17:
25:68:57:d3:ca:3b:10:27:49:2b:5b:66:e6:27:3a:
a8:cd:07:1b:84:7f:51:f8:92:87:32:c1:82:db:e1:
e0:24:a7:bf:be:09:4d:da:76:5f:b0:0e:3b:fc:25:
87:a3:67:5e:e2:ec:da:16:e1:79:42:7d:b9:f0:68:
77:67:52:d6:b9:68:56:72:77:f4:a2:05:34:5c:61:
ed:28:e6:14:5d:91:2d:7a:3c:ea:8b:67:e9:d0:77:
1d:7e:19:98:92:fb:bd:5c:dc:83:b5:95:15:2c:87:
14:ba:62:50:1c:50:d4:71:f1:7b:91:f2:d5:f1:34:
7b:7f:a3:72:3b:0c:38:a2:02:00:80:21:d5:08:2b:
e3:26:69:d0:c2:1f:c6:8a:0a:85:a0:b6:3c:d1:e3:
35:5b:ba:28:fc:56:4f:59:4a:98:51:a8:d1:cc:3b:
0b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:DB:0E:92:E7:58:3C:D9:FF:E1:72:61:57:3B:05:65:B3:A5:0D:6A
X509v3 Authority Key Identifier:
keyid:EB:DB:22:54:71:F2:D6:E4:10:60:B3:41:85:72:54:85:48:10:14:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/69siVHHy1uQQYLNBhXJUhUgQFLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/376853-2abf-4232-91ff-09a5e8d960dd/1/itsOkudYPNn_4XJhVzsFZbOlDWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/376853-2abf-4232-91ff-09a5e8d960dd/1/69siVHHy1uQQYLNBhXJUhUgQFLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.249.120.0/21
185.134.244.0/22
185.201.124.0/22
193.57.14.0/23
193.57.22.0/23
194.63.248.0/21
IPv6:
2a01:5b40::/32
2a0a:c340::/32
2a0f:c180::/29
Signature Algorithm: sha256WithRSAEncryption
50:1e:2c:7a:68:e0:2e:77:1f:c5:a8:e8:86:e7:9f:33:7f:79:
42:8b:5e:01:73:94:8d:ef:59:54:89:d2:c6:eb:7c:5d:c1:90:
12:52:10:05:1c:ae:c8:eb:b1:89:ab:3e:ee:b2:35:d8:3c:8c:
d2:09:ac:67:5c:c9:2b:2a:23:36:a5:03:c4:49:5b:53:a8:b7:
08:5d:be:92:7f:ac:b3:5e:e3:b5:65:0b:28:e1:5e:bf:b5:b8:
33:36:f6:8a:70:22:24:e0:6f:a1:bd:62:b5:7c:04:cc:a4:91:
bc:ee:e8:24:7c:9e:bb:9e:a1:34:41:d4:3b:a0:a2:35:1d:b2:
f9:bc:bd:35:41:9e:68:d8:ce:50:b3:e1:26:41:2d:ed:5f:71:
30:a6:a7:63:ce:43:b8:c8:67:09:39:1f:b4:a3:2f:91:11:29:
16:c4:4d:d4:32:8f:d9:36:49:fc:af:ac:ef:35:82:02:7f:33:
b3:54:94:5e:48:85:dd:f0:ee:d5:e6:86:a0:e8:0a:27:ed:05:
0f:bb:79:85:52:8d:11:31:36:15:09:17:23:92:dc:c5:e0:c1:
53:5d:2c:4c:c1:94:ea:5f:db:e5:61:47:9f:92:a8:b3:e7:47:
ab:73:ef:c7:e6:76:38:2e:e5:a5:a3:61:ea:35:a8:09:f0:13:
a5:b8:a8:61
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIEBXTE8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmRiMjI1NDcxZjJkNmU0MTA2MGIzNDE4NTcyNTQ4NTQ4MTAxNGI4MB4XDTIyMDEw
MTA2MDA1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGFkYjBlOTJlNzU4
M2NkOWZmZTE3MjYxNTczYjA1NjViM2E1MGQ2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM2Ixfvpw6DxvAsSAkb5hHgZkFmX/xlDlWrLtxUVIP/2M962
yZxG/PF57YXoBCGudtSH/2akM+NZVxNsQolkRU++omm9vymxCo6YCRvb/hodJcLt
4UdgsVUXJWhX08o7ECdJK1tm5ic6qM0HG4R/UfiShzLBgtvh4CSnv74JTdp2X7AO
O/wlh6NnXuLs2hbheUJ9ufBod2dS1rloVnJ39KIFNFxh7SjmFF2RLXo86otn6dB3
HX4ZmJL7vVzcg7WVFSyHFLpiUBxQ1HHxe5Hy1fE0e3+jcjsMOKICAIAh1Qgr4yZp
0MIfxooKhaC2PNHjNVu6KPxWT1lKmFGo0cw7C0sCAwEAAaOCAkQwggJAMB0GA1Ud
DgQWBBSK2w6S51g82f/hcmFXOwVls6UNajAfBgNVHSMEGDAWgBTr2yJUcfLW5BBg
s0GFclSFSBAUuDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzY5c2lWSEh5MXVRUVlMTkJoWEpVaFVnUUZMZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvMzc2ODUzLTJhYmYtNDIzMi05MWZmLTA5YTVlOGQ5NjBkZC8x
L2l0c09rdWRZUE5uXzRYSmhWenNGWmJPbERXby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
Mzc2ODUzLTJhYmYtNDIzMi05MWZmLTA5YTVlOGQ5NjBkZC8xLzY5c2lWSEh5MXVR
UVlMTkJoWEpVaFVnUUZMZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBa
BggrBgEFBQcBBwEB/wRLMEkwKgQCAAEwJAMEA5f5eAMEArmG9AMEArnJfAMEAcE5
DgMEAcE5FgMEA8I/+DAbBAIAAjAVAwUAKgFbQAMFACoKw0ADBQMqD8GAMA0GCSqG
SIb3DQEBCwUAA4IBAQBQHix6aOAudx/FqOiG558zf3lCi14Bc5SN71lUidLG63xd
wZASUhAFHK7I67GJqz7usjXYPIzSCaxnXMkrKiM2pQPESVtTqLcIXb6Sf6yzXuO1
ZQso4V6/tbgzNvaKcCIk4G+hvWK1fATMpJG87ugkfJ67nqE0QdQ7oKI1HbL5vL01
QZ5o2M5Qs+EmQS3tX3EwpqdjzkO4yGcJOR+0oy+RESkWxE3UMo/ZNkn8r6zvNYIC
fzOzVJReSIXd8O7V5oag6Aon7QUPu3mFUo0RMTYVCRcjktzF4MFTXSxMwZTqX9vl
YUefkqiz50erc+/H5nY4LuWlo2HqNagJ8BOluKhh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:03 2024 by rpki-client on console-ams.rpki-client.org