Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/JAz8SllfF50o7iPsIpTZEr_MS9g.roa
File: JAz8SllfF50o7iPsIpTZEr_MS9g.roa (raw, json)
Hash identifier: 8t7ayGHPSeocsU46hY5xWgoc9TZTvu2WrPW/AL8Fsdk=
Subject key identifier: 24:0C:FC:4A:59:5F:17:9D:28:EE:23:EC:22:94:D9:12:BF:CC:4B:D8
Certificate issuer: /CN=c7c1fdbaf9ac0e5adeec60a0923c4dd4a01e92dc
Certificate serial: 09DC74D4
Authority key identifier: C7:C1:FD:BA:F9:AC:0E:5A:DE:EC:60:A0:92:3C:4D:D4:A0:1E:92:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x8H9uvmsDlre7GCgkjxN1KAektw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/JAz8SllfF50o7iPsIpTZEr_MS9g.roa
Signing time: Sat 01 Jan 2022 08:58:19 +0000
ROA not before: Sat 01 Jan 2022 08:58:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62336
IP address blocks: 91.198.32.0/24 maxlen: 24
37.228.144.0/22 maxlen: 22
5.63.32.0/19 maxlen: 19
5.63.32.0/20 maxlen: 20
91.200.108.0/22 maxlen: 22
91.211.8.0/22 maxlen: 22
91.191.176.0/22 maxlen: 22
195.230.108.0/24 maxlen: 24
185.39.84.0/22 maxlen: 22
2a01:41e1::/32 maxlen: 32
2a01:41e0::/32 maxlen: 32
2a01:41e3::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165442772 (0x9dc74d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7c1fdbaf9ac0e5adeec60a0923c4dd4a01e92dc
Validity
Not Before: Jan 1 08:58:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=240cfc4a595f179d28ee23ec2294d912bfcc4bd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:eb:6d:3d:6a:ad:d8:09:a0:2b:0a:77:ca:66:
2f:3d:f7:e9:e1:6c:4e:ad:11:39:5d:22:c8:02:aa:
75:f1:4a:e5:3a:db:ec:1c:2e:9e:a9:38:b2:64:c3:
ef:2b:05:3b:e2:da:1d:00:23:4c:1b:ba:b8:ee:a7:
07:41:3e:f5:c5:a1:0e:e6:01:01:b0:08:0d:27:e0:
dc:0b:e6:d6:6c:26:5f:27:e0:fa:79:d1:b9:c0:55:
27:2f:b3:7f:25:c4:8a:99:4e:e1:e4:51:8e:09:28:
08:f7:a3:f5:4a:b4:13:0a:cf:4a:c6:1c:3b:3a:c9:
73:9a:9a:a9:33:26:b0:ef:97:65:a0:f6:ff:50:a0:
61:3d:87:92:3b:f2:54:48:d0:ce:b7:66:18:ca:b5:
38:b9:e8:da:34:41:c1:fe:a9:53:ca:d6:dd:ef:2b:
4f:29:2e:52:b9:e9:ba:37:a3:f3:c9:ed:86:13:30:
5c:15:3e:da:75:df:25:c9:ba:5b:45:b9:55:d4:5e:
e0:7d:55:2e:11:a9:17:c2:c7:96:1a:72:2d:53:75:
e1:79:71:78:cf:17:20:b0:55:0d:6a:e4:ed:bc:40:
1b:08:c8:5a:77:98:01:1c:0c:0e:4f:d0:30:03:04:
c8:73:8d:18:8d:e6:bb:6f:04:29:8d:f1:70:60:11:
7d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:0C:FC:4A:59:5F:17:9D:28:EE:23:EC:22:94:D9:12:BF:CC:4B:D8
X509v3 Authority Key Identifier:
keyid:C7:C1:FD:BA:F9:AC:0E:5A:DE:EC:60:A0:92:3C:4D:D4:A0:1E:92:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x8H9uvmsDlre7GCgkjxN1KAektw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/JAz8SllfF50o7iPsIpTZEr_MS9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/x8H9uvmsDlre7GCgkjxN1KAektw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.32.0/19
37.228.144.0/22
91.191.176.0/22
91.198.32.0/24
91.200.108.0/22
91.211.8.0/22
185.39.84.0/22
195.230.108.0/24
IPv6:
2a01:41e0::/31
2a01:41e3::/32
Signature Algorithm: sha256WithRSAEncryption
5b:87:83:fc:9c:15:b9:f4:49:80:a7:bb:aa:2d:a1:18:4d:b7:
f7:08:02:bf:c4:55:46:64:4d:23:78:bf:76:47:29:f8:18:79:
c5:dd:a7:c0:7c:a3:4c:f6:81:42:43:b4:fa:dc:36:97:3d:29:
77:93:ad:01:d7:fc:40:c7:58:d1:77:91:a0:d5:5c:74:58:fe:
04:87:ec:5e:51:25:c7:06:95:12:62:00:13:ea:da:fb:49:c9:
9a:59:de:d7:24:c1:99:76:38:9a:bd:56:c2:4b:00:bd:2a:62:
f7:cf:48:fc:af:5d:7b:f3:2f:bd:32:e4:fb:1f:c6:5e:64:9d:
97:b7:56:f0:ef:76:6d:c8:43:05:b4:70:cb:d5:62:9a:9e:0e:
5c:a5:fe:5c:8e:39:44:d3:01:ca:3e:7b:8a:55:d7:ff:d6:a2:
08:6b:b2:91:23:c4:12:d6:47:a4:17:22:15:90:27:56:79:65:
fa:74:75:a5:af:58:6d:08:20:53:21:d7:8c:88:31:d7:90:c9:
bc:f3:fd:f0:b6:9f:78:7c:6f:36:c6:bf:a7:eb:c4:62:a4:51:
b0:f9:46:03:28:70:8f:ea:b5:48:d1:2d:9a:c7:61:5c:39:87:
80:14:2d:37:7e:09:06:8d:ca:2e:c4:8f:95:98:49:02:86:32:
18:d1:86:93
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIECdx01DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
N2MxZmRiYWY5YWMwZTVhZGVlYzYwYTA5MjNjNGRkNGEwMWU5MmRjMB4XDTIyMDEw
MTA4NTgxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjQwY2ZjNGE1OTVm
MTc5ZDI4ZWUyM2VjMjI5NGQ5MTJiZmNjNGJkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN3rbT1qrdgJoCsKd8pmLz336eFsTq0ROV0iyAKqdfFK5Trb
7Bwunqk4smTD7ysFO+LaHQAjTBu6uO6nB0E+9cWhDuYBAbAIDSfg3Avm1mwmXyfg
+nnRucBVJy+zfyXEiplO4eRRjgkoCPej9Uq0EwrPSsYcOzrJc5qaqTMmsO+XZaD2
/1CgYT2HkjvyVEjQzrdmGMq1OLno2jRBwf6pU8rW3e8rTykuUrnpujej88nthhMw
XBU+2nXfJcm6W0W5VdRe4H1VLhGpF8LHlhpyLVN14XlxeM8XILBVDWrk7bxAGwjI
WneYARwMDk/QMAMEyHONGI3mu28EKY3xcGARfZsCAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBQkDPxKWV8XnSjuI+wilNkSv8xL2DAfBgNVHSMEGDAWgBTHwf26+awOWt7s
YKCSPE3UoB6S3DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3g4SDl1dm1zRGxyZTdHQ2dranhOMUtBZWt0dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvNmEyNzJiLThiNmYtNGZlMy04ZjI5LWYwMDI5ODE2MDk3ZS8x
L0pBejhTbGxmRjUwbzdpUHNJcFRaRXJfTVM5Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
NmEyNzJiLThiNmYtNGZlMy04ZjI5LWYwMDI5ODE2MDk3ZS8xL3g4SDl1dm1zRGxy
ZTdHQ2dranhOMUtBZWt0dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wNgQCAAEwMAMEBQU/IAMEAiXkkAMEAlu/sAMEAFvG
IAMEAlvIbAMEAlvTCAMEArknVAMEAMPmbDAUBAIAAjAOAwUBKgFB4AMFACoBQeMw
DQYJKoZIhvcNAQELBQADggEBAFuHg/ycFbn0SYCnu6otoRhNt/cIAr/EVUZkTSN4
v3ZHKfgYecXdp8B8o0z2gUJDtPrcNpc9KXeTrQHX/EDHWNF3kaDVXHRY/gSH7F5R
JccGlRJiABPq2vtJyZpZ3tckwZl2OJq9VsJLAL0qYvfPSPyvXXvzL70y5Psfxl5k
nZe3VvDvdm3IQwW0cMvVYpqeDlyl/lyOOUTTAco+e4pV1//WoghrspEjxBLWR6QX
IhWQJ1Z5Zfp0daWvWG0IIFMh14yIMdeQybzz/fC2n3h8bzbGv6frxGKkUbD5RgMo
cI/qtUjRLZrHYVw5h4AULTd+CQaNyi7Ej5WYSQKGMhjRhpM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:10 2024 by rpki-client on console-fra.rpki-client.org