Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/lDuWOtk3EsfmT_w0mHOKyyAq5jY.roa
File: lDuWOtk3EsfmT_w0mHOKyyAq5jY.roa (raw, json)
Hash identifier: LkEZywyiJ3g2sWmge/dFcc6lO2jQuwvHvty6xd4cE6c=
Subject key identifier: 94:3B:96:3A:D9:37:12:C7:E6:4F:FC:34:98:73:8A:CB:20:2A:E6:36
Certificate issuer: /CN=f563da6eb3b7a07fdc4525883004970d640b036b
Certificate serial: 09B42E47
Authority key identifier: F5:63:DA:6E:B3:B7:A0:7F:DC:45:25:88:30:04:97:0D:64:0B:03:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9WPabrO3oH_cRSWIMASXDWQLA2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/lDuWOtk3EsfmT_w0mHOKyyAq5jY.roa
Signing time: Sat 01 Jan 2022 08:04:22 +0000
ROA not before: Sat 01 Jan 2022 08:04:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6661
IP address blocks: 213.166.32.0/19 maxlen: 24
107.183.0.0/17 maxlen: 24
213.135.224.0/19 maxlen: 24
88.207.128.0/17 maxlen: 24
146.0.216.0/21 maxlen: 24
78.141.128.0/18 maxlen: 24
37.157.152.0/21 maxlen: 24
194.154.192.0/19 maxlen: 24
87.240.192.0/18 maxlen: 24
178.254.64.0/18 maxlen: 24
146.0.212.0/22 maxlen: 24
188.115.0.0/18 maxlen: 24
83.99.0.0/17 maxlen: 24
146.0.128.0/18 maxlen: 24
195.46.224.0/19 maxlen: 24
2001:7e8::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162803271 (0x9b42e47)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f563da6eb3b7a07fdc4525883004970d640b036b
Validity
Not Before: Jan 1 08:04:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=943b963ad93712c7e64ffc3498738acb202ae636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:cb:d8:7a:56:7f:e2:92:23:27:24:f5:6b:0c:
31:f6:33:f7:4c:b9:49:d5:56:74:08:3e:8f:77:4b:
46:75:63:c6:d0:34:9e:84:5f:d2:e4:32:21:b9:e0:
4f:29:ec:53:31:62:84:11:d1:e9:07:df:01:1f:a7:
40:1f:c2:e1:4d:1e:51:f4:c8:00:77:df:5f:19:68:
d6:a8:e3:1e:44:bf:4d:6b:77:46:2c:06:6c:ea:3d:
53:f0:38:25:5c:70:00:a6:f2:f1:cd:93:f7:7e:6a:
a4:c9:27:6e:b7:23:34:e2:17:a7:56:3b:3e:1a:7c:
b9:99:38:88:33:46:d1:a8:50:f2:d5:12:0d:68:07:
79:04:2d:c9:d6:a3:ee:1a:8d:e0:96:9c:63:5a:f0:
60:d8:7c:a1:10:1d:92:0e:72:f2:c5:8f:e4:42:68:
a2:13:1d:c2:10:19:d9:91:a3:e1:69:49:50:22:a7:
29:b2:e9:93:ad:18:58:5f:f0:7d:5d:c2:ea:98:54:
5e:9a:27:b0:63:1c:10:d6:ff:b2:82:f2:6b:5b:7f:
91:54:e1:0d:64:7d:b2:55:66:47:c1:7b:29:20:70:
23:4c:d1:5f:47:d3:da:9e:81:b3:6b:39:b5:35:69:
a9:89:ad:01:b7:bb:d6:c0:72:bc:d6:65:71:be:54:
88:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:3B:96:3A:D9:37:12:C7:E6:4F:FC:34:98:73:8A:CB:20:2A:E6:36
X509v3 Authority Key Identifier:
keyid:F5:63:DA:6E:B3:B7:A0:7F:DC:45:25:88:30:04:97:0D:64:0B:03:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9WPabrO3oH_cRSWIMASXDWQLA2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/lDuWOtk3EsfmT_w0mHOKyyAq5jY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/9WPabrO3oH_cRSWIMASXDWQLA2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.152.0/21
78.141.128.0/18
83.99.0.0/17
87.240.192.0/18
88.207.128.0/17
107.183.0.0/17
146.0.128.0/18
146.0.212.0-146.0.223.255
178.254.64.0/18
188.115.0.0/18
194.154.192.0/19
195.46.224.0/19
213.135.224.0/19
213.166.32.0/19
IPv6:
2001:7e8::/32
Signature Algorithm: sha256WithRSAEncryption
94:08:eb:3e:b9:44:b4:56:93:50:68:86:b5:27:7d:6e:34:a3:
ff:77:1b:c5:33:7b:7a:71:8b:6c:8a:82:b8:ff:5b:1f:52:6f:
b9:5e:ca:36:98:63:e9:17:66:62:be:8b:5e:00:e7:8f:b2:7b:
ce:0c:3c:26:19:b8:02:81:35:06:3a:4e:74:59:d6:74:33:46:
b5:18:8b:4d:68:06:2d:59:f6:6d:87:0f:38:27:e9:1b:10:a9:
c2:f6:cb:48:93:5a:21:b0:d5:a5:d0:c9:01:be:74:c2:58:32:
bf:42:d6:be:40:f4:1a:67:90:7a:82:eb:91:b7:b2:5c:2f:0e:
34:fa:52:61:01:10:f4:a2:72:31:03:7c:fd:54:0f:f5:1b:f5:
01:5f:8c:90:cc:c8:35:44:1b:4c:9f:4b:b5:4c:29:51:bd:d2:
b5:9e:e0:c6:d6:0a:e4:e1:88:5c:79:31:07:2e:b2:18:c2:50:
4a:d2:6c:62:a3:72:36:db:4f:75:71:48:40:6d:07:6c:fe:d5:
cd:56:32:3a:14:fc:d2:fb:08:58:fb:c8:62:21:40:33:61:c0:
54:be:e0:0a:28:f4:c4:bb:41:bf:7e:9d:9e:16:13:4b:06:fb:
8e:6b:27:22:29:11:f1:49:2e:cd:c3:25:dc:4b:e1:7f:35:ee:
32:a4:a8:0f
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIECbQuRzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NTYzZGE2ZWIzYjdhMDdmZGM0NTI1ODgzMDA0OTcwZDY0MGIwMzZiMB4XDTIyMDEw
MTA4MDQyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQzYjk2M2FkOTM3
MTJjN2U2NGZmYzM0OTg3MzhhY2IyMDJhZTYzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKPL2HpWf+KSIyck9WsMMfYz90y5SdVWdAg+j3dLRnVjxtA0
noRf0uQyIbngTynsUzFihBHR6QffAR+nQB/C4U0eUfTIAHffXxlo1qjjHkS/TWt3
RiwGbOo9U/A4JVxwAKby8c2T935qpMknbrcjNOIXp1Y7Php8uZk4iDNG0ahQ8tUS
DWgHeQQtydaj7hqN4JacY1rwYNh8oRAdkg5y8sWP5EJoohMdwhAZ2ZGj4WlJUCKn
KbLpk60YWF/wfV3C6phUXponsGMcENb/soLya1t/kVThDWR9slVmR8F7KSBwI0zR
X0fT2p6Bs2s5tTVpqYmtAbe71sByvNZlcb5UiP8CAwEAAaOCAm8wggJrMB0GA1Ud
DgQWBBSUO5Y62TcSx+ZP/DSYc4rLICrmNjAfBgNVHSMEGDAWgBT1Y9pus7egf9xF
JYgwBJcNZAsDazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlXUGFick8zb0hfY1JTV0lNQVNYRFdRTEEycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvNjM1NjRmLWFjYTEtNDYzZC1iZTFlLWU1NTIwYWE3YmEzNy8x
L2xEdVdPdGszRXNmbVRfdzBtSE9LeXlBcTVqWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
NjM1NjRmLWFjYTEtNDYzZC1iZTFlLWU1NTIwYWE3YmEzNy8xLzlXUGFick8zb0hf
Y1JTV0lNQVNYRFdRTEEycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hAYIKwYBBQUHAQcBAf8EdTBzMGIEAgABMFwDBAMlnZgDBAZOjYADBAdTYwADBAZX
8MADBAdYz4ADBAdrtwADBAaSAIAwDAMEApIA1AMEBZIAwAMEBrL+QAMEBrxzAAME
BcKawAMEBcMu4AMEBdWH4AMEBdWmIDANBAIAAjAHAwUAIAEH6DANBgkqhkiG9w0B
AQsFAAOCAQEAlAjrPrlEtFaTUGiGtSd9bjSj/3cbxTN7enGLbIqCuP9bH1JvuV7K
Nphj6RdmYr6LXgDnj7J7zgw8Jhm4AoE1BjpOdFnWdDNGtRiLTWgGLVn2bYcPOCfp
GxCpwvbLSJNaIbDVpdDJAb50wlgyv0LWvkD0GmeQeoLrkbeyXC8ONPpSYQEQ9KJy
MQN8/VQP9Rv1AV+MkMzINUQbTJ9LtUwpUb3StZ7gxtYK5OGIXHkxBy6yGMJQStJs
YqNyNttPdXFIQG0HbP7VzVYyOhT80vsIWPvIYiFAM2HAVL7gCij0xLtBv36dnhYT
Swb7jmsnIikR8UkuzcMl3EvhfzXuMqSoDw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:11 2024 by rpki-client on console-fra.rpki-client.org