Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/9LvXzwc0kH8pzHkfiWY83CNnLdc.roa
File: 9LvXzwc0kH8pzHkfiWY83CNnLdc.roa (raw, json)
Hash identifier: aqo4R9XUGQ66p3c3O80yis+mwThokY1UWAkaV0n8OP0=
Subject key identifier: F4:BB:D7:CF:07:34:90:7F:29:CC:79:1F:89:66:3C:DC:23:67:2D:D7
Certificate issuer: /CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Certificate serial: 06F90F13
Authority key identifier: A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/9LvXzwc0kH8pzHkfiWY83CNnLdc.roa
Signing time: Sat 01 Jan 2022 07:54:02 +0000
ROA not before: Sat 01 Jan 2022 07:54:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39686
IP address blocks: 144.178.192.0/19 maxlen: 24
144.178.224.0/20 maxlen: 24
185.184.204.0/22 maxlen: 24
93.95.248.0/21 maxlen: 24
144.178.240.0/21 maxlen: 24
89.20.160.0/19 maxlen: 24
144.178.64.0/19 maxlen: 24
2a02:fe9::/32 maxlen: 48
2a02:fe8::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116985619 (0x6f90f13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Validity
Not Before: Jan 1 07:54:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4bbd7cf0734907f29cc791f89663cdc23672dd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:78:47:9a:aa:e8:88:b9:f2:08:a1:7d:20:6d:
f3:30:42:6f:d3:37:76:f2:aa:39:24:53:b8:a0:7a:
93:1b:63:a0:59:ba:18:9f:db:82:95:66:05:02:0b:
16:54:82:f7:4f:26:ab:1f:55:ae:3c:84:57:9e:22:
42:15:4b:cd:4d:16:15:54:e3:06:ed:93:ed:66:20:
dd:98:5b:43:8b:68:fa:40:c8:3e:5d:03:09:3e:fd:
0f:83:39:a7:73:ec:0e:39:f9:9d:ab:29:e0:18:08:
8d:4d:3b:50:19:8e:ea:df:c4:21:56:49:aa:8f:a9:
20:57:aa:70:88:44:64:64:93:52:4a:b8:86:f2:09:
3e:33:62:90:e4:eb:2c:81:e4:83:00:a0:42:9e:ee:
2d:8a:3c:64:14:13:1f:99:c7:d9:d2:aa:ce:7a:e8:
9f:83:93:ce:3b:d7:42:dc:8e:2f:a4:71:ee:b3:e6:
a5:73:c5:d9:fb:a9:1f:9d:a4:da:83:72:06:a2:5c:
60:c9:80:5f:17:d9:74:9b:05:4d:02:ac:9f:16:c8:
a0:38:ca:05:6b:26:8b:fb:34:60:7b:c9:5d:35:70:
d9:15:3b:cb:a6:6e:77:0e:8e:92:45:6e:f9:bc:6a:
2a:f8:64:25:ea:be:72:70:a4:d6:4e:fe:b2:20:c2:
89:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:BB:D7:CF:07:34:90:7F:29:CC:79:1F:89:66:3C:DC:23:67:2D:D7
X509v3 Authority Key Identifier:
keyid:A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/9LvXzwc0kH8pzHkfiWY83CNnLdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/qGWA4YrW_43JQr6IPBbei3MflgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.20.160.0/19
93.95.248.0/21
144.178.64.0/19
144.178.192.0-144.178.247.255
185.184.204.0/22
IPv6:
2a02:fe8::/31
Signature Algorithm: sha256WithRSAEncryption
11:db:63:4f:fa:bb:d8:79:61:59:9c:89:10:57:df:31:87:4b:
13:32:d2:7f:c1:94:c0:f2:ff:73:a7:b6:f7:eb:8b:82:63:bb:
c3:a8:e9:78:f9:8e:d4:82:3e:b7:c4:c9:ed:81:7a:b0:9e:3f:
ea:b2:bb:be:ae:1c:d7:ce:41:de:7e:8f:20:49:50:d5:75:52:
a2:d9:6e:96:88:2f:a3:f9:71:4d:37:4c:96:20:41:63:bd:56:
41:26:64:41:d0:2d:c7:f8:95:89:e2:09:66:7d:d3:ee:c0:08:
77:76:1c:d3:56:44:05:06:90:c5:47:a6:24:4e:53:03:00:93:
6f:5b:54:8a:60:cf:b1:85:4c:f3:ac:14:98:a7:44:62:7a:91:
04:98:e1:16:fe:09:b7:00:cd:00:b5:54:0a:3c:03:28:53:c0:
ac:75:09:f1:09:63:19:c4:3d:cd:2b:15:e2:1e:52:d5:5c:7e:
5d:31:18:4e:f6:02:3c:2d:c6:a0:41:26:14:89:96:52:7f:bd:
7d:36:cd:21:b3:84:47:ee:80:1e:6b:59:eb:aa:36:10:0c:c1:
f5:8f:ba:76:55:ee:cc:e7:2f:c6:9b:40:e7:ec:d8:4a:e7:62:
27:ba:50:49:72:ee:e7:f7:87:e5:88:41:74:fd:54:d5:b6:14:
1c:99:82:87
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEBvkPEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODY1ODBlMThhZDZmZjhkYzk0MmJlODgzYzE2ZGU4YjczMWY5NjA1MB4XDTIyMDEw
MTA3NTQwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjRiYmQ3Y2YwNzM0
OTA3ZjI5Y2M3OTFmODk2NjNjZGMyMzY3MmRkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKx4R5qq6Ii58gihfSBt8zBCb9M3dvKqOSRTuKB6kxtjoFm6
GJ/bgpVmBQILFlSC908mqx9VrjyEV54iQhVLzU0WFVTjBu2T7WYg3ZhbQ4to+kDI
Pl0DCT79D4M5p3PsDjn5nasp4BgIjU07UBmO6t/EIVZJqo+pIFeqcIhEZGSTUkq4
hvIJPjNikOTrLIHkgwCgQp7uLYo8ZBQTH5nH2dKqznron4OTzjvXQtyOL6Rx7rPm
pXPF2fupH52k2oNyBqJcYMmAXxfZdJsFTQKsnxbIoDjKBWsmi/s0YHvJXTVw2RU7
y6Zudw6OkkVu+bxqKvhkJeq+cnCk1k7+siDCiX0CAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBT0u9fPBzSQfynMeR+JZjzcI2ct1zAfBgNVHSMEGDAWgBSoZYDhitb/jclC
vog8Ft6Lcx+WBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FHV0E0WXJXXzQzSlFyNklQQmJlaTNNZmxnVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjkvZTI5ZGNlLWExNzQtNGI3Ny04OWFhLTIzNmU5MmZjNmE1OS8x
LzlMdlh6d2Mwa0g4cHpIa2ZpV1k4M0NObkxkYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkv
ZTI5ZGNlLWExNzQtNGI3Ny04OWFhLTIzNmU5MmZjNmE1OS8xL3FHV0E0WXJXXzQz
SlFyNklQQmJlaTNNZmxnVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wLAQCAAEwJgMEBVkUoAMEA11f+AMEBZCyQDAMAwQG
kLLAAwQDkLLwAwQCubjMMA0EAgACMAcDBQEqAg/oMA0GCSqGSIb3DQEBCwUAA4IB
AQAR22NP+rvYeWFZnIkQV98xh0sTMtJ/wZTA8v9zp7b364uCY7vDqOl4+Y7Ugj63
xMntgXqwnj/qsru+rhzXzkHefo8gSVDVdVKi2W6WiC+j+XFNN0yWIEFjvVZBJmRB
0C3H+JWJ4glmfdPuwAh3dhzTVkQFBpDFR6YkTlMDAJNvW1SKYM+xhUzzrBSYp0Ri
epEEmOEW/gm3AM0AtVQKPAMoU8CsdQnxCWMZxD3NKxXiHlLVXH5dMRhO9gI8Lcag
QSYUiZZSf719Ns0hs4RH7oAea1nrqjYQDMH1j7p2Ve7M5y/Gm0Dn7NhK52InulBJ
cu7n94fliEF0/VTVthQcmYKH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:20 2024 by rpki-client on console-fra.rpki-client.org