Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/iHlyF2BJ9N8iHDNznjhHDj5IlSc.roa
File: iHlyF2BJ9N8iHDNznjhHDj5IlSc.roa (raw, json)
Hash identifier: qbOLQ9IN8dN4il3DoLILWoo7ywoW3mXwC175jyvdXjo=
Subject key identifier: 88:79:72:17:60:49:F4:DF:22:1C:33:73:9E:38:47:0E:3E:48:95:27
Certificate issuer: /CN=29109da662f9d302fff2c5c4b4afb8f947fec1c0
Certificate serial: 15466BE4
Authority key identifier: 29:10:9D:A6:62:F9:D3:02:FF:F2:C5:C4:B4:AF:B8:F9:47:FE:C1:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRCdpmL50wL_8sXEtK-4-Uf-wcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/iHlyF2BJ9N8iHDNznjhHDj5IlSc.roa
Signing time: Sat 01 Jan 2022 09:02:51 +0000
ROA not before: Sat 01 Jan 2022 09:02:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6881
IP address blocks: 194.50.100.0/24 maxlen: 32
185.1.34.0/24 maxlen: 32
91.207.230.0/23 maxlen: 23
91.207.234.0/23 maxlen: 23
195.47.235.0/24 maxlen: 32
91.210.16.0/22 maxlen: 32
194.30.187.0/24 maxlen: 32
93.190.128.0/21 maxlen: 32
2001:7f8:14::/48 maxlen: 128
2a02:38::/32 maxlen: 128
2001:7f8:91::/48 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 356936676 (0x15466be4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29109da662f9d302fff2c5c4b4afb8f947fec1c0
Validity
Not Before: Jan 1 09:02:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=887972176049f4df221c33739e38470e3e489527
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a4:66:61:9a:76:6e:2b:27:95:26:39:b7:1d:
63:97:f6:86:6c:17:f5:3b:69:22:a2:60:88:70:87:
db:12:9c:0a:b2:8c:65:ca:63:ec:fd:62:6a:ae:84:
da:03:ba:89:84:0a:a0:31:44:53:c3:99:08:e9:53:
d5:42:ea:73:21:2c:93:5b:4e:05:35:a5:21:64:5e:
66:3d:a7:7f:5d:e5:92:36:d4:82:d9:46:be:78:9c:
55:d1:36:4b:f9:73:1e:14:88:dc:29:99:62:6a:f8:
34:7b:fd:24:5d:04:0d:3c:89:58:f9:0d:9c:8d:81:
99:aa:da:be:05:e9:6f:50:a5:c9:54:19:04:98:2e:
52:19:9e:c9:fe:21:47:72:2e:fc:d2:2f:bf:e2:9e:
80:43:3c:e0:e9:fe:85:72:3d:5f:12:39:91:97:86:
2c:f2:50:c5:4b:21:9a:6f:d4:57:0a:3b:5c:a0:88:
ca:a8:67:00:f6:1f:02:6c:9f:0e:69:e7:ed:ba:a0:
f7:60:c7:92:79:54:70:d9:80:4a:55:4e:06:67:91:
b7:5e:c6:3c:f4:04:a5:0a:fd:4c:fa:a3:77:eb:43:
c6:d3:6d:27:a2:60:ee:e1:37:ef:63:f6:e5:29:42:
ec:de:72:80:e6:0a:39:e2:4a:27:18:c8:cf:82:a6:
18:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:79:72:17:60:49:F4:DF:22:1C:33:73:9E:38:47:0E:3E:48:95:27
X509v3 Authority Key Identifier:
keyid:29:10:9D:A6:62:F9:D3:02:FF:F2:C5:C4:B4:AF:B8:F9:47:FE:C1:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRCdpmL50wL_8sXEtK-4-Uf-wcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/iHlyF2BJ9N8iHDNznjhHDj5IlSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/KRCdpmL50wL_8sXEtK-4-Uf-wcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.230.0/23
91.207.234.0/23
91.210.16.0/22
93.190.128.0/21
185.1.34.0/24
194.30.187.0/24
194.50.100.0/24
195.47.235.0/24
IPv6:
2001:7f8:14::/48
2001:7f8:91::/48
2a02:38::/32
Signature Algorithm: sha256WithRSAEncryption
98:55:e8:b0:ad:7b:66:46:00:e5:70:85:ea:5d:a1:1f:db:5e:
69:5f:d4:51:49:29:f4:7e:15:9f:f7:f1:fa:42:91:32:7e:4b:
f9:82:4b:5d:82:d1:dd:9b:59:b8:d9:8b:c3:e5:f7:76:8e:0e:
ae:1a:9b:fe:a3:19:e0:5b:12:97:1e:5c:db:80:1e:3b:e6:8f:
9b:8d:3e:bd:c8:6b:90:3e:63:ba:96:b7:6a:1e:cf:31:4d:81:
7b:58:df:64:cc:93:30:57:da:96:29:bf:56:e2:2d:6d:cf:7f:
13:f5:8a:f9:eb:55:2f:b9:5f:74:df:6c:2c:2f:87:ea:40:97:
3e:9c:1f:cc:81:f5:7d:ff:c1:30:8d:e0:4a:85:ca:8c:31:09:
56:7a:95:3f:ad:e9:23:de:5e:0a:03:c5:30:5e:99:e2:d2:db:
b8:2f:c0:33:fc:bb:33:8e:e8:9a:8e:12:0c:3f:55:34:05:71:
47:db:31:4f:d4:01:fc:76:e7:41:26:8b:3a:e3:e3:25:fe:ce:
e5:ae:01:bf:b4:35:27:c9:36:73:53:68:b0:e9:fb:a8:6a:8d:
7f:95:15:58:01:73:5c:d2:94:27:a5:5d:20:9e:e0:67:59:6a:
dc:ff:5e:4f:5a:f7:1a:a8:00:0f:f0:9c:ee:77:2a:d1:d6:7e:
89:ba:26:85
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIEFUZr5DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTEwOWRhNjYyZjlkMzAyZmZmMmM1YzRiNGFmYjhmOTQ3ZmVjMWMwMB4XDTIyMDEw
MTA5MDI1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODg3OTcyMTc2MDQ5
ZjRkZjIyMWMzMzczOWUzODQ3MGUzZTQ4OTUyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANKkZmGadm4rJ5UmObcdY5f2hmwX9TtpIqJgiHCH2xKcCrKM
Zcpj7P1iaq6E2gO6iYQKoDFEU8OZCOlT1ULqcyEsk1tOBTWlIWReZj2nf13lkjbU
gtlGvnicVdE2S/lzHhSI3CmZYmr4NHv9JF0EDTyJWPkNnI2BmaravgXpb1ClyVQZ
BJguUhmeyf4hR3Iu/NIvv+KegEM84On+hXI9XxI5kZeGLPJQxUshmm/UVwo7XKCI
yqhnAPYfAmyfDmnn7bqg92DHknlUcNmASlVOBmeRt17GPPQEpQr9TPqjd+tDxtNt
J6Jg7uE372P25SlC7N5ygOYKOeJKJxjIz4KmGJkCAwEAAaOCAlQwggJQMB0GA1Ud
DgQWBBSIeXIXYEn03yIcM3OeOEcOPkiVJzAfBgNVHSMEGDAWgBQpEJ2mYvnTAv/y
xcS0r7j5R/7BwDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tSQ2RwbUw1MHdMXzhzWEV0Sy00LVVmLXdjQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzkvOTMwMjc5LTMxODctNDdhNS04MTM3LWY0ZmI1Yzg4MDUwOS8x
L2lIbHlGMkJKOU44aUhETnpuamhIRGo1SWxTYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzkv
OTMwMjc5LTMxODctNDdhNS04MTM3LWY0ZmI1Yzg4MDUwOS8xL0tSQ2RwbUw1MHdM
XzhzWEV0Sy00LVVmLXdjQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBq
BggrBgEFBQcBBwEB/wRbMFkwNgQCAAEwMAMEAVvP5gMEAVvP6gMEAlvSEAMEA12+
gAMEALkBIgMEAMIeuwMEAMIyZAMEAMMv6zAfBAIAAjAZAwcAIAEH+AAUAwcAIAEH
+ACRAwUAKgIAODANBgkqhkiG9w0BAQsFAAOCAQEAmFXosK17ZkYA5XCF6l2hH9te
aV/UUUkp9H4Vn/fx+kKRMn5L+YJLXYLR3ZtZuNmLw+X3do4Orhqb/qMZ4FsSlx5c
24AeO+aPm40+vchrkD5jupa3ah7PMU2Be1jfZMyTMFfalim/VuItbc9/E/WK+etV
L7lfdN9sLC+H6kCXPpwfzIH1ff/BMI3gSoXKjDEJVnqVP63pI95eCgPFMF6Z4tLb
uC/AM/y7M47omo4SDD9VNAVxR9sxT9QB/HbnQSaLOuPjJf7O5a4Bv7Q1J8k2c1No
sOn7qGqNf5UVWAFzXNKUJ6VdIJ7gZ1lq3P9eT1r3GqgAD/Cc7ncq0dZ+ibomhQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:06 2024 by rpki-client on console-ams.rpki-client.org