Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/ct42zHiG5Sp3V3av-STlA-PwCmA.roa
File: ct42zHiG5Sp3V3av-STlA-PwCmA.roa (raw, json)
Hash identifier: fjOrDivT9scxnl9geBkWOqpP1bvuHYixgil/nI6DKZ8=
Subject key identifier: 72:DE:36:CC:78:86:E5:2A:77:57:76:AF:F9:24:E5:03:E3:F0:0A:60
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 35557BBE
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/ct42zHiG5Sp3V3av-STlA-PwCmA.roa
Signing time: Sat 01 Jan 2022 08:55:11 +0000
ROA not before: Sat 01 Jan 2022 08:55:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24852
IP address blocks: 213.164.112.0/22 maxlen: 22
88.223.96.0/22 maxlen: 22
213.164.116.0/23 maxlen: 23
213.164.118.0/24 maxlen: 24
88.223.104.0/21 maxlen: 21
84.55.0.0/18 maxlen: 18
88.223.112.0/20 maxlen: 20
88.223.128.0/22 maxlen: 22
84.55.34.0/23 maxlen: 23
88.223.144.0/21 maxlen: 21
213.164.96.0/20 maxlen: 20
79.132.160.0/19 maxlen: 19
88.223.152.0/24 maxlen: 24
88.223.153.0/24 maxlen: 24
88.223.160.0/20 maxlen: 20
84.55.56.0/23 maxlen: 23
84.55.58.0/23 maxlen: 23
84.55.60.0/23 maxlen: 23
84.55.62.0/23 maxlen: 23
95.173.32.0/19 maxlen: 19
88.222.0.0/15 maxlen: 15
185.104.176.0/22 maxlen: 22
217.147.41.0/24 maxlen: 24
217.147.44.0/23 maxlen: 23
217.147.40.0/24 maxlen: 24
217.147.46.0/24 maxlen: 24
217.147.47.0/24 maxlen: 24
217.147.34.0/24 maxlen: 24
217.147.35.0/24 maxlen: 24
217.147.36.0/23 maxlen: 23
217.147.38.0/24 maxlen: 24
217.147.32.0/20 maxlen: 20
2a01:7c80::/32 maxlen: 32
2a01:7c80::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 894794686 (0x35557bbe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Jan 1 08:55:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72de36cc7886e52a775776aff924e503e3f00a60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:1d:42:1f:7e:73:c5:77:4a:7d:e2:a8:c4:78:
7c:a7:ac:ca:22:42:91:bb:22:d2:f0:6c:0d:3e:69:
b7:a8:91:5d:f5:75:f4:4e:77:56:0e:9e:84:43:0f:
22:c6:7b:bb:69:4a:89:d0:dc:03:e8:4b:5d:e7:31:
61:21:0f:4c:2a:30:b5:2b:96:c7:09:a0:99:f9:94:
a4:02:8a:de:83:6f:87:58:04:07:11:6f:d0:cf:85:
46:4f:2f:76:41:43:23:b6:c0:06:cf:d1:82:bf:5e:
1a:29:f6:d5:f2:93:05:0d:d7:24:17:43:fe:13:1c:
95:4a:b7:02:a6:18:33:b9:ae:ef:d4:d9:c4:08:18:
8c:74:53:08:b9:fb:5f:dd:11:2e:72:31:89:45:0d:
4d:52:4d:4d:5e:ae:4d:60:1d:37:43:38:d8:8b:9d:
82:5f:53:be:e2:4a:7a:f2:64:c0:62:37:0d:f8:6e:
6c:46:65:44:38:17:77:60:87:2e:d9:23:90:39:7b:
7c:05:50:92:4e:29:5c:e0:81:7e:af:5a:98:6b:d9:
ae:c9:ec:76:01:15:56:12:c2:bc:89:23:14:ea:e4:
25:0d:33:a6:91:ba:11:6a:93:f2:28:38:5d:b5:5a:
f9:2c:b5:be:23:80:70:94:d9:7c:2c:2f:3e:b5:c3:
69:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:DE:36:CC:78:86:E5:2A:77:57:76:AF:F9:24:E5:03:E3:F0:0A:60
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/ct42zHiG5Sp3V3av-STlA-PwCmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.160.0/19
84.55.0.0/18
88.222.0.0/15
95.173.32.0/19
185.104.176.0/22
213.164.96.0-213.164.118.255
217.147.32.0/20
IPv6:
2a01:7c80::/32
Signature Algorithm: sha256WithRSAEncryption
8c:4d:95:13:10:a1:1e:9a:79:b7:66:4b:97:65:f1:3a:a5:04:
29:cc:5a:03:08:d2:05:4f:24:7d:27:48:78:6d:d3:81:7a:79:
7b:4a:24:e0:80:7f:98:96:90:55:9d:95:de:cd:25:b5:84:1e:
e5:a8:40:de:9f:64:9c:1a:5f:48:a3:a0:b0:20:25:40:0f:95:
9c:7f:80:6f:0b:8d:d8:77:87:5a:22:3f:b7:3a:a5:59:ce:77:
56:ad:05:80:6e:f4:be:6a:5f:97:48:07:8e:fb:0d:99:4d:a6:
47:56:d0:0f:3a:c3:aa:d6:2a:3a:59:09:2f:5a:6f:40:f3:0f:
8c:9a:e8:8f:7a:e0:1e:f2:2b:e8:69:cb:b6:86:3c:52:c9:84:
1a:44:69:3d:8e:63:19:02:1e:e8:d3:42:9d:b4:1b:50:90:bb:
f0:d0:b8:08:a8:04:40:91:2a:c7:21:b7:d2:67:ff:e1:dc:e4:
f0:20:24:74:04:2a:c3:13:dc:84:17:11:75:bc:28:15:c6:75:
a2:fa:21:20:46:07:5b:84:62:05:36:80:a8:d6:45:25:1c:f8:
67:6b:58:76:ed:b3:45:81:3a:e1:04:40:89:64:b5:20:9d:21:
b8:9c:c5:d1:e8:3a:cd:d6:c9:51:fc:a7:d0:d9:5e:6e:c7:bc:
54:43:bf:97
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIENVV7vjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDY2MTc1OGNlMzMwNjIyNDcwYTM5YWU4ZDZlZjRhMjA0NGY4M2M0MB4XDTIyMDEw
MTA4NTUxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzJkZTM2Y2M3ODg2
ZTUyYTc3NTc3NmFmZjkyNGU1MDNlM2YwMGE2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJwdQh9+c8V3Sn3iqMR4fKesyiJCkbsi0vBsDT5pt6iRXfV1
9E53Vg6ehEMPIsZ7u2lKidDcA+hLXecxYSEPTCowtSuWxwmgmfmUpAKK3oNvh1gE
BxFv0M+FRk8vdkFDI7bABs/Rgr9eGin21fKTBQ3XJBdD/hMclUq3AqYYM7mu79TZ
xAgYjHRTCLn7X90RLnIxiUUNTVJNTV6uTWAdN0M42Iudgl9TvuJKevJkwGI3Dfhu
bEZlRDgXd2CHLtkjkDl7fAVQkk4pXOCBfq9amGvZrsnsdgEVVhLCvIkjFOrkJQ0z
ppG6EWqT8ig4XbVa+Sy1viOAcJTZfCwvPrXDaRkCAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBRy3jbMeIblKndXdq/5JOUD4/AKYDAfBgNVHSMEGDAWgBRgZhdYzjMGIkcK
Oa6NbvSiBE+DxDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lHWVhXTTR6QmlKSENqbXVqVzcwb2dSUGc4US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvZWRkMTI4LTZkNmUtNDllMy1iNzdlLTFmODc0Njk0NTQ4My8x
L2N0NDJ6SGlHNVNwM1YzYXYtU1RsQS1Qd0NtQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
ZWRkMTI4LTZkNmUtNDllMy1iNzdlLTFmODc0Njk0NTQ4My8xL1lHWVhXTTR6QmlK
SENqbXVqVzcwb2dSUGc4US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwNwQCAAEwMQMEBU+EoAMEBlQ3AAMDAVjeAwQFX60g
AwQCuWiwMAwDBAXVpGADBADVpHYDBATZkyAwDQQCAAIwBwMFACoBfIAwDQYJKoZI
hvcNAQELBQADggEBAIxNlRMQoR6aebdmS5dl8TqlBCnMWgMI0gVPJH0nSHht04F6
eXtKJOCAf5iWkFWdld7NJbWEHuWoQN6fZJwaX0ijoLAgJUAPlZx/gG8Ljdh3h1oi
P7c6pVnOd1atBYBu9L5qX5dIB477DZlNpkdW0A86w6rWKjpZCS9ab0DzD4ya6I96
4B7yK+hpy7aGPFLJhBpEaT2OYxkCHujTQp20G1CQu/DQuAioBECRKscht9Jn/+Hc
5PAgJHQEKsMT3IQXEXW8KBXGdaL6ISBGB1uEYgU2gKjWRSUc+GdrWHbts0WBOuEE
QIlktSCdIbicxdHoOs3WyVH8p9DZXm7HvFRDv5c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:15 2024 by rpki-client on console-fra.rpki-client.org