Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/ouAC577fPtItOk6MYyRxENOcN5M.roa
File: ouAC577fPtItOk6MYyRxENOcN5M.roa (raw, json)
Hash identifier: 5U0R5uADBWAhQjE/cHhWE2lZxGPQKdaJzXoNWLNmJag=
Subject key identifier: A2:E0:02:E7:BE:DF:3E:D2:2D:3A:4E:8C:63:24:71:10:D3:9C:37:93
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 0F163999
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/ouAC577fPtItOk6MYyRxENOcN5M.roa
Signing time: Sat 01 Jan 2022 12:05:46 +0000
ROA not before: Sat 01 Jan 2022 12:05:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34177
IP address blocks: 5.133.68.0/22 maxlen: 22
83.142.144.0/21 maxlen: 21
212.106.96.0/19 maxlen: 19
91.90.96.0/21 maxlen: 21
82.210.0.0/19 maxlen: 19
185.5.108.0/22 maxlen: 22
78.31.40.0/21 maxlen: 21
83.118.192.0/19 maxlen: 19
178.16.160.0/20 maxlen: 20
159.180.224.0/19 maxlen: 19
82.210.32.0/19 maxlen: 19
94.228.176.0/20 maxlen: 20
2001:ab8::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 253114777 (0xf163999)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Jan 1 12:05:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2e002e7bedf3ed22d3a4e8c63247110d39c3793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c9:cd:da:f5:b4:af:8d:59:38:f1:de:6e:c5:
18:72:07:b2:79:ce:c7:16:0f:87:07:43:2c:96:08:
bc:8b:47:6d:6f:77:66:b5:f9:61:c3:c5:c9:a6:06:
0f:29:a6:b3:02:c0:44:0d:95:bb:39:34:3d:40:1b:
cb:c7:e2:62:4a:9f:c9:e7:ce:9a:55:ba:5f:9d:be:
03:55:71:90:bc:2a:1c:89:ea:6f:5d:bd:e1:41:67:
97:b2:bd:da:30:18:c6:5d:28:33:ad:35:c6:7a:a2:
52:aa:d9:c7:cb:9e:35:82:d0:e8:a6:9b:59:5c:51:
20:66:80:6f:54:3c:d9:2a:d2:8c:35:92:9c:21:86:
f4:e0:68:dc:56:2e:82:25:28:0a:2d:78:28:c2:83:
7a:4a:68:37:4b:5c:6b:07:0c:ce:fe:ff:24:51:3b:
4f:8c:9e:aa:a1:75:3a:1d:8a:74:b5:9d:64:f3:ac:
8e:d7:d5:95:45:d8:21:94:d3:41:82:c6:57:be:1a:
a9:18:01:64:f7:99:23:21:c8:00:49:fb:17:0f:01:
ca:a9:ab:56:58:5c:4a:07:7a:de:da:70:3b:c3:a3:
47:07:5d:2f:59:17:fd:14:1a:8c:ab:a7:ae:8e:32:
a1:3a:e3:47:5a:b8:7d:60:33:b4:37:e5:f6:e2:7f:
7b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:E0:02:E7:BE:DF:3E:D2:2D:3A:4E:8C:63:24:71:10:D3:9C:37:93
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/ouAC577fPtItOk6MYyRxENOcN5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.68.0/22
78.31.40.0/21
82.210.0.0/18
83.118.192.0/19
83.142.144.0/21
91.90.96.0/21
94.228.176.0/20
159.180.224.0/19
178.16.160.0/20
185.5.108.0/22
212.106.96.0/19
IPv6:
2001:ab8::/29
Signature Algorithm: sha256WithRSAEncryption
8c:92:83:1c:58:1f:2b:89:02:08:e4:fe:cc:97:9d:29:0f:05:
33:50:77:9f:53:33:2e:6f:75:27:32:c9:8e:02:7f:7c:de:72:
93:27:fd:4e:e9:f2:ea:10:3c:05:d5:2a:c6:2d:8b:7f:cd:0a:
d1:41:42:2c:fe:0a:d3:ab:98:9a:bb:2d:76:d6:ee:35:40:2b:
82:4a:b2:d8:2e:7b:84:a7:d8:1b:32:03:99:c8:75:00:e4:c9:
fc:90:8a:6a:15:c0:57:06:9b:bc:2a:d5:34:7e:22:a7:bb:07:
26:e7:9b:5c:02:c2:4f:e8:17:12:07:63:2d:0d:40:68:40:99:
5e:36:72:f5:d3:1b:ef:4f:37:cb:fd:7b:40:7b:3e:36:cf:f6:
72:fc:0c:fd:fc:69:66:a5:de:3f:bd:99:35:dc:5c:d2:19:d2:
65:bd:84:53:68:a2:eb:38:3f:34:f2:65:0a:76:58:2f:5a:7c:
8b:17:6f:96:1e:1c:52:9d:20:ca:92:1b:7f:62:d2:cd:5c:59:
81:40:04:73:25:16:0b:73:85:45:70:b1:d9:d7:77:05:01:de:
2b:37:7a:18:b7:19:3e:99:c4:ed:57:98:7a:c2:27:3f:6a:c3:
dc:8a:eb:69:4f:31:47:f6:20:70:fb:80:36:44:ea:06:e4:5b:
22:f0:72:1b
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIEDxY5mTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTdjNTA4ZDIzYjM4MzE1YmJmNDViNzI2ZDIyMDUwYTQ2MTI3YjhjMB4XDTIyMDEw
MTEyMDU0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTJlMDAyZTdiZWRm
M2VkMjJkM2E0ZThjNjMyNDcxMTBkMzljMzc5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL3Jzdr1tK+NWTjx3m7FGHIHsnnOxxYPhwdDLJYIvItHbW93
ZrX5YcPFyaYGDymmswLARA2Vuzk0PUAby8fiYkqfyefOmlW6X52+A1VxkLwqHInq
b1294UFnl7K92jAYxl0oM601xnqiUqrZx8ueNYLQ6KabWVxRIGaAb1Q82SrSjDWS
nCGG9OBo3FYugiUoCi14KMKDekpoN0tcawcMzv7/JFE7T4yeqqF1Oh2KdLWdZPOs
jtfVlUXYIZTTQYLGV74aqRgBZPeZIyHIAEn7Fw8ByqmrVlhcSgd63tpwO8OjRwdd
L1kX/RQajKunro4yoTrjR1q4fWAztDfl9uJ/ezMCAwEAAaOCAlQwggJQMB0GA1Ud
DgQWBBSi4ALnvt8+0i06ToxjJHEQ05w3kzAfBgNVHSMEGDAWgBQpfFCNI7ODFbv0
W3JtIgUKRhJ7jDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tYeFFqU096Z3hXNzlGdHliU0lGQ2tZU2U0dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvOGFiZWVkLWY1M2ItNDc3Ni1hOGUyLTM2ZTlhNzliZDk1MC8x
L291QUM1NzdmUHRJdE9rNk1ZeVJ4RU5PY041TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
OGFiZWVkLWY1M2ItNDc3Ni1hOGUyLTM2ZTlhNzliZDk1MC8xL0tYeFFqU096Z3hX
NzlGdHliU0lGQ2tZU2U0dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBq
BggrBgEFBQcBBwEB/wRbMFkwSAQCAAEwQgMEAgWFRAMEA04fKAMEBlLSAAMEBVN2
wAMEA1OOkAMEA1taYAMEBF7ksAMEBZ+04AMEBLIQoAMEArkFbAMEBdRqYDANBAIA
AjAHAwUDIAEKuDANBgkqhkiG9w0BAQsFAAOCAQEAjJKDHFgfK4kCCOT+zJedKQ8F
M1B3n1MzLm91JzLJjgJ/fN5ykyf9Tuny6hA8BdUqxi2Lf80K0UFCLP4K06uYmrst
dtbuNUArgkqy2C57hKfYGzIDmch1AOTJ/JCKahXAVwabvCrVNH4ip7sHJuebXALC
T+gXEgdjLQ1AaECZXjZy9dMb7083y/17QHs+Ns/2cvwM/fxpZqXeP72ZNdxc0hnS
Zb2EU2ii6zg/NPJlCnZYL1p8ixdvlh4cUp0gypIbf2LSzVxZgUAEcyUWC3OFRXCx
2dd3BQHeKzd6GLcZPpnE7VeYesInP2rD3IrraU8xR/YgcPuANkTqBuRbIvByGw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:51 2023 by rpki-client on console-fra.rpki-client.org