Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/z2562zP9tq7FWtVNUNgQ-n4hAoY.roa
File: z2562zP9tq7FWtVNUNgQ-n4hAoY.roa (raw, json)
Hash identifier: NRjbcYvQCrQyy+5jHIHf80gLtr78Ky9oKO/DNvDXXho=
Subject key identifier: CF:6E:7A:DB:33:FD:B6:AE:C5:5A:D5:4D:50:D8:10:FA:7E:21:02:86
Certificate issuer: /CN=b9b350a0ae32e73e660c416c3f1406edd3615f82
Certificate serial: 37D9D2E5
Authority key identifier: B9:B3:50:A0:AE:32:E7:3E:66:0C:41:6C:3F:14:06:ED:D3:61:5F:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/z2562zP9tq7FWtVNUNgQ-n4hAoY.roa
Signing time: Sat 01 Jan 2022 15:57:13 +0000
ROA not before: Sat 01 Jan 2022 15:57:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51275
IP address blocks: 193.23.139.0/24 maxlen: 24
109.232.201.0/24 maxlen: 24
109.232.200.0/21 maxlen: 21
193.23.138.0/24 maxlen: 24
109.232.202.0/24 maxlen: 24
109.232.200.0/24 maxlen: 24
89.107.249.0/24 maxlen: 24
2a00:1608::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 937022181 (0x37d9d2e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b350a0ae32e73e660c416c3f1406edd3615f82
Validity
Not Before: Jan 1 15:57:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf6e7adb33fdb6aec55ad54d50d810fa7e210286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:78:3e:7f:21:d4:88:53:56:f6:ae:9a:3c:8d:
86:28:5e:96:ea:5a:40:04:8e:36:5a:ff:27:1c:3d:
87:b2:79:98:5e:da:55:c6:5e:15:50:ad:75:35:42:
67:17:a6:e6:4b:47:ff:e5:bf:c4:18:4b:40:56:d7:
75:56:65:27:45:8a:ba:dd:ae:ac:ec:96:6a:1b:44:
79:19:bd:9e:d5:29:19:cc:14:71:67:99:94:37:b1:
3d:ef:ce:73:cb:bd:cb:be:27:30:31:d4:21:d6:f6:
ee:48:56:cf:67:47:6a:95:00:e4:a4:f5:f8:ad:00:
20:aa:0e:e3:97:32:31:17:f7:ff:ff:c6:da:72:4b:
a3:18:79:62:65:0c:35:f7:e1:85:91:49:b1:88:ca:
3b:3a:f3:90:7e:bf:03:74:82:d7:09:7a:d0:55:fb:
ec:2f:6b:62:77:78:3f:1f:4e:17:ee:de:9c:ce:99:
d5:13:bc:b2:96:7e:b1:cf:7a:ce:93:9c:9e:c5:ad:
0c:3a:e5:61:21:04:94:84:33:69:03:6f:ce:d1:8e:
a5:e8:92:a6:32:5c:a7:14:35:a4:b6:e2:72:1b:ea:
41:c2:f5:66:7c:85:2a:f3:52:e1:f7:2b:7f:7e:ef:
fc:70:8c:ad:31:31:86:82:2c:5c:cd:15:c6:ea:6d:
fa:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:6E:7A:DB:33:FD:B6:AE:C5:5A:D5:4D:50:D8:10:FA:7E:21:02:86
X509v3 Authority Key Identifier:
keyid:B9:B3:50:A0:AE:32:E7:3E:66:0C:41:6C:3F:14:06:ED:D3:61:5F:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/z2562zP9tq7FWtVNUNgQ-n4hAoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/ubNQoK4y5z5mDEFsPxQG7dNhX4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.249.0/24
109.232.200.0/21
193.23.138.0/23
IPv6:
2a00:1608::/32
Signature Algorithm: sha256WithRSAEncryption
5f:96:b5:0a:6d:9c:21:14:d1:7d:c8:2a:d1:1b:0c:ec:3b:b4:
52:c3:61:84:80:73:9f:52:17:0a:bd:f3:3b:75:90:97:01:f6:
1d:84:e5:ca:3b:66:5c:fe:41:f7:3a:68:c4:71:dc:62:43:14:
d4:96:10:84:f3:ac:a7:c9:3b:0c:39:a8:01:77:fd:4e:c5:04:
76:40:0e:61:fe:ba:5a:1e:86:95:ab:8f:29:38:fa:99:f2:17:
45:bd:7b:c2:55:22:16:4a:0c:60:e9:66:2c:53:68:1f:93:46:
e1:c9:5f:20:d5:d6:0f:ec:c9:37:b0:dc:eb:7c:2d:13:f7:b8:
ff:31:9f:6e:01:66:86:67:2c:0a:1f:f2:7f:df:30:7a:92:7e:
0f:57:92:30:d9:4e:47:db:45:3d:d5:d8:e8:64:4c:c7:be:47:
9d:29:97:e0:73:5f:1d:28:16:55:7e:36:26:84:87:99:e1:1b:
d1:65:36:b2:c7:8d:9c:36:03:40:fe:20:90:64:dd:81:73:10:
48:89:2e:27:db:b1:ea:d9:d3:f4:fd:b2:85:5a:78:00:31:cf:
15:42:88:db:e8:cb:fa:b2:ea:1d:54:37:12:74:06:07:1e:eb:
db:54:14:a2:1d:4d:ab:f5:4d:dc:25:a7:82:6a:a8:51:cd:fd:
25:19:76:ac
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEN9nS5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OWIzNTBhMGFlMzJlNzNlNjYwYzQxNmMzZjE0MDZlZGQzNjE1ZjgyMB4XDTIyMDEw
MTE1NTcxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Y2ZTdhZGIzM2Zk
YjZhZWM1NWFkNTRkNTBkODEwZmE3ZTIxMDI4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANd4Pn8h1IhTVvaumjyNhihelupaQASONlr/Jxw9h7J5mF7a
VcZeFVCtdTVCZxem5ktH/+W/xBhLQFbXdVZlJ0WKut2urOyWahtEeRm9ntUpGcwU
cWeZlDexPe/Oc8u9y74nMDHUIdb27khWz2dHapUA5KT1+K0AIKoO45cyMRf3///G
2nJLoxh5YmUMNffhhZFJsYjKOzrzkH6/A3SC1wl60FX77C9rYnd4Px9OF+7enM6Z
1RO8spZ+sc96zpOcnsWtDDrlYSEElIQzaQNvztGOpeiSpjJcpxQ1pLbichvqQcL1
ZnyFKvNS4fcrf37v/HCMrTExhoIsXM0Vxupt+l8CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTPbnrbM/22rsVa1U1Q2BD6fiEChjAfBgNVHSMEGDAWgBS5s1CgrjLnPmYM
QWw/FAbt02FfgjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ViTlFvSzR5NXo1bURFRnNQeFFHN2ROaFg0SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvNjI3ZTYwLTAwYTYtNGQyNi1iOTNhLWVmNzNiN2I0Y2EzYy8x
L3oyNTYyelA5dHE3Rld0Vk5VTmdRLW40aEFvWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEv
NjI3ZTYwLTAwYTYtNGQyNi1iOTNhLWVmNzNiN2I0Y2EzYy8xL3ViTlFvSzR5NXo1
bURFRnNQeFFHN2ROaFg0SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAFlr+QMEA23oyAMEAcEXijANBAIA
AjAHAwUAKgAWCDANBgkqhkiG9w0BAQsFAAOCAQEAX5a1Cm2cIRTRfcgq0RsM7Du0
UsNhhIBzn1IXCr3zO3WQlwH2HYTlyjtmXP5B9zpoxHHcYkMU1JYQhPOsp8k7DDmo
AXf9TsUEdkAOYf66Wh6GlauPKTj6mfIXRb17wlUiFkoMYOlmLFNoH5NG4clfINXW
D+zJN7Dc63wtE/e4/zGfbgFmhmcsCh/yf98wepJ+D1eSMNlOR9tFPdXY6GRMx75H
nSmX4HNfHSgWVX42JoSHmeEb0WU2sseNnDYDQP4gkGTdgXMQSIkuJ9ux6tnT9P2y
hVp4ADHPFUKI2+jL+rLqHVQ3EnQGBx7r21QUoh1Nq/VN3CWngmqoUc39JRl2rA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:57 2024 by rpki-client on console-ams.rpki-client.org