Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7i7NdFXUsg2PU64DHB1UViPGvGE.roa
File: 7i7NdFXUsg2PU64DHB1UViPGvGE.roa (raw, json)
Hash identifier: FKvWJ0nGSj4RYMNbjFJLQOymIz3Q7zgUS/xG1Q2kYUA=
Subject key identifier: EE:2E:CD:74:55:D4:B2:0D:8F:53:AE:03:1C:1D:54:56:23:C6:BC:61
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0184804483A38344449474575A334216CEF3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7i7NdFXUsg2PU64DHB1UViPGvGE.roa
Signing time: Wed 16 Nov 2022 11:48:04 +0000
ROA not before: Wed 16 Nov 2022 11:48:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50225
IP address blocks: 84.21.173.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
84.54.50.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
194.180.51.0/24 maxlen: 24
194.169.173.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:80:44:83:a3:83:44:44:94:74:57:5a:33:42:16:ce:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 16 11:48:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ee2ecd7455d4b20d8f53ae031c1d545623c6bc61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1a:db:1e:1e:4a:93:ad:bf:41:65:ab:58:89:
b5:8d:d7:f7:ad:a4:80:c1:c4:2c:b5:f9:aa:1a:f9:
8e:70:ac:41:97:c9:d8:d1:df:37:0d:17:1c:98:55:
45:5b:3a:c7:d5:7d:28:bb:03:4f:1a:33:8f:2b:42:
f0:6b:1d:1a:ea:ff:29:63:20:49:78:72:db:30:cb:
7e:82:3e:a7:78:df:39:67:85:51:52:fc:89:21:69:
2a:cf:62:be:3a:59:8e:87:6d:f1:cf:61:35:c9:0f:
7c:28:7e:14:e1:1d:05:da:bd:23:b6:1d:64:fb:b9:
94:2a:0f:2f:19:43:5b:02:23:16:72:28:07:76:be:
7c:51:4f:04:74:68:b0:f5:97:0c:75:8c:fc:ed:18:
be:38:d0:81:fe:0b:ea:4a:5e:1c:a5:20:ed:95:52:
b4:f9:f8:1a:b7:24:bd:e8:97:a6:3c:01:2f:41:14:
11:e4:97:30:11:91:0e:37:c2:62:76:ae:1b:a5:fe:
e3:92:8e:fa:79:92:2f:9e:bf:32:23:a5:34:9e:f8:
7f:52:b7:a4:a8:91:08:82:65:b2:f6:c8:bc:f8:84:
ab:55:01:5d:f9:70:1a:e3:2a:03:89:99:c6:7e:27:
19:ef:ed:eb:88:48:45:fd:2f:4c:5c:fd:10:7a:ea:
63:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:2E:CD:74:55:D4:B2:0D:8F:53:AE:03:1C:1D:54:56:23:C6:BC:61
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7i7NdFXUsg2PU64DHB1UViPGvGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.219.96.0/24
84.21.173.0/24
84.54.50.0/24
87.121.220.0/24
94.154.162.0/24
193.42.34.0/24
194.55.224.0/23
194.55.227.0/24
194.169.173.0/24
194.180.51.0/24
Signature Algorithm: sha256WithRSAEncryption
71:94:8b:4d:68:37:f8:74:ad:b9:cc:ba:43:93:d3:d6:df:d7:
18:ea:0a:ff:39:75:a5:b0:90:f5:97:38:c7:8c:97:f1:58:ca:
a0:1e:8c:4b:ae:96:6c:77:6b:10:32:44:bf:8b:24:87:33:63:
6b:7e:49:85:4e:6f:05:b7:dd:0c:ed:f0:2a:90:ea:d9:5a:52:
2b:92:f2:b2:c3:aa:25:fd:42:12:bd:a5:28:c3:b0:73:e5:29:
61:07:fb:b8:c4:e5:e4:78:14:e0:56:b1:16:1c:c4:39:0b:51:
ff:39:a1:28:0c:8d:9b:73:6b:38:03:bb:90:11:42:47:44:36:
17:34:95:2f:c9:6f:49:db:e0:50:67:d2:ab:9a:99:fd:96:fb:
5f:c2:2d:39:9b:26:3d:b5:89:ae:97:e8:9a:f0:6b:9f:47:92:
3f:af:00:b1:6a:34:ed:c9:49:4c:08:f2:72:79:23:89:22:8e:
37:27:77:57:06:7c:73:2f:ac:c7:ab:27:d6:b7:a4:ea:96:39:
f5:e2:1b:88:15:9c:c1:3d:7c:33:00:1f:17:3e:bb:d2:f7:30:
68:6f:6f:c5:36:4e:ea:51:8e:5d:52:f1:43:cf:ee:f9:90:9f:
f2:d9:68:de:3e:cb:63:7d:4c:97:01:4c:76:49:57:ec:6f:d9:
e2:a5:e7:ab
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYSARIOjg0RElHRXWjNCFs7zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMTE2MTE0ODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTJlY2Q3NDU1ZDRiMjBkOGY1M2FlMDMxYzFkNTQ1NjIzYzZiYzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhrbHh5Kk62/QWWrWIm1jdf3raSA
wcQstfmqGvmOcKxBl8nY0d83DRccmFVFWzrH1X0ouwNPGjOPK0Lwax0a6v8pYyBJ
eHLbMMt+gj6neN85Z4VRUvyJIWkqz2K+OlmOh23xz2E1yQ98KH4U4R0F2r0jth1k
+7mUKg8vGUNbAiMWcigHdr58UU8EdGiw9ZcMdYz87Ri+ONCB/gvqSl4cpSDtlVK0
+fgatyS96JemPAEvQRQR5JcwEZEON8Jidq4bpf7jko76eZIvnr8yI6U0nvh/Urek
qJEIgmWy9si8+ISrVQFd+XAa4yoDiZnGficZ7+3riEhF/S9MXP0QeupjcQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFO4uzXRV1LINj1OuAxwdVFYjxrxhMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvN2k3TmRGWFVzZzJQVTY0REhCMVVWaVBHdkdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAU9tgAwQA
VBWtAwQAVDYyAwQAV3ncAwQAXpqiAwQAwSoiAwQBwjfgAwQAwjfjAwQAwqmtAwQA
wrQzMA0GCSqGSIb3DQEBCwUAA4IBAQBxlItNaDf4dK25zLpDk9PW39cY6gr/OXWl
sJD1lzjHjJfxWMqgHoxLrpZsd2sQMkS/iySHM2NrfkmFTm8Ft90M7fAqkOrZWlIr
kvKyw6ol/UISvaUow7Bz5SlhB/u4xOXkeBTgVrEWHMQ5C1H/OaEoDI2bc2s4A7uQ
EUJHRDYXNJUvyW9J2+BQZ9Krmpn9lvtfwi05myY9tYmul+ia8GufR5I/rwCxajTt
yUlMCPJyeSOJIo43J3dXBnxzL6zHqyfWt6Tqljn14huIFZzBPXwzAB8XPrvS9zBo
b2/FNk7qUY5dUvFDz+75kJ/y2WjePstjfUyXAUx2SVfsb9nipeer
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:32 2023 by rpki-client on console-ams.rpki-client.org