Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/2bK5Lk5herwuRmSU5t9fVrkywD4.roa
File: 2bK5Lk5herwuRmSU5t9fVrkywD4.roa (raw, json)
Hash identifier: H7+kzBD+MBODlrKCQmbo5Ha6bbTsN6+vmtVI/X3M380=
Subject key identifier: D9:B2:B9:2E:4E:61:7A:BC:2E:46:64:94:E6:DF:5F:56:B9:32:C0:3E
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 01829B24E2089590371AF2D3DC127C23F95B
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/2bK5Lk5herwuRmSU5t9fVrkywD4.roa
Signing time: Sun 14 Aug 2022 06:57:41 +0000
ROA not before: Sun 14 Aug 2022 06:57:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61400
IP address blocks: 77.220.216.0/21 maxlen: 21
62.76.24.0/22 maxlen: 24
91.107.85.0/24 maxlen: 24
91.107.84.0/24 maxlen: 24
91.107.86.0/23 maxlen: 24
91.107.86.0/24 maxlen: 24
185.126.92.0/22 maxlen: 24
185.62.103.0/24 maxlen: 24
46.21.252.0/22 maxlen: 24
62.76.112.0/22 maxlen: 24
185.111.216.0/23 maxlen: 24
185.111.219.0/24 maxlen: 24
185.111.218.0/24 maxlen: 24
212.8.232.0/22 maxlen: 24
89.248.236.0/24 maxlen: 24
185.40.28.0/22 maxlen: 24
31.200.248.0/21 maxlen: 21
62.76.88.0/22 maxlen: 24
91.227.34.0/23 maxlen: 24
62.76.100.0/22 maxlen: 24
2a03:220::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:9b:24:e2:08:95:90:37:1a:f2:d3:dc:12:7c:23:f9:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Aug 14 06:57:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9b2b92e4e617abc2e466494e6df5f56b932c03e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:68:c0:9a:bb:1a:41:9d:86:88:c9:71:92:1c:
fb:77:18:31:c1:cb:3f:a9:eb:f7:48:3c:5e:9b:b8:
8d:7b:46:19:58:94:e4:7c:82:3f:21:24:54:67:cd:
6b:19:c7:63:89:ec:24:7e:d3:ba:06:f2:b8:66:7e:
e3:39:90:dd:06:ea:3d:52:9b:bf:db:b6:27:c2:94:
fd:5e:d1:cf:01:37:58:fe:b1:bc:b2:6a:77:91:d0:
69:aa:c3:d1:7d:c9:b9:81:aa:57:ac:c5:eb:81:f4:
06:77:5e:ad:81:d7:01:ca:4a:a5:61:2e:33:c4:ef:
0a:7d:51:30:77:ec:5f:10:50:7c:6b:e6:ea:06:8a:
81:d9:3b:ce:3d:6e:4b:2d:90:66:67:40:08:a1:13:
9e:44:05:06:89:f3:3f:d1:9c:57:e2:0d:61:34:3d:
5f:88:3b:46:70:bd:af:71:77:a1:4e:d9:ce:c5:11:
92:25:3b:5a:7a:44:95:a2:c0:81:d7:cd:61:39:42:
97:d8:99:91:c5:e4:00:09:bc:8a:ea:cd:2b:32:ae:
e9:bc:ec:59:76:7f:c6:51:de:8d:90:7e:58:ea:c1:
18:cc:11:ec:87:ac:80:54:71:51:cb:ca:b5:15:3f:
d6:a4:ef:4d:e5:82:36:62:c8:db:69:bb:7e:07:ed:
e9:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B2:B9:2E:4E:61:7A:BC:2E:46:64:94:E6:DF:5F:56:B9:32:C0:3E
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/2bK5Lk5herwuRmSU5t9fVrkywD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.200.248.0/21
46.21.252.0/22
62.76.24.0/22
62.76.88.0/22
62.76.100.0/22
62.76.112.0/22
77.220.216.0/21
89.248.236.0/24
91.107.84.0/22
91.227.34.0/23
185.40.28.0/22
185.62.103.0/24
185.111.216.0/22
185.126.92.0/22
212.8.232.0/22
IPv6:
2a03:220::/32
Signature Algorithm: sha256WithRSAEncryption
0b:71:1f:40:c9:3e:46:71:a5:67:b4:64:b9:61:28:7c:14:51:
7c:11:75:dc:5a:4d:29:cf:eb:d4:e4:ef:48:18:f6:41:69:ae:
83:32:7c:c1:a2:ea:9a:f1:90:ee:2f:ba:1f:bd:10:1d:81:74:
ee:e8:fc:ca:e7:b7:9f:29:b7:8c:f8:a0:07:41:18:d9:a4:6f:
94:2e:11:0d:4c:ef:b0:0b:8e:b9:9b:b6:07:1a:29:4e:d2:a2:
da:88:7d:94:87:fb:d8:a6:14:79:81:cc:00:f9:e7:a0:c7:f9:
e7:c2:d5:30:8d:4b:7b:02:7f:22:b7:40:de:49:ac:24:90:a4:
fa:ce:f0:d7:9a:4f:46:c5:69:fa:a5:90:da:74:6b:70:fb:a3:
83:73:2b:89:3f:4a:cb:97:4a:83:59:19:30:8b:d6:46:b8:ca:
b6:38:22:18:82:e6:ce:2a:12:d5:4e:60:8e:75:49:d7:9f:f4:
f1:47:9a:0c:b9:07:e4:dd:03:f9:31:d4:c8:ca:a2:f1:99:5e:
d9:65:5e:0c:73:5f:de:30:6e:21:1d:0c:d8:e0:65:60:5e:97:
9b:61:4c:e7:4d:24:3c:c7:33:72:71:e6:fd:90:52:c7:5a:8c:
95:48:c7:0b:ad:5a:1e:5a:f6:e5:67:a1:69:44:34:98:d6:5f:
b1:5f:a5:33
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYKbJOIIlZA3GvLT3BJ8I/lbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjIwODE0MDY1NzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWIyYjkyZTRlNjE3YWJjMmU0NjY0OTRlNmRmNWY1NmI5MzJjMDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2jAmrsaQZ2GiMlxkhz7dxgxwcs/
qev3SDxem7iNe0YZWJTkfII/ISRUZ81rGcdjiewkftO6BvK4Zn7jOZDdBuo9Upu/
27YnwpT9XtHPATdY/rG8smp3kdBpqsPRfcm5gapXrMXrgfQGd16tgdcBykqlYS4z
xO8KfVEwd+xfEFB8a+bqBoqB2TvOPW5LLZBmZ0AIoROeRAUGifM/0ZxX4g1hND1f
iDtGcL2vcXehTtnOxRGSJTtaekSVosCB181hOUKX2JmRxeQACbyK6s0rMq7pvOxZ
dn/GUd6NkH5Y6sEYzBHsh6yAVHFRy8q1FT/WpO9N5YI2Ysjbabt+B+3pqQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFNmyuS5OYXq8LkZklObfX1a5MsA+MB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEvMmJLNUxrNWhlcnd1Um1TVTV0OWZWcmt5d0Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2UtMWJhNTQzZWVhZWQ3
LzEvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAx/I+AME
Ai4V/AMEAj5MGAMEAj5MWAMEAj5MZAMEAj5McAMEA03c2AMEAFn47AMEAltrVAME
AVvjIgMEArkoHAMEALk+ZwMEArlv2AMEArl+XAMEAtQI6DANBAIAAjAHAwUAKgMC
IDANBgkqhkiG9w0BAQsFAAOCAQEAC3EfQMk+RnGlZ7RkuWEofBRRfBF13FpNKc/r
1OTvSBj2QWmugzJ8waLqmvGQ7i+6H70QHYF07uj8yue3nym3jPigB0EY2aRvlC4R
DUzvsAuOuZu2BxopTtKi2oh9lIf72KYUeYHMAPnnoMf558LVMI1LewJ/IrdA3kms
JJCk+s7w15pPRsVp+qWQ2nRrcPujg3MriT9Ky5dKg1kZMIvWRrjKtjgiGILmzioS
1U5gjnVJ15/08UeaDLkH5N0D+THUyMqi8Zle2WVeDHNf3jBuIR0M2OBlYF6Xm2FM
500kPMczcnHm/ZBSx1qMlUjHC61aHlr25WehaUQ0mNZfsV+lMw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:48 2024 by rpki-client on console-ams.rpki-client.org