Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/3Z2_KvIJYNcwvrWbGjTIdToSLrI.roa
File: 3Z2_KvIJYNcwvrWbGjTIdToSLrI.roa (raw, json)
Hash identifier: 1cWno9Y+bPBwf+u2gXStidhUJkUOL6YeB8fYUMLRZf4=
Subject key identifier: DD:9D:BF:2A:F2:09:60:D7:30:BE:B5:9B:1A:34:C8:75:3A:12:2E:B2
Certificate issuer: /CN=93b2981978885696ce1c2bbf4af99dadc2c618eb
Certificate serial: 0BF60F88
Authority key identifier: 93:B2:98:19:78:88:56:96:CE:1C:2B:BF:4A:F9:9D:AD:C2:C6:18:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/3Z2_KvIJYNcwvrWbGjTIdToSLrI.roa
Signing time: Sat 01 Jan 2022 08:54:51 +0000
ROA not before: Sat 01 Jan 2022 08:54:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199256
IP address blocks: 93.119.24.0/22 maxlen: 24
159.253.224.0/22 maxlen: 24
185.122.132.0/22 maxlen: 24
81.173.12.0/22 maxlen: 24
144.2.240.0/21 maxlen: 24
91.216.236.0/24 maxlen: 24
91.216.241.0/24 maxlen: 24
185.156.196.0/22 maxlen: 24
185.32.152.0/22 maxlen: 24
5.149.168.0/21 maxlen: 24
2a04:b00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 200675208 (0xbf60f88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93b2981978885696ce1c2bbf4af99dadc2c618eb
Validity
Not Before: Jan 1 08:54:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd9dbf2af20960d730beb59b1a34c8753a122eb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6f:3f:34:09:0a:96:b0:4f:f5:97:7f:a8:93:
8b:77:91:c8:96:25:f0:ab:08:5a:c4:40:0f:db:0e:
01:b1:e2:99:9d:22:a8:ae:f5:e9:49:b5:ca:3d:e9:
27:a4:76:f2:7d:48:69:1d:12:ff:fb:c1:f7:41:93:
c6:86:34:00:6f:f6:46:2d:ec:c3:68:f9:75:35:13:
2f:7f:08:ed:11:12:58:16:9b:61:40:11:10:e9:bc:
db:da:21:72:6a:30:e3:1d:66:a1:71:52:07:09:41:
4b:d2:32:37:81:59:e2:e3:be:e0:15:c6:d2:57:dc:
6e:ec:dc:04:91:f3:9f:e0:9c:11:d3:d0:55:36:06:
f6:06:0e:ab:82:ea:e1:7d:cf:57:29:1d:bb:33:bc:
cf:a5:c1:be:5b:74:d5:aa:e0:b8:6f:56:29:18:0e:
5e:21:ac:35:fa:82:12:36:05:30:79:2a:d7:da:be:
e6:1d:43:8d:bb:da:56:40:b3:96:6d:fd:2d:31:65:
f9:53:99:09:ce:69:c2:3b:66:0f:73:b7:fd:b8:20:
a2:f0:36:a3:56:3b:37:99:92:05:73:40:31:a7:f0:
a8:62:ce:88:d9:06:21:96:34:c7:9f:d2:eb:94:af:
89:74:6b:00:ed:84:cc:83:df:fe:80:80:37:98:15:
53:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:9D:BF:2A:F2:09:60:D7:30:BE:B5:9B:1A:34:C8:75:3A:12:2E:B2
X509v3 Authority Key Identifier:
keyid:93:B2:98:19:78:88:56:96:CE:1C:2B:BF:4A:F9:9D:AD:C2:C6:18:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/3Z2_KvIJYNcwvrWbGjTIdToSLrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/k7KYGXiIVpbOHCu_SvmdrcLGGOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.168.0/21
81.173.12.0/22
91.216.236.0/24
91.216.241.0/24
93.119.24.0/22
144.2.240.0/21
159.253.224.0/22
185.32.152.0/22
185.122.132.0/22
185.156.196.0/22
IPv6:
2a04:b00::/29
Signature Algorithm: sha256WithRSAEncryption
0b:68:3a:24:0e:d8:56:ef:9d:41:c0:54:89:33:f6:5f:30:19:
30:72:d4:2b:27:7d:c0:e6:7e:61:77:9c:7a:49:92:67:d6:a3:
a4:b7:e6:2f:56:6e:61:0a:52:00:41:60:83:bb:ea:95:74:34:
69:a0:a7:3a:3b:02:a7:6a:8f:84:bd:76:9e:35:84:41:a1:ff:
3f:f8:38:f0:2e:44:cc:9d:cc:11:82:52:6a:37:31:13:84:9a:
d6:e5:6f:bb:0c:53:e9:f7:80:46:94:31:27:3f:a0:9b:f6:4a:
20:f1:7a:cb:26:2e:7d:bd:29:20:e5:d9:04:e5:e8:f4:26:2a:
9e:dd:62:8a:f2:ca:c6:76:f2:66:21:40:3d:87:eb:75:b9:25:
4e:39:2c:d5:cd:ef:69:42:00:e4:a6:67:4f:92:18:dc:7c:a6:
22:ca:58:8c:67:5d:9d:ff:74:6a:0a:75:08:93:14:e8:fe:33:
4b:95:60:2c:b7:1b:90:b3:2e:b8:84:67:ec:2e:0c:72:ad:c0:
9b:93:45:4e:30:4f:9c:6a:95:67:7b:73:9b:e0:b6:2b:c4:21:
0d:85:0a:b4:c3:76:f1:2d:81:97:f0:2f:e2:a4:e0:0e:ba:ea:
22:0d:9f:8e:c2:9d:18:8a:49:b7:f7:ce:f2:40:bf:65:f0:13:
85:36:1d:35
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIEC/YPiDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
M2IyOTgxOTc4ODg1Njk2Y2UxYzJiYmY0YWY5OWRhZGMyYzYxOGViMB4XDTIyMDEw
MTA4NTQ1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQ5ZGJmMmFmMjA5
NjBkNzMwYmViNTliMWEzNGM4NzUzYTEyMmViMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJVvPzQJCpawT/WXf6iTi3eRyJYl8KsIWsRAD9sOAbHimZ0i
qK716Um1yj3pJ6R28n1IaR0S//vB90GTxoY0AG/2Ri3sw2j5dTUTL38I7RESWBab
YUAREOm829ohcmow4x1moXFSBwlBS9IyN4FZ4uO+4BXG0lfcbuzcBJHzn+CcEdPQ
VTYG9gYOq4Lq4X3PVykduzO8z6XBvlt01arguG9WKRgOXiGsNfqCEjYFMHkq19q+
5h1DjbvaVkCzlm39LTFl+VOZCc5pwjtmD3O3/bggovA2o1Y7N5mSBXNAMafwqGLO
iNkGIZY0x5/S65SviXRrAO2EzIPf/oCAN5gVUx8CAwEAAaOCAk4wggJKMB0GA1Ud
DgQWBBTdnb8q8glg1zC+tZsaNMh1OhIusjAfBgNVHSMEGDAWgBSTspgZeIhWls4c
K79K+Z2twsYY6zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2s3S1lHWGlJVnBiT0hDdV9Tdm1kcmNMR0dPcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvNzk4NmE5LTRlNDYtNGMzMy05MmM5LTMxYzk1ZTJhMWQ2Zi8x
LzNaMl9LdklKWU5jd3ZyV2JHalRJZFRvU0xySS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
Nzk4NmE5LTRlNDYtNGMzMy05MmM5LTMxYzk1ZTJhMWQ2Zi8xL2s3S1lHWGlJVnBi
T0hDdV9Tdm1kcmNMR0dPcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBk
BggrBgEFBQcBBwEB/wRVMFMwQgQCAAEwPAMEAwWVqAMEAlGtDAMEAFvY7AMEAFvY
8QMEAl13GAMEA5AC8AMEAp/94AMEArkgmAMEArl6hAMEArmcxDANBAIAAjAHAwUD
KgQLADANBgkqhkiG9w0BAQsFAAOCAQEAC2g6JA7YVu+dQcBUiTP2XzAZMHLUKyd9
wOZ+YXecekmSZ9ajpLfmL1ZuYQpSAEFgg7vqlXQ0aaCnOjsCp2qPhL12njWEQaH/
P/g48C5EzJ3MEYJSajcxE4Sa1uVvuwxT6feARpQxJz+gm/ZKIPF6yyYufb0pIOXZ
BOXo9CYqnt1iivLKxnbyZiFAPYfrdbklTjks1c3vaUIA5KZnT5IY3HymIspYjGdd
nf90agp1CJMU6P4zS5VgLLcbkLMuuIRn7C4Mcq3Am5NFTjBPnGqVZ3tzm+C2K8Qh
DYUKtMN28S2Bl/Av4qTgDrrqIg2fjsKdGIpJt/fO8kC/ZfAThTYdNQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:14 2023 by rpki-client on console-ams.rpki-client.org