Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/2lo9MtzTryFY0b5szrxIbYKlL5w.roa
File: 2lo9MtzTryFY0b5szrxIbYKlL5w.roa (raw, json)
Hash identifier: RxZzZKBBelcdckBt9JoJAbHvRudJjSJ0m+LnxKXCeq8=
Subject key identifier: DA:5A:3D:32:DC:D3:AF:21:58:D1:BE:6C:CE:BC:48:6D:82:A5:2F:9C
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 396F477C
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/2lo9MtzTryFY0b5szrxIbYKlL5w.roa
Signing time: Wed 30 Mar 2022 10:05:23 +0000
ROA not before: Wed 30 Mar 2022 10:05:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2588
IP address blocks: 83.223.128.0/19 maxlen: 19
83.223.145.0/24 maxlen: 24
91.190.32.0/19 maxlen: 19
159.148.0.0/16 maxlen: 16
91.190.36.0/24 maxlen: 24
159.148.10.0/24 maxlen: 24
85.254.49.0/24 maxlen: 24
85.254.58.0/24 maxlen: 24
91.190.56.0/23 maxlen: 23
91.190.52.0/24 maxlen: 24
91.190.60.0/24 maxlen: 24
85.254.69.0/24 maxlen: 24
159.148.49.0/24 maxlen: 24
159.148.50.0/24 maxlen: 24
46.19.200.0/21 maxlen: 21
83.223.155.0/24 maxlen: 24
185.176.116.0/22 maxlen: 22
85.254.0.0/17 maxlen: 17
159.148.116.0/24 maxlen: 24
159.148.117.0/24 maxlen: 24
80.81.32.0/19 maxlen: 19
80.81.35.0/24 maxlen: 24
159.148.131.0/24 maxlen: 24
217.69.112.0/20 maxlen: 20
109.205.120.0/21 maxlen: 21
159.148.63.0/24 maxlen: 24
109.205.127.0/24 maxlen: 24
159.148.78.0/24 maxlen: 24
159.148.80.0/24 maxlen: 24
85.254.128.0/18 maxlen: 18
159.148.233.0/24 maxlen: 24
159.148.229.0/24 maxlen: 24
94.101.224.0/20 maxlen: 20
185.27.92.0/22 maxlen: 22
159.148.188.0/24 maxlen: 24
2a02:610::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 963594108 (0x396f477c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Mar 30 10:05:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da5a3d32dcd3af2158d1be6ccebc486d82a52f9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:5e:60:8d:51:e8:62:a5:65:66:79:57:94:af:
3d:d4:fa:a6:35:7a:f0:b6:6f:13:38:4e:7c:f0:70:
ab:13:19:f2:fd:bb:2c:5e:20:d7:70:71:ef:98:97:
d9:ee:f3:72:4c:cb:0c:b2:8f:1e:ed:50:f2:b0:6f:
56:97:10:b8:21:83:29:ff:3d:04:d4:c3:99:dd:f3:
5e:a6:82:fb:8b:93:53:70:94:81:fa:85:c1:af:12:
3d:d5:96:bb:16:22:1b:e9:a9:59:40:87:71:f9:47:
6b:84:83:4e:39:6d:20:05:77:8a:ea:e6:d4:3a:aa:
85:bc:12:34:1b:52:cb:ac:64:de:64:81:84:c8:ba:
dc:dc:57:38:93:6a:dc:52:91:31:ad:6c:97:37:5e:
84:4b:99:ca:13:a4:78:93:0d:d4:ef:df:37:b4:85:
37:db:ec:d1:a1:66:81:14:03:bc:ff:f7:8e:6e:75:
1e:c2:88:6b:c6:92:4c:db:ee:41:71:28:a8:98:e1:
4f:75:de:14:9d:45:c6:bb:8d:91:5a:ba:ba:d2:08:
12:ad:3b:4a:dd:a3:7a:9f:5e:f1:3b:ba:ec:d3:84:
c3:7a:27:5c:fa:bb:9c:38:1e:62:81:88:8f:a3:12:
f7:72:8c:3f:0b:ae:c4:42:9a:26:8a:ba:e9:5c:24:
ec:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:5A:3D:32:DC:D3:AF:21:58:D1:BE:6C:CE:BC:48:6D:82:A5:2F:9C
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/2lo9MtzTryFY0b5szrxIbYKlL5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.200.0/21
80.81.32.0/19
83.223.128.0/19
85.254.0.0-85.254.191.255
91.190.32.0/19
94.101.224.0/20
109.205.120.0/21
159.148.0.0/16
185.27.92.0/22
185.176.116.0/22
217.69.112.0/20
IPv6:
2a02:610::/32
Signature Algorithm: sha256WithRSAEncryption
30:60:20:fe:96:36:6a:1f:f2:33:6d:43:0f:7e:fb:6f:c6:96:
85:22:7e:99:24:40:52:13:cc:c7:7b:65:f7:ca:5d:35:82:b1:
7d:44:01:38:46:f3:4c:d1:36:76:37:2d:14:f2:44:18:36:a0:
ab:11:5b:97:20:dc:b7:5c:fb:59:e8:fe:32:bb:7b:55:49:7d:
03:2e:ff:68:78:86:34:7d:93:8f:f9:21:5d:ea:1e:fa:03:2c:
d1:29:1b:a1:d1:ab:d2:1a:af:ce:53:48:c2:fe:ea:40:8e:82:
ec:88:01:41:2a:9f:5e:af:5a:7a:12:bb:0d:41:31:68:6f:44:
26:cf:36:0c:69:2d:ba:ba:17:6b:e9:9b:86:9b:9d:67:9d:98:
66:38:9a:e7:96:42:f7:87:f9:82:22:c0:df:3b:26:1a:c9:f7:
e9:fb:57:e0:0c:37:38:69:06:23:21:4d:6c:0f:f2:cd:af:de:
ec:c1:2b:39:57:52:0f:d4:90:83:80:77:e7:93:0c:ca:4d:06:
53:d2:7b:3f:2a:96:71:39:dd:fc:2f:0f:ed:f1:f5:51:8f:1f:
aa:7a:ca:ee:00:39:6f:ea:05:73:78:ed:12:be:2e:1f:e5:ef:
5d:5d:d2:ad:0c:57:be:28:ff:28:60:e0:ca:f3:3d:dd:5d:28:
df:96:ae:1e
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIEOW9HfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjA5NTJjOGJhOGRhZGIxZDM0ZGU2YzZhOTM4NjRhNjA5ZmM0MWVjMB4XDTIyMDMz
MDEwMDUyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGE1YTNkMzJkY2Qz
YWYyMTU4ZDFiZTZjY2ViYzQ4NmQ4MmE1MmY5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZeYI1R6GKlZWZ5V5SvPdT6pjV68LZvEzhOfPBwqxMZ8v27
LF4g13Bx75iX2e7zckzLDLKPHu1Q8rBvVpcQuCGDKf89BNTDmd3zXqaC+4uTU3CU
gfqFwa8SPdWWuxYiG+mpWUCHcflHa4SDTjltIAV3iurm1DqqhbwSNBtSy6xk3mSB
hMi63NxXOJNq3FKRMa1slzdehEuZyhOkeJMN1O/fN7SFN9vs0aFmgRQDvP/3jm51
HsKIa8aSTNvuQXEoqJjhT3XeFJ1FxruNkVq6utIIEq07St2jep9e8Tu67NOEw3on
XPq7nDgeYoGIj6MS93KMPwuuxEKaJoq66Vwk7B8CAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBTaWj0y3NOvIVjRvmzOvEhtgqUvnDAfBgNVHSMEGDAWgBSrCVLIuo2tsdNN
5sapOGSmCfxB7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F3bFN5THFOcmJIVFRlYkdxVGhrcGduOFFldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8x
LzJsbzlNdHpUcnlGWTBiNXN6cnhJYllLbEw1dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8xL3F3bFN5THFOcmJI
VFRlYkdxVGhrcGduOFFldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSAMEAy4TyAMEBVBRIAMEBVPfgDALAwMB
Vf4DBAZV/oADBAVbviADBAReZeADBANtzXgDAwCflAMEArkbXAMEArmwdAMEBNlF
cDANBAIAAjAHAwUAKgIGEDANBgkqhkiG9w0BAQsFAAOCAQEAMGAg/pY2ah/yM21D
D377b8aWhSJ+mSRAUhPMx3tl98pdNYKxfUQBOEbzTNE2djctFPJEGDagqxFblyDc
t1z7Wej+Mrt7VUl9Ay7/aHiGNH2Tj/khXeoe+gMs0SkbodGr0hqvzlNIwv7qQI6C
7IgBQSqfXq9aehK7DUExaG9EJs82DGkturoXa+mbhpudZ52YZjia55ZC94f5giLA
3zsmGsn36ftX4Aw3OGkGIyFNbA/yza/e7MErOVdSD9SQg4B355MMyk0GU9J7PyqW
cTnd/C8P7fH1UY8fqnrK7gA5b+oFc3jtEr4uH+XvXV3SrQxXvij/KGDgyvM93V0o
35auHg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:37 2023 by rpki-client on console-ams.rpki-client.org