Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/p3e2hQ6M_xB8kNVd_KEGYbChxO8.roa
File: p3e2hQ6M_xB8kNVd_KEGYbChxO8.roa (raw, json)
Hash identifier: ccrmc1LQvraWoaymenUQCkIXH0oP07t1nCKzN5Pzt2Q=
Subject key identifier: A7:77:B6:85:0E:8C:FF:10:7C:90:D5:5D:FC:A1:06:61:B0:A1:C4:EF
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0183601BCF4B1584FAA32608F15D0D1CDC4C
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/p3e2hQ6M_xB8kNVd_KEGYbChxO8.roa
Signing time: Wed 21 Sep 2022 12:52:58 +0000
ROA not before: Wed 21 Sep 2022 12:52:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13194
IP address blocks: 85.254.71.0/24 maxlen: 24
85.254.75.0/24 maxlen: 24
85.254.76.0/24 maxlen: 24
85.254.73.0/24 maxlen: 24
85.254.74.0/24 maxlen: 24
85.254.76.0/22 maxlen: 22
85.254.74.0/23 maxlen: 23
85.254.141.0/24 maxlen: 24
85.254.151.0/24 maxlen: 24
85.254.149.0/24 maxlen: 24
85.254.152.0/22 maxlen: 22
85.254.170.0/24 maxlen: 24
85.254.176.0/23 maxlen: 23
80.81.61.0/24 maxlen: 24
85.254.84.0/23 maxlen: 23
85.254.80.0/22 maxlen: 22
85.254.94.0/24 maxlen: 24
85.254.98.0/23 maxlen: 23
85.254.96.0/22 maxlen: 22
85.254.96.0/23 maxlen: 23
85.254.92.0/22 maxlen: 22
85.254.92.0/23 maxlen: 23
85.254.95.0/24 maxlen: 24
85.254.92.0/24 maxlen: 24
85.254.93.0/24 maxlen: 24
85.254.104.0/21 maxlen: 21
85.254.103.0/24 maxlen: 24
85.254.101.0/24 maxlen: 24
85.254.102.0/24 maxlen: 24
85.254.100.0/24 maxlen: 24
85.254.112.0/21 maxlen: 21
85.254.124.0/23 maxlen: 23
85.254.128.0/22 maxlen: 22
85.254.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:60:1b:cf:4b:15:84:fa:a3:26:08:f1:5d:0d:1c:dc:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Sep 21 12:52:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a777b6850e8cff107c90d55dfca10661b0a1c4ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:51:82:28:c7:f5:05:1d:36:f9:70:87:bb:08:
84:de:8b:32:d0:e1:2d:23:57:e4:6d:8d:13:6d:de:
7a:e8:5d:fa:b7:e8:1c:9d:8f:6d:b1:d6:c3:87:c8:
7e:64:e7:8b:92:27:20:93:54:89:f4:48:93:af:5e:
9c:10:ca:b9:ae:17:b7:e3:f1:c0:5a:77:af:cc:b4:
3b:fd:3d:89:b0:61:5f:4f:ca:fc:2a:fe:51:85:38:
c5:ab:b7:b9:94:0c:bc:97:14:02:40:88:1d:7c:26:
e5:77:af:7a:3e:f8:bc:d0:c0:5e:b0:ab:41:9a:f8:
ea:1a:10:69:96:70:62:37:d3:a9:ad:d4:81:59:81:
39:fa:26:e0:20:27:0a:0c:e4:79:3d:5e:1a:85:62:
0a:ca:4a:44:b2:9e:97:52:74:75:ce:46:68:a6:72:
1c:73:0c:d4:2d:c0:d9:99:df:46:59:77:5c:63:95:
e0:3d:57:d6:1c:48:91:4b:13:45:08:e4:e9:89:80:
7e:db:63:50:48:4e:3f:7e:4d:71:5e:df:d7:39:36:
34:10:17:7c:32:0b:6e:bf:a4:a9:20:5c:72:99:00:
44:a6:50:25:d0:c9:d0:e4:b3:25:26:e2:7a:ac:23:
4d:15:e7:71:a3:e0:03:e8:ac:f4:87:4a:21:96:1b:
aa:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:77:B6:85:0E:8C:FF:10:7C:90:D5:5D:FC:A1:06:61:B0:A1:C4:EF
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/p3e2hQ6M_xB8kNVd_KEGYbChxO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.61.0/24
85.254.71.0/24
85.254.73.0-85.254.85.255
85.254.92.0-85.254.119.255
85.254.124.0-85.254.126.255
85.254.128.0/22
85.254.141.0/24
85.254.149.0/24
85.254.151.0-85.254.155.255
85.254.170.0/24
85.254.176.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:fa:d5:14:a0:56:96:a5:e6:87:f1:7c:7b:21:04:0b:83:ce:
43:db:ec:fa:32:58:71:a1:ed:35:c8:be:ab:23:dc:a0:3d:e2:
94:3f:52:d4:2c:01:cf:d0:68:d8:68:24:07:12:73:e1:02:ea:
65:33:dc:de:a4:f5:a5:86:b3:ea:28:1c:18:84:8b:d5:a0:40:
ba:a7:9e:5c:e2:79:6f:8a:64:71:85:31:5b:37:1b:a9:ba:23:
c7:23:bc:ab:b2:ee:f8:d4:d1:f9:9a:60:80:40:68:f5:11:24:
97:5c:1a:15:a9:a3:80:67:f1:90:1c:d1:1f:6b:88:83:b1:c2:
db:1b:29:db:fd:ff:32:c8:d9:46:95:42:2e:33:ae:a5:51:59:
8e:44:ec:c4:bb:ea:65:75:4b:6e:b3:50:e3:98:a4:1d:51:93:
d9:e6:dd:71:00:fc:f3:f3:ec:c8:85:37:9d:0c:bc:67:56:f0:
ba:98:d7:dd:7a:01:87:4a:64:02:72:db:17:f9:21:2d:0e:04:
9f:5e:8a:22:79:89:b3:21:c8:b1:44:2f:5f:79:01:a2:e0:7e:
fe:56:3e:2c:0b:7d:54:56:bd:b6:f4:89:7c:7a:15:21:d6:fc:
dc:67:dd:f5:52:23:2a:33:48:ca:6a:d6:21:2d:dc:6a:38:3e:
0f:81:ea:d4
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYNgG89LFYT6oyYI8V0NHNxMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjIwOTIxMTI1MjU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzc3YjY4NTBlOGNmZjEwN2M5MGQ1NWRmY2ExMDY2MWIwYTFjNGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4lGCKMf1BR02+XCHuwiE3osy0OEt
I1fkbY0Tbd566F36t+gcnY9tsdbDh8h+ZOeLkicgk1SJ9EiTr16cEMq5rhe34/HA
WnevzLQ7/T2JsGFfT8r8Kv5RhTjFq7e5lAy8lxQCQIgdfCbld696Pvi80MBesKtB
mvjqGhBplnBiN9OprdSBWYE5+ibgICcKDOR5PV4ahWIKykpEsp6XUnR1zkZopnIc
cwzULcDZmd9GWXdcY5XgPVfWHEiRSxNFCOTpiYB+22NQSE4/fk1xXt/XOTY0EBd8
Mgtuv6SpIFxymQBEplAl0MnQ5LMlJuJ6rCNNFedxo+AD6Kz0h0ohlhuqrQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFKd3toUOjP8QfJDVXfyhBmGwocTvMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvcDNlMmhRNk1feEI4a05WZF9LRUdZYkNoeE84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAUFE9AwQA
Vf5HMAwDBABV/kkDBAFV/lQwDAMEAlX+XAMEA1X+cDAMAwQCVf58AwQAVf5+AwQC
Vf6AAwQAVf6NAwQAVf6VMAwDBABV/pcDBAJV/pgDBABV/qoDBAFV/rAwDQYJKoZI
hvcNAQELBQADggEBAB761RSgVpal5ofxfHshBAuDzkPb7PoyWHGh7TXIvqsj3KA9
4pQ/UtQsAc/QaNhoJAcSc+EC6mUz3N6k9aWGs+ooHBiEi9WgQLqnnlzieW+KZHGF
MVs3G6m6I8cjvKuy7vjU0fmaYIBAaPURJJdcGhWpo4Bn8ZAc0R9riIOxwtsbKdv9
/zLI2UaVQi4zrqVRWY5E7MS76mV1S26zUOOYpB1Rk9nm3XEA/PPz7MiFN50MvGdW
8LqY1916AYdKZAJy2xf5IS0OBJ9eiiJ5ibMhyLFEL195AaLgfv5WPiwLfVRWvbb0
iXx6FSHW/Nxn3fVSIyozSMpq1iEt3Go4Pg+B6tQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:46 2023 by rpki-client on console-fra.rpki-client.org