Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/0cc6b5-5477-490a-a295-15b79b02943e/1/K9uuHuWIr8AsxQeSBYwI8gZW8oA.roa
File: K9uuHuWIr8AsxQeSBYwI8gZW8oA.roa (raw, json)
Hash identifier: 4+xgs1FWI8dPkknmNLdSXXoq9xQ2c04h8Doi+CHiXdM=
Subject key identifier: 2B:DB:AE:1E:E5:88:AF:C0:2C:C5:07:92:05:8C:08:F2:06:56:F2:80
Certificate issuer: /CN=27280cc534516d1c1d9ea024eaafbd01fdc68c97
Certificate serial: 094C21B8
Authority key identifier: 27:28:0C:C5:34:51:6D:1C:1D:9E:A0:24:EA:AF:BD:01:FD:C6:8C:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JygMxTRRbRwdnqAk6q-9Af3GjJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/0cc6b5-5477-490a-a295-15b79b02943e/1/K9uuHuWIr8AsxQeSBYwI8gZW8oA.roa
Signing time: Sat 01 Jan 2022 01:54:01 +0000
ROA not before: Sat 01 Jan 2022 01:54:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39238
IP address blocks: 185.38.160.0/22 maxlen: 32
194.36.148.0/22 maxlen: 32
79.143.64.0/22 maxlen: 32
79.143.76.0/22 maxlen: 32
217.29.50.0/23 maxlen: 32
217.29.52.0/22 maxlen: 32
217.29.56.0/21 maxlen: 32
2a0c:f540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155984312 (0x94c21b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27280cc534516d1c1d9ea024eaafbd01fdc68c97
Validity
Not Before: Jan 1 01:54:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2bdbae1ee588afc02cc50792058c08f20656f280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b1:f6:e1:17:9e:14:46:29:10:a8:fc:bf:e2:
91:45:21:d6:a9:cf:b8:be:1a:e8:37:34:c2:d4:8a:
b9:81:b9:2c:11:35:ff:b3:39:c2:86:09:b5:19:23:
ae:91:06:fe:4a:91:98:ec:7b:24:96:33:b3:21:f6:
41:49:a1:3d:31:f2:4b:fa:54:60:b4:7a:3b:cd:2f:
dd:6d:21:3f:a9:3a:9a:b6:2c:c4:45:09:1f:88:42:
65:e1:a2:c8:e6:d0:78:34:37:61:3a:ed:df:24:ac:
df:1d:16:09:a6:67:b5:8c:56:5e:bd:d7:81:a1:06:
3a:ab:e9:5a:b7:f3:0f:cf:b6:f7:bd:a6:34:90:63:
d5:21:68:14:f2:48:66:b8:8d:01:6c:8a:4f:e3:ea:
f9:9b:62:ff:04:01:d0:76:0d:a8:29:ba:30:38:5b:
ed:19:ca:74:21:cd:0c:e6:25:e9:31:e4:69:07:9b:
2c:e3:8d:3c:fa:8c:e1:42:69:20:64:30:4b:da:fe:
a2:59:d8:3f:58:b1:35:5c:06:9f:b3:4e:f7:b6:0b:
50:eb:1a:ab:97:03:86:59:e9:83:d3:f9:b6:be:90:
ce:a0:6e:65:dc:72:da:f4:87:4c:87:6b:35:3a:eb:
79:a1:eb:95:f4:6f:86:76:30:bc:be:76:2d:95:14:
7f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:DB:AE:1E:E5:88:AF:C0:2C:C5:07:92:05:8C:08:F2:06:56:F2:80
X509v3 Authority Key Identifier:
keyid:27:28:0C:C5:34:51:6D:1C:1D:9E:A0:24:EA:AF:BD:01:FD:C6:8C:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JygMxTRRbRwdnqAk6q-9Af3GjJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0cc6b5-5477-490a-a295-15b79b02943e/1/K9uuHuWIr8AsxQeSBYwI8gZW8oA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0cc6b5-5477-490a-a295-15b79b02943e/1/JygMxTRRbRwdnqAk6q-9Af3GjJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.143.64.0/22
79.143.76.0/22
185.38.160.0/22
194.36.148.0/22
217.29.50.0-217.29.63.255
IPv6:
2a0c:f540::/29
Signature Algorithm: sha256WithRSAEncryption
a5:e3:df:12:9c:98:3d:f6:48:c6:c8:7a:41:22:4c:70:5f:da:
f8:d7:98:d8:69:68:92:a1:26:10:6d:4d:24:05:47:fb:0a:c1:
d8:e3:6b:ab:85:59:02:35:35:c5:30:c4:5b:6b:b6:b5:e0:56:
f4:02:c6:32:6f:89:3b:28:14:8d:88:69:7d:32:b8:51:cd:ef:
51:91:91:d5:a7:4c:50:b7:81:ca:c3:ea:1f:f8:41:96:2f:33:
02:eb:7f:a5:cc:c2:76:ab:9e:49:ae:26:08:03:a0:26:d3:a2:
e5:73:ab:80:81:fc:f6:51:eb:33:b5:18:7d:51:ca:8e:47:27:
f0:a5:d6:6b:34:ed:1c:58:ba:58:1b:3d:aa:47:4c:4e:4a:c8:
74:4e:8c:da:26:98:06:15:0d:09:fc:ca:c6:fe:72:0c:f2:e6:
70:55:ee:6d:10:8b:ef:07:c5:c7:23:4f:4e:00:73:0e:3e:e9:
f7:f5:bc:5c:57:8d:49:0a:26:61:98:5a:1e:83:40:85:a6:81:
eb:4c:5f:e1:89:25:68:7a:ed:63:e6:7c:53:d3:c1:cf:9d:d4:
18:64:5e:4e:74:b1:01:82:27:c1:77:43:0a:21:4a:31:ba:64:
e3:03:2b:a1:2c:06:af:9a:b0:1f:1a:de:2e:9e:02:aa:e7:73:
1a:ec:90:bd
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIECUwhuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NzI4MGNjNTM0NTE2ZDFjMWQ5ZWEwMjRlYWFmYmQwMWZkYzY4Yzk3MB4XDTIyMDEw
MTAxNTQwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmJkYmFlMWVlNTg4
YWZjMDJjYzUwNzkyMDU4YzA4ZjIwNjU2ZjI4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKax9uEXnhRGKRCo/L/ikUUh1qnPuL4a6Dc0wtSKuYG5LBE1
/7M5woYJtRkjrpEG/kqRmOx7JJYzsyH2QUmhPTHyS/pUYLR6O80v3W0hP6k6mrYs
xEUJH4hCZeGiyObQeDQ3YTrt3ySs3x0WCaZntYxWXr3XgaEGOqvpWrfzD8+2972m
NJBj1SFoFPJIZriNAWyKT+Pq+Zti/wQB0HYNqCm6MDhb7RnKdCHNDOYl6THkaQeb
LOONPPqM4UJpIGQwS9r+olnYP1ixNVwGn7NO97YLUOsaq5cDhlnpg9P5tr6QzqBu
Zdxy2vSHTIdrNTrreaHrlfRvhnYwvL52LZUUf/UCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBQr264e5YivwCzFB5IFjAjyBlbygDAfBgNVHSMEGDAWgBQnKAzFNFFtHB2e
oCTqr70B/caMlzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0p5Z014VFJSYlJ3ZG5xQWs2cS05QWYzR2pKYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvMGNjNmI1LTU0NzctNDkwYS1hMjk1LTE1Yjc5YjAyOTQzZS8x
L0s5dXVIdVdJcjhBc3hRZVNCWXdJOGdaVzhvQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
MGNjNmI1LTU0NzctNDkwYS1hMjk1LTE1Yjc5YjAyOTQzZS8xL0p5Z014VFJSYlJ3
ZG5xQWs2cS05QWYzR2pKYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wLAQCAAEwJgMEAk+PQAMEAk+PTAMEArkmoAMEAsIk
lDAMAwQB2R0yAwQG2R0AMA0EAgACMAcDBQMqDPVAMA0GCSqGSIb3DQEBCwUAA4IB
AQCl498SnJg99kjGyHpBIkxwX9r415jYaWiSoSYQbU0kBUf7CsHY42urhVkCNTXF
MMRba7a14Fb0AsYyb4k7KBSNiGl9MrhRze9RkZHVp0xQt4HKw+of+EGWLzMC63+l
zMJ2q55JriYIA6Am06Llc6uAgfz2UesztRh9UcqORyfwpdZrNO0cWLpYGz2qR0xO
Ssh0TozaJpgGFQ0J/MrG/nIM8uZwVe5tEIvvB8XHI09OAHMOPun39bxcV41JCiZh
mFoeg0CFpoHrTF/hiSVoeu1j5nxT08HPndQYZF5OdLEBgifBd0MKIUoxumTjAyuh
LAavmrAfGt4ungKq53Ma7JC9
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:08 2023 by rpki-client on console-fra.rpki-client.org