Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/Iz5g6Tx91BpRQCZTWeFIkRfMMR0.roa
File: Iz5g6Tx91BpRQCZTWeFIkRfMMR0.roa (raw, json)
Hash identifier: 49K6e3BLyHycSiM+xzNixotRrFwM6Htb5guS4Twdgps=
Subject key identifier: 23:3E:60:E9:3C:7D:D4:1A:51:40:26:53:59:E1:48:91:17:CC:31:1D
Certificate issuer: /CN=1f21c543844c417f61ad7939244d3b759c2a43ed
Certificate serial: 1A794FC9
Authority key identifier: 1F:21:C5:43:84:4C:41:7F:61:AD:79:39:24:4D:3B:75:9C:2A:43:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/Iz5g6Tx91BpRQCZTWeFIkRfMMR0.roa
Signing time: Fri 13 May 2022 12:47:40 +0000
ROA not before: Fri 13 May 2022 12:47:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60304
IP address blocks: 185.33.35.0/24 maxlen: 24
185.33.34.0/24 maxlen: 24
185.33.33.0/24 maxlen: 24
185.33.32.0/24 maxlen: 24
2a04:5901:7::/48 maxlen: 48
2a04:5901:c::/48 maxlen: 48
2a04:5901:1d::/48 maxlen: 48
2a04:5901:22::/48 maxlen: 48
2a04:5901:2::/48 maxlen: 48
2a04:5901:13::/48 maxlen: 48
2a04:5901:18::/48 maxlen: 48
2a04:5901:9::/48 maxlen: 48
2a04:5901:e::/48 maxlen: 48
2a04:5901:1f::/48 maxlen: 48
2a04:5901:24::/48 maxlen: 48
2a04:5901:4::/48 maxlen: 48
2a04:5901:15::/48 maxlen: 48
2a04:5901:1a::/48 maxlen: 48
2a04:5901:b::/48 maxlen: 48
2a04:5901:10::/48 maxlen: 48
2a04:5901:21::/48 maxlen: 48
2a04:5901:1::/48 maxlen: 48
2a04:5901:6::/48 maxlen: 48
2a04:5901:17::/48 maxlen: 48
2a04:5901:1c::/48 maxlen: 48
2a04:5901:d::/48 maxlen: 48
2a04:5901:12::/48 maxlen: 48
2a04:5901:23::/48 maxlen: 48
2a04:5901:3::/48 maxlen: 48
2a04:5901:8::/48 maxlen: 48
2a04:5900::/29 maxlen: 32
2a04:5901:19::/48 maxlen: 48
2a04:5901:1e::/48 maxlen: 48
2a04:5901:f::/48 maxlen: 48
2a04:5901:14::/48 maxlen: 48
2a04:5901:5::/48 maxlen: 48
2a04:5901:a::/48 maxlen: 48
2a04:5901:1b::/48 maxlen: 48
2a04:5901:20::/48 maxlen: 48
2a04:5901:11::/48 maxlen: 48
2a04:5901:16::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 444157897 (0x1a794fc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f21c543844c417f61ad7939244d3b759c2a43ed
Validity
Not Before: May 13 12:47:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=233e60e93c7dd41a5140265359e1489117cc311d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d6:82:cf:4e:70:61:d2:f8:aa:b8:0e:35:93:
89:31:0b:09:6d:07:7e:1f:2a:45:da:10:b4:33:7c:
25:dc:8f:b9:dd:93:11:4a:76:ee:e3:7a:11:c5:9a:
86:e3:6a:90:a9:e0:ec:54:6f:59:bc:85:d3:ec:f2:
a2:15:08:f2:09:0c:2d:93:10:db:c6:85:01:be:d0:
66:87:60:74:ab:db:03:8f:b1:99:05:46:54:b5:7b:
41:9b:0d:9c:38:81:5f:2d:08:1f:74:1a:d4:0b:9f:
b8:51:d5:5c:8f:a1:c5:bb:c9:cd:ce:02:ac:aa:86:
e0:f5:29:1c:25:a3:87:4d:c2:e7:7e:79:47:64:f1:
ac:c7:0a:8d:51:f8:df:fd:e2:48:58:32:a8:78:ed:
ec:86:5d:49:25:01:1b:a4:dd:a2:49:21:07:5a:39:
35:cf:e7:a2:c3:78:92:c2:af:c4:91:cc:9a:23:82:
50:61:1b:26:2f:d0:75:a3:d0:c0:3b:73:53:ba:74:
6c:f0:7a:78:79:fb:c6:72:f6:80:56:98:21:54:c7:
43:59:90:b1:8e:89:ac:da:5f:fb:18:2e:63:2e:aa:
ea:d3:5a:34:f1:d7:f5:7a:5a:d1:5f:ca:5f:bd:90:
3f:ad:47:ad:35:58:61:55:29:24:0e:04:89:46:02:
75:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:3E:60:E9:3C:7D:D4:1A:51:40:26:53:59:E1:48:91:17:CC:31:1D
X509v3 Authority Key Identifier:
keyid:1F:21:C5:43:84:4C:41:7F:61:AD:79:39:24:4D:3B:75:9C:2A:43:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/Iz5g6Tx91BpRQCZTWeFIkRfMMR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.32.0/22
IPv6:
2a04:5900::/29
Signature Algorithm: sha256WithRSAEncryption
78:e1:98:a9:d7:9b:6f:86:21:c4:e6:2b:7e:2a:a2:aa:7b:a8:
f6:dc:fd:fe:a2:88:72:61:49:e4:49:88:e7:78:c3:9c:6b:8a:
fd:cc:23:3f:9d:e4:f0:4e:55:42:54:6f:6f:5f:eb:a0:76:15:
35:9e:49:3d:bf:63:76:7e:d8:1f:66:8e:6b:88:85:cf:5d:32:
d6:fc:1c:40:5c:c3:cc:89:c9:85:8c:4b:c3:3b:25:41:6d:1a:
b5:81:91:a6:23:2f:a1:fe:31:ea:36:41:8f:c7:ca:72:8e:03:
9c:df:8e:4e:0a:5b:18:4a:60:ea:b2:61:ca:ca:e4:2d:2c:48:
bc:94:ae:81:d2:d9:52:e4:f5:49:7c:45:ac:ae:29:97:da:c2:
0b:69:c6:77:49:d8:70:93:34:2c:fa:2d:fa:d7:2b:15:53:19:
cc:b5:7e:6f:34:82:9a:90:a9:55:4c:32:7b:81:1b:3f:95:3d:
f7:ee:07:09:97:28:f3:d9:c8:b4:ce:27:2c:0e:9a:64:82:8f:
df:f5:07:2b:83:31:39:f6:ff:41:ec:be:ad:e3:8c:c9:25:f4:
6e:1a:cc:70:42:ec:fa:13:f2:f5:58:7a:45:3b:53:42:cf:a4:
8b:e9:0a:3c:9b:b8:fb:7e:09:0a:cb:47:7a:a3:25:b3:46:53:
b6:fe:97:96
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEGnlPyTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjIxYzU0Mzg0NGM0MTdmNjFhZDc5MzkyNDRkM2I3NTljMmE0M2VkMB4XDTIyMDUx
MzEyNDc0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjMzZTYwZTkzYzdk
ZDQxYTUxNDAyNjUzNTllMTQ4OTExN2NjMzExZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANfWgs9OcGHS+Kq4DjWTiTELCW0Hfh8qRdoQtDN8JdyPud2T
EUp27uN6EcWahuNqkKng7FRvWbyF0+zyohUI8gkMLZMQ28aFAb7QZodgdKvbA4+x
mQVGVLV7QZsNnDiBXy0IH3Qa1AufuFHVXI+hxbvJzc4CrKqG4PUpHCWjh03C5355
R2TxrMcKjVH43/3iSFgyqHjt7IZdSSUBG6TdokkhB1o5Nc/nosN4ksKvxJHMmiOC
UGEbJi/QdaPQwDtzU7p0bPB6eHn7xnL2gFaYIVTHQ1mQsY6JrNpf+xguYy6q6tNa
NPHX9Xpa0V/KX72QP61HrTVYYVUpJA4EiUYCdf0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQjPmDpPH3UGlFAJlNZ4UiRF8wxHTAfBgNVHSMEGDAWgBQfIcVDhExBf2Gt
eTkkTTt1nCpD7TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0h5SEZRNFJNUVg5aHJYazVKRTA3ZFp3cVEtMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvMTU2ZWNkLWZlNjgtNGJjMy1hZTdkLWI4YzQ4NTNlNDJiYy8x
L0l6NWc2VHg5MUJwUlFDWlRXZUZJa1JmTU1SMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
MTU2ZWNkLWZlNjgtNGJjMy1hZTdkLWI4YzQ4NTNlNDJiYy8xL0h5SEZRNFJNUVg5
aHJYazVKRTA3ZFp3cVEtMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkhIDANBAIAAjAHAwUDKgRZADAN
BgkqhkiG9w0BAQsFAAOCAQEAeOGYqdebb4YhxOYrfiqiqnuo9tz9/qKIcmFJ5EmI
53jDnGuK/cwjP53k8E5VQlRvb1/roHYVNZ5JPb9jdn7YH2aOa4iFz10y1vwcQFzD
zInJhYxLwzslQW0atYGRpiMvof4x6jZBj8fKco4DnN+OTgpbGEpg6rJhysrkLSxI
vJSugdLZUuT1SXxFrK4pl9rCC2nGd0nYcJM0LPot+tcrFVMZzLV+bzSCmpCpVUwy
e4EbP5U99+4HCZco89nItM4nLA6aZIKP3/UHK4MxOfb/Qey+reOMySX0bhrMcELs
+hPy9Vh6RTtTQs+ki+kKPJu4+34JCstHeqMls0ZTtv6Xlg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-ams.rpki-client.org