Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/DowWjn9HW_eBWkHI235pjgrl39s.roa
File: DowWjn9HW_eBWkHI235pjgrl39s.roa (raw, json)
Hash identifier: BUMdKj9Qs27AGfvxOXiKsjIuGWfCLpb1JLuCwL0BBNk=
Subject key identifier: 0E:8C:16:8E:7F:47:5B:F7:81:5A:41:C8:DB:7E:69:8E:0A:E5:DF:DB
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01847FC402430AC0927B9394E36AA2697EA3
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/DowWjn9HW_eBWkHI235pjgrl39s.roa
Signing time: Wed 16 Nov 2022 09:27:42 +0000
ROA not before: Wed 16 Nov 2022 09:27:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 22
45.88.139.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.94.168.0/22 maxlen: 24
194.15.52.0/23 maxlen: 23
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
85.209.123.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
85.209.121.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.38.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7f:c4:02:43:0a:c0:92:7b:93:94:e3:6a:a2:69:7e:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 16 09:27:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0e8c168e7f475bf7815a41c8db7e698e0ae5dfdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f8:65:7b:e7:41:da:de:e3:83:0b:30:f0:e2:
78:89:69:58:9b:94:7b:5a:fa:26:35:2c:23:e5:b5:
56:58:c8:4e:c7:a7:58:5f:43:5f:41:19:07:fa:eb:
5c:ec:db:82:c6:47:7b:71:19:4e:d0:d6:59:96:59:
7c:c7:90:98:36:58:26:71:d4:c4:c6:1c:bf:e4:49:
54:c1:32:77:a9:01:f5:0d:27:83:b1:33:88:71:06:
48:d9:3c:cc:2a:9d:87:a7:32:9d:5d:60:98:a7:36:
22:21:ba:94:69:4b:65:1a:a5:db:19:21:fb:3f:e6:
34:2d:6e:2d:16:ed:1c:03:0d:0f:75:30:7c:af:9a:
e3:d0:71:08:c8:42:e1:2c:a9:a3:1c:73:0e:b5:33:
d3:a0:c3:f3:1e:6c:3e:0c:67:c8:60:d2:0b:cc:4d:
0f:f4:f4:0c:1f:7a:06:24:60:24:53:10:b7:1a:81:
02:76:ea:5f:d9:5d:29:09:ca:aa:2f:9f:8a:11:a8:
d3:b5:42:9b:e1:55:d7:2b:aa:fc:b1:3e:a7:75:75:
25:84:d8:dc:88:d0:37:96:e6:34:bd:b2:db:04:e9:
3c:eb:1c:3f:f0:dd:aa:ad:f5:55:66:f1:2e:a1:18:
9a:a5:c7:9d:11:67:d6:5c:8c:47:c5:52:8e:c0:bf:
1f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:8C:16:8E:7F:47:5B:F7:81:5A:41:C8:DB:7E:69:8E:0A:E5:DF:DB
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/DowWjn9HW_eBWkHI235pjgrl39s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.139.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/23
77.83.38.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.15.52.0/23
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
b3:fe:ab:81:8e:27:42:6d:04:49:72:b1:fb:3e:9c:49:6c:ad:
34:ae:a3:66:27:2b:d6:38:92:b8:dd:c9:8e:24:98:17:78:cd:
36:f0:e6:d4:bc:ca:28:7c:e4:ee:d7:f0:db:dc:10:7e:c4:a0:
2e:b0:f5:a6:3d:26:a8:a1:0c:e3:52:62:c7:6b:e7:89:54:f7:
e2:93:d5:ff:31:fd:4b:76:bb:62:1c:9d:ab:dc:2e:94:50:72:
13:87:81:3a:54:d3:ff:31:c6:69:35:58:c5:a8:bd:56:5b:03:
1d:c6:4e:12:4c:56:6a:d1:d7:f2:18:97:58:6d:9b:39:83:75:
4f:5e:79:1f:48:53:8c:36:75:41:8b:75:02:ad:32:ef:07:bb:
90:07:05:12:9f:f5:e3:34:e0:8a:fb:93:f9:ca:ab:15:c9:e4:
14:a1:a3:06:4b:b4:58:9e:a0:4e:a1:88:1e:aa:60:de:8e:48:
48:37:0c:7b:42:71:20:39:c2:4a:f3:67:fe:97:c5:10:b2:ff:
9c:a3:69:71:1f:a4:07:51:30:74:02:0e:c4:c1:85:67:05:db:
ba:ae:44:63:c3:e9:d3:68:72:4e:a5:e2:bc:6f:7e:e2:f1:01:
84:27:08:e1:46:de:87:ae:ca:08:81:d1:a9:2e:69:87:ef:fa:
ec:18:58:6c
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYR/xAJDCsCSe5OU42qiaX6jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMTE2MDkyNzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZThjMTY4ZTdmNDc1YmY3ODE1YTQxYzhkYjdlNjk4ZTBhZTVkZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufhle+dB2t7jgwsw8OJ4iWlYm5R7
WvomNSwj5bVWWMhOx6dYX0NfQRkH+utc7NuCxkd7cRlO0NZZlll8x5CYNlgmcdTE
xhy/5ElUwTJ3qQH1DSeDsTOIcQZI2TzMKp2HpzKdXWCYpzYiIbqUaUtlGqXbGSH7
P+Y0LW4tFu0cAw0PdTB8r5rj0HEIyELhLKmjHHMOtTPToMPzHmw+DGfIYNILzE0P
9PQMH3oGJGAkUxC3GoECdupf2V0pCcqqL5+KEajTtUKb4VXXK6r8sT6ndXUlhNjc
iNA3luY0vbLbBOk86xw/8N2qrfVVZvEuoRiapcedEWfWXIxHxVKOwL8ftQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFA6MFo5/R1v3gVpByNt+aY4K5d/bMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvRG93V2puOUhXX2VCV2tISTIzNXBqZ3JsMzlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBjQQCAAEwgYYDBAIC
OGwDBAAFtVcDBAAtCR0DBAItUXADBAAtWIgDBAAtWIsDBAItXqgwDAMEAC2EtQME
Ay2EsAMEAS2Q1AMEAE1TJgMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgMEAsEe8AME
AME5KwMEAcIPNAMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAjAwUAKgFx
IAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEB
ALP+q4GOJ0JtBElysfs+nElsrTSuo2YnK9Y4krjdyY4kmBd4zTbw5tS8yih85O7X
8NvcEH7EoC6w9aY9JqihDONSYsdr54lU9+KT1f8x/Ut2u2IcnavcLpRQchOHgTpU
0/8xxmk1WMWovVZbAx3GThJMVmrR1/IYl1htmzmDdU9eeR9IU4w2dUGLdQKtMu8H
u5AHBRKf9eM04Ir7k/nKqxXJ5BShowZLtFieoE6hiB6qYN6OSEg3DHtCcSA5wkrz
Z/6XxRCy/5yjaXEfpAdRMHQCDsTBhWcF27quRGPD6dNock6l4rxvfuLxAYQnCOFG
3oeuygiB0akuaYfv+uwYWGw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org