Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/X1T3It0pb6cyD_dfiiRsaZfIvKk.roa
File: X1T3It0pb6cyD_dfiiRsaZfIvKk.roa (raw, json)
Hash identifier: kiMlsozpBI4TtMS7hhO4NgRh15j3pOgCNlHeWu5M690=
Subject key identifier: 5F:54:F7:22:DD:29:6F:A7:32:0F:F7:5F:8A:24:6C:69:97:C8:BC:A9
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0184F635A4ED329BA1B21104F5792E0CF129
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/X1T3It0pb6cyD_dfiiRsaZfIvKk.roa
Signing time: Fri 09 Dec 2022 09:27:01 +0000
ROA not before: Fri 09 Dec 2022 09:27:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 22
45.88.139.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.13.188.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.94.168.0/22 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.38.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f6:35:a4:ed:32:9b:a1:b2:11:04:f5:79:2e:0c:f1:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 9 09:27:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f54f722dd296fa7320ff75f8a246c6997c8bca9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a0:7c:2f:06:23:ce:f2:76:3a:16:df:b1:1d:
c6:b1:cf:3c:0d:39:f9:03:8a:24:30:2a:74:52:4d:
1d:1a:67:20:9e:47:82:e9:8c:e4:05:4c:56:e1:7e:
d9:5f:6d:92:0a:85:4d:4b:f4:1a:74:6c:c1:cd:d2:
97:36:ae:f0:b7:a4:92:07:b6:bd:8f:4f:a2:b2:0d:
bf:a6:b1:a9:59:b4:18:9f:57:7b:28:a5:c3:8c:c7:
06:37:56:b3:7f:1b:c6:0c:52:91:b4:c4:b4:93:95:
a4:b3:3e:e0:e5:be:79:43:ea:e3:7a:9e:6e:03:38:
03:b1:b3:06:f8:a9:0e:19:82:c6:22:c9:82:c9:7c:
b6:36:43:42:ec:55:52:f0:59:6a:15:c3:eb:bf:3d:
d8:7e:79:48:5a:c5:4e:af:e8:35:0d:ba:1b:42:6c:
6c:ae:5b:b3:f6:34:59:87:5f:c2:4a:84:ee:ab:8e:
40:49:1c:24:6b:ea:86:9d:38:40:06:43:f6:74:8e:
a4:f1:77:91:b4:0a:ea:58:43:05:9d:73:fc:97:cb:
f0:a5:30:21:02:2e:a1:29:a6:88:ed:fb:1c:53:69:
3f:e6:ca:55:79:bb:e7:94:ac:1e:8a:dd:8b:54:ec:
c9:5c:bf:c2:ca:e5:56:d1:f3:01:48:f7:99:e4:46:
69:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:54:F7:22:DD:29:6F:A7:32:0F:F7:5F:8A:24:6C:69:97:C8:BC:A9
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/X1T3It0pb6cyD_dfiiRsaZfIvKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.13.188.0/23
45.81.112.0/22
45.88.136.0/24
45.88.139.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/23
77.83.38.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
96:c3:e4:a7:f7:1d:01:57:1f:54:4c:34:bf:96:df:d2:ee:95:
03:1e:fa:ba:81:1e:dd:ac:9c:85:61:6e:6a:3a:ba:65:c7:61:
92:f3:90:c3:e2:19:85:27:3c:1b:07:aa:cd:42:4a:89:6f:53:
0c:3b:6c:e7:48:1c:dc:ec:20:42:dd:b5:c5:6c:f4:6a:f3:87:
4b:60:d7:c7:86:29:1f:3d:d0:40:0d:3f:85:10:a8:8e:08:25:
8b:84:a5:15:10:40:be:48:37:88:ef:e0:d1:68:77:03:54:5a:
7c:83:58:ca:1b:9b:65:a3:c2:f7:09:a4:05:72:a8:6e:99:25:
f4:15:d2:3d:1e:4d:6a:ee:67:51:de:b6:79:cc:12:84:6d:bf:
b1:3b:00:28:d2:82:18:b2:59:f0:db:4d:08:a5:00:f7:58:74:
ec:66:b0:56:3a:18:20:19:c9:a8:89:0b:03:c7:d1:dc:3a:56:
67:3e:65:b2:03:d3:7b:13:47:0d:97:76:d5:f1:4e:3a:e9:96:
44:de:a1:2f:9e:f8:2d:84:ed:02:e0:55:53:38:a9:20:80:68:
e9:c6:1f:d0:3b:c8:b2:c7:3b:54:57:d8:c0:29:28:5d:75:36:
2e:2b:da:b7:b2:cb:92:4f:1b:db:46:35:34:ff:70:44:5c:3c:
60:c4:5f:73
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYT2NaTtMpuhshEE9XkuDPEpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMjA5MDkyNzAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjU0ZjcyMmRkMjk2ZmE3MzIwZmY3NWY4YTI0NmM2OTk3YzhiY2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaB8LwYjzvJ2OhbfsR3Gsc88DTn5
A4okMCp0Uk0dGmcgnkeC6YzkBUxW4X7ZX22SCoVNS/QadGzBzdKXNq7wt6SSB7a9
j0+isg2/prGpWbQYn1d7KKXDjMcGN1azfxvGDFKRtMS0k5Wksz7g5b55Q+rjep5u
AzgDsbMG+KkOGYLGIsmCyXy2NkNC7FVS8FlqFcPrvz3YfnlIWsVOr+g1DbobQmxs
rluz9jRZh1/CSoTuq45ASRwka+qGnThABkP2dI6k8XeRtArqWEMFnXP8l8vwpTAh
Ai6hKaaI7fscU2k/5spVebvnlKweit2LVOzJXL/CyuVW0fMBSPeZ5EZpUQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFF9U9yLdKW+nMg/3X4okbGmXyLypMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvWDFUM0l0MHBiNmN5RF9kZmlpUnNhWmZJdktrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBjQQCAAEwgYYDBAIC
OGwDBAAFtVcDBAAtCR0DBAEtDbwDBAItUXADBAAtWIgDBAAtWIsDBAItXqgwDAME
AC2EtQMEAy2EsAMEAS2Q1AMEAE1TJgMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgME
AsEe8AMEAME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAjAwUAKgFx
IAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEB
AJbD5Kf3HQFXH1RMNL+W39LulQMe+rqBHt2snIVhbmo6umXHYZLzkMPiGYUnPBsH
qs1CSolvUww7bOdIHNzsIELdtcVs9Grzh0tg18eGKR890EANP4UQqI4IJYuEpRUQ
QL5IN4jv4NFodwNUWnyDWMobm2WjwvcJpAVyqG6ZJfQV0j0eTWruZ1HetnnMEoRt
v7E7ACjSghiyWfDbTQilAPdYdOxmsFY6GCAZyaiJCwPH0dw6Vmc+ZbID03sTRw2X
dtXxTjrplkTeoS+e+C2E7QLgVVM4qSCAaOnGH9A7yLLHO1RX2MApKF11Ni4r2rey
y5JPG9tGNTT/cERcPGDEX3M=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:20 2023 by rpki-client on console-ams.rpki-client.org