Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/e9f29c-9231-450d-adb0-6de05a316239/1/S-9ixjB5Bl82di6BQX3LVd1vAPU.roa
File: S-9ixjB5Bl82di6BQX3LVd1vAPU.roa (raw, json)
Hash identifier: CRpXPcfqa+ZMGmM0hRGNX30DpWXAPi6QV09PrUren0E=
Subject key identifier: 4B:EF:62:C6:30:79:06:5F:36:76:2E:81:41:7D:CB:55:DD:6F:00:F5
Certificate issuer: /CN=217b491dccb5632216d80b48f8d6286b1effd8d7
Certificate serial: 0182B1B575D059DD60EFB267C762E481A506
Authority key identifier: 21:7B:49:1D:CC:B5:63:22:16:D8:0B:48:F8:D6:28:6B:1E:FF:D8:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IXtJHcy1YyIW2AtI-NYoax7_2Nc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/e9f29c-9231-450d-adb0-6de05a316239/1/S-9ixjB5Bl82di6BQX3LVd1vAPU.roa
Signing time: Thu 18 Aug 2022 16:07:15 +0000
ROA not before: Thu 18 Aug 2022 16:07:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59625
IP address blocks: 185.240.17.0/24 maxlen: 24
185.240.16.0/24 maxlen: 24
185.240.18.0/24 maxlen: 24
185.240.19.0/24 maxlen: 24
204.154.202.0/24 maxlen: 24
204.154.200.0/24 maxlen: 24
204.154.201.0/24 maxlen: 24
204.154.205.0/24 maxlen: 24
204.154.206.0/24 maxlen: 24
204.154.203.0/24 maxlen: 24
204.154.204.0/24 maxlen: 24
204.154.207.0/24 maxlen: 24
185.84.69.0/24 maxlen: 24
185.84.68.0/24 maxlen: 24
185.84.70.0/24 maxlen: 24
185.84.71.0/24 maxlen: 24
185.244.178.0/24 maxlen: 24
185.244.179.0/24 maxlen: 24
2a03:7020:1::/48 maxlen: 48
2a03:7020:10::/48 maxlen: 48
2a03:7020:8::/48 maxlen: 48
2a03:7020::/40 maxlen: 40
2a03:7020:800::/40 maxlen: 40
2a03:7020:1300::/40 maxlen: 40
2a03:7020::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b1:b5:75:d0:59:dd:60:ef:b2:67:c7:62:e4:81:a5:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=217b491dccb5632216d80b48f8d6286b1effd8d7
Validity
Not Before: Aug 18 16:07:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4bef62c63079065f36762e81417dcb55dd6f00f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:46:9c:4a:88:aa:09:cd:88:e9:e2:ad:c0:96:
62:41:ad:77:09:91:6c:0b:15:a9:67:ee:35:69:cd:
58:e1:92:82:39:d3:fc:76:a1:c6:58:2d:fc:bd:d5:
98:f3:5f:93:cf:58:2b:f1:32:ba:57:5e:f3:42:1f:
dc:05:39:82:f0:7c:bb:70:90:32:a3:57:18:3c:78:
18:fb:81:c2:1f:fe:3f:c5:b3:61:2e:34:a7:c6:fb:
6f:83:60:42:b7:99:3e:f1:ee:a3:78:56:a1:5f:58:
38:c6:97:e1:f2:44:f5:7e:99:73:c2:19:7f:59:fb:
7c:fe:6c:79:53:7c:fc:fd:78:a9:3a:88:b3:d2:3e:
29:07:18:94:85:0f:8d:4d:92:1b:20:e5:72:46:af:
c6:8d:52:58:29:0e:eb:53:97:13:ab:44:6c:f1:4d:
d2:f8:fb:c1:ef:d3:4f:71:26:a6:41:0f:9a:dd:99:
a5:5d:e7:d7:63:db:69:2f:cf:1f:49:96:f2:20:85:
ac:9e:d5:df:6d:6d:1f:36:91:a7:b4:90:ff:d1:3c:
24:88:6c:ef:26:a3:7f:c0:65:7f:e8:00:42:bb:f7:
bc:07:7c:48:48:27:57:05:7f:7d:41:e8:33:bb:99:
2c:76:0e:5d:c2:a9:24:d9:cb:83:56:b4:8e:7d:20:
bf:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:EF:62:C6:30:79:06:5F:36:76:2E:81:41:7D:CB:55:DD:6F:00:F5
X509v3 Authority Key Identifier:
keyid:21:7B:49:1D:CC:B5:63:22:16:D8:0B:48:F8:D6:28:6B:1E:FF:D8:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IXtJHcy1YyIW2AtI-NYoax7_2Nc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/e9f29c-9231-450d-adb0-6de05a316239/1/S-9ixjB5Bl82di6BQX3LVd1vAPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/e9f29c-9231-450d-adb0-6de05a316239/1/IXtJHcy1YyIW2AtI-NYoax7_2Nc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.68.0/22
185.240.16.0/22
185.244.178.0/23
204.154.200.0/21
IPv6:
2a03:7020::/40
2a03:7020:800::/40
2a03:7020:1300::/40
Signature Algorithm: sha256WithRSAEncryption
5a:06:7f:75:80:0f:22:ab:0e:13:06:b3:cb:a5:be:72:5e:d4:
a7:1d:8c:2c:e2:5d:53:fe:08:86:ad:8b:a6:7f:d0:83:87:10:
99:6e:28:24:ab:3a:aa:e2:89:a5:6a:a7:4a:e5:bc:7d:7b:5b:
a7:0f:09:e6:27:b0:f1:c3:f2:40:01:85:2d:f7:76:e2:07:40:
3e:ee:fa:98:7a:4e:15:45:d9:f4:db:8f:4b:26:49:df:f6:38:
42:03:c7:66:69:34:3f:55:45:4b:a2:b0:d8:65:9c:f2:e6:f2:
35:62:49:2d:bb:6a:67:14:fa:5c:ec:00:e4:76:64:58:90:ce:
49:34:90:9d:fc:9f:9c:01:67:65:e6:6e:e5:5c:81:08:bd:56:
85:9a:93:8d:d0:68:e8:d4:3f:12:40:fb:d6:7a:d4:af:6e:c2:
db:1e:df:b8:c0:58:5f:26:61:e9:a7:5e:c8:00:72:89:7d:c1:
a9:cb:b1:00:4d:04:05:11:87:c0:dd:40:d9:96:a5:8e:dd:5b:
6e:66:cf:17:6f:a1:0b:ba:16:2c:f3:74:68:1d:68:78:a5:9b:
df:95:84:8d:b5:94:d8:60:76:c0:b1:9a:1d:bf:4d:ac:be:4f:
c5:44:c4:8a:57:d1:8f:00:2c:6b:e7:17:cd:71:ca:e9:15:37:
ab:e4:10:b7
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYKxtXXQWd1g77Jnx2LkgaUGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxN2I0OTFkY2NiNTYzMjIxNmQ4MGI0OGY4ZDYyODZiMWVm
ZmQ4ZDcwHhcNMjIwODE4MTYwNzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmVmNjJjNjMwNzkwNjVmMzY3NjJlODE0MTdkY2I1NWRkNmYwMGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEacSoiqCc2I6eKtwJZiQa13CZFs
CxWpZ+41ac1Y4ZKCOdP8dqHGWC38vdWY81+Tz1gr8TK6V17zQh/cBTmC8Hy7cJAy
o1cYPHgY+4HCH/4/xbNhLjSnxvtvg2BCt5k+8e6jeFahX1g4xpfh8kT1fplzwhl/
Wft8/mx5U3z8/XipOoiz0j4pBxiUhQ+NTZIbIOVyRq/GjVJYKQ7rU5cTq0Rs8U3S
+PvB79NPcSamQQ+a3ZmlXefXY9tpL88fSZbyIIWsntXfbW0fNpGntJD/0TwkiGzv
JqN/wGV/6ABCu/e8B3xISCdXBX99Qegzu5ksdg5dwqkk2cuDVrSOfSC/xwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFEvvYsYweQZfNnYugUF9y1XdbwD1MB8GA1UdIwQY
MBaAFCF7SR3MtWMiFtgLSPjWKGse/9jXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVh0SkhjeTFZeUlXMkF0SS1OWW9heDdfMk5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9lOWYyOWMtOTIzMS00NTBkLWFkYjAt
NmRlMDVhMzE2MjM5LzEvUy05aXhqQjVCbDgyZGk2QlFYM0xWZDF2QVBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9lOWYyOWMtOTIzMS00NTBkLWFkYjAtNmRlMDVhMzE2MjM5
LzEvSVh0SkhjeTFZeUlXMkF0SS1OWW9heDdfMk5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAeBAIAATAYAwQCuVREAwQC
ufAQAwQBufSyAwQDzJrIMB4EAgACMBgDBgAqA3AgAAMGACoDcCAIAwYAKgNwIBMw
DQYJKoZIhvcNAQELBQADggEBAFoGf3WADyKrDhMGs8ulvnJe1KcdjCziXVP+CIat
i6Z/0IOHEJluKCSrOqriiaVqp0rlvH17W6cPCeYnsPHD8kABhS33duIHQD7u+ph6
ThVF2fTbj0smSd/2OEIDx2ZpND9VRUuisNhlnPLm8jViSS27amcU+lzsAOR2ZFiQ
zkk0kJ38n5wBZ2XmbuVcgQi9VoWak43QaOjUPxJA+9Z61K9uwtse37jAWF8mYemn
XsgAcol9wanLsQBNBAURh8DdQNmWpY7dW25mzxdvoQu6FizzdGgdaHilm9+VhI21
lNhgdsCxmh2/Tay+T8VExIpX0Y8ALGvnF81xyukVN6vkELc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:38 2023 by rpki-client on console-fra.rpki-client.org