Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/7bW59X9QCeZDT-juvZxzwqVlh4o.roa
File: 7bW59X9QCeZDT-juvZxzwqVlh4o.roa (raw, json)
Hash identifier: C9/6Q4aJgThcH6CnuHF+Hc7U+OVzmv/IybRuxKCrAHw=
Subject key identifier: ED:B5:B9:F5:7F:50:09:E6:43:4F:E8:EE:BD:9C:73:C2:A5:65:87:8A
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0D28B001
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/7bW59X9QCeZDT-juvZxzwqVlh4o.roa
Signing time: Wed 04 May 2022 14:13:16 +0000
ROA not before: Wed 04 May 2022 14:13:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34549
IP address blocks: 195.180.132.0/22 maxlen: 22
195.180.140.0/22 maxlen: 22
194.195.96.0/22 maxlen: 22
212.224.0.0/22 maxlen: 24
194.195.108.0/22 maxlen: 22
212.224.20.0/22 maxlen: 22
195.179.44.0/22 maxlen: 22
194.233.20.0/22 maxlen: 22
194.64.172.0/22 maxlen: 22
194.163.72.0/22 maxlen: 22
194.163.76.0/22 maxlen: 22
195.179.80.0/22 maxlen: 22
217.119.60.0/22 maxlen: 22
194.64.148.0/22 maxlen: 22
195.179.32.0/21 maxlen: 24
194.64.156.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 220770305 (0xd28b001)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: May 4 14:13:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=edb5b9f57f5009e6434fe8eebd9c73c2a565878a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c3:47:c9:b0:8d:04:27:40:b5:95:23:a7:92:
43:c3:55:54:6c:a4:b0:c1:af:47:3b:69:15:7e:e3:
57:56:7a:35:24:26:69:f1:7f:06:b4:7c:d1:8e:f8:
0a:4e:3c:6d:cc:f0:7b:43:93:d6:43:fb:a2:74:8b:
a4:b9:ce:9d:5c:b2:5c:2c:b9:c4:98:55:62:b7:15:
1f:70:14:ef:6b:53:41:26:76:68:93:e8:eb:c3:5d:
e6:e5:0e:7f:b7:e8:26:a7:27:34:4c:dc:d4:08:8c:
ef:05:5b:08:e1:b3:ef:b8:61:0c:5a:5a:9b:2d:a6:
d8:f0:4c:ff:8d:0a:0b:34:55:5d:5c:98:d3:d9:75:
8e:c2:12:2b:43:da:f6:ee:a9:01:4d:38:12:b5:f1:
0e:ed:df:8f:a9:3b:8f:f2:ed:ad:25:df:3e:0f:e1:
9c:77:6e:10:8a:28:55:7a:59:1a:c7:db:0a:54:c4:
fa:9a:b5:6d:3a:79:0a:4b:e4:70:ea:9b:f8:af:c1:
80:31:a9:19:d4:7f:3b:18:de:0b:aa:0a:1b:51:7f:
00:47:23:5b:e0:85:46:6c:fb:00:f1:c4:36:d3:70:
aa:fa:4f:70:d5:0a:3b:bd:1c:a9:84:58:04:eb:27:
31:fc:bb:d6:c8:93:19:53:19:44:09:65:7a:ce:b1:
46:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:B5:B9:F5:7F:50:09:E6:43:4F:E8:EE:BD:9C:73:C2:A5:65:87:8A
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/7bW59X9QCeZDT-juvZxzwqVlh4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.64.148.0/22
194.64.156.0/22
194.64.172.0/22
194.163.72.0/21
194.195.96.0/22
194.195.108.0/22
194.233.20.0/22
195.179.32.0/21
195.179.44.0/22
195.179.80.0/22
195.180.132.0/22
195.180.140.0/22
212.224.0.0/22
212.224.20.0/22
217.119.60.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:4f:d9:35:a5:fb:c0:75:bc:71:eb:86:27:1c:be:40:ca:e0:
26:00:ac:04:eb:a6:14:71:ed:23:94:c8:20:56:63:26:df:20:
9f:a5:4b:c5:e9:70:1b:3f:7c:7d:fe:3c:ed:02:d9:b5:ac:7f:
75:af:f7:52:4a:a0:61:df:3f:ed:ce:98:77:7e:b6:be:01:60:
86:46:b6:8d:ac:f0:de:e7:eb:c7:09:b7:f6:71:82:e4:e7:a5:
1e:62:bd:ca:2d:2b:46:89:34:68:6e:81:01:42:90:bb:ee:e9:
38:48:00:4d:9b:fd:6d:95:af:56:d4:bc:9b:b4:03:45:16:de:
51:d2:5a:25:67:43:57:96:b3:b9:62:63:54:18:50:5a:9c:3a:
d8:39:f6:49:6f:02:d8:39:99:6b:7b:5f:5c:ef:c1:62:43:f5:
90:f7:9e:fa:8a:42:9e:8b:13:94:a9:36:ea:4f:17:00:73:83:
dc:a1:06:54:3b:7f:f0:9d:dc:dd:ad:d6:24:84:8b:8d:d3:b2:
d4:f6:51:58:bb:a7:c5:17:fa:fd:90:c0:85:c4:ce:75:f9:7f:
58:f3:7a:f5:93:de:3e:24:d5:60:6f:7d:b7:0e:07:bc:8c:31:
33:fa:6c:ee:52:b7:55:ab:e5:5f:f7:fd:59:09:df:bc:c1:d0:
53:bf:25:38
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIEDSiwATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzQ3MDE3NTY0YzcxMWJjYmQ1NzY4MGEwZGZkMDBmMmE1ZDA5OWRiMB4XDTIyMDUw
NDE0MTMxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWRiNWI5ZjU3ZjUw
MDllNjQzNGZlOGVlYmQ5YzczYzJhNTY1ODc4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3DR8mwjQQnQLWVI6eSQ8NVVGyksMGvRztpFX7jV1Z6NSQm
afF/BrR80Y74Ck48bczwe0OT1kP7onSLpLnOnVyyXCy5xJhVYrcVH3AU72tTQSZ2
aJPo68Nd5uUOf7foJqcnNEzc1AiM7wVbCOGz77hhDFpamy2m2PBM/40KCzRVXVyY
09l1jsISK0Pa9u6pAU04ErXxDu3fj6k7j/LtrSXfPg/hnHduEIooVXpZGsfbClTE
+pq1bTp5CkvkcOqb+K/BgDGpGdR/OxjeC6oKG1F/AEcjW+CFRmz7APHENtNwqvpP
cNUKO70cqYRYBOsnMfy71siTGVMZRAlles6xRgMCAwEAAaOCAl0wggJZMB0GA1Ud
DgQWBBTttbn1f1AJ5kNP6O69nHPCpWWHijAfBgNVHSMEGDAWgBTXRwF1ZMcRvL1X
aAoN/QDypdCZ2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEwY0JkV1RIRWJ5OVYyZ0tEZjBBOHFYUW1kcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8x
LzdiVzU5WDlRQ2VaRFQtanV2Wnh6d3FWbGg0by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8xLzEwY0JkV1RIRWJ5
OVYyZ0tEZjBBOHFYUW1kcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBz
BggrBgEFBQcBBwEB/wRkMGIwYAQCAAEwWgMEAsJAlAMEAsJAnAMEAsJArAMEA8Kj
SAMEAsLDYAMEAsLDbAMEAsLpFAMEA8OzIAMEAsOzLAMEAsOzUAMEAsO0hAMEAsO0
jAMEAtTgAAMEAtTgFAMEAtl3PDANBgkqhkiG9w0BAQsFAAOCAQEATU/ZNaX7wHW8
ceuGJxy+QMrgJgCsBOumFHHtI5TIIFZjJt8gn6VLxelwGz98ff487QLZtax/da/3
UkqgYd8/7c6Yd362vgFghka2jazw3ufrxwm39nGC5OelHmK9yi0rRok0aG6BAUKQ
u+7pOEgATZv9bZWvVtS8m7QDRRbeUdJaJWdDV5azuWJjVBhQWpw62Dn2SW8C2DmZ
a3tfXO/BYkP1kPee+opCnosTlKk26k8XAHOD3KEGVDt/8J3c3a3WJISLjdOy1PZR
WLunxRf6/ZDAhcTOdfl/WPN69ZPePiTVYG99tw4HvIwxM/ps7lK3VavlX/f9WQnf
vMHQU78lOA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:41 2023 by rpki-client on console-fra.rpki-client.org