Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/Z6NjYIusdFmpVN1JDEPHARWePuw.roa
File: Z6NjYIusdFmpVN1JDEPHARWePuw.roa (raw, json)
Hash identifier: dzKZlCgAsC6lKj90g/gHdh/657knDnQAALtj48IvyuY=
Subject key identifier: 67:A3:63:60:8B:AC:74:59:A9:54:DD:49:0C:43:C7:01:15:9E:3E:EC
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0184A370E71F50B30A47BA99D03C827BE240
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/Z6NjYIusdFmpVN1JDEPHARWePuw.roa
Signing time: Wed 23 Nov 2022 07:43:16 +0000
ROA not before: Wed 23 Nov 2022 07:43:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35277
IP address blocks: 5.189.219.0/24 maxlen: 24
5.189.218.0/24 maxlen: 24
5.189.217.0/24 maxlen: 24
5.189.216.0/24 maxlen: 24
5.188.50.0/24 maxlen: 24
5.101.44.0/24 maxlen: 24
5.101.47.0/24 maxlen: 24
5.101.46.0/24 maxlen: 24
5.101.45.0/24 maxlen: 24
5.188.202.0/24 maxlen: 24
5.188.201.0/24 maxlen: 24
5.188.200.0/24 maxlen: 24
91.243.41.0/24 maxlen: 24
91.243.40.0/24 maxlen: 24
91.243.43.0/24 maxlen: 24
91.243.42.0/24 maxlen: 24
5.189.253.0/24 maxlen: 24
5.189.252.0/24 maxlen: 24
5.189.255.0/24 maxlen: 24
5.8.44.0/24 maxlen: 24
5.8.47.0/24 maxlen: 24
5.8.46.0/24 maxlen: 24
5.8.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a3:70:e7:1f:50:b3:0a:47:ba:99:d0:3c:82:7b:e2:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Nov 23 07:43:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67a363608bac7459a954dd490c43c701159e3eec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5f:74:b3:ab:4f:25:d8:4b:7b:7a:87:e8:dc:
44:48:6f:4f:8e:86:88:cf:26:12:d2:51:96:4b:80:
70:d2:2e:60:41:90:25:ca:bd:b7:c0:cd:b3:98:83:
f2:a5:b4:2f:62:68:86:16:1e:db:73:53:97:dc:78:
bd:67:72:27:49:51:b1:90:44:d7:60:ff:05:c0:2c:
3d:bb:a3:f1:d5:95:74:f9:e0:45:25:51:67:d7:3d:
4a:14:2f:c7:94:d9:c6:19:c9:a7:39:e9:ef:5a:f9:
34:f9:d2:d9:44:6b:7e:36:95:40:51:f7:97:1e:5d:
9d:c3:12:10:02:7f:f8:f2:32:d1:64:fe:35:8c:45:
42:f2:a9:7c:b1:a2:12:19:57:da:0d:e1:ae:91:e5:
65:ec:b2:ad:0b:ed:ba:fa:82:b1:7f:c7:cc:c8:5f:
68:04:95:c4:18:23:7a:81:94:18:14:ca:47:7d:d4:
3c:18:ab:1e:74:a3:dd:31:fc:2b:fa:bc:f5:01:24:
00:93:89:4b:ea:e4:c3:2a:52:15:ee:0b:ae:cc:61:
6f:2a:b7:79:04:21:dd:13:51:1b:13:60:b6:34:6e:
62:5c:a8:61:5e:24:7e:07:9c:b1:13:35:28:43:47:
c4:8d:67:c2:2f:56:61:5b:ca:f1:b5:88:cc:25:0a:
a3:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A3:63:60:8B:AC:74:59:A9:54:DD:49:0C:43:C7:01:15:9E:3E:EC
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/Z6NjYIusdFmpVN1JDEPHARWePuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.44.0/22
5.101.44.0/22
5.188.50.0/24
5.188.200.0-5.188.202.255
5.189.216.0/22
5.189.252.0/23
5.189.255.0/24
91.243.40.0/22
Signature Algorithm: sha256WithRSAEncryption
70:5a:4a:03:7d:ab:36:de:78:ee:be:cd:d0:a9:9e:89:1e:3d:
8b:65:42:dc:ff:e1:84:85:28:aa:d3:f6:76:8b:d8:8b:e1:b7:
5a:5c:72:a1:8e:70:1b:81:28:dd:a1:c4:be:56:09:1f:85:94:
9c:4b:a5:3a:9f:8d:81:3d:a1:b2:79:ee:d6:c1:e5:fe:cc:4b:
a5:6c:c2:d1:1d:73:2c:36:29:4d:ec:09:c8:2c:88:c8:a0:08:
68:c0:ee:72:79:8c:9b:67:52:7e:ed:b4:9c:9f:80:bb:6b:0b:
e2:41:98:6e:34:1b:c4:ab:2f:f0:56:00:8f:70:ad:9a:0b:38:
c0:85:b6:f8:1a:4a:31:7f:72:ec:ad:a9:ac:a3:db:0f:05:15:
6c:bb:37:1a:f2:58:09:ce:21:f9:85:1b:33:73:f8:9b:52:45:
74:2b:ac:c4:c5:56:cc:d1:8a:e4:c7:1b:82:9f:72:1a:0f:d6:
db:9e:5d:7d:63:b0:c4:bb:c2:61:bc:98:a8:bd:f6:02:6a:a4:
36:58:90:04:b5:09:67:89:28:b8:80:96:83:d2:5c:c8:25:c6:
cd:a0:49:8b:61:00:27:5b:f4:21:30:62:0d:b0:1f:32:21:8f:
2d:b0:aa:b1:6f:9e:4d:ec:50:e0:b5:ad:90:e0:23:fd:f3:b3:
f0:72:77:38
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYSjcOcfULMKR7qZ0DyCe+JAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjIxMTIzMDc0MzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2EzNjM2MDhiYWM3NDU5YTk1NGRkNDkwYzQzYzcwMTE1OWUzZWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoV90s6tPJdhLe3qH6NxESG9PjoaI
zyYS0lGWS4Bw0i5gQZAlyr23wM2zmIPypbQvYmiGFh7bc1OX3Hi9Z3InSVGxkETX
YP8FwCw9u6Px1ZV0+eBFJVFn1z1KFC/HlNnGGcmnOenvWvk0+dLZRGt+NpVAUfeX
Hl2dwxIQAn/48jLRZP41jEVC8ql8saISGVfaDeGukeVl7LKtC+26+oKxf8fMyF9o
BJXEGCN6gZQYFMpHfdQ8GKsedKPdMfwr+rz1ASQAk4lL6uTDKlIV7guuzGFvKrd5
BCHdE1EbE2C2NG5iXKhhXiR+B5yxEzUoQ0fEjWfCL1ZhW8rxtYjMJQqjYwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFGejY2CLrHRZqVTdSQxDxwEVnj7sMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvWjZOallJdXNkRm1wVk4xSkRFUEhBUldlUHV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCBQgsAwQC
BWUsAwQABbwyMAwDBAMFvMgDBAAFvMoDBAIFvdgDBAEFvfwDBAAFvf8DBAJb8ygw
DQYJKoZIhvcNAQELBQADggEBAHBaSgN9qzbeeO6+zdCpnokePYtlQtz/4YSFKKrT
9naL2Ivht1pccqGOcBuBKN2hxL5WCR+FlJxLpTqfjYE9obJ57tbB5f7MS6VswtEd
cyw2KU3sCcgsiMigCGjA7nJ5jJtnUn7ttJyfgLtrC+JBmG40G8SrL/BWAI9wrZoL
OMCFtvgaSjF/cuytqayj2w8FFWy7NxryWAnOIfmFGzNz+JtSRXQrrMTFVszRiuTH
G4KfchoP1tueXX1jsMS7wmG8mKi99gJqpDZYkAS1CWeJKLiAloPSXMglxs2gSYth
ACdb9CEwYg2wHzIhjy2wqrFvnk3sUOC1rZDgI/3zs/Bydzg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:56 2023 by rpki-client on console-fra.rpki-client.org