Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/a5969f-c016-4533-9cba-696703736621/1/Ian3occkgr1i-YUOZ1ZZ9nEqnyA.roa
File: Ian3occkgr1i-YUOZ1ZZ9nEqnyA.roa (raw, json)
Hash identifier: RBNDJtHtAc7nDZyo92QMLR/uolK6INZDESG4HnWzHno=
Subject key identifier: 21:A9:F7:A1:C7:24:82:BD:62:F9:85:0E:67:56:59:F6:71:2A:9F:20
Certificate issuer: /CN=ebe4fdd172df859756ca851ddde13670f4817ee0
Certificate serial: 23D679F7
Authority key identifier: EB:E4:FD:D1:72:DF:85:97:56:CA:85:1D:DD:E1:36:70:F4:81:7E:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-T90XLfhZdWyoUd3eE2cPSBfuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/a5969f-c016-4533-9cba-696703736621/1/Ian3occkgr1i-YUOZ1ZZ9nEqnyA.roa
Signing time: Sat 01 Jan 2022 03:54:49 +0000
ROA not before: Sat 01 Jan 2022 03:54:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29691
IP address blocks: 217.150.240.0/20 maxlen: 20
178.209.32.0/19 maxlen: 19
5.148.160.0/19 maxlen: 19
193.17.85.0/24 maxlen: 24
185.88.236.0/22 maxlen: 22
94.230.208.0/20 maxlen: 20
92.42.184.0/21 maxlen: 21
2001:67c:2f98::/48 maxlen: 48
2a02:418::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 601258487 (0x23d679f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebe4fdd172df859756ca851ddde13670f4817ee0
Validity
Not Before: Jan 1 03:54:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21a9f7a1c72482bd62f9850e675659f6712a9f20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:1a:0f:7f:32:9d:f8:52:4a:71:35:fe:f1:38:
3a:3b:34:f7:8d:bd:53:be:c6:40:5e:7a:67:93:d5:
78:cc:da:c0:32:8d:cb:a4:21:a3:37:ee:4c:1c:4b:
5a:39:cb:4b:3f:28:87:97:b5:51:e6:e2:68:f1:de:
95:90:1c:b4:43:88:02:9d:a0:03:03:df:ab:61:6b:
15:f6:42:da:94:48:86:d3:66:1a:a6:a8:1a:bf:16:
65:c0:31:c9:b6:b6:68:e9:30:21:36:a9:ed:43:7a:
5b:58:68:33:06:81:56:8b:3c:76:fe:0f:24:a6:a7:
44:ba:85:8a:7f:95:d3:25:f2:a3:e4:6d:b8:cf:32:
17:4e:11:85:ed:7a:ee:2c:74:32:0d:50:be:55:5f:
84:93:4f:f9:09:5e:2f:e2:57:e6:98:86:68:62:19:
e8:18:01:82:40:7c:32:c3:d4:6f:46:c7:e3:8c:f3:
d4:f3:1f:8b:2f:d5:f7:39:c5:d4:20:70:78:eb:dc:
ca:64:1c:d8:40:92:f8:a5:eb:36:f9:47:f6:08:ff:
62:b9:53:64:46:61:83:84:d3:91:fb:be:7e:e3:72:
f0:cd:a7:a5:94:50:c0:36:a8:bc:36:31:17:6c:32:
4d:40:37:86:b5:6f:b5:0d:4c:e2:96:a5:9a:51:41:
7d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:A9:F7:A1:C7:24:82:BD:62:F9:85:0E:67:56:59:F6:71:2A:9F:20
X509v3 Authority Key Identifier:
keyid:EB:E4:FD:D1:72:DF:85:97:56:CA:85:1D:DD:E1:36:70:F4:81:7E:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-T90XLfhZdWyoUd3eE2cPSBfuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a5969f-c016-4533-9cba-696703736621/1/Ian3occkgr1i-YUOZ1ZZ9nEqnyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a5969f-c016-4533-9cba-696703736621/1/6-T90XLfhZdWyoUd3eE2cPSBfuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.148.160.0/19
92.42.184.0/21
94.230.208.0/20
178.209.32.0/19
185.88.236.0/22
193.17.85.0/24
217.150.240.0/20
IPv6:
2001:67c:2f98::/48
2a02:418::/29
Signature Algorithm: sha256WithRSAEncryption
4d:12:7a:ca:0a:5a:7e:11:fb:dc:e6:5e:62:87:3c:98:52:d6:
fc:5d:ec:c0:cd:0c:b1:db:e9:06:25:8c:e2:dd:d2:9f:ee:54:
a2:34:c5:f7:dc:d4:7d:b1:65:e5:18:23:e4:62:71:7e:0b:c8:
a4:1a:a4:eb:43:89:ff:d3:cc:ba:d3:80:83:ed:75:15:9f:08:
2b:3c:36:92:62:45:91:d2:82:88:a7:c0:be:a5:c5:b6:e7:2b:
15:3e:23:54:40:10:13:3e:ad:5e:76:20:79:d1:cf:4e:43:62:
f0:bc:18:c2:d8:4c:35:67:20:77:3a:d8:47:e4:66:c6:55:fd:
3e:4f:02:72:87:c1:f9:f2:b3:cc:15:f5:d3:0b:07:cb:a2:02:
e0:36:d8:7a:64:ff:a2:91:b1:73:17:d5:a9:71:93:d4:9f:de:
fd:76:de:92:10:51:46:6c:fd:ea:b8:34:61:f6:b6:cd:64:28:
17:26:90:29:47:60:b4:34:04:74:45:01:f9:66:56:e5:ad:80:
5c:8a:6f:85:8f:03:fe:f1:5a:66:08:24:ac:7f:e8:c1:f8:dc:
a8:fb:1a:d9:cb:d3:dc:02:46:a8:14:0d:48:aa:e4:a9:99:eb:
69:24:89:71:e5:b8:86:7a:19:e6:d7:03:48:86:40:44:a3:b0:
fd:dd:ea:6a
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEI9Z59zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmU0ZmRkMTcyZGY4NTk3NTZjYTg1MWRkZGUxMzY3MGY0ODE3ZWUwMB4XDTIyMDEw
MTAzNTQ0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjFhOWY3YTFjNzI0
ODJiZDYyZjk4NTBlNjc1NjU5ZjY3MTJhOWYyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANcaD38ynfhSSnE1/vE4Ojs09429U77GQF56Z5PVeMzawDKN
y6QhozfuTBxLWjnLSz8oh5e1UebiaPHelZActEOIAp2gAwPfq2FrFfZC2pRIhtNm
GqaoGr8WZcAxyba2aOkwITap7UN6W1hoMwaBVos8dv4PJKanRLqFin+V0yXyo+Rt
uM8yF04Rhe167ix0Mg1QvlVfhJNP+QleL+JX5piGaGIZ6BgBgkB8MsPUb0bH44zz
1PMfiy/V9znF1CBweOvcymQc2ECS+KXrNvlH9gj/YrlTZEZhg4TTkfu+fuNy8M2n
pZRQwDaovDYxF2wyTUA3hrVvtQ1M4palmlFBfWMCAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBQhqfehxySCvWL5hQ5nVln2cSqfIDAfBgNVHSMEGDAWgBTr5P3Rct+Fl1bK
hR3d4TZw9IF+4DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzYtVDkwWExmaFpkV3lvVWQzZUUyY1BTQmZ1QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWQvYTU5NjlmLWMwMTYtNDUzMy05Y2JhLTY5NjcwMzczNjYyMS8x
L0lhbjNvY2NrZ3IxaS1ZVU9aMVpaOW5FcW55QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQv
YTU5NjlmLWMwMTYtNDUzMy05Y2JhLTY5NjcwMzczNjYyMS8xLzYtVDkwWExmaFpk
V3lvVWQzZUUyY1BTQmZ1QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowMAQCAAEwKgMEBQWUoAMEA1wquAMEBF7m0AMEBbLR
IAMEArlY7AMEAMERVQMEBNmW8DAWBAIAAjAQAwcAIAEGfC+YAwUDKgIEGDANBgkq
hkiG9w0BAQsFAAOCAQEATRJ6ygpafhH73OZeYoc8mFLW/F3swM0MsdvpBiWM4t3S
n+5UojTF99zUfbFl5Rgj5GJxfgvIpBqk60OJ/9PMutOAg+11FZ8IKzw2kmJFkdKC
iKfAvqXFtucrFT4jVEAQEz6tXnYgedHPTkNi8LwYwthMNWcgdzrYR+RmxlX9Pk8C
cofB+fKzzBX10wsHy6IC4DbYemT/opGxcxfVqXGT1J/e/XbekhBRRmz96rg0Yfa2
zWQoFyaQKUdgtDQEdEUB+WZW5a2AXIpvhY8D/vFaZggkrH/owfjcqPsa2cvT3AJG
qBQNSKrkqZnraSSJceW4hnoZ5tcDSIZARKOw/d3qag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:15 2024 by rpki-client on console-ams.rpki-client.org