Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/05i9w211VOky-ReOYN5FBswj6_A.roa
File: 05i9w211VOky-ReOYN5FBswj6_A.roa (raw, json)
Hash identifier: Z6MEDjWzMRQv+m879Bisq3T0JtmKe908eaH2ttwcERs=
Subject key identifier: D3:98:BD:C3:6D:75:54:E9:32:F9:17:8E:60:DE:45:06:CC:23:EB:F0
Certificate issuer: /CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Certificate serial: 01845785987D633DC4D57998C074279B05F4
Authority key identifier: 18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/05i9w211VOky-ReOYN5FBswj6_A.roa
Signing time: Tue 08 Nov 2022 13:54:43 +0000
ROA not before: Tue 08 Nov 2022 13:54:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48716
IP address blocks: 185.146.0.0/22 maxlen: 24
185.22.64.0/22 maxlen: 24
185.102.72.0/22 maxlen: 24
78.40.108.0/23 maxlen: 24
195.93.152.0/23 maxlen: 24
195.49.208.0/21 maxlen: 24
109.233.108.0/22 maxlen: 32
77.240.38.0/23 maxlen: 24
89.219.32.0/22 maxlen: 24
194.110.54.0/23 maxlen: 24
94.247.128.0/21 maxlen: 24
91.215.137.0/24 maxlen: 32
91.215.136.0/23 maxlen: 24
91.215.136.0/24 maxlen: 24
91.215.139.0/24 maxlen: 32
195.210.46.0/23 maxlen: 24
194.39.64.0/22 maxlen: 24
194.39.64.0/23 maxlen: 24
185.35.222.0/23 maxlen: 24
194.39.67.0/24 maxlen: 24
194.39.66.0/24 maxlen: 24
91.201.214.0/23 maxlen: 24
2a00:5da0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:57:85:98:7d:63:3d:c4:d5:79:98:c0:74:27:9b:05:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Validity
Not Before: Nov 8 13:54:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d398bdc36d7554e932f9178e60de4506cc23ebf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:4c:c5:83:38:10:70:95:01:0c:2e:82:ca:82:
e7:59:f0:3f:3b:60:a0:45:05:e2:d6:be:5b:a0:5a:
3f:84:c7:2b:92:d1:9f:68:8c:e4:d3:d8:fa:5e:16:
ba:17:7c:50:30:33:6a:fb:98:87:c6:4a:af:f1:0e:
7a:56:e8:dd:dc:f1:3e:a7:d4:7e:22:74:c2:34:aa:
10:af:10:7d:96:49:0d:23:05:85:34:11:7e:57:b9:
b7:3f:d4:c0:4d:05:76:3e:6b:81:d7:03:02:1f:9a:
a6:8b:60:c0:26:ab:92:65:13:63:1a:ee:c3:a7:c0:
97:76:ea:76:75:69:90:e3:c2:82:90:c9:2c:d2:4c:
e3:9f:f4:91:ff:18:74:9b:02:4e:f9:0a:50:e1:7d:
99:6f:00:fb:56:ff:5e:bd:9f:d6:a6:de:03:a5:03:
98:df:59:a5:83:c4:83:9a:1d:6f:86:42:11:84:80:
ab:5c:d6:32:4a:71:46:3e:b5:d0:0a:9d:af:c5:5c:
b9:ec:f1:98:21:3b:50:94:d7:9b:5a:85:ef:8a:15:
8e:2f:4a:fe:f9:ad:19:1f:02:01:4b:ca:3a:b9:c5:
12:8f:10:dc:30:37:a3:0f:9b:eb:18:b6:38:ad:80:
46:15:36:ae:d8:c5:e3:14:91:47:49:27:3c:6d:7f:
2c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:98:BD:C3:6D:75:54:E9:32:F9:17:8E:60:DE:45:06:CC:23:EB:F0
X509v3 Authority Key Identifier:
keyid:18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/05i9w211VOky-ReOYN5FBswj6_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.38.0/23
78.40.108.0/23
89.219.32.0/22
91.201.214.0/23
91.215.136.0/23
91.215.139.0/24
94.247.128.0/21
109.233.108.0/22
185.22.64.0/22
185.35.222.0/23
185.102.72.0/22
185.146.0.0/22
194.39.64.0/22
194.110.54.0/23
195.49.208.0/21
195.93.152.0/23
195.210.46.0/23
IPv6:
2a00:5da0::/32
Signature Algorithm: sha256WithRSAEncryption
85:07:f0:28:05:04:7c:cf:3d:70:e5:53:24:30:c9:56:64:de:
a9:84:74:ab:6c:db:52:a5:65:ce:37:0d:69:ea:02:7c:2a:44:
ca:65:34:f9:b2:a6:db:45:bf:e5:cd:ba:c6:7e:83:2f:50:05:
9b:41:39:8d:3c:83:b8:f8:2c:83:34:99:a0:92:93:9b:d4:4b:
ce:1f:a8:8e:53:71:86:5a:fa:64:9d:ac:17:d3:be:c5:7c:49:
4e:a3:e7:e9:a5:3b:f3:b2:6e:dc:bd:60:8c:23:d4:d9:c1:94:
7f:2a:ed:92:43:d3:f0:ae:b9:c3:43:58:f0:33:dc:e0:d0:4a:
f8:5d:b5:9c:ec:06:a9:f4:ef:0e:3f:24:da:ec:8b:9d:6d:81:
8a:08:7a:84:cc:33:70:24:2a:12:d3:7b:04:57:7c:39:28:1f:
bf:06:3c:9c:9d:b2:97:46:c8:5b:1e:07:ae:05:bf:77:f2:21:
16:03:59:9e:c7:bb:39:c7:d6:6b:c7:f5:df:52:3b:30:5e:7a:
12:ad:9b:f5:d8:c4:7b:87:68:6b:fa:d1:62:dc:ac:ea:8c:4e:
16:e6:26:38:08:6f:4a:79:4b:d4:4f:42:72:6c:a0:1d:fb:dd:
21:9e:40:23:df:85:fd:bb:b9:36:b3:57:77:ec:39:40:4d:17:
14:bf:ae:8e
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYRXhZh9Yz3E1XmYwHQnmwX0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDdiNTlkMjFlYTM2YjMwNjJmY2E4MGNlNzVjMTYxNmFm
NTExOWEwHhcNMjIxMTA4MTM1NDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzk4YmRjMzZkNzU1NGU5MzJmOTE3OGU2MGRlNDUwNmNjMjNlYmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkzFgzgQcJUBDC6CyoLnWfA/O2Cg
RQXi1r5boFo/hMcrktGfaIzk09j6Xha6F3xQMDNq+5iHxkqv8Q56Vujd3PE+p9R+
InTCNKoQrxB9lkkNIwWFNBF+V7m3P9TATQV2PmuB1wMCH5qmi2DAJquSZRNjGu7D
p8CXdup2dWmQ48KCkMks0kzjn/SR/xh0mwJO+QpQ4X2ZbwD7Vv9evZ/Wpt4DpQOY
31mlg8SDmh1vhkIRhICrXNYySnFGPrXQCp2vxVy57PGYITtQlNebWoXvihWOL0r+
+a0ZHwIBS8o6ucUSjxDcMDejD5vrGLY4rYBGFTau2MXjFJFHSSc8bX8sRwIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFNOYvcNtdVTpMvkXjmDeRQbMI+vwMB8GA1UdIwQY
MBaAFBhHtZ0h6jazBi/KgM51wWFq9RGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTIt
ZjkxYmI1MTc5MjE3LzEvMDVpOXcyMTFWT2t5LVJlT1lONUZCc3dqNl9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTItZjkxYmI1MTc5MjE3
LzEvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAU3wJgME
AU4obAMEAlnbIAMEAVvJ1gMEAVvXiAMEAFvXiwMEA173gAMEAm3pbAMEArkWQAME
Abkj3gMEArlmSAMEArmSAAMEAsInQAMEAcJuNgMEA8Mx0AMEAcNdmAMEAcPSLjAN
BAIAAjAHAwUAKgBdoDANBgkqhkiG9w0BAQsFAAOCAQEAhQfwKAUEfM89cOVTJDDJ
VmTeqYR0q2zbUqVlzjcNaeoCfCpEymU0+bKm20W/5c26xn6DL1AFm0E5jTyDuPgs
gzSZoJKTm9RLzh+ojlNxhlr6ZJ2sF9O+xXxJTqPn6aU787Ju3L1gjCPU2cGUfyrt
kkPT8K65w0NY8DPc4NBK+F21nOwGqfTvDj8k2uyLnW2Bigh6hMwzcCQqEtN7BFd8
OSgfvwY8nJ2yl0bIWx4HrgW/d/IhFgNZnse7OcfWa8f131I7MF56Eq2b9djEe4do
a/rRYtys6oxOFuYmOAhvSnlL1E9CcmygHfvdIZ5AI9+F/bu5NrNXd+w5QE0XFL+u
jg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:52 2023 by rpki-client on console-ams.rpki-client.org