Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/NgZA6hg6YcYvmMTx6UfAHZd5xqc.roa
File: NgZA6hg6YcYvmMTx6UfAHZd5xqc.roa (raw, json)
Hash identifier: RDUMfHqhPbkGrn8jtCaBDLOQUjdQ82Ul3wZhKjhHweI=
Subject key identifier: 36:06:40:EA:18:3A:61:C6:2F:98:C4:F1:E9:47:C0:1D:97:79:C6:A7
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01828E78422E837698437E318AE5A8ED33F3
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/NgZA6hg6YcYvmMTx6UfAHZd5xqc.roa
Signing time: Thu 11 Aug 2022 19:53:41 +0000
ROA not before: Thu 11 Aug 2022 19:53:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 91.214.200.0/22 maxlen: 22
45.88.124.0/22 maxlen: 22
194.56.152.0/23 maxlen: 24
91.242.81.0/24 maxlen: 24
5.180.4.0/22 maxlen: 22
194.35.52.0/22 maxlen: 22
91.242.105.0/24 maxlen: 24
91.242.108.0/22 maxlen: 22
91.242.107.0/24 maxlen: 24
91.242.120.0/21 maxlen: 21
193.46.211.0/24 maxlen: 24
91.242.64.0/22 maxlen: 22
5.182.28.0/22 maxlen: 22
194.50.188.0/23 maxlen: 23
194.50.206.0/23 maxlen: 23
195.138.96.0/19 maxlen: 24
194.50.200.0/23 maxlen: 23
2.57.152.0/22 maxlen: 22
45.140.32.0/22 maxlen: 22
45.128.20.0/22 maxlen: 22
194.50.184.0/23 maxlen: 23
95.214.152.0/22 maxlen: 22
45.150.168.0/22 maxlen: 22
45.150.180.0/22 maxlen: 22
2.56.0.0/22 maxlen: 22
185.173.244.0/22 maxlen: 24
185.173.247.0/24 maxlen: 24
2.57.212.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8e:78:42:2e:83:76:98:43:7e:31:8a:e5:a8:ed:33:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Aug 11 19:53:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=360640ea183a61c62f98c4f1e947c01d9779c6a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7a:d3:8b:a8:36:db:a6:7c:1c:e5:a5:58:a1:
6f:3a:7e:7a:fb:e5:a7:0a:7f:48:4b:0d:0d:7b:c2:
20:0b:60:d2:a0:a3:a5:4f:d5:af:b0:57:f1:fb:b8:
33:e2:2c:de:04:75:5c:cd:66:41:f0:3c:7c:f9:0d:
73:35:bf:b5:77:64:73:fc:f9:25:e0:84:ee:f3:5f:
15:9f:f1:a0:92:44:b5:a1:6e:d5:f7:f5:40:d9:b3:
0e:21:d4:85:e6:c2:f2:bf:fb:3e:9d:ec:7f:f1:8b:
eb:b2:09:fe:68:d7:d0:30:88:fd:7a:71:8b:77:70:
87:88:de:d4:a1:09:6b:62:5c:ff:0f:a4:53:82:31:
74:b7:37:b2:58:de:16:14:cf:8b:ba:ef:70:c9:30:
0b:5c:40:84:99:31:64:58:c1:dc:93:b3:3e:81:62:
6e:5a:ae:5c:50:64:79:c6:d3:d7:dd:ba:93:26:6e:
82:93:d9:10:53:c9:e6:6a:a3:18:24:56:0f:bd:f6:
fc:d6:30:de:71:7b:11:eb:73:20:3e:d1:8f:f6:28:
c2:ea:d6:3e:07:19:4c:a7:ab:ad:b1:ac:a6:53:30:
d0:31:7b:c5:d6:36:96:36:5d:8e:a7:a4:76:e9:de:
e1:36:36:a6:86:5e:5a:9c:fd:ee:c2:e9:45:a1:79:
ca:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:06:40:EA:18:3A:61:C6:2F:98:C4:F1:E9:47:C0:1D:97:79:C6:A7
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/NgZA6hg6YcYvmMTx6UfAHZd5xqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
2.57.152.0/22
2.57.212.0/22
5.180.4.0/22
5.182.28.0/22
45.88.124.0/22
45.128.20.0/22
45.140.32.0/22
45.150.168.0/22
45.150.180.0/22
91.214.200.0/22
91.242.64.0/22
91.242.81.0/24
91.242.105.0/24
91.242.107.0-91.242.111.255
91.242.120.0/21
95.214.152.0/22
185.173.244.0/22
193.46.211.0/24
194.35.52.0/22
194.50.184.0/23
194.50.188.0/23
194.50.200.0/23
194.50.206.0/23
194.56.152.0/23
195.138.96.0/19
Signature Algorithm: sha256WithRSAEncryption
42:c3:77:23:e4:a7:31:47:f6:0b:66:e4:05:e9:d0:91:68:e6:
4e:b2:ca:a8:a5:04:aa:70:a2:32:74:8d:5b:1c:f2:ee:01:ee:
32:dc:d2:7c:64:48:2c:77:6e:44:16:f3:d8:f5:41:4e:36:bd:
cd:d8:e7:c4:31:69:91:19:6f:56:da:40:b7:71:de:e7:46:de:
82:6e:32:eb:21:15:71:3f:d6:d8:24:42:52:8c:77:db:5d:2b:
2b:6e:f6:e4:93:f4:3f:e3:42:72:f5:e3:03:e8:e7:69:07:62:
0a:0d:f6:58:6e:20:0d:20:97:07:c7:d0:69:aa:9d:9f:9d:c8:
8d:d5:64:42:6e:1e:6b:99:71:29:b4:a2:c5:d6:e7:6c:c4:3a:
10:2f:b3:e5:13:07:c0:9e:56:b1:fd:a1:76:f4:3a:ac:0b:b8:
d1:05:67:2d:4f:c0:f1:74:cf:14:77:36:fa:aa:c7:6e:f1:be:
9a:ae:62:5b:5a:c1:cc:51:82:1f:f2:cc:06:1e:9a:35:ea:3f:
8a:3e:79:ae:dc:db:a6:29:bd:12:e1:4d:7c:ca:b8:f3:91:b0:
b6:84:dc:26:37:a2:25:14:bb:33:ad:c1:0a:0f:fa:4c:ec:77:
36:dc:5e:6e:2e:37:7f:12:a2:ea:a5:45:28:17:25:fd:90:dc:
cd:1d:3f:3a
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAYKOeEIug3aYQ34xiuWo7TPzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwODExMTk1MzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjA2NDBlYTE4M2E2MWM2MmY5OGM0ZjFlOTQ3YzAxZDk3NzljNmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXrTi6g226Z8HOWlWKFvOn56++Wn
Cn9ISw0Ne8IgC2DSoKOlT9WvsFfx+7gz4izeBHVczWZB8Dx8+Q1zNb+1d2Rz/Pkl
4ITu818Vn/GgkkS1oW7V9/VA2bMOIdSF5sLyv/s+nex/8Yvrsgn+aNfQMIj9enGL
d3CHiN7UoQlrYlz/D6RTgjF0tzeyWN4WFM+Luu9wyTALXECEmTFkWMHck7M+gWJu
Wq5cUGR5xtPX3bqTJm6Ck9kQU8nmaqMYJFYPvfb81jDecXsR63MgPtGP9ijC6tY+
BxlMp6utsaymUzDQMXvF1jaWNl2Op6R26d7hNjamhl5anP3uwulFoXnKZwIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFDYGQOoYOmHGL5jE8elHwB2XecanMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvTmdaQTZoZzZZY1l2bU1UeDZVZkFIWmQ1eHFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAIC
OAADBAICOZgDBAICOdQDBAIFtAQDBAIFthwDBAItWHwDBAItgBQDBAItjCADBAIt
lqgDBAItlrQDBAJb1sgDBAJb8kADBABb8lEDBABb8mkwDAMEAFvyawMEBFvyYAME
A1vyeAMEAl/WmAMEArmt9AMEAMEu0wMEAsIjNAMEAcIyuAMEAcIyvAMEAcIyyAME
AcIyzgMEAcI4mAMEBcOKYDANBgkqhkiG9w0BAQsFAAOCAQEAQsN3I+SnMUf2C2bk
BenQkWjmTrLKqKUEqnCiMnSNWxzy7gHuMtzSfGRILHduRBbz2PVBTja9zdjnxDFp
kRlvVtpAt3He50begm4y6yEVcT/W2CRCUox3210rK2725JP0P+NCcvXjA+jnaQdi
Cg32WG4gDSCXB8fQaaqdn53IjdVkQm4ea5lxKbSixdbnbMQ6EC+z5RMHwJ5Wsf2h
dvQ6rAu40QVnLU/A8XTPFHc2+qrHbvG+mq5iW1rBzFGCH/LMBh6aNeo/ij55rtzb
pim9EuFNfMq485GwtoTcJjeiJRS7M63BCg/6TOx3Ntxebi43fxKi6qVFKBcl/ZDc
zR0/Og==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-fra.rpki-client.org