Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Q5UPgPx_kR_ruvPsWoNPhB0pvxE.roa
File: Q5UPgPx_kR_ruvPsWoNPhB0pvxE.roa (raw, json)
Hash identifier: 0Wj/NDsaSmVRA5Xwnyu927XDB/hNG7bbtriiC4jrRPU=
Subject key identifier: 43:95:0F:80:FC:7F:91:1F:EB:BA:F3:EC:5A:83:4F:84:1D:29:BF:11
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 1563DC56
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Q5UPgPx_kR_ruvPsWoNPhB0pvxE.roa
Signing time: Wed 15 Jun 2022 16:04:47 +0000
ROA not before: Wed 15 Jun 2022 16:04:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 194.50.188.0/23 maxlen: 23
194.50.206.0/23 maxlen: 23
195.138.96.0/19 maxlen: 24
194.50.200.0/23 maxlen: 23
2.57.152.0/22 maxlen: 22
91.214.200.0/22 maxlen: 22
45.128.20.0/22 maxlen: 22
194.50.184.0/23 maxlen: 23
91.242.81.0/24 maxlen: 24
194.35.52.0/22 maxlen: 22
95.214.152.0/22 maxlen: 22
91.242.105.0/24 maxlen: 24
91.242.100.0/23 maxlen: 23
91.242.108.0/22 maxlen: 22
91.242.107.0/24 maxlen: 24
45.150.168.0/22 maxlen: 22
91.242.120.0/21 maxlen: 21
45.15.244.0/22 maxlen: 22
2.56.0.0/22 maxlen: 22
185.173.244.0/22 maxlen: 24
91.242.64.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 358866006 (0x1563dc56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jun 15 16:04:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43950f80fc7f911febbaf3ec5a834f841d29bf11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f6:fe:e9:a5:2f:b7:52:7e:08:6a:4b:b4:d1:
10:6c:9c:93:2b:ac:0f:40:a4:57:fa:ff:ec:ed:f0:
96:c0:b7:ae:70:31:b9:3f:a3:8b:e0:60:07:17:84:
cb:73:93:36:72:89:d0:b0:8d:73:7a:4e:74:bb:c3:
a1:99:91:6f:da:04:d0:79:be:ef:33:33:0d:1d:fd:
fa:8b:a9:b6:8c:85:52:06:e2:ef:16:11:d5:30:35:
9d:8e:5e:44:79:9f:43:ca:88:bd:55:aa:51:7a:26:
a2:8f:cf:a5:d1:1b:f9:e7:e6:75:8a:45:d6:2f:a4:
bc:21:b0:1d:47:ba:59:c1:b2:6b:78:70:b2:06:ed:
87:92:89:c7:3e:21:ac:d9:1f:20:71:56:fe:f8:38:
ec:7e:9c:cf:a9:73:f5:85:93:77:8d:4f:75:5a:80:
e7:d5:fc:5b:a1:9f:1b:84:67:a1:8f:ee:f6:c7:3c:
09:f5:dc:a4:20:fb:73:a2:95:38:6f:db:9f:f6:97:
a6:98:47:d7:07:dd:2a:23:16:ec:27:05:33:6c:4b:
07:51:60:13:bc:73:c2:01:98:d7:65:c1:bf:2a:4f:
c1:e4:7e:54:cf:0b:3b:5a:b9:05:d6:cd:ff:19:85:
26:22:de:40:9b:57:3f:57:73:35:9d:93:d1:f5:dc:
df:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:95:0F:80:FC:7F:91:1F:EB:BA:F3:EC:5A:83:4F:84:1D:29:BF:11
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Q5UPgPx_kR_ruvPsWoNPhB0pvxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
2.57.152.0/22
45.15.244.0/22
45.128.20.0/22
45.150.168.0/22
91.214.200.0/22
91.242.64.0/22
91.242.81.0/24
91.242.100.0/23
91.242.105.0/24
91.242.107.0-91.242.111.255
91.242.120.0/21
95.214.152.0/22
185.173.244.0/22
194.35.52.0/22
194.50.184.0/23
194.50.188.0/23
194.50.200.0/23
194.50.206.0/23
195.138.96.0/19
Signature Algorithm: sha256WithRSAEncryption
92:4d:ea:66:c0:0b:b7:88:23:06:bf:3e:fb:0f:17:54:1c:83:
2c:f5:3a:11:ca:b8:d7:93:16:50:a6:67:1b:82:0f:41:c8:05:
98:65:53:67:be:88:2e:f7:3d:07:19:57:8e:f2:28:ed:17:f7:
e5:b0:20:f1:b7:30:fe:06:13:7e:ac:62:2c:82:ec:2f:0f:e4:
bf:62:af:00:3b:76:3e:7b:74:a6:aa:f8:89:6b:9b:a2:f1:50:
02:d9:40:96:e6:37:79:8c:cd:5c:b0:97:7e:4e:c5:71:d6:47:
39:08:e6:f7:b1:6e:be:bf:99:40:51:9c:f1:c0:f2:c0:4d:7c:
63:b1:bd:ca:c3:19:58:b9:b8:73:e2:10:90:65:65:8c:02:0a:
8f:c6:f1:8d:5e:78:b0:84:08:4d:98:3f:29:0a:ed:64:51:ff:
4b:d7:e2:e4:95:50:d9:e6:f9:d5:da:dc:0f:7b:63:5b:13:21:
1f:20:37:62:b6:a7:f0:df:b0:db:7b:0d:50:e8:09:b2:43:ad:
00:0a:3e:6c:66:8e:57:6e:28:f5:c2:1d:22:ca:85:1a:ca:33:
a7:5e:79:ea:04:dd:df:6d:19:07:7a:da:7c:30:99:0f:47:38:
ed:fb:52:8c:7b:77:14:38:16:10:f5:d1:c8:6e:a0:a0:dd:6b:
6f:a7:67:a9
-----BEGIN CERTIFICATE-----
MIIFbjCCBFagAwIBAgIEFWPcVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDYx
NTE2MDQ0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDM5NTBmODBmYzdm
OTExZmViYmFmM2VjNWE4MzRmODQxZDI5YmYxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKT2/umlL7dSfghqS7TREGyckyusD0CkV/r/7O3wlsC3rnAx
uT+ji+BgBxeEy3OTNnKJ0LCNc3pOdLvDoZmRb9oE0Hm+7zMzDR39+ouptoyFUgbi
7xYR1TA1nY5eRHmfQ8qIvVWqUXomoo/PpdEb+efmdYpF1i+kvCGwHUe6WcGya3hw
sgbth5KJxz4hrNkfIHFW/vg47H6cz6lz9YWTd41PdVqA59X8W6GfG4RnoY/u9sc8
CfXcpCD7c6KVOG/bn/aXpphH1wfdKiMW7CcFM2xLB1FgE7xzwgGY12XBvypPweR+
VM8LO1q5BdbN/xmFJiLeQJtXP1dzNZ2T0fXc378CAwEAAaOCAogwggKEMB0GA1Ud
DgQWBBRDlQ+A/H+RH+u68+xag0+EHSm/ETAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L1E1VVBnUHhfa1JfcnV2UHNXb05QaEIwcHZ4RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
nQYIKwYBBQUHAQcBAf8EgY0wgYowgYcEAgABMIGAAwQCAjgAAwQCAjmYAwQCLQ/0
AwQCLYAUAwQCLZaoAwQCW9bIAwQCW/JAAwQAW/JRAwQBW/JkAwQAW/JpMAwDBABb
8msDBARb8mADBANb8ngDBAJf1pgDBAK5rfQDBALCIzQDBAHCMrgDBAHCMrwDBAHC
MsgDBAHCMs4DBAXDimAwDQYJKoZIhvcNAQELBQADggEBAJJN6mbAC7eIIwa/PvsP
F1Qcgyz1OhHKuNeTFlCmZxuCD0HIBZhlU2e+iC73PQcZV47yKO0X9+WwIPG3MP4G
E36sYiyC7C8P5L9irwA7dj57dKaq+Ilrm6LxUALZQJbmN3mMzVywl35OxXHWRzkI
5vexbr6/mUBRnPHA8sBNfGOxvcrDGVi5uHPiEJBlZYwCCo/G8Y1eeLCECE2YPykK
7WRR/0vX4uSVUNnm+dXa3A97Y1sTIR8gN2K2p/DfsNt7DVDoCbJDrQAKPmxmjldu
KPXCHSLKhRrKM6deeeoE3d9tGQd62nwwmQ9HOO37Uox7dxQ4FhD10chuoKDda2+n
Z6k=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-fra.rpki-client.org