Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/aTxMEMBBfheCD7427kg26o_9T5k.roa
File: aTxMEMBBfheCD7427kg26o_9T5k.roa (raw, json)
Hash identifier: YBXCh75B7BbKtRtFd6m768xkmLBMQqSGju4EIEMrqoM=
Subject key identifier: 69:3C:4C:10:C0:41:7E:17:82:0F:BE:36:EE:48:36:EA:8F:FD:4F:99
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 146CDE86
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/aTxMEMBBfheCD7427kg26o_9T5k.roa
Signing time: Thu 24 Mar 2022 19:33:04 +0000
ROA not before: Thu 24 Mar 2022 19:33:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 194.50.188.0/23 maxlen: 23
194.50.206.0/23 maxlen: 23
195.138.96.0/19 maxlen: 24
194.50.200.0/23 maxlen: 23
2.57.152.0/22 maxlen: 22
91.214.200.0/22 maxlen: 22
45.128.20.0/22 maxlen: 22
194.50.184.0/23 maxlen: 23
194.35.52.0/22 maxlen: 22
95.214.152.0/22 maxlen: 22
91.242.105.0/24 maxlen: 24
91.242.100.0/23 maxlen: 23
91.242.108.0/22 maxlen: 22
45.150.168.0/22 maxlen: 22
91.242.120.0/21 maxlen: 21
2.56.0.0/22 maxlen: 22
185.173.244.0/22 maxlen: 24
91.242.64.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 342679174 (0x146cde86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Mar 24 19:33:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=693c4c10c0417e17820fbe36ee4836ea8ffd4f99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f8:e8:85:35:ec:8a:c5:94:7e:84:0a:b6:ba:
e1:ab:78:fa:ee:f1:ab:ab:a7:63:c0:3f:aa:2e:ea:
07:6c:b9:fa:d2:f0:f3:ae:49:3e:32:8b:b5:8c:c4:
38:d7:d8:54:c0:8b:78:6e:b0:37:24:e1:0c:61:46:
30:17:94:0a:53:db:6f:eb:72:f1:0b:15:da:7c:4e:
07:7a:71:b5:dd:98:6d:5b:27:ec:b7:e7:24:b6:25:
c1:4e:e2:fc:be:65:a9:ce:ee:ad:54:e1:b3:6e:e8:
bb:91:11:62:ad:7a:1c:01:26:a2:19:55:a9:18:d1:
d0:e3:52:87:c3:69:6d:d9:15:ab:87:30:e9:b3:0a:
aa:6b:39:8d:76:df:23:c5:64:3d:f9:01:99:00:2c:
c7:7a:b4:2e:3e:ad:2b:0a:5a:79:b6:3a:2c:42:a7:
61:b2:8e:c7:1c:5f:98:35:7f:ff:a1:71:d1:1b:34:
01:f5:43:2d:9d:2f:db:9e:09:d7:1e:dc:fa:02:7b:
b9:78:ce:fc:98:76:e9:80:c9:7c:e1:ef:37:b2:f2:
69:24:b9:5f:b5:32:1c:18:09:5b:4b:fd:3c:8a:ed:
52:d2:ab:8a:1f:83:0c:67:d0:58:55:08:c5:61:e6:
0e:42:ee:00:7a:4f:fd:65:ea:4a:a3:ac:d8:9c:fb:
71:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:3C:4C:10:C0:41:7E:17:82:0F:BE:36:EE:48:36:EA:8F:FD:4F:99
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/aTxMEMBBfheCD7427kg26o_9T5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
2.57.152.0/22
45.128.20.0/22
45.150.168.0/22
91.214.200.0/22
91.242.64.0/22
91.242.100.0/23
91.242.105.0/24
91.242.108.0/22
91.242.120.0/21
95.214.152.0/22
185.173.244.0/22
194.35.52.0/22
194.50.184.0/23
194.50.188.0/23
194.50.200.0/23
194.50.206.0/23
195.138.96.0/19
Signature Algorithm: sha256WithRSAEncryption
8c:e7:2f:f1:03:9b:6b:37:75:a0:09:63:2b:81:ae:e2:0b:7d:
c8:d7:17:ef:c3:1e:03:98:a1:3c:37:e8:43:ff:f6:56:bf:73:
96:9a:3f:e6:22:15:18:60:ea:47:3a:04:75:26:ef:75:be:be:
57:9c:45:18:52:a5:1f:dc:be:a2:2c:52:95:9f:c5:b5:cf:32:
a5:04:d1:2e:be:d0:52:9b:0c:4a:13:f3:b3:1f:79:94:f2:e1:
bd:3b:9b:f4:fc:fa:df:5b:0a:51:39:dd:29:a1:87:e3:8e:e5:
1c:28:fa:d2:ef:88:02:97:62:09:45:3b:ac:8e:62:b5:c1:19:
be:0d:52:ba:e7:62:77:e4:36:62:09:6a:e3:9d:49:9b:22:18:
a6:1f:51:e6:59:a8:cc:f8:ba:43:c8:02:1d:94:1d:75:97:cc:
97:f5:67:b4:8a:7a:c3:36:18:4c:ad:63:29:ec:5a:f9:04:35:
42:97:4d:7e:dd:c6:50:24:aa:26:e1:9b:e3:3f:0d:a3:b7:70:
b6:ed:ed:c5:e8:a6:4e:04:12:72:58:97:e3:b2:d0:13:40:9f:
c5:a5:e5:54:ed:45:4d:b9:6b:3f:f7:ec:66:7e:0e:b8:e6:1f:
b2:1b:a4:53:79:18:c8:c1:12:8b:3a:2d:eb:aa:55:57:3c:95:
24:d7:66:da
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIEFGzehjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDMy
NDE5MzMwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjkzYzRjMTBjMDQx
N2UxNzgyMGZiZTM2ZWU0ODM2ZWE4ZmZkNGY5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJj46IU17IrFlH6ECra64at4+u7xq6unY8A/qi7qB2y5+tLw
865JPjKLtYzEONfYVMCLeG6wNyThDGFGMBeUClPbb+ty8QsV2nxOB3pxtd2YbVsn
7LfnJLYlwU7i/L5lqc7urVThs27ou5ERYq16HAEmohlVqRjR0ONSh8NpbdkVq4cw
6bMKqms5jXbfI8VkPfkBmQAsx3q0Lj6tKwpaebY6LEKnYbKOxxxfmDV//6Fx0Rs0
AfVDLZ0v254J1x7c+gJ7uXjO/Jh26YDJfOHvN7LyaSS5X7UyHBgJW0v9PIrtUtKr
ih+DDGfQWFUIxWHmDkLuAHpP/WXqSqOs2Jz7cQkCAwEAAaOCAnAwggJsMB0GA1Ud
DgQWBBRpPEwQwEF+F4IPvjbuSDbqj/1PmTAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L2FUeE1FTUJCZmhlQ0Q3NDI3a2cyNm9fOVQ1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hQYIKwYBBQUHAQcBAf8EdjB0MHIEAgABMGwDBAICOAADBAICOZgDBAItgBQDBAIt
lqgDBAJb1sgDBAJb8kADBAFb8mQDBABb8mkDBAJb8mwDBANb8ngDBAJf1pgDBAK5
rfQDBALCIzQDBAHCMrgDBAHCMrwDBAHCMsgDBAHCMs4DBAXDimAwDQYJKoZIhvcN
AQELBQADggEBAIznL/EDm2s3daAJYyuBruILfcjXF+/DHgOYoTw36EP/9la/c5aa
P+YiFRhg6kc6BHUm73W+vlecRRhSpR/cvqIsUpWfxbXPMqUE0S6+0FKbDEoT87Mf
eZTy4b07m/T8+t9bClE53Smhh+OO5Rwo+tLviAKXYglFO6yOYrXBGb4NUrrnYnfk
NmIJauOdSZsiGKYfUeZZqMz4ukPIAh2UHXWXzJf1Z7SKesM2GEytYynsWvkENUKX
TX7dxlAkqibhm+M/DaO3cLbt7cXopk4EEnJYl+Oy0BNAn8Wl5VTtRU25az/37GZ+
DrjmH7IbpFN5GMjBEos6LeuqVVc8lSTXZto=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:50 2023 by rpki-client on console-fra.rpki-client.org