Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/atyutjBxwOvh8sJAt2p_-dl1Ndc.roa
File: atyutjBxwOvh8sJAt2p_-dl1Ndc.roa (raw, json)
Hash identifier: iim2uiYGls0UOHhZzMi+Nb7gnbNtnH8/2+/zpcuNK8Q=
Subject key identifier: 6A:DC:AE:B6:30:71:C0:EB:E1:F2:C2:40:B7:6A:7F:F9:D9:75:35:D7
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0184EBB69239701BA09F42356F694458A03B
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/atyutjBxwOvh8sJAt2p_-dl1Ndc.roa
Signing time: Wed 07 Dec 2022 08:32:01 +0000
ROA not before: Wed 07 Dec 2022 08:32:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 45.88.124.0/22 maxlen: 22
194.56.152.0/23 maxlen: 24
91.242.81.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.107.0/24 maxlen: 24
194.242.28.0/23 maxlen: 24
193.46.211.0/24 maxlen: 24
91.242.70.0/23 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
5.182.28.0/22 maxlen: 22
45.140.32.0/22 maxlen: 22
80.94.81.0/24 maxlen: 24
80.94.80.0/23 maxlen: 23
80.94.80.0/24 maxlen: 24
45.67.117.0/24 maxlen: 24
45.15.64.0/24 maxlen: 24
45.15.64.0/22 maxlen: 22
45.15.66.0/24 maxlen: 24
45.15.67.0/24 maxlen: 24
45.15.65.0/24 maxlen: 24
45.150.180.0/22 maxlen: 22
185.173.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:eb:b6:92:39:70:1b:a0:9f:42:35:6f:69:44:58:a0:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Dec 7 08:32:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6adcaeb63071c0ebe1f2c240b76a7ff9d97535d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:cc:b5:89:b1:50:ab:7a:96:d6:2e:01:78:62:
c4:e1:bf:66:46:b4:69:fb:73:bd:34:94:f9:e0:c4:
92:9e:d1:97:28:19:26:71:ac:34:0a:2f:0a:be:89:
68:47:bb:20:d9:97:40:c5:a9:d1:fe:6a:cb:2e:91:
1f:2c:8c:fa:31:4d:aa:3f:2a:00:70:6e:a4:aa:7e:
a8:b6:bc:e5:2d:03:d6:f6:07:53:13:f1:6c:e8:df:
5a:6d:1c:f6:c5:4f:83:a4:ff:37:0c:4d:e6:e1:2f:
d9:10:85:61:1a:ba:27:f5:80:8b:93:c8:18:1c:19:
83:d9:7f:0c:a4:98:90:64:df:d2:3a:b5:38:86:63:
a4:7c:94:d7:3f:f8:36:98:91:67:36:76:24:26:dd:
87:00:8d:40:99:09:fb:30:91:86:2e:46:58:4d:97:
a3:5a:fa:7d:ed:fd:6a:d1:04:e4:1d:1b:19:2e:39:
8a:5e:a5:9f:2b:fa:12:b6:68:ea:ac:79:6f:a3:1f:
fa:91:b3:b5:74:63:e2:91:73:10:28:20:a6:05:6e:
df:1e:fd:71:63:2f:81:c0:31:d1:f8:ea:03:a8:30:
06:60:42:24:47:62:2e:66:e3:44:87:a9:54:25:5b:
39:68:e9:9d:01:88:37:39:bc:31:ad:20:08:f7:15:
ad:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:DC:AE:B6:30:71:C0:EB:E1:F2:C2:40:B7:6A:7F:F9:D9:75:35:D7
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/atyutjBxwOvh8sJAt2p_-dl1Ndc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
45.15.64.0/22
45.67.117.0/24
45.88.124.0/22
45.140.32.0/22
45.150.180.0/22
80.94.80.0/23
91.242.70.0-91.242.75.255
91.242.81.0/24
91.242.103.0/24
91.242.107.0/24
185.173.247.0/24
185.212.11.0/24
193.46.211.0/24
194.56.152.0/23
194.242.28.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:24:ca:c3:13:22:9a:fa:0f:47:c8:94:f3:7e:d8:5a:22:5e:
de:c5:d3:73:9e:58:a2:a3:c5:43:02:cb:57:ae:53:03:ce:85:
45:36:6a:e9:8a:a0:f0:70:82:7c:a8:be:87:8a:5b:b7:74:34:
e8:0c:75:37:39:b7:3e:67:74:98:c8:3a:5e:0c:ab:36:a2:7b:
c2:43:d6:1b:2e:fb:71:a1:69:e5:15:b8:9c:7f:46:3b:3f:2d:
67:0d:d8:4e:2c:ec:e8:e5:b3:77:97:fd:28:1f:d8:90:e8:36:
25:ba:ee:20:c1:92:33:df:2a:b1:22:e8:1f:40:a4:67:73:14:
45:7e:31:b9:aa:5d:43:58:0c:78:12:ab:a8:8a:60:ce:10:c0:
7d:a8:89:29:ff:f8:24:b5:d8:5d:6f:91:e9:1b:90:a4:49:72:
4e:57:e7:9f:96:25:70:8a:9c:7a:ca:87:85:e6:99:64:ce:fc:
17:8f:2f:72:99:66:67:83:3e:ff:16:4a:23:d3:d3:1c:4b:04:
ff:13:13:f7:b9:e6:89:eb:1b:8b:3c:8c:74:77:a4:f7:64:58:
66:63:4a:48:df:74:27:90:f4:fb:21:34:5f:93:4c:83:bc:db:
58:50:87:58:3c:cd:5b:3c:dc:9a:8d:45:76:aa:ce:fc:89:42:
3f:5c:59:5c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYTrtpI5cBugn0I1b2lEWKA7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIxMjA3MDgzMjAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWRjYWViNjMwNzFjMGViZTFmMmMyNDBiNzZhN2ZmOWQ5NzUzNWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8y1ibFQq3qW1i4BeGLE4b9mRrRp
+3O9NJT54MSSntGXKBkmcaw0Ci8KvoloR7sg2ZdAxanR/mrLLpEfLIz6MU2qPyoA
cG6kqn6otrzlLQPW9gdTE/Fs6N9abRz2xU+DpP83DE3m4S/ZEIVhGron9YCLk8gY
HBmD2X8MpJiQZN/SOrU4hmOkfJTXP/g2mJFnNnYkJt2HAI1AmQn7MJGGLkZYTZej
Wvp97f1q0QTkHRsZLjmKXqWfK/oStmjqrHlvox/6kbO1dGPikXMQKCCmBW7fHv1x
Yy+BwDHR+OoDqDAGYEIkR2IuZuNEh6lUJVs5aOmdAYg3ObwxrSAI9xWtBQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFGrcrrYwccDr4fLCQLdqf/nZdTXXMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvYXR5dXRqQnh3T3ZoOHNKQXQycF8tZGwxTmRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAgW2HAME
Ai0PQAMEAC1DdQMEAi1YfAMEAi2MIAMEAi2WtAMEAVBeUDAMAwQBW/JGAwQCW/JI
AwQAW/JRAwQAW/JnAwQAW/JrAwQAua33AwQAudQLAwQAwS7TAwQBwjiYAwQBwvIc
MA0GCSqGSIb3DQEBCwUAA4IBAQA6JMrDEyKa+g9HyJTzfthaIl7exdNznliio8VD
AstXrlMDzoVFNmrpiqDwcIJ8qL6Hilu3dDToDHU3Obc+Z3SYyDpeDKs2onvCQ9Yb
LvtxoWnlFbicf0Y7Py1nDdhOLOzo5bN3l/0oH9iQ6DYluu4gwZIz3yqxIugfQKRn
cxRFfjG5ql1DWAx4EquoimDOEMB9qIkp//gktdhdb5HpG5CkSXJOV+efliVwipx6
yoeF5plkzvwXjy9ymWZngz7/Fkoj09McSwT/ExP3ueaJ6xuLPIx0d6T3ZFhmY0pI
33QnkPT7ITRfk0yDvNtYUIdYPM1bPNyajUV2qs78iUI/XFlc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:36 2023 by rpki-client on console-ams.rpki-client.org