Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/aJi83k9oiRxpST5LvXheejCgLLg.roa
File: aJi83k9oiRxpST5LvXheejCgLLg.roa (raw, json)
Hash identifier: bXrr1uvbao2EyVZZrGtff8LewwiFw//KPxUrMhv5e2o=
Subject key identifier: 68:98:BC:DE:4F:68:89:1C:69:49:3E:4B:BD:78:5E:7A:30:A0:2C:B8
Certificate issuer: /CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Certificate serial: 0184BEEC3077F721A13AD61E9BF6D9A35893
Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/aJi83k9oiRxpST5LvXheejCgLLg.roa
Signing time: Mon 28 Nov 2022 15:47:40 +0000
ROA not before: Mon 28 Nov 2022 15:47:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202422
IP address blocks: 92.223.102.0/24 maxlen: 24
80.93.209.0/24 maxlen: 24
80.93.210.0/24 maxlen: 24
80.93.219.0/24 maxlen: 24
80.93.218.0/24 maxlen: 24
80.93.214.0/24 maxlen: 24
80.93.215.0/24 maxlen: 24
80.93.217.0/24 maxlen: 24
80.93.223.0/24 maxlen: 24
92.38.148.0/24 maxlen: 24
92.38.155.0/24 maxlen: 24
92.38.173.0/24 maxlen: 24
5.188.148.0/24 maxlen: 24
92.38.186.0/23 maxlen: 24
92.38.186.0/24 maxlen: 24
92.38.180.0/24 maxlen: 24
5.8.24.0/24 maxlen: 24
78.111.105.0/24 maxlen: 24
78.111.99.0/24 maxlen: 24
78.111.102.0/24 maxlen: 24
78.111.101.0/24 maxlen: 24
217.195.193.0/24 maxlen: 24
92.38.187.0/24 maxlen: 24
5.188.169.0/24 maxlen: 24
146.185.236.0/24 maxlen: 24
146.185.237.0/24 maxlen: 24
37.9.33.0/24 maxlen: 24
37.9.32.0/24 maxlen: 24
146.185.248.0/24 maxlen: 24
217.195.205.0/24 maxlen: 24
146.185.216.0/24 maxlen: 24
146.185.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:be:ec:30:77:f7:21:a1:3a:d6:1e:9b:f6:d9:a3:58:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Validity
Not Before: Nov 28 15:47:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6898bcde4f68891c69493e4bbd785e7a30a02cb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:97:88:50:68:ab:11:7a:5a:bc:8c:50:da:b8:
3f:ae:9d:3d:dc:e3:1d:68:ac:9d:f6:7d:ce:d7:6b:
dd:4e:42:b3:a8:35:af:d7:20:5b:6d:9a:73:f2:3b:
d6:68:22:a2:99:00:5c:53:0b:51:a4:b3:6d:e9:e7:
1b:c8:82:64:40:de:be:d1:9b:7e:31:c5:3b:32:a8:
aa:d3:56:32:fb:5a:a7:c1:b5:2f:b3:d1:ad:69:31:
31:08:1b:ab:8a:eb:10:81:3f:9d:19:91:cb:88:35:
9a:f8:8d:d1:4e:fc:a2:5b:b3:ca:cb:e2:5d:24:72:
9d:95:bf:8d:a6:23:3f:2c:06:6d:4d:5f:d1:14:47:
4e:a9:ab:42:d4:f9:0a:95:93:07:1e:af:d2:b3:af:
20:64:5a:49:95:8c:19:e5:1b:7f:50:41:b7:6e:35:
a3:43:0e:67:f3:2f:a1:6a:eb:50:33:86:b4:8c:81:
96:25:29:db:34:64:53:4c:d5:81:f1:39:9b:d7:42:
12:1e:b7:9e:e6:ed:2d:14:63:75:0b:6a:ca:9a:04:
98:99:60:d1:37:d9:99:6a:de:55:69:04:3e:5f:ad:
71:89:a9:99:e9:19:04:c4:d5:50:eb:e3:01:46:d4:
42:57:a3:66:9f:77:5f:58:2a:ae:41:3b:d4:7e:c4:
fa:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:98:BC:DE:4F:68:89:1C:69:49:3E:4B:BD:78:5E:7A:30:A0:2C:B8
X509v3 Authority Key Identifier:
keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/aJi83k9oiRxpST5LvXheejCgLLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.24.0/24
5.188.148.0/24
5.188.169.0/24
37.9.32.0/23
78.111.99.0/24
78.111.101.0-78.111.102.255
78.111.105.0/24
80.93.209.0-80.93.210.255
80.93.214.0/23
80.93.217.0-80.93.219.255
80.93.223.0/24
92.38.148.0/24
92.38.155.0/24
92.38.173.0/24
92.38.180.0/24
92.38.186.0/23
92.223.102.0/24
146.185.216.0/23
146.185.236.0/23
146.185.248.0/24
217.195.193.0/24
217.195.205.0/24
Signature Algorithm: sha256WithRSAEncryption
96:8f:73:c3:31:93:89:c3:be:02:f0:f3:c5:d5:aa:27:51:a8:
b5:89:ab:8a:e4:70:b4:c7:f6:d2:44:be:02:d4:f0:53:58:7e:
27:13:f5:f1:ac:38:fb:d5:29:d3:4e:39:ab:c6:33:a5:7a:d7:
92:ca:33:8d:87:3e:58:7c:49:8d:bc:c7:0a:ee:68:dc:95:8a:
ee:2e:45:3c:50:62:51:2b:3d:32:8a:50:d7:ae:1e:59:16:c6:
42:4a:1e:1a:d7:f0:b5:c0:d8:15:85:f6:4c:ba:98:2f:27:e3:
a6:3c:c6:f2:e9:b6:f4:b6:c7:9e:00:fe:d4:ae:ec:2e:f3:e4:
92:ab:28:71:35:79:4c:c4:2b:b6:a4:4f:d6:ab:be:6a:bb:19:
58:0a:48:2d:00:03:11:6c:49:e1:b7:13:bc:92:b1:97:bf:56:
db:db:b5:76:50:8d:b9:3c:93:cf:71:df:59:18:97:0a:f2:58:
b6:cd:1e:c1:f7:92:21:7f:6d:0b:d8:f8:d6:f7:fc:9b:77:96:
97:ef:65:cd:6b:3a:fc:08:c0:0e:a6:a4:b7:eb:4a:9d:9e:52:
4d:27:89:29:79:5a:67:03:d4:bb:3a:90:bb:96:7d:b2:6a:d1:
1c:85:3a:03:f0:ec:cd:09:d2:a9:b3:da:bd:af:77:eb:b7:2c:
4c:a5:c1:b1
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYS+7DB39yGhOtYem/bZo1iTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw
MDhhZWMwHhcNMjIxMTI4MTU0NzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODk4YmNkZTRmNjg4OTFjNjk0OTNlNGJiZDc4NWU3YTMwYTAyY2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0peIUGirEXpavIxQ2rg/rp093OMd
aKyd9n3O12vdTkKzqDWv1yBbbZpz8jvWaCKimQBcUwtRpLNt6ecbyIJkQN6+0Zt+
McU7Mqiq01Yy+1qnwbUvs9GtaTExCBuriusQgT+dGZHLiDWa+I3RTvyiW7PKy+Jd
JHKdlb+NpiM/LAZtTV/RFEdOqatC1PkKlZMHHq/Ss68gZFpJlYwZ5Rt/UEG3bjWj
Qw5n8y+hautQM4a0jIGWJSnbNGRTTNWB8Tmb10ISHree5u0tFGN1C2rKmgSYmWDR
N9mZat5VaQQ+X61xiamZ6RkExNVQ6+MBRtRCV6Nmn3dfWCquQTvUfsT6rQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFGiYvN5PaIkcaUk+S714XnowoCy4MB8GA1UdIwQY
MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt
YjA3ZDg0MTZhZTRhLzEvYUppODNrOW9pUnhwU1Q1THZYaGVlakNnTExnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh
LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAAF
CBgDBAAFvJQDBAAFvKkDBAElCSADBABOb2MwDAMEAE5vZQMEAE5vZgMEAE5vaTAM
AwQAUF3RAwQAUF3SAwQBUF3WMAwDBABQXdkDBAJQXdgDBABQXd8DBABcJpQDBABc
JpsDBABcJq0DBABcJrQDBAFcJroDBABc32YDBAGSudgDBAGSuewDBACSufgDBADZ
w8EDBADZw80wDQYJKoZIhvcNAQELBQADggEBAJaPc8Mxk4nDvgLw88XVqidRqLWJ
q4rkcLTH9tJEvgLU8FNYficT9fGsOPvVKdNOOavGM6V615LKM42HPlh8SY28xwru
aNyViu4uRTxQYlErPTKKUNeuHlkWxkJKHhrX8LXA2BWF9ky6mC8n46Y8xvLptvS2
x54A/tSu7C7z5JKrKHE1eUzEK7akT9arvmq7GVgKSC0AAxFsSeG3E7ySsZe/Vtvb
tXZQjbk8k89x31kYlwryWLbNHsH3kiF/bQvY+Nb3/Jt3lpfvZc1rOvwIwA6mpLfr
Sp2eUk0niSl5WmcD1Ls6kLuWfbJq0RyFOgPw7M0J0qmz2r2vd+u3LEylwbE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:56 2023 by rpki-client on console-ams.rpki-client.org