Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/3M52kgy05iC89r84vY2e-E50VDw.roa
File: 3M52kgy05iC89r84vY2e-E50VDw.roa (raw, json)
Hash identifier: kqTwioc/qrYGsCvfAclzRM0aPhCM3CfkAadBKPrE+MM=
Subject key identifier: DC:CE:76:92:0C:B4:E6:20:BC:F6:BF:38:BD:8D:9E:F8:4E:74:54:3C
Certificate issuer: /CN=007e6b5aa437d3693151502a211496e37d4ae2c5
Certificate serial: 0409D861
Authority key identifier: 00:7E:6B:5A:A4:37:D3:69:31:51:50:2A:21:14:96:E3:7D:4A:E2:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/3M52kgy05iC89r84vY2e-E50VDw.roa
Signing time: Sat 01 Jan 2022 15:03:31 +0000
ROA not before: Sat 01 Jan 2022 15:03:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8677
IP address blocks: 193.58.80.0/21 maxlen: 24
160.92.0.0/16 maxlen: 24
193.16.186.0/23 maxlen: 24
193.16.188.0/22 maxlen: 24
193.201.76.0/23 maxlen: 24
192.136.30.0/24 maxlen: 24
89.106.184.0/21 maxlen: 24
193.56.46.0/24 maxlen: 24
2a01:20:6::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67754081 (0x409d861)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=007e6b5aa437d3693151502a211496e37d4ae2c5
Validity
Not Before: Jan 1 15:03:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dcce76920cb4e620bcf6bf38bd8d9ef84e74543c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:28:29:87:4f:fe:93:ca:9d:a9:96:0f:03:3d:
83:32:3b:11:db:0c:17:ac:5d:d1:16:e0:47:03:f4:
b1:47:e7:d1:9b:e4:03:dc:8a:f5:e3:77:4e:0f:d4:
50:9f:ad:78:1f:8b:4e:ca:c5:aa:d1:62:d8:65:e0:
8f:1b:ad:7b:cc:a6:17:32:3a:07:d1:a0:2f:62:c3:
59:b3:0a:8d:3e:9f:e5:9d:d1:23:23:d4:47:dd:82:
81:3b:81:be:72:fe:16:ce:ca:fa:c5:ea:a9:95:2b:
9c:92:ea:c9:56:47:98:81:72:fa:11:f2:9a:75:96:
1f:f9:08:de:87:34:da:46:a2:d0:5a:d6:25:72:41:
3b:24:c8:94:64:ee:ab:80:5c:5c:ef:07:c8:9f:d9:
38:f5:2b:06:64:72:4c:f5:d6:bb:9c:50:00:91:01:
04:a7:13:d5:33:0d:cd:a7:51:6c:88:c7:24:b6:76:
a9:e8:5f:5a:9b:85:c6:96:0f:12:da:2d:a0:af:1e:
89:08:49:ff:d2:d8:10:ae:83:c1:0a:77:a1:bc:b9:
09:d5:b0:08:bb:7d:52:58:11:8e:dc:3b:1f:a2:3b:
dd:b8:fa:55:1f:6d:f6:5f:3b:b6:70:3d:04:c4:8a:
13:d0:6e:6c:ea:41:ed:7a:93:53:64:3f:30:b9:a4:
eb:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:CE:76:92:0C:B4:E6:20:BC:F6:BF:38:BD:8D:9E:F8:4E:74:54:3C
X509v3 Authority Key Identifier:
keyid:00:7E:6B:5A:A4:37:D3:69:31:51:50:2A:21:14:96:E3:7D:4A:E2:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/3M52kgy05iC89r84vY2e-E50VDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/AH5rWqQ302kxUVAqIRSW431K4sU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.184.0/21
160.92.0.0/16
192.136.30.0/24
193.16.186.0-193.16.191.255
193.56.46.0/24
193.58.80.0/21
193.201.76.0/23
IPv6:
2a01:20:6::/48
Signature Algorithm: sha256WithRSAEncryption
73:08:51:ef:ec:77:e6:11:0f:ed:55:dc:45:c4:78:d6:1a:e4:
b4:29:bd:e1:7c:4b:dc:36:ed:c4:69:24:44:4b:58:ae:07:54:
ba:13:f2:81:fe:8c:37:76:25:2b:3d:d2:19:65:91:19:3c:77:
3b:fe:f2:b2:52:1b:c5:58:16:a9:af:d2:2e:eb:fc:3e:2e:f6:
36:65:d1:ea:9a:8e:da:96:04:de:93:af:d1:8e:78:2c:23:30:
aa:23:63:d4:8b:4e:37:43:29:57:0e:17:a2:37:ad:c3:ea:fa:
fa:5c:f3:87:b6:37:9c:03:3e:59:2a:7b:4b:bd:a7:f8:d1:5d:
e9:25:13:aa:49:0a:a1:ae:6e:80:ee:44:2d:bc:1e:6a:1f:ff:
fb:2c:04:a2:0c:7b:e4:cf:48:4f:e2:53:ee:7e:b6:3d:b0:7a:
b1:fa:5f:b8:e8:89:53:22:30:8d:98:b7:95:8c:19:15:1e:ff:
fe:e8:a5:bf:bd:23:7f:8e:c2:08:b3:8b:7d:57:33:2a:24:41:
18:1f:ac:be:db:e2:b4:a4:05:e6:2d:e5:93:29:c4:ba:3b:57:
86:6f:23:71:87:30:1d:8b:b6:37:dc:48:2f:81:e2:2b:e8:97:
21:fa:64:c8:64:85:26:46:50:0d:62:8b:e3:15:2c:f3:7a:a5:
2e:39:e5:50
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEBAnYYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MDdlNmI1YWE0MzdkMzY5MzE1MTUwMmEyMTE0OTZlMzdkNGFlMmM1MB4XDTIyMDEw
MTE1MDMzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGNjZTc2OTIwY2I0
ZTYyMGJjZjZiZjM4YmQ4ZDllZjg0ZTc0NTQzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOUoKYdP/pPKnamWDwM9gzI7EdsMF6xd0RbgRwP0sUfn0Zvk
A9yK9eN3Tg/UUJ+teB+LTsrFqtFi2GXgjxute8ymFzI6B9GgL2LDWbMKjT6f5Z3R
IyPUR92CgTuBvnL+Fs7K+sXqqZUrnJLqyVZHmIFy+hHymnWWH/kI3oc02kai0FrW
JXJBOyTIlGTuq4BcXO8HyJ/ZOPUrBmRyTPXWu5xQAJEBBKcT1TMNzadRbIjHJLZ2
qehfWpuFxpYPEtotoK8eiQhJ/9LYEK6DwQp3oby5CdWwCLt9UlgRjtw7H6I73bj6
VR9t9l87tnA9BMSKE9BubOpB7XqTU2Q/MLmk6xcCAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBTcznaSDLTmILz2vzi9jZ74TnRUPDAfBgNVHSMEGDAWgBQAfmtapDfTaTFR
UCohFJbjfUrixTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FINXJXcVEzMDJreFVWQXFJUlNXNDMxSzRzVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvNTE4ZmFiLTc2MDYtNDgzMi1hYTY2LTVhOGM2Nzg0MjM4OS8x
LzNNNTJrZ3kwNWlDODlyODR2WTJlLUU1MFZEdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
NTE4ZmFiLTc2MDYtNDgzMi1hYTY2LTVhOGM2Nzg0MjM4OS8xL0FINXJXcVEzMDJr
eFVWQXFJUlNXNDMxSzRzVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowNwQCAAEwMQMEA1lquAMDAKBcAwQAwIgeMAwDBAHB
ELoDBAbBEIADBADBOC4DBAPBOlADBAHByUwwDwQCAAIwCQMHACoBACAABjANBgkq
hkiG9w0BAQsFAAOCAQEAcwhR7+x35hEP7VXcRcR41hrktCm94XxL3DbtxGkkREtY
rgdUuhPygf6MN3YlKz3SGWWRGTx3O/7yslIbxVgWqa/SLuv8Pi72NmXR6pqO2pYE
3pOv0Y54LCMwqiNj1ItON0MpVw4Xojetw+r6+lzzh7Y3nAM+WSp7S72n+NFd6SUT
qkkKoa5ugO5ELbweah//+ywEogx75M9IT+JT7n62PbB6sfpfuOiJUyIwjZi3lYwZ
FR7//uilv70jf47CCLOLfVczKiRBGB+svtvitKQF5i3lkynEujtXhm8jcYcwHYu2
N9xIL4HiK+iXIfpkyGSFJkZQDWKL4xUs83qlLjnlUA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:02 2023 by rpki-client on console-ams.rpki-client.org