Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9e6c48-4bdd-4e60-910a-54b41e4fc63b/1/al7YN62XjLZE1doddc67MA4f_9g.roa
File: al7YN62XjLZE1doddc67MA4f_9g.roa (raw, json)
Hash identifier: Z8PQhmIBXGED8x5wR7Gc181DEuVlDcH1rtQFkt77k9E=
Subject key identifier: 6A:5E:D8:37:AD:97:8C:B6:44:D5:DA:1D:75:CE:BB:30:0E:1F:FF:D8
Certificate issuer: /CN=77dbfb3d64eb10c782562a37855b0732bd18eb3f
Certificate serial: 35A2FC2A
Authority key identifier: 77:DB:FB:3D:64:EB:10:C7:82:56:2A:37:85:5B:07:32:BD:18:EB:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d9v7PWTrEMeCVio3hVsHMr0Y6z8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9e6c48-4bdd-4e60-910a-54b41e4fc63b/1/al7YN62XjLZE1doddc67MA4f_9g.roa
Signing time: Sat 01 Jan 2022 08:55:33 +0000
ROA not before: Sat 01 Jan 2022 08:55:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43323
IP address blocks: 194.107.16.0/24 maxlen: 24
95.87.96.0/21 maxlen: 21
95.87.97.0/24 maxlen: 24
95.87.98.0/24 maxlen: 24
95.87.96.0/24 maxlen: 24
95.87.100.0/24 maxlen: 24
95.87.101.0/24 maxlen: 24
95.87.99.0/24 maxlen: 24
95.87.102.0/24 maxlen: 24
95.87.103.0/24 maxlen: 24
193.53.165.0/24 maxlen: 24
193.53.166.0/24 maxlen: 24
193.53.164.0/24 maxlen: 24
193.53.164.0/22 maxlen: 22
193.53.167.0/24 maxlen: 24
2a03:4d80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 899873834 (0x35a2fc2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77dbfb3d64eb10c782562a37855b0732bd18eb3f
Validity
Not Before: Jan 1 08:55:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a5ed837ad978cb644d5da1d75cebb300e1fffd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:82:58:c1:12:c6:ec:da:8b:64:13:5d:2c:22:
cb:32:12:85:e1:4e:de:ac:32:aa:57:46:39:eb:5a:
27:54:70:6c:fe:fb:ee:15:0a:10:3d:f3:79:62:d6:
3c:d2:60:f2:65:68:c5:ff:42:ce:c1:bd:04:f3:df:
21:58:7f:d6:e3:a6:2b:fd:7b:d5:4c:ef:ea:2e:8d:
c5:5f:b2:89:bb:d9:3a:8f:07:d2:94:d0:f7:7e:3f:
9c:46:f6:a9:50:7e:f9:d8:64:1d:b0:97:b5:0c:84:
2f:c9:5c:50:31:4b:a6:cd:05:58:80:45:04:98:65:
21:93:61:02:07:4a:1e:c3:70:df:8b:72:4c:70:1b:
2e:8f:e8:a7:d9:22:78:6e:85:22:97:24:38:98:c9:
02:19:92:b0:bf:23:ef:b8:d3:a1:e7:6c:0e:bc:df:
63:01:ff:7b:6e:c2:c2:08:9c:23:82:64:80:79:a9:
a3:26:23:5f:c0:15:7b:49:bd:fb:1e:e3:b9:2f:d6:
c9:78:b2:c3:c6:14:2c:a3:4a:14:25:fa:09:59:a3:
fa:ff:73:fc:20:0a:16:74:e0:3c:0e:95:90:f1:fd:
bc:d6:14:44:75:70:a1:c2:c3:bc:93:d4:80:76:75:
0c:37:49:51:85:41:0d:0e:55:0e:be:08:45:5c:07:
5a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:5E:D8:37:AD:97:8C:B6:44:D5:DA:1D:75:CE:BB:30:0E:1F:FF:D8
X509v3 Authority Key Identifier:
keyid:77:DB:FB:3D:64:EB:10:C7:82:56:2A:37:85:5B:07:32:BD:18:EB:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9v7PWTrEMeCVio3hVsHMr0Y6z8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9e6c48-4bdd-4e60-910a-54b41e4fc63b/1/al7YN62XjLZE1doddc67MA4f_9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9e6c48-4bdd-4e60-910a-54b41e4fc63b/1/d9v7PWTrEMeCVio3hVsHMr0Y6z8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.87.96.0/21
193.53.164.0/22
194.107.16.0/24
IPv6:
2a03:4d80::/32
Signature Algorithm: sha256WithRSAEncryption
1c:f2:26:8c:2a:e5:43:ce:0b:85:f8:68:5a:6b:95:83:3c:90:
d7:68:5a:88:66:f3:ce:60:6d:a2:35:79:5a:e4:db:e0:4b:a7:
67:ba:11:6f:22:0d:18:f8:43:dd:d8:51:08:4c:4d:19:13:16:
cb:9e:75:c8:94:75:9a:b7:da:73:dc:67:86:4b:c9:53:46:ac:
eb:32:26:9f:15:a1:ed:77:ec:88:ff:1d:6c:42:d4:7e:74:84:
b1:6a:11:ef:f2:ea:ee:7c:12:4d:a7:14:54:f8:36:56:8c:31:
72:51:63:b1:96:a7:1f:e6:88:c2:af:7a:44:ac:bd:b9:06:27:
f5:fa:46:c1:e6:73:1d:f2:7b:c2:b5:a1:a2:ee:ac:4f:4a:17:
db:1d:5d:18:85:9d:1f:15:d9:78:f6:ea:41:13:35:d9:18:35:
aa:02:56:f4:24:12:5b:b3:f2:fd:6b:9f:63:6c:d0:af:63:d9:
c5:db:09:a9:3c:d0:2f:64:a1:18:57:08:c2:d5:1c:7f:61:c3:
1d:e7:02:51:82:2b:fb:5a:ae:aa:fe:2f:59:59:c6:a3:f3:8b:
c8:97:b0:8c:61:63:99:ad:ba:3e:2f:50:09:d1:43:94:21:34:
fc:4a:5b:fe:f7:de:b3:01:72:79:3b:f7:1a:53:ef:fd:a0:bd:
dd:aa:55:61
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIENaL8KjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2RiZmIzZDY0ZWIxMGM3ODI1NjJhMzc4NTViMDczMmJkMThlYjNmMB4XDTIyMDEw
MTA4NTUzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmE1ZWQ4MzdhZDk3
OGNiNjQ0ZDVkYTFkNzVjZWJiMzAwZTFmZmZkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANaCWMESxuzai2QTXSwiyzISheFO3qwyqldGOetaJ1RwbP77
7hUKED3zeWLWPNJg8mVoxf9CzsG9BPPfIVh/1uOmK/171Uzv6i6NxV+yibvZOo8H
0pTQ934/nEb2qVB++dhkHbCXtQyEL8lcUDFLps0FWIBFBJhlIZNhAgdKHsNw34ty
THAbLo/op9kieG6FIpckOJjJAhmSsL8j77jToedsDrzfYwH/e27CwgicI4JkgHmp
oyYjX8AVe0m9+x7juS/WyXiyw8YULKNKFCX6CVmj+v9z/CAKFnTgPA6VkPH9vNYU
RHVwocLDvJPUgHZ1DDdJUYVBDQ5VDr4IRVwHWsECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRqXtg3rZeMtkTV2h11zrswDh//2DAfBgNVHSMEGDAWgBR32/s9ZOsQx4JW
KjeFWwcyvRjrPzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Q5djdQV1RyRU1lQ1ZpbzNoVnNITXIwWTZ6OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvOWU2YzQ4LTRiZGQtNGU2MC05MTBhLTU0YjQxZTRmYzYzYi8x
L2FsN1lONjJYakxaRTFkb2RkYzY3TUE0Zl85Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
OWU2YzQ4LTRiZGQtNGU2MC05MTBhLTU0YjQxZTRmYzYzYi8xL2Q5djdQV1RyRU1l
Q1ZpbzNoVnNITXIwWTZ6OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA19XYAMEAsE1pAMEAMJrEDANBAIA
AjAHAwUAKgNNgDANBgkqhkiG9w0BAQsFAAOCAQEAHPImjCrlQ84LhfhoWmuVgzyQ
12haiGbzzmBtojV5WuTb4EunZ7oRbyINGPhD3dhRCExNGRMWy551yJR1mrfac9xn
hkvJU0as6zImnxWh7XfsiP8dbELUfnSEsWoR7/Lq7nwSTacUVPg2VowxclFjsZan
H+aIwq96RKy9uQYn9fpGweZzHfJ7wrWhou6sT0oX2x1dGIWdHxXZePbqQRM12Rg1
qgJW9CQSW7Py/WufY2zQr2PZxdsJqTzQL2ShGFcIwtUcf2HDHecCUYIr+1quqv4v
WVnGo/OLyJewjGFjma26Pi9QCdFDlCE0/Epb/vfeswFyeTv3GlPv/aC93apVYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org