Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/1oCcnlT3Boh9_1wtUQrz5N1rNBM.roa
File: 1oCcnlT3Boh9_1wtUQrz5N1rNBM.roa (raw, json)
Hash identifier: MTVObRBZ+NGgmw4nVARNTry1Ky9JtwTbcoKxpz+wAfU=
Subject key identifier: D6:80:9C:9E:54:F7:06:88:7D:FF:5C:2D:51:0A:F3:E4:DD:6B:34:13
Certificate issuer: /CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Certificate serial: 018312192F0485A53D8FDB47D4D6E1EE94CF
Authority key identifier: E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/1oCcnlT3Boh9_1wtUQrz5N1rNBM.roa
Signing time: Tue 06 Sep 2022 09:19:43 +0000
ROA not before: Tue 06 Sep 2022 09:19:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24651
IP address blocks: 188.92.16.0/24 maxlen: 32
188.92.16.0/21 maxlen: 32
82.193.64.0/19 maxlen: 32
46.23.32.0/20 maxlen: 32
89.221.122.0/23 maxlen: 23
89.221.122.0/24 maxlen: 24
89.221.123.0/24 maxlen: 24
89.221.121.0/24 maxlen: 24
89.221.124.0/23 maxlen: 24
89.221.124.0/24 maxlen: 24
89.221.125.0/24 maxlen: 24
185.31.44.0/22 maxlen: 32
89.221.126.0/23 maxlen: 24
89.221.127.0/24 maxlen: 24
109.73.96.0/20 maxlen: 32
217.195.48.0/20 maxlen: 32
85.158.72.0/21 maxlen: 24
82.193.83.0/24 maxlen: 32
185.141.52.0/22 maxlen: 32
77.93.0.0/19 maxlen: 32
185.75.236.0/22 maxlen: 32
83.99.128.0/17 maxlen: 32
212.142.64.0/18 maxlen: 32
89.221.112.0/20 maxlen: 24
2a01:4e0::/32 maxlen: 32
2a01:4e1:cc1::/64 maxlen: 64
2a04:4e00::/29 maxlen: 29
2a01:4e1:460:1::/64 maxlen: 64
2a01:4e0::/29 maxlen: 29
2a01:4e1:1745::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:12:19:2f:04:85:a5:3d:8f:db:47:d4:d6:e1:ee:94:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Validity
Not Before: Sep 6 09:19:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d6809c9e54f706887dff5c2d510af3e4dd6b3413
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:eb:30:1f:72:16:04:47:93:37:43:a2:c1:b2:
ee:85:2b:75:41:64:ed:a8:2c:34:fd:f5:71:fa:a6:
6e:72:32:b2:fb:2e:a0:9d:dc:94:ea:5a:1c:38:61:
6e:76:22:8a:d0:d2:fb:5b:53:86:59:17:c0:cf:f2:
63:40:93:ac:af:60:51:09:d9:dd:41:17:ee:3b:47:
64:6c:03:fd:55:c7:c3:2c:8e:60:e2:e1:5b:42:99:
35:d6:6c:b2:2d:1e:ca:cf:dc:6a:a7:fd:48:81:13:
14:da:e1:99:1b:17:d0:11:f9:5f:fd:74:97:0a:13:
32:6f:b3:d4:a1:5a:50:6d:5d:23:b6:0a:27:9a:7e:
41:8d:76:94:29:ce:60:f1:5d:ac:c2:b6:c9:57:f0:
ad:8c:81:82:99:6e:98:4c:31:fd:30:81:9f:a1:64:
d6:ce:c6:f1:e2:63:6d:6d:fd:15:a6:1a:ca:6c:e9:
60:b8:ed:1a:e3:ca:a3:c2:4f:5f:97:56:cc:ce:90:
df:07:be:44:9d:92:b3:94:80:c2:f5:76:7d:a8:53:
86:b1:95:af:cd:4e:d2:3d:93:ca:8b:f9:6c:66:a4:
2a:53:e5:b2:a2:c6:a3:5c:1f:0b:af:84:2a:23:ce:
c3:3b:70:53:91:af:6d:59:01:4d:9d:d6:0a:98:ce:
5a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:80:9C:9E:54:F7:06:88:7D:FF:5C:2D:51:0A:F3:E4:DD:6B:34:13
X509v3 Authority Key Identifier:
keyid:E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/1oCcnlT3Boh9_1wtUQrz5N1rNBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/5aGzZVL52sy5KsXDtEtCbWQ3SeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.32.0/20
77.93.0.0/19
82.193.64.0/19
83.99.128.0/17
85.158.72.0/21
89.221.112.0/20
109.73.96.0/20
185.31.44.0/22
185.75.236.0/22
185.141.52.0/22
188.92.16.0/21
212.142.64.0/18
217.195.48.0/20
IPv6:
2a01:4e0::/29
2a04:4e00::/29
Signature Algorithm: sha256WithRSAEncryption
44:29:87:6f:c9:80:0a:2c:1a:87:05:83:f2:dd:f0:42:19:5b:
94:ff:cb:6a:2e:78:57:9f:b7:44:81:9b:2f:7e:2c:68:81:59:
0f:01:f1:5d:47:b2:b2:4e:94:a4:fe:84:52:e6:01:2c:27:ef:
45:ae:5d:0f:78:47:90:fe:d5:7a:08:07:d4:13:e0:3a:01:b5:
a3:99:65:7a:cf:dc:d8:e7:39:13:df:aa:2b:88:a3:e5:a9:10:
c4:b6:de:c4:98:bc:af:28:6e:83:63:6d:9c:1b:9a:cb:ae:1d:
a5:bd:f9:93:3a:dd:77:99:11:3b:fa:16:d3:44:f1:4d:74:db:
c0:0b:47:45:e4:97:ea:92:21:40:79:01:5b:0a:63:e2:04:c6:
69:87:57:4d:7d:96:7f:ce:59:6d:78:c0:3e:f9:36:52:e4:9a:
25:8c:fe:25:2f:81:a5:28:3f:31:2a:da:f8:70:7f:37:01:0a:
92:c7:ca:de:ea:77:84:66:f4:ec:1a:85:7b:30:28:ff:1a:59:
7f:c7:c0:9e:75:26:c7:1c:70:72:dc:90:ff:b7:d0:c5:cf:ae:
bd:f7:c5:df:ce:de:ad:14:56:c4:d9:3e:2b:ad:c8:32:6b:eb:
d4:1c:2f:4f:a6:22:57:e4:51:de:ce:c4:f1:20:d8:af:45:80:
32:1a:75:11
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYMSGS8EhaU9j9tH1Nbh7pTPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YTFiMzY1NTJmOWRhY2NiOTJhYzVjM2I0NGI0MjZkNjQz
NzQ5ZTIwHhcNMjIwOTA2MDkxOTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjgwOWM5ZTU0ZjcwNjg4N2RmZjVjMmQ1MTBhZjNlNGRkNmIzNDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuswH3IWBEeTN0OiwbLuhSt1QWTt
qCw0/fVx+qZucjKy+y6gndyU6locOGFudiKK0NL7W1OGWRfAz/JjQJOsr2BRCdnd
QRfuO0dkbAP9VcfDLI5g4uFbQpk11myyLR7Kz9xqp/1IgRMU2uGZGxfQEflf/XSX
ChMyb7PUoVpQbV0jtgonmn5BjXaUKc5g8V2swrbJV/CtjIGCmW6YTDH9MIGfoWTW
zsbx4mNtbf0VphrKbOlguO0a48qjwk9fl1bMzpDfB75EnZKzlIDC9XZ9qFOGsZWv
zU7SPZPKi/lsZqQqU+WyosajXB8Lr4QqI87DO3BTka9tWQFNndYKmM5a8QIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFNaAnJ5U9waIff9cLVEK8+TdazQTMB8GA1UdIwQY
MBaAFOWhs2VS+drMuSrFw7RLQm1kN0niMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWFHelpWTDUyc3k1S3NYRHRFdENiV1EzU2VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iOGVhNWItM2RkNC00Mzc0LWE3OTMt
YzVlNmQyM2Y4YjA5LzEvMW9DY25sVDNCb2g5XzF3dFVRcno1TjFyTkJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iOGVhNWItM2RkNC00Mzc0LWE3OTMtYzVlNmQyM2Y4YjA5
LzEvNWFHelpWTDUyc3k1S3NYRHRFdENiV1EzU2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQELhcgAwQF
TV0AAwQFUsFAAwQHU2OAAwQDVZ5IAwQEWd1wAwQEbUlgAwQCuR8sAwQCuUvsAwQC
uY00AwQDvFwQAwQG1I5AAwQE2cMwMBQEAgACMA4DBQMqAQTgAwUDKgROADANBgkq
hkiG9w0BAQsFAAOCAQEARCmHb8mACiwahwWD8t3wQhlblP/Lai54V5+3RIGbL34s
aIFZDwHxXUeysk6UpP6EUuYBLCfvRa5dD3hHkP7VeggH1BPgOgG1o5lles/c2Oc5
E9+qK4ij5akQxLbexJi8ryhug2NtnBuay64dpb35kzrdd5kRO/oW00TxTXTbwAtH
ReSX6pIhQHkBWwpj4gTGaYdXTX2Wf85ZbXjAPvk2UuSaJYz+JS+BpSg/MSra+HB/
NwEKksfK3up3hGb07BqFezAo/xpZf8fAnnUmxxxwctyQ/7fQxc+uvffF387erRRW
xNk+K63IMmvr1BwvT6YiV+RR3s7E8SDYr0WAMhp1EQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:47 2023 by rpki-client on console-ams.rpki-client.org