Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/AyF7tP92PWvUjn7hTUfVLDrhFoY.roa
File: AyF7tP92PWvUjn7hTUfVLDrhFoY.roa (raw, json)
Hash identifier: Fm/MHqGVxrEe7qWrqTrtFPuOoq7SPUJzsdE1gKtK+mI=
Subject key identifier: 03:21:7B:B4:FF:76:3D:6B:D4:8E:7E:E1:4D:47:D5:2C:3A:E1:16:86
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0996E911
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/AyF7tP92PWvUjn7hTUfVLDrhFoY.roa
Signing time: Sat 01 Jan 2022 05:04:08 +0000
ROA not before: Sat 01 Jan 2022 05:04:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199738
IP address blocks: 176.227.146.0/24 maxlen: 24
5.154.58.0/24 maxlen: 24
5.154.56.0/24 maxlen: 24
5.154.57.0/24 maxlen: 24
5.154.56.0/22 maxlen: 22
5.154.59.0/24 maxlen: 24
109.167.92.0/24 maxlen: 24
84.232.55.0/24 maxlen: 24
109.167.92.0/23 maxlen: 23
109.167.93.0/24 maxlen: 24
93.114.252.0/23 maxlen: 23
93.114.252.0/24 maxlen: 24
93.114.253.0/24 maxlen: 24
109.167.58.0/23 maxlen: 23
109.167.58.0/24 maxlen: 24
109.167.64.0/24 maxlen: 24
109.167.64.0/23 maxlen: 23
109.167.59.0/24 maxlen: 24
109.167.65.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160885009 (0x996e911)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 1 05:04:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=03217bb4ff763d6bd48e7ee14d47d52c3ae11686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a6:5b:29:ca:66:e6:af:e8:2e:b8:17:39:63:
4f:03:4e:5b:7e:e0:be:f6:45:f3:ba:be:2a:e5:83:
89:87:17:03:ed:b7:20:ff:46:f0:97:7f:d1:17:dd:
df:55:4c:5e:47:6b:46:7a:e9:6d:e9:dd:22:47:2c:
c6:ef:97:2d:01:a4:20:ec:93:f6:d6:db:b3:92:40:
92:e4:b7:5c:91:b0:08:ee:c5:6a:29:15:1d:e2:4e:
af:9f:cc:75:51:21:b8:ed:dd:84:20:e7:ab:85:a7:
d0:e7:6e:55:07:ba:85:09:5d:fd:3f:30:64:34:48:
5e:42:3a:d9:e2:3e:37:50:01:ba:c1:73:cb:aa:5e:
f3:e6:69:f0:ad:b3:2b:4d:29:bd:a7:39:43:6c:12:
82:a3:fd:74:b4:21:17:75:87:ce:ef:4c:e1:ab:6b:
03:9f:e1:67:e4:1d:f0:f1:89:a6:d3:a7:a7:ba:d3:
ab:05:61:66:40:f6:d2:ba:e5:e4:fe:6b:12:18:78:
8b:6a:a8:8d:02:b7:fb:35:44:f3:d3:51:51:a7:88:
a5:21:39:35:bf:5e:c9:92:48:22:a8:8f:0d:e6:12:
26:e6:24:90:3c:40:cd:f3:1e:88:63:44:70:34:17:
70:c6:24:67:e0:56:7c:33:91:27:67:f7:f0:a3:2d:
4a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:21:7B:B4:FF:76:3D:6B:D4:8E:7E:E1:4D:47:D5:2C:3A:E1:16:86
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/AyF7tP92PWvUjn7hTUfVLDrhFoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.56.0/22
84.232.55.0/24
93.114.252.0/23
109.167.58.0/23
109.167.64.0/23
109.167.92.0/23
176.227.146.0/24
Signature Algorithm: sha256WithRSAEncryption
12:dd:33:8b:a2:d3:ff:bb:eb:59:74:57:80:c4:2a:6e:48:ca:
33:8b:78:8d:2b:e0:f9:df:5e:27:36:75:5c:53:0a:f9:d3:ec:
01:1e:f3:4a:48:c0:ea:18:80:69:77:19:70:d0:b1:c3:18:5f:
be:a7:c5:75:2e:90:85:ab:14:b8:ec:80:0d:b4:50:9a:48:e9:
38:76:89:42:53:83:dd:80:64:74:ba:5e:2c:c3:fd:ba:86:b4:
9a:71:13:3a:f3:e3:0a:dc:42:ea:7a:4f:75:9b:64:7a:89:27:
4f:84:60:2e:b9:6c:eb:87:c7:ca:cc:62:ce:68:4d:a3:b6:27:
28:20:ef:3a:2f:80:f3:e6:50:be:01:fa:8f:a0:1e:0a:e2:23:
ed:e4:c6:3c:ee:6d:b1:b4:d1:ad:47:52:b0:ad:cf:63:5f:ed:
4b:21:73:f7:55:e1:15:de:bb:f8:74:10:f8:09:02:2e:a0:83:
0c:8a:ea:a1:6c:99:80:f8:6a:2e:21:5a:75:37:70:08:00:be:
a8:85:bb:87:de:b5:43:f8:42:99:fa:af:8b:3c:da:77:11:da:
d7:c6:b9:ec:d1:5e:af:e3:aa:d2:95:22:ae:7f:15:6c:71:41:
33:ba:2c:7d:f9:f7:04:54:77:ae:05:58:75:e4:ce:33:cc:e4:
69:17:df:8a
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIECZbpETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YWFmMTdiMDAxNWRiYjdjZDk5MmYyNmNkZmYwMWM0ZTI2MjBiNzNlMB4XDTIyMDEw
MTA1MDQwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDMyMTdiYjRmZjc2
M2Q2YmQ0OGU3ZWUxNGQ0N2Q1MmMzYWUxMTY4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALOmWynKZuav6C64FzljTwNOW37gvvZF87q+KuWDiYcXA+23
IP9G8Jd/0Rfd31VMXkdrRnrpbendIkcsxu+XLQGkIOyT9tbbs5JAkuS3XJGwCO7F
aikVHeJOr5/MdVEhuO3dhCDnq4Wn0OduVQe6hQld/T8wZDRIXkI62eI+N1ABusFz
y6pe8+Zp8K2zK00pvac5Q2wSgqP9dLQhF3WHzu9M4atrA5/hZ+Qd8PGJptOnp7rT
qwVhZkD20rrl5P5rEhh4i2qojQK3+zVE89NRUaeIpSE5Nb9eyZJIIqiPDeYSJuYk
kDxAzfMeiGNEcDQXcMYkZ+BWfDORJ2f38KMtSq0CAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBQDIXu0/3Y9a9SOfuFNR9UsOuEWhjAfBgNVHSMEGDAWgBTarxewAV27fNmS
8mzf8BxOJiC3PjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJxOFhzQUZkdTN6Wmt2SnMzX0FjVGlZZ3R6NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvYzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8x
L0F5Rjd0UDkyUFd2VWpuN2hUVWZWTERyaEZvWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
Yzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8xLzJxOFhzQUZkdTN6
Wmt2SnMzX0FjVGlZZ3R6NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAgWaOAMEAFToNwMEAV1y/AMEAW2n
OgMEAW2nQAMEAW2nXAMEALDjkjANBgkqhkiG9w0BAQsFAAOCAQEAEt0zi6LT/7vr
WXRXgMQqbkjKM4t4jSvg+d9eJzZ1XFMK+dPsAR7zSkjA6hiAaXcZcNCxwxhfvqfF
dS6QhasUuOyADbRQmkjpOHaJQlOD3YBkdLpeLMP9uoa0mnETOvPjCtxC6npPdZtk
eoknT4RgLrls64fHysxizmhNo7YnKCDvOi+A8+ZQvgH6j6AeCuIj7eTGPO5tsbTR
rUdSsK3PY1/tSyFz91XhFd67+HQQ+AkCLqCDDIrqoWyZgPhqLiFadTdwCAC+qIW7
h961Q/hCmfqvizzadxHa18a57NFer+Oq0pUirn8VbHFBM7osffn3BFR3rgVYdeTO
M8zkaRffig==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:02 2023 by rpki-client on console-ams.rpki-client.org