Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/6Iw2xwKKPHKB72J-FaxyuxS9q6k.roa
File: 6Iw2xwKKPHKB72J-FaxyuxS9q6k.roa (raw, json)
Hash identifier: Imj7p2HX2uAHHjj7Ep2NGD73tuK9CplunvSIvkOucZI=
Subject key identifier: E8:8C:36:C7:02:8A:3C:72:81:EF:62:7E:15:AC:72:BB:14:BD:AB:A9
Certificate issuer: /CN=6665dd97665a23b1b183e223822b66b5ae536a2f
Certificate serial: 3745623C
Authority key identifier: 66:65:DD:97:66:5A:23:B1:B1:83:E2:23:82:2B:66:B5:AE:53:6A:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/6Iw2xwKKPHKB72J-FaxyuxS9q6k.roa
Signing time: Sat 01 Jan 2022 08:53:22 +0000
ROA not before: Sat 01 Jan 2022 08:53:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 786
IP address blocks: 89.207.208.0/21 maxlen: 21
81.87.0.0/16 maxlen: 24
193.60.0.0/14 maxlen: 24
194.66.0.0/16 maxlen: 24
195.194.0.0/15 maxlen: 24
83.138.32.0/21 maxlen: 21
212.121.192.0/19 maxlen: 19
212.219.0.0/16 maxlen: 24
194.80.0.0/14 maxlen: 24
212.121.0.0/19 maxlen: 19
2001:630::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 927294012 (0x3745623c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6665dd97665a23b1b183e223822b66b5ae536a2f
Validity
Not Before: Jan 1 08:53:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e88c36c7028a3c7281ef627e15ac72bb14bdaba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:aa:a5:a4:14:a5:63:fd:8d:c6:a7:c7:38:a4:
51:87:be:a5:b3:ee:f6:7c:e9:59:13:7d:4a:e9:75:
84:be:ee:13:6d:de:2a:4c:bd:87:f7:e7:c4:e7:a0:
70:26:56:02:4a:c3:34:ae:ed:9b:c5:df:dc:98:ef:
84:0e:aa:75:aa:a4:03:37:31:59:a5:cb:90:2d:a3:
cf:57:a2:8c:13:07:03:17:94:1d:28:62:56:6f:9f:
c0:f9:18:32:64:9f:df:71:0b:d2:c6:fe:28:48:1e:
09:ee:db:e8:14:3a:9b:4b:c3:38:44:72:a2:a9:81:
d1:a5:ce:1e:e4:2b:d2:28:5b:a3:c9:ed:50:cc:7a:
91:ea:44:1c:e0:b4:f8:f3:2a:0a:f0:ae:74:0b:e4:
8b:44:56:ad:99:a7:12:ac:01:c6:1d:97:43:ac:68:
bb:72:b9:4f:2f:a2:36:36:b4:e2:f0:e3:95:0f:b9:
60:96:51:d2:3f:5b:1d:26:90:2f:cf:58:2b:25:ed:
0a:53:ca:f2:ee:fa:08:79:b4:92:75:02:3e:e8:be:
2e:4c:7a:02:76:17:49:ad:29:93:e0:7a:a4:6a:a0:
fa:5f:fb:88:53:05:d1:7f:fa:ec:10:6b:5e:af:6d:
30:f7:c2:00:8b:80:8a:b8:d7:09:3b:38:c5:3a:9f:
c2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:8C:36:C7:02:8A:3C:72:81:EF:62:7E:15:AC:72:BB:14:BD:AB:A9
X509v3 Authority Key Identifier:
keyid:66:65:DD:97:66:5A:23:B1:B1:83:E2:23:82:2B:66:B5:AE:53:6A:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/6Iw2xwKKPHKB72J-FaxyuxS9q6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.87.0.0/16
83.138.32.0/21
89.207.208.0/21
193.60.0.0/14
194.66.0.0/16
194.80.0.0/14
195.194.0.0/15
212.121.0.0/19
212.121.192.0/19
212.219.0.0/16
IPv6:
2001:630::/32
Signature Algorithm: sha256WithRSAEncryption
cc:da:d0:43:b6:71:e0:4a:f8:0e:16:72:4e:e3:2e:56:4d:36:
74:d4:8a:cb:fa:02:79:1c:15:44:b4:f9:48:23:45:e2:ac:ff:
44:2b:f3:28:c8:8c:96:09:92:3b:c4:b3:ec:9f:bc:3f:79:d6:
e0:6f:bd:05:e4:2b:f0:e3:6c:f9:3e:fa:76:55:99:a9:18:e2:
4f:13:99:6a:8b:ab:7d:b8:34:8f:e5:4c:b5:62:9e:14:52:2d:
f4:39:20:53:8b:6c:3c:50:8d:01:84:71:8e:60:09:9d:c2:48:
d3:bb:74:81:20:fa:b6:a8:8d:18:e6:55:9a:df:8e:40:91:44:
ca:e2:ef:d5:4b:f7:b0:21:56:74:78:94:52:57:ab:a7:30:54:
99:8c:fc:cf:b6:f5:33:a2:79:3e:f8:f5:89:16:6b:e0:54:06:
94:0c:ad:26:04:df:98:ab:14:a1:09:97:66:e0:cf:1b:7b:e5:
11:a1:76:c8:6b:cb:34:96:0d:4c:b9:ea:5c:dc:e8:e3:e0:71:
7d:13:fc:92:d4:e6:c8:a4:75:dc:6c:91:ad:1e:87:54:bb:75:
d7:06:94:db:ca:0f:c7:13:30:70:5f:40:71:e7:fb:a9:a7:9a:
42:6c:3d:4b:27:5c:e8:25:93:94:30:be:61:45:04:ba:07:d5:
21:43:6b:46
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEN0ViPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NjY1ZGQ5NzY2NWEyM2IxYjE4M2UyMjM4MjJiNjZiNWFlNTM2YTJmMB4XDTIyMDEw
MTA4NTMyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTg4YzM2YzcwMjhh
M2M3MjgxZWY2MjdlMTVhYzcyYmIxNGJkYWJhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKaqpaQUpWP9jcanxzikUYe+pbPu9nzpWRN9Sul1hL7uE23e
Kky9h/fnxOegcCZWAkrDNK7tm8Xf3JjvhA6qdaqkAzcxWaXLkC2jz1eijBMHAxeU
HShiVm+fwPkYMmSf33EL0sb+KEgeCe7b6BQ6m0vDOERyoqmB0aXOHuQr0ihbo8nt
UMx6kepEHOC0+PMqCvCudAvki0RWrZmnEqwBxh2XQ6xou3K5Ty+iNja04vDjlQ+5
YJZR0j9bHSaQL89YKyXtClPK8u76CHm0knUCPui+Lkx6AnYXSa0pk+B6pGqg+l/7
iFMF0X/67BBrXq9tMPfCAIuAirjXCTs4xTqfwrUCAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBTojDbHAoo8coHvYn4VrHK7FL2rqTAfBgNVHSMEGDAWgBRmZd2XZlojsbGD
4iOCK2a1rlNqLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ptWGRsMlphSTdHeGctSWpnaXRtdGE1VGFpOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvMzEyNTI5LTczZjYtNDgwOS1hZjliLWU4ZDcwNzE3ZmY4YS8x
LzZJdzJ4d0tLUEhLQjcySi1GYXh5dXhTOXE2ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
MzEyNTI5LTczZjYtNDgwOS1hZjliLWU4ZDcwNzE3ZmY4YS8xL1ptWGRsMlphSTdH
eGctSWpnaXRtdGE1VGFpOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMDAFFXAwQDU4ogAwQDWc/QAwMCwTwD
AwDCQgMDAsJQAwMBw8IDBAXUeQADBAXUecADAwDU2zANBAIAAjAHAwUAIAEGMDAN
BgkqhkiG9w0BAQsFAAOCAQEAzNrQQ7Zx4Er4DhZyTuMuVk02dNSKy/oCeRwVRLT5
SCNF4qz/RCvzKMiMlgmSO8Sz7J+8P3nW4G+9BeQr8ONs+T76dlWZqRjiTxOZaour
fbg0j+VMtWKeFFIt9DkgU4tsPFCNAYRxjmAJncJI07t0gSD6tqiNGOZVmt+OQJFE
yuLv1Uv3sCFWdHiUUlerpzBUmYz8z7b1M6J5Pvj1iRZr4FQGlAytJgTfmKsUoQmX
ZuDPG3vlEaF2yGvLNJYNTLnqXNzo4+BxfRP8ktTmyKR13GyRrR6HVLt11waU28oP
xxMwcF9Acef7qaeaQmw9Sydc6CWTlDC+YUUEugfVIUNrRg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:16 2023 by rpki-client on console-ams.rpki-client.org