Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/30112f-0e9d-4fc8-b854-b1565b255854/1/rrGrB4IxaPfm4LvdHVD4PITWgs0.roa
File: rrGrB4IxaPfm4LvdHVD4PITWgs0.roa (raw, json)
Hash identifier: Qokd5DX88HWzxBHngQrREqqbvPdylCauh11Ji6d7Rdc=
Subject key identifier: AE:B1:AB:07:82:31:68:F7:E6:E0:BB:DD:1D:50:F8:3C:84:D6:82:CD
Certificate issuer: /CN=a5472b1473bc781b70440315c83d119c8abc86fc
Certificate serial: 0401FE23
Authority key identifier: A5:47:2B:14:73:BC:78:1B:70:44:03:15:C8:3D:11:9C:8A:BC:86:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pUcrFHO8eBtwRAMVyD0RnIq8hvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/30112f-0e9d-4fc8-b854-b1565b255854/1/rrGrB4IxaPfm4LvdHVD4PITWgs0.roa
Signing time: Sat 01 Jan 2022 06:02:09 +0000
ROA not before: Sat 01 Jan 2022 06:02:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15457
IP address blocks: 89.109.64.0/18 maxlen: 18
188.125.192.0/19 maxlen: 19
185.80.76.0/22 maxlen: 22
213.138.224.0/19 maxlen: 19
95.172.160.0/19 maxlen: 19
213.190.192.0/19 maxlen: 19
159.255.48.0/20 maxlen: 20
83.223.160.0/19 maxlen: 19
84.23.192.0/19 maxlen: 19
2a00:d180::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67239459 (0x401fe23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5472b1473bc781b70440315c83d119c8abc86fc
Validity
Not Before: Jan 1 06:02:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aeb1ab07823168f7e6e0bbdd1d50f83c84d682cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:69:c5:dd:d3:1b:fc:1d:f6:a9:ca:34:49:36:
23:df:6a:ee:57:e5:6e:18:2e:c0:f3:ee:30:37:99:
77:a6:55:cf:b4:1b:fc:45:bf:b0:82:c8:01:d6:f8:
d7:78:b8:78:92:c5:33:0b:ac:9e:f5:11:de:36:d1:
39:f8:84:e6:fa:74:2d:f8:39:0a:d4:c1:2d:00:73:
ce:24:57:11:12:47:67:0a:85:25:c4:08:25:44:c4:
85:75:61:78:9d:18:ca:48:1c:37:55:db:4c:70:13:
6a:d7:c6:55:f9:b7:3b:b9:ff:df:cc:25:00:ec:64:
12:64:be:aa:36:c5:07:f0:07:49:bb:74:b5:b6:1c:
da:5e:7c:68:e5:af:e7:58:55:52:d6:f9:28:08:f1:
c7:d8:45:7f:07:58:bc:bf:29:37:46:17:7e:0e:86:
41:c4:bf:c4:72:c6:a8:eb:74:85:e3:9d:18:fb:5a:
40:ce:78:3a:f6:a2:c9:f0:d2:13:88:ff:77:54:4f:
8b:cb:ff:94:09:df:1a:7c:c0:6f:50:be:48:40:25:
31:40:b6:90:69:73:67:34:f8:10:56:8c:c9:da:68:
e9:3f:db:de:c5:db:a8:fc:04:6f:6a:f8:8a:cb:e1:
3f:72:60:92:d0:9e:d7:58:e3:6d:9a:23:2e:83:0f:
05:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:B1:AB:07:82:31:68:F7:E6:E0:BB:DD:1D:50:F8:3C:84:D6:82:CD
X509v3 Authority Key Identifier:
keyid:A5:47:2B:14:73:BC:78:1B:70:44:03:15:C8:3D:11:9C:8A:BC:86:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pUcrFHO8eBtwRAMVyD0RnIq8hvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/30112f-0e9d-4fc8-b854-b1565b255854/1/rrGrB4IxaPfm4LvdHVD4PITWgs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/30112f-0e9d-4fc8-b854-b1565b255854/1/pUcrFHO8eBtwRAMVyD0RnIq8hvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.223.160.0/19
84.23.192.0/19
89.109.64.0/18
95.172.160.0/19
159.255.48.0/20
185.80.76.0/22
188.125.192.0/19
213.138.224.0/19
213.190.192.0/19
IPv6:
2a00:d180::/32
Signature Algorithm: sha256WithRSAEncryption
18:c8:d3:7a:cd:b0:c0:9d:66:49:d1:ad:8f:e0:6f:c6:9a:4b:
6a:6e:b4:f4:2c:a5:7e:89:36:3b:b9:50:11:75:89:d1:e7:92:
7b:51:dd:cf:a6:58:1d:35:cb:62:2c:6b:ca:20:1e:66:b8:42:
a2:b1:64:85:d1:3b:53:75:b1:37:a0:63:76:83:06:87:75:4d:
5f:5c:40:01:21:6d:67:87:21:dc:3a:35:31:39:08:43:2c:01:
32:b7:94:90:80:ed:fe:b4:f4:86:12:27:99:3c:ca:a9:6b:25:
cf:11:b3:18:e5:cc:4b:17:64:dc:a4:3a:47:c8:40:45:9a:04:
9b:e3:fb:8b:3a:18:d9:7d:1f:20:30:65:40:91:22:2a:e4:76:
ff:d6:4a:e4:e0:1a:f0:56:69:11:e9:be:d4:29:6b:d8:aa:a8:
4f:68:b1:43:3a:de:67:97:9d:c3:e2:7a:f0:26:f7:51:a3:20:
c8:4b:46:5b:e6:b8:b6:aa:84:e5:b1:c1:81:a5:f1:77:8d:54:
45:c8:21:9c:5d:b5:24:ba:9a:e1:88:f8:ad:6e:10:84:fe:b0:
e2:71:7f:0e:53:71:5b:9d:bd:e2:01:f0:df:66:bd:2e:ed:ad:
ec:4a:21:ee:83:8b:cd:7b:ae:52:f9:c9:4e:3e:af:7a:01:5c:
15:5b:7c:5e
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEBAH+IzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTQ3MmIxNDczYmM3ODFiNzA0NDAzMTVjODNkMTE5YzhhYmM4NmZjMB4XDTIyMDEw
MTA2MDIwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWViMWFiMDc4MjMx
NjhmN2U2ZTBiYmRkMWQ1MGY4M2M4NGQ2ODJjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJFpxd3TG/wd9qnKNEk2I99q7lflbhguwPPuMDeZd6ZVz7Qb
/EW/sILIAdb413i4eJLFMwusnvUR3jbROfiE5vp0Lfg5CtTBLQBzziRXERJHZwqF
JcQIJUTEhXVheJ0YykgcN1XbTHATatfGVfm3O7n/38wlAOxkEmS+qjbFB/AHSbt0
tbYc2l58aOWv51hVUtb5KAjxx9hFfwdYvL8pN0YXfg6GQcS/xHLGqOt0heOdGPta
QM54OvaiyfDSE4j/d1RPi8v/lAnfGnzAb1C+SEAlMUC2kGlzZzT4EFaMydpo6T/b
3sXbqPwEb2r4isvhP3JgktCe11jjbZojLoMPBUkCAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBSusasHgjFo9+bgu90dUPg8hNaCzTAfBgNVHSMEGDAWgBSlRysUc7x4G3BE
AxXIPRGciryG/DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BVY3JGSE84ZUJ0d1JBTVZ5RDBSbklxOGh2dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvMzAxMTJmLTBlOWQtNGZjOC1iODU0LWIxNTY1YjI1NTg1NC8x
L3JyR3JCNEl4YVBmbTRMdmRIVkQ0UElUV2dzMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
MzAxMTJmLTBlOWQtNGZjOC1iODU0LWIxNTY1YjI1NTg1NC8xL3BVY3JGSE84ZUJ0
d1JBTVZ5RDBSbklxOGh2dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEBVPfoAMEBVQXwAMEBlltQAMEBV+s
oAMEBJ//MAMEArlQTAMEBbx9wAMEBdWK4AMEBdW+wDANBAIAAjAHAwUAKgDRgDAN
BgkqhkiG9w0BAQsFAAOCAQEAGMjTes2wwJ1mSdGtj+BvxppLam609Cylfok2O7lQ
EXWJ0eeSe1Hdz6ZYHTXLYixryiAeZrhCorFkhdE7U3WxN6BjdoMGh3VNX1xAASFt
Z4ch3Do1MTkIQywBMreUkIDt/rT0hhInmTzKqWslzxGzGOXMSxdk3KQ6R8hARZoE
m+P7izoY2X0fIDBlQJEiKuR2/9ZK5OAa8FZpEem+1Clr2KqoT2ixQzreZ5edw+J6
8Cb3UaMgyEtGW+a4tqqE5bHBgaXxd41URcghnF21JLqa4Yj4rW4QhP6w4nF/DlNx
W5294gHw32a9Lu2t7Eoh7oOLzXuuUvnJTj6vegFcFVt8Xg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:50 2024 by rpki-client on console-ams.rpki-client.org