Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/9exsC4t6VR0pJI1XHEUnUtp0gSI.roa
File: 9exsC4t6VR0pJI1XHEUnUtp0gSI.roa (raw, json)
Hash identifier: nWxptbWM6G2T6xrJeZM4Ey09qHeKl0yLUDqsyr1wg1c=
Subject key identifier: F5:EC:6C:0B:8B:7A:55:1D:29:24:8D:57:1C:45:27:52:DA:74:81:22
Certificate issuer: /CN=ed6da82dbc7d7e2818f96680b66efcedb1087947
Certificate serial: 0AC6A34F
Authority key identifier: ED:6D:A8:2D:BC:7D:7E:28:18:F9:66:80:B6:6E:FC:ED:B1:08:79:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7W2oLbx9figY-WaAtm787bEIeUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/9exsC4t6VR0pJI1XHEUnUtp0gSI.roa
Signing time: Sat 01 Jan 2022 14:55:41 +0000
ROA not before: Sat 01 Jan 2022 14:55:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29551
IP address blocks: 80.66.204.0/22 maxlen: 22
109.71.24.0/21 maxlen: 21
83.141.0.0/18 maxlen: 18
109.71.31.0/24 maxlen: 24
82.149.233.0/24 maxlen: 24
82.149.232.0/24 maxlen: 24
82.149.235.0/24 maxlen: 24
82.149.234.0/24 maxlen: 24
195.225.196.0/22 maxlen: 22
178.19.64.0/20 maxlen: 20
46.253.112.0/20 maxlen: 20
82.149.224.0/19 maxlen: 19
83.141.16.0/24 maxlen: 24
83.141.15.0/24 maxlen: 24
83.141.29.0/24 maxlen: 24
83.141.28.0/24 maxlen: 24
83.141.27.0/24 maxlen: 24
83.141.26.0/24 maxlen: 24
83.141.62.0/24 maxlen: 24
83.141.60.0/24 maxlen: 24
83.141.60.0/22 maxlen: 22
2a01:440::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 180790095 (0xac6a34f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed6da82dbc7d7e2818f96680b66efcedb1087947
Validity
Not Before: Jan 1 14:55:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f5ec6c0b8b7a551d29248d571c452752da748122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:66:3e:da:66:bd:3e:78:6c:a0:ad:35:59:35:
75:05:ad:d4:16:85:8a:62:f8:29:51:8c:38:45:f9:
37:bd:01:cf:a6:84:35:41:e8:b3:48:81:26:f0:6b:
02:71:c4:e7:cf:fa:79:72:5c:32:d3:72:87:79:e8:
d1:d2:ec:6d:75:b9:ee:c0:77:66:6c:06:71:40:6e:
9d:ec:6e:e5:bf:13:3f:a2:45:b8:4c:f5:e8:45:dc:
52:d7:b5:ed:cd:4f:16:47:3e:65:86:81:7f:d4:64:
35:33:ea:11:cb:24:1a:6a:28:26:5b:28:64:de:a6:
4a:b3:c0:86:9c:27:d4:6b:85:4c:68:d5:02:28:96:
56:b6:a2:e7:f8:fb:c1:f7:4e:f4:8a:e1:56:75:03:
e5:09:a7:fc:45:67:7a:f6:bb:9e:a9:78:d8:f9:7a:
8a:68:32:50:94:c3:d6:49:63:a6:68:ce:b2:86:5c:
e4:ca:6d:06:c4:bb:b1:3f:7b:fe:fe:e2:ad:e3:d3:
95:67:0f:9a:a3:cd:2b:bf:eb:35:a4:0e:27:47:5f:
fc:11:91:9e:10:bd:cf:bb:59:58:93:7e:b0:75:51:
0a:ce:1a:84:10:ac:2d:e7:38:52:b4:b5:6d:3d:3b:
f6:19:ea:b1:61:72:43:e1:5c:aa:c1:95:01:69:e0:
62:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:EC:6C:0B:8B:7A:55:1D:29:24:8D:57:1C:45:27:52:DA:74:81:22
X509v3 Authority Key Identifier:
keyid:ED:6D:A8:2D:BC:7D:7E:28:18:F9:66:80:B6:6E:FC:ED:B1:08:79:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2oLbx9figY-WaAtm787bEIeUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/9exsC4t6VR0pJI1XHEUnUtp0gSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/7W2oLbx9figY-WaAtm787bEIeUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.112.0/20
80.66.204.0/22
82.149.224.0/19
83.141.0.0/18
109.71.24.0/21
178.19.64.0/20
195.225.196.0/22
IPv6:
2a01:440::/29
Signature Algorithm: sha256WithRSAEncryption
9b:9e:f0:0b:12:87:c1:81:cb:f3:a1:02:8d:4c:4f:f0:59:f2:
9f:47:dc:aa:6f:07:8f:4b:38:1e:e5:8e:1a:a2:2f:0d:66:96:
99:64:37:03:b8:c6:f9:ea:5f:b1:94:36:9e:ed:e1:61:08:4b:
5b:3d:03:ac:25:78:86:08:4f:d8:94:f5:61:53:2f:93:6f:9c:
ac:7e:f1:c2:9f:f8:cc:ed:36:a3:78:97:94:10:06:df:8a:5c:
7b:2c:e6:ef:87:b2:14:82:63:e5:f6:b2:7c:ac:d7:7d:27:74:
0c:5e:f7:4d:49:39:80:df:af:89:52:8e:72:01:f8:fe:30:5f:
80:e9:81:3d:b3:0d:a1:6d:d7:4f:c5:5e:5a:51:ad:4f:19:1a:
e5:49:1e:c0:db:86:34:94:6d:49:34:ce:90:80:49:f7:5c:a0:
78:b1:92:a2:e7:4a:dd:ba:cb:65:40:47:23:6d:d6:0e:1c:42:
b2:e9:eb:e5:db:19:b2:77:c1:ab:84:34:d7:13:e3:12:65:1d:
95:ef:49:28:0a:5a:e5:48:0a:03:3e:c5:19:ec:84:e2:d9:d9:
bc:15:34:bd:26:dc:ff:1f:67:ee:6e:8c:95:2d:f2:37:f5:85:
38:6c:ee:3f:ab:0c:1a:dd:57:6b:98:03:be:35:ab:c9:b5:c8:
fb:07:38:a8
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIECsajTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZDZkYTgyZGJjN2Q3ZTI4MThmOTY2ODBiNjZlZmNlZGIxMDg3OTQ3MB4XDTIyMDEw
MTE0NTU0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjVlYzZjMGI4Yjdh
NTUxZDI5MjQ4ZDU3MWM0NTI3NTJkYTc0ODEyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVmPtpmvT54bKCtNVk1dQWt1BaFimL4KVGMOEX5N70Bz6aE
NUHos0iBJvBrAnHE58/6eXJcMtNyh3no0dLsbXW57sB3ZmwGcUBunexu5b8TP6JF
uEz16EXcUte17c1PFkc+ZYaBf9RkNTPqEcskGmooJlsoZN6mSrPAhpwn1GuFTGjV
AiiWVrai5/j7wfdO9IrhVnUD5Qmn/EVneva7nql42Pl6imgyUJTD1kljpmjOsoZc
5MptBsS7sT97/v7irePTlWcPmqPNK7/rNaQOJ0df/BGRnhC9z7tZWJN+sHVRCs4a
hBCsLec4UrS1bT079hnqsWFyQ+FcqsGVAWngYh0CAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBT17GwLi3pVHSkkjVccRSdS2nSBIjAfBgNVHSMEGDAWgBTtbagtvH1+KBj5
ZoC2bvztsQh5RzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdXMm9MYng5ZmlnWS1XYUF0bTc4N2JFSWVVYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvMzU0OWZiLWUzYTMtNDEyNC1iM2IwLTU5OTU3Nzg3YjAxNS8x
LzlleHNDNHQ2VlIwcEpJMVhIRVVuVXRwMGdTSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
MzU0OWZiLWUzYTMtNDEyNC1iM2IwLTU5OTU3Nzg3YjAxNS8xLzdXMm9MYng5Zmln
WS1XYUF0bTc4N2JFSWVVYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEBC79cAMEAlBCzAMEBVKV4AMEBlON
AAMEA21HGAMEBLITQAMEAsPhxDANBAIAAjAHAwUDKgEEQDANBgkqhkiG9w0BAQsF
AAOCAQEAm57wCxKHwYHL86ECjUxP8Fnyn0fcqm8Hj0s4HuWOGqIvDWaWmWQ3A7jG
+epfsZQ2nu3hYQhLWz0DrCV4hghP2JT1YVMvk2+crH7xwp/4zO02o3iXlBAG34pc
eyzm74eyFIJj5fayfKzXfSd0DF73TUk5gN+viVKOcgH4/jBfgOmBPbMNoW3XT8Ve
WlGtTxka5UkewNuGNJRtSTTOkIBJ91ygeLGSoudK3brLZUBHI23WDhxCsunr5dsZ
snfBq4Q01xPjEmUdle9JKApa5UgKAz7FGeyE4tnZvBU0vSbc/x9n7m6MlS3yN/WF
OGzuP6sMGt1Xa5gDvjWrybXI+wc4qA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:12 2023 by rpki-client on console-fra.rpki-client.org