Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9ZmXpFQorLnhXyviNqZqiffSGJ4.roa
File: 9ZmXpFQorLnhXyviNqZqiffSGJ4.roa (raw, json)
Hash identifier: lGCdKHBEBgbQOBThi05VeNCD3fBca91K+STpAsB0hYw=
Subject key identifier: F5:99:97:A4:54:28:AC:B9:E1:5F:2B:E2:36:A6:6A:89:F7:D2:18:9E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018371B3250BC4CA980F9175F1B101AE0046
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9ZmXpFQorLnhXyviNqZqiffSGJ4.roa
Signing time: Sat 24 Sep 2022 22:51:49 +0000
ROA not before: Sat 24 Sep 2022 22:51:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
193.58.239.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a0c:3b80::/29 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a10:cc46:1000::/36 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a10:cc40:1c0::/44 maxlen: 44
2a0f:e404:102::/48 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0e:b107:1786::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:71:b3:25:0b:c4:ca:98:0f:91:75:f1:b1:01:ae:00:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 24 22:51:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f59997a45428acb9e15f2be236a66a89f7d2189e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e6:8c:b2:17:c6:6b:b8:28:50:42:eb:10:3d:
ca:7c:85:00:30:ac:03:d5:20:e3:0b:e9:64:fb:70:
2b:c4:66:a4:6c:97:48:fb:a4:db:e7:4a:43:da:cf:
13:52:2c:c5:9b:13:82:56:61:fc:4a:31:8e:17:ee:
ce:b7:35:1d:82:50:7a:d0:3a:59:b2:fc:62:fd:ae:
82:13:9d:03:dd:10:d1:d9:4a:18:2a:1e:21:f3:27:
4a:bc:a9:4b:81:3a:6d:6d:e3:cb:67:34:c6:78:d0:
c0:a6:08:e5:44:ed:0b:dd:9d:39:d5:d4:e8:8c:57:
07:03:39:68:fc:40:a3:cd:0d:74:b5:68:8d:e0:93:
fe:b0:81:b4:c0:c8:a0:12:71:d2:61:c7:14:f9:b8:
88:c2:9d:5a:07:e4:29:72:1c:b8:5d:5b:70:ff:a2:
6e:bb:eb:db:f9:b4:9e:06:5d:a8:26:22:26:b7:e2:
56:43:6a:97:3b:ce:58:a2:4c:fe:e8:2d:85:28:bf:
09:e1:02:a1:21:3f:ac:a1:1d:a3:03:eb:46:63:d7:
13:07:95:0a:88:e0:96:d6:55:b8:59:58:c4:a6:88:
cf:51:4b:01:34:59:24:90:e4:2a:9d:d1:ba:f1:41:
34:25:9a:f0:15:76:f2:a6:bb:68:91:5c:69:ea:71:
45:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:99:97:A4:54:28:AC:B9:E1:5F:2B:E2:36:A6:6A:89:F7:D2:18:9E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9ZmXpFQorLnhXyviNqZqiffSGJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
193.58.239.0/24
194.50.92.0/24
194.50.94.0/24
194.50.111.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::/29
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:102::/48
2a10:cc40:1c0::/44
2a10:cc46:1000::/36
Signature Algorithm: sha256WithRSAEncryption
97:ab:29:f8:96:40:4e:c3:1a:a1:fa:12:32:88:27:66:26:d4:
6f:64:d0:d0:ae:69:43:85:a3:9e:b0:a1:62:c3:73:92:34:f8:
d3:a8:7c:ed:c5:a8:ca:20:c6:78:32:6e:a8:55:65:d5:81:c9:
50:cf:81:93:5c:35:5e:54:1e:66:c1:55:36:d6:17:43:b9:a2:
d8:55:92:03:8b:63:b2:75:b9:e0:0b:14:b7:bf:c0:ed:f6:b9:
29:97:51:e6:34:da:06:1e:2d:ef:7f:c2:71:fe:f0:a3:8e:22:
91:09:db:64:ef:e4:76:a4:90:1b:55:00:8b:bc:7c:2c:71:57:
b8:4e:c9:d8:da:39:5b:36:ac:75:0b:b3:bf:a4:96:f4:72:52:
ac:f7:83:d6:e5:76:02:b0:3d:e9:98:17:1e:2f:e5:6e:e4:15:
0b:04:c8:3d:f2:9b:77:90:94:53:8a:f9:5c:26:75:13:35:10:
3b:ba:b4:00:44:11:ad:c6:e2:bd:cd:93:dd:85:14:a5:3f:7d:
91:ab:60:f8:30:cc:5e:f6:4f:0c:cf:b2:c0:ca:69:41:50:ac:
ee:3d:4d:0d:88:3d:fb:9c:0f:17:22:25:6d:e5:92:d0:f9:79:
22:cf:be:35:a5:de:d2:3e:e5:a5:aa:35:25:d7:42:f2:3e:7f:
05:03:6f:d9
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYNxsyULxMqYD5F18bEBrgBGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwOTI0MjI1MTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTk5OTdhNDU0MjhhY2I5ZTE1ZjJiZTIzNmE2NmE4OWY3ZDIxODllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuaMshfGa7goUELrED3KfIUAMKwD
1SDjC+lk+3ArxGakbJdI+6Tb50pD2s8TUizFmxOCVmH8SjGOF+7OtzUdglB60DpZ
svxi/a6CE50D3RDR2UoYKh4h8ydKvKlLgTptbePLZzTGeNDApgjlRO0L3Z051dTo
jFcHAzlo/ECjzQ10tWiN4JP+sIG0wMigEnHSYccU+biIwp1aB+Qpchy4XVtw/6Ju
u+vb+bSeBl2oJiImt+JWQ2qXO85Yokz+6C2FKL8J4QKhIT+soR2jA+tGY9cTB5UK
iOCW1lW4WVjEpojPUUsBNFkkkOQqndG68UE0JZrwFXbyprtokVxp6nFF6QIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFPWZl6RUKKy54V8r4jamaon30hieMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOVptWHBGUW9yTG5oWHl2aU5xWnFpZmZTR0o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjA2BAIAATAwAwQCLYiI
AwQAVcrLAwQAXrF6AwQCixxgAwQAwTrvAwQAwjJcAwQAwjJeAwQAwjJvMGQEAgAC
MF4DBwAgAQf4ARkDBQMqCQTAAwUDKgw7gAMHACoOl8ABcAMHBCoOl8ACYAMHACoO
sQcJ8gMHACoOsQcRZQMHACoOsQcXhgMHACoP5AQBAgMHBCoQzEABwAMGBCoQzEYQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCXqyn4lkBOwxqh+hIyiCdmJtRvZNDQrmlDhaOe
sKFiw3OSNPjTqHztxajKIMZ4Mm6oVWXVgclQz4GTXDVeVB5mwVU21hdDuaLYVZID
i2OydbngCxS3v8Dt9rkpl1HmNNoGHi3vf8Jx/vCjjiKRCdtk7+R2pJAbVQCLvHws
cVe4TsnY2jlbNqx1C7O/pJb0clKs94PW5XYCsD3pmBceL+Vu5BULBMg98pt3kJRT
ivlcJnUTNRA7urQARBGtxuK9zZPdhRSlP32Rq2D4MMxe9k8Mz7LAymlBUKzuPU0N
iD37nA8XIiVt5ZLQ+Xkiz741pd7SPuWlqjUl10LyPn8FA2/Z
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:13 2023 by rpki-client on console-fra.rpki-client.org