Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/6D98ZDwbUxBgEPbBwA61gd-3DNI.roa
File: 6D98ZDwbUxBgEPbBwA61gd-3DNI.roa (raw, json)
Hash identifier: xF8KrU7A7gbWaKW9H931tjfMxxvEqB3cHbBgFCzVDvE=
Subject key identifier: E8:3F:7C:64:3C:1B:53:10:60:10:F6:C1:C0:0E:B5:81:DF:B7:0C:D2
Certificate issuer: /CN=ea0f76282df53209a58c0302e74f8a97ca3aff05
Certificate serial: 053A5100
Authority key identifier: EA:0F:76:28:2D:F5:32:09:A5:8C:03:02:E7:4F:8A:97:CA:3A:FF:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6g92KC31MgmljAMC50-Kl8o6_wU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/6D98ZDwbUxBgEPbBwA61gd-3DNI.roa
Signing time: Thu 30 Jun 2022 01:38:02 +0000
ROA not before: Thu 30 Jun 2022 01:38:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42512
IP address blocks: 91.208.65.0/24 maxlen: 24
193.110.79.0/24 maxlen: 24
91.225.120.0/22 maxlen: 22
91.225.120.0/24 maxlen: 24
91.225.123.0/24 maxlen: 24
91.225.122.0/24 maxlen: 24
91.225.121.0/24 maxlen: 24
31.43.168.0/24 maxlen: 24
31.43.168.0/22 maxlen: 22
31.43.171.0/24 maxlen: 24
31.43.170.0/24 maxlen: 24
31.43.169.0/24 maxlen: 24
31.43.182.0/24 maxlen: 24
31.43.181.0/24 maxlen: 24
31.43.180.0/22 maxlen: 22
31.43.180.0/24 maxlen: 24
31.43.183.0/24 maxlen: 24
193.110.78.0/24 maxlen: 24
193.110.77.0/24 maxlen: 24
193.110.76.0/22 maxlen: 22
193.110.76.0/24 maxlen: 24
2001:67c:a28::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87707904 (0x53a5100)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea0f76282df53209a58c0302e74f8a97ca3aff05
Validity
Not Before: Jun 30 01:38:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e83f7c643c1b53106010f6c1c00eb581dfb70cd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:93:cb:1a:16:b3:73:5a:6c:9f:9c:c7:56:bd:
ec:e8:ef:39:63:75:7e:ab:92:1c:ac:ab:0d:ac:24:
5d:e1:c2:49:a7:14:65:4e:35:f7:63:95:ce:8b:6c:
c6:5b:65:4e:34:8a:55:28:5b:a5:ef:04:a3:21:e1:
db:11:27:35:1e:3a:e6:c1:44:57:41:9c:ac:e9:36:
c8:79:17:ec:7e:58:e4:21:98:68:b5:c3:5f:37:81:
42:15:3e:2c:70:37:73:77:27:01:94:bb:b8:a5:dd:
a4:50:4b:ab:1f:8d:80:dc:4d:56:f8:8c:06:7a:bc:
65:79:3c:98:df:dc:f9:72:98:81:12:36:64:49:f6:
ed:f8:d9:4d:a0:c0:00:36:95:35:40:06:df:6a:a0:
98:c8:4f:09:21:49:c6:72:55:95:55:83:41:67:0b:
4d:55:23:9a:33:ed:de:07:95:b9:a0:aa:dd:1a:f6:
da:e4:50:2f:f3:2d:b2:a6:f9:db:ee:d9:11:8e:2f:
a0:24:c3:04:22:1c:70:20:fe:03:23:a0:ae:c5:6a:
0a:b2:1d:36:e5:eb:8f:d0:68:ad:34:09:91:b8:1a:
12:4f:f4:8b:91:7a:9c:12:24:e2:d4:50:1d:16:87:
af:21:37:04:5f:92:72:de:14:8b:82:84:91:8f:2d:
fd:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:3F:7C:64:3C:1B:53:10:60:10:F6:C1:C0:0E:B5:81:DF:B7:0C:D2
X509v3 Authority Key Identifier:
keyid:EA:0F:76:28:2D:F5:32:09:A5:8C:03:02:E7:4F:8A:97:CA:3A:FF:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6g92KC31MgmljAMC50-Kl8o6_wU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/6D98ZDwbUxBgEPbBwA61gd-3DNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/6g92KC31MgmljAMC50-Kl8o6_wU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.168.0/22
31.43.180.0/22
91.208.65.0/24
91.225.120.0/22
193.110.76.0/22
IPv6:
2001:67c:a28::/48
Signature Algorithm: sha256WithRSAEncryption
30:66:3b:e0:57:ce:37:2e:2f:67:7e:38:93:8f:29:cb:29:d7:
82:fb:d6:6e:d2:f3:7e:ae:e1:33:4a:55:99:3b:b9:24:0d:87:
c0:bd:96:34:4d:ad:eb:a8:0b:35:df:f4:b6:c7:da:cc:33:cd:
f6:36:6e:94:cb:e2:da:43:67:75:78:eb:03:41:30:f2:0b:4b:
a9:80:06:d3:7a:93:d2:1c:35:d8:89:42:1d:47:9e:d8:b2:42:
f2:c7:70:27:db:96:bc:2c:63:69:19:b8:e5:c4:8d:08:e0:db:
40:eb:57:52:03:76:43:db:32:77:7f:c8:4a:94:19:9d:a0:c4:
12:33:d9:61:a1:cf:c6:35:f9:33:c9:39:b8:49:f9:b6:7a:5e:
d8:2e:b8:81:cd:96:5e:1a:b4:d5:9d:28:92:b9:d5:2b:75:3a:
6c:1b:7c:29:8e:c8:f6:66:87:e9:f3:74:b6:e0:89:00:6f:d6:
fb:ec:da:63:8b:9a:15:28:e6:17:52:bd:2b:e5:26:d0:1a:9a:
c9:f1:f8:68:89:44:fe:ff:11:67:50:98:0b:9d:f1:c8:21:8c:
b8:7c:0d:3d:7e:1d:2f:91:27:c6:35:88:41:40:d6:53:84:4d:
cb:1b:11:e1:4c:40:76:e4:37:d2:47:6f:81:ef:88:89:af:c9:
8e:69:29:c8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEBTpRADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YTBmNzYyODJkZjUzMjA5YTU4YzAzMDJlNzRmOGE5N2NhM2FmZjA1MB4XDTIyMDYz
MDAxMzgwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTgzZjdjNjQzYzFi
NTMxMDYwMTBmNmMxYzAwZWI1ODFkZmI3MGNkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJGTyxoWs3NabJ+cx1a97OjvOWN1fquSHKyrDawkXeHCSacU
ZU4192OVzotsxltlTjSKVShbpe8EoyHh2xEnNR465sFEV0GcrOk2yHkX7H5Y5CGY
aLXDXzeBQhU+LHA3c3cnAZS7uKXdpFBLqx+NgNxNVviMBnq8ZXk8mN/c+XKYgRI2
ZEn27fjZTaDAADaVNUAG32qgmMhPCSFJxnJVlVWDQWcLTVUjmjPt3geVuaCq3Rr2
2uRQL/Mtsqb52+7ZEY4voCTDBCIccCD+AyOgrsVqCrIdNuXrj9BorTQJkbgaEk/0
i5F6nBIk4tRQHRaHryE3BF+Sct4Ui4KEkY8t/fkCAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBToP3xkPBtTEGAQ9sHADrWB37cM0jAfBgNVHSMEGDAWgBTqD3YoLfUyCaWM
AwLnT4qXyjr/BTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZnOTJLQzMxTWdtbGpBTUM1MC1LbDhvNl93VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTYvZTdmYTU1LTU5MjUtNGJhOS1hZDM4LWJlN2M4MTk0ODMyNC8x
LzZEOThaRHdiVXhCZ0VQYkJ3QTYxZ2QtM0ROSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTYv
ZTdmYTU1LTU5MjUtNGJhOS1hZDM4LWJlN2M4MTk0ODMyNC8xLzZnOTJLQzMxTWdt
bGpBTUM1MC1LbDhvNl93VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwJAQCAAEwHgMEAh8rqAMEAh8rtAMEAFvQQQMEAlvh
eAMEAsFuTDAPBAIAAjAJAwcAIAEGfAooMA0GCSqGSIb3DQEBCwUAA4IBAQAwZjvg
V843Li9nfjiTjynLKdeC+9Zu0vN+ruEzSlWZO7kkDYfAvZY0Ta3rqAs13/S2x9rM
M832Nm6Uy+LaQ2d1eOsDQTDyC0upgAbTepPSHDXYiUIdR57YskLyx3An25a8LGNp
GbjlxI0I4NtA61dSA3ZD2zJ3f8hKlBmdoMQSM9lhoc/GNfkzyTm4Sfm2el7YLriB
zZZeGrTVnSiSudUrdTpsG3wpjsj2Zofp83S24IkAb9b77Npji5oVKOYXUr0r5SbQ
GprJ8fhoiUT+/xFnUJgLnfHIIYy4fA09fh0vkSfGNYhBQNZThE3LGxHhTEB25DfS
R2+B74iJr8mOaSnI
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:38 2023 by rpki-client on console-fra.rpki-client.org