Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/OTbsTVk1JaC-19VOvTpcg8Yso1A.roa
File: OTbsTVk1JaC-19VOvTpcg8Yso1A.roa (raw, json)
Hash identifier: ZA35IKvVTVgBkqioeE4IRjGEyRvkwiUq9LwAiVS0AjA=
Subject key identifier: 39:36:EC:4D:59:35:25:A0:BE:D7:D5:4E:BD:3A:5C:83:C6:2C:A3:50
Certificate issuer: /CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Certificate serial: 2BB108D7
Authority key identifier: 4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/OTbsTVk1JaC-19VOvTpcg8Yso1A.roa
Signing time: Sat 01 Jan 2022 14:55:05 +0000
ROA not before: Sat 01 Jan 2022 14:55:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12975
IP address blocks: 213.244.71.0/24 maxlen: 24
213.244.70.0/23 maxlen: 24
213.244.70.0/24 maxlen: 24
213.244.72.0/21 maxlen: 24
213.244.76.0/24 maxlen: 24
213.244.72.0/24 maxlen: 24
83.244.75.0/24 maxlen: 24
83.244.78.0/24 maxlen: 24
83.244.74.0/24 maxlen: 24
213.244.73.0/24 maxlen: 24
83.244.73.0/24 maxlen: 24
83.244.79.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 733022423 (0x2bb108d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Validity
Not Before: Jan 1 14:55:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3936ec4d593525a0bed7d54ebd3a5c83c62ca350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:40:6f:7f:04:ca:34:17:9e:ed:8f:06:18:17:
7d:88:02:87:da:fa:07:b2:11:02:ca:53:b9:2e:df:
46:b9:1b:50:48:ad:dc:f0:5c:1a:b6:3f:a9:c6:52:
59:2e:88:24:26:7f:cf:cc:06:84:4c:89:2d:3f:2e:
6b:d1:2a:79:89:8b:a9:50:bb:8a:fb:ea:fe:ad:62:
2b:38:da:c1:aa:6f:4c:71:50:cf:33:67:e2:e3:ca:
d5:30:99:ea:bf:88:cb:68:41:60:fd:5a:92:fd:12:
47:61:cd:6d:f7:28:83:84:5f:45:cc:24:81:1d:32:
cf:b6:0a:f9:68:10:8d:be:f1:41:c5:ed:dd:8e:97:
91:f1:60:f7:e6:d8:6a:8a:2f:2d:c9:de:24:ca:93:
d2:01:dd:7f:64:25:29:b5:4c:bb:42:16:40:18:01:
1b:36:ec:2c:db:e9:d6:e6:13:32:f3:9d:f6:30:25:
70:22:d0:27:19:43:b3:6b:5e:c5:eb:3e:f8:d4:da:
09:03:68:5e:29:36:d6:a3:98:48:89:e4:a5:b1:25:
a5:a3:94:46:32:c9:cd:bf:5b:ce:ba:67:0d:d5:5e:
f2:17:54:16:13:b5:3b:ec:bf:ef:f4:cb:86:17:58:
fc:c8:47:54:7d:0c:9a:4d:dc:25:73:3f:08:7d:c9:
07:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:36:EC:4D:59:35:25:A0:BE:D7:D5:4E:BD:3A:5C:83:C6:2C:A3:50
X509v3 Authority Key Identifier:
keyid:4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/OTbsTVk1JaC-19VOvTpcg8Yso1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.244.73.0-83.244.75.255
83.244.78.0/23
213.244.70.0-213.244.79.255
Signature Algorithm: sha256WithRSAEncryption
13:5d:c1:bc:2f:50:61:93:e2:d1:02:94:0a:46:0f:b8:29:90:
c4:bd:2a:a1:79:de:8f:bb:cf:26:c8:bb:95:0e:1b:ec:07:c6:
4f:09:53:0f:a6:55:65:cf:42:6e:b7:81:40:bb:36:07:fe:f9:
99:ef:09:d2:98:af:92:95:4e:5e:d8:30:b4:89:8d:fa:73:1d:
73:e4:1c:7b:d8:df:2d:cb:bb:c1:90:46:94:6b:b1:d4:a5:39:
73:b8:75:4c:c3:f4:9e:ee:47:de:46:4a:64:47:09:82:c7:f9:
ed:77:e4:15:ea:86:e7:38:18:73:6c:7a:00:97:d4:b3:ec:3c:
00:b0:74:a2:df:1c:1d:d1:94:00:8e:77:88:be:03:c6:49:e3:
23:fe:7e:72:17:34:32:b4:fa:f4:50:2c:55:d4:06:0e:64:a0:
e2:d9:61:c7:48:e5:55:8c:43:b9:56:d8:ca:ec:b6:21:03:7f:
c8:d2:e8:be:47:00:25:48:dc:05:f9:82:19:46:bb:47:2e:07:
c8:30:ab:05:6d:27:7b:0f:24:2e:71:3a:07:bf:bd:4f:f0:c1:
90:a0:82:55:36:74:9f:9f:ee:25:a1:3e:b9:22:a4:23:b2:b6:
1e:a4:d4:f9:ee:b2:32:c7:ba:25:9c:fd:b3:e2:83:16:e9:a4:
a0:a0:6b:35
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEK7EI1zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YzM3ZjI3ZWI0OTk3YjNiZWY5ZjI4MjY2YTM5Njk0MDUwZmU3NGY5MB4XDTIyMDEw
MTE0NTUwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzkzNmVjNGQ1OTM1
MjVhMGJlZDdkNTRlYmQzYTVjODNjNjJjYTM1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJAb38EyjQXnu2PBhgXfYgCh9r6B7IRAspTuS7fRrkbUEit
3PBcGrY/qcZSWS6IJCZ/z8wGhEyJLT8ua9EqeYmLqVC7ivvq/q1iKzjawapvTHFQ
zzNn4uPK1TCZ6r+Iy2hBYP1akv0SR2HNbfcog4RfRcwkgR0yz7YK+WgQjb7xQcXt
3Y6XkfFg9+bYaoovLcneJMqT0gHdf2QlKbVMu0IWQBgBGzbsLNvp1uYTMvOd9jAl
cCLQJxlDs2texes++NTaCQNoXik21qOYSInkpbElpaOURjLJzb9bzrpnDdVe8hdU
FhO1O+y/7/TLhhdY/MhHVH0Mmk3cJXM/CH3JB3MCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBQ5NuxNWTUloL7X1U69OlyDxiyjUDAfBgNVHSMEGDAWgBRMN/J+tJl7O++f
KCZqOWlAUP50+TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1REZnlmclNaZXp2dm55Z21hamxwUUZELWRQay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvMDljZWEwLWVmMmItNGYyMC1hMTlhLWViNWE2MjdlNzZhMy8x
L09UYnNUVmsxSmFDLTE5Vk92VHBjZzhZc28xQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
MDljZWEwLWVmMmItNGYyMC1hMTlhLWViNWE2MjdlNzZhMy8xL1REZnlmclNaZXp2
dm55Z21hamxwUUZELWRQay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowKAQCAAEwIjAMAwQAU/RJAwQCU/RIAwQBU/ROMAwD
BAHV9EYDBATV9EAwDQYJKoZIhvcNAQELBQADggEBABNdwbwvUGGT4tEClApGD7gp
kMS9KqF53o+7zybIu5UOG+wHxk8JUw+mVWXPQm63gUC7Ngf++ZnvCdKYr5KVTl7Y
MLSJjfpzHXPkHHvY3y3Lu8GQRpRrsdSlOXO4dUzD9J7uR95GSmRHCYLH+e135BXq
huc4GHNsegCX1LPsPACwdKLfHB3RlACOd4i+A8ZJ4yP+fnIXNDK0+vRQLFXUBg5k
oOLZYcdI5VWMQ7lW2MrstiEDf8jS6L5HACVI3AX5ghlGu0cuB8gwqwVtJ3sPJC5x
Oge/vU/wwZCgglU2dJ+f7iWhPrkipCOyth6k1PnusjLHuiWc/bPigxbppKCgazU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:03 2023 by rpki-client on console-fra.rpki-client.org