Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/22NEW8qbZwm4r4zhrU6Tif5aRdo.roa
File: 22NEW8qbZwm4r4zhrU6Tif5aRdo.roa (raw, json)
Hash identifier: 3POjQZlObZEa0dETqZf4P+jqjq6MM1rFa1SUO47vHx0=
Subject key identifier: DB:63:44:5B:CA:9B:67:09:B8:AF:8C:E1:AD:4E:93:89:FE:5A:45:DA
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 03707655
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/22NEW8qbZwm4r4zhrU6Tif5aRdo.roa
Signing time: Sat 01 Jan 2022 05:06:09 +0000
ROA not before: Sat 01 Jan 2022 05:06:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198414
IP address blocks: 185.25.148.0/22 maxlen: 22
185.5.96.0/22 maxlen: 22
193.17.184.0/24 maxlen: 24
91.234.146.0/24 maxlen: 24
91.239.66.0/23 maxlen: 23
91.228.196.0/22 maxlen: 22
185.180.204.0/22 maxlen: 22
185.201.112.0/22 maxlen: 22
91.237.52.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57701973 (0x3707655)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Jan 1 05:06:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db63445bca9b6709b8af8ce1ad4e9389fe5a45da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:66:50:68:35:c2:a4:82:fb:a9:21:31:8d:0c:
1a:a2:8f:23:6c:bc:dd:d0:83:85:ec:f8:97:0b:93:
f5:41:11:c5:ab:a9:95:22:49:54:eb:b3:94:c3:7d:
03:28:f6:9e:05:41:48:59:e0:6d:cd:2c:9e:82:c9:
73:59:28:bb:ca:f1:40:b6:3f:e8:1d:a5:bb:af:6c:
f3:f5:0c:e7:58:ce:c3:46:7b:d5:1a:b5:23:d5:66:
e9:a1:ab:55:e2:e9:ba:be:d2:e7:5a:41:66:97:3e:
19:6f:af:e2:80:79:03:ee:24:1b:b7:63:a4:46:f0:
17:24:3a:9f:aa:08:91:21:14:f0:d2:8b:2b:0b:b1:
5e:98:28:24:d9:f2:ce:ad:e7:59:6d:a4:77:fa:f2:
a7:a1:94:40:ef:ff:58:2a:71:64:6e:aa:ac:18:54:
e0:b1:de:fb:90:5c:53:14:c4:4d:77:c8:85:d1:e0:
ba:c5:53:8c:08:fb:08:ce:d3:fd:d6:ce:e1:0c:0e:
f7:16:1b:95:85:48:b2:c2:6c:6b:1e:6b:60:f4:b7:
8c:3e:ee:c8:14:50:0f:e7:bb:78:65:ca:54:3a:48:
8e:9d:f9:6d:0d:5e:5e:cf:bb:09:8c:ec:35:ac:a6:
05:43:33:73:72:52:ab:66:21:65:cf:29:ca:68:a0:
a6:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:63:44:5B:CA:9B:67:09:B8:AF:8C:E1:AD:4E:93:89:FE:5A:45:DA
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/22NEW8qbZwm4r4zhrU6Tif5aRdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.196.0/22
91.234.146.0/24
91.237.52.0/24
91.239.66.0/23
185.5.96.0/22
185.25.148.0/22
185.180.204.0/22
185.201.112.0/22
193.17.184.0/24
Signature Algorithm: sha256WithRSAEncryption
29:25:05:0d:f9:4d:9a:17:04:87:ca:86:ee:c2:b4:4a:8e:b1:
bd:b1:ee:c1:16:08:31:59:e2:96:d9:a7:12:f7:d3:26:e4:01:
04:6c:98:b3:9c:a2:23:e1:55:2e:80:6b:1d:dd:11:1b:4f:f8:
17:8a:44:c9:79:71:8d:ab:6b:aa:04:c5:f4:c6:f6:3e:db:0b:
aa:2f:f8:35:86:6f:d9:04:e5:81:41:6b:42:5d:fe:4f:ca:24:
59:60:27:74:6d:5a:6d:ce:8a:c8:1b:90:95:10:96:87:71:ae:
2c:e1:de:fd:d0:e4:eb:bd:ef:60:6f:2d:5e:c8:58:08:d7:69:
3b:a3:bc:f1:0f:56:cd:0d:3c:80:41:6f:02:e7:11:a5:9e:4d:
b8:0a:0b:45:6d:d3:14:a3:d5:01:e6:54:73:ea:ba:84:57:1f:
fd:e8:fe:3b:73:9d:fa:05:e3:99:c3:d3:d7:d3:9d:f7:79:db:
10:c6:7b:d4:43:70:ad:99:04:c1:08:59:81:d6:83:23:0e:a9:
3d:3d:a6:f1:37:bd:ee:31:4c:7a:8b:d2:16:de:35:fe:0a:13:
4d:d6:77:78:a6:59:df:84:03:ba:33:90:4c:f9:44:76:bc:ab:
b5:7a:4d:33:25:80:dd:0c:b1:5e:9e:8e:f9:4f:a4:07:d2:3b:
6d:ec:40:bd
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEA3B2VTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NmE1YWE5MThjYmZlYjNlMTI5OTdmMzM4OTBmZWIyNTg5MDdiMzQzMB4XDTIyMDEw
MTA1MDYwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGI2MzQ0NWJjYTli
NjcwOWI4YWY4Y2UxYWQ0ZTkzODlmZTVhNDVkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ1mUGg1wqSC+6khMY0MGqKPI2y83dCDhez4lwuT9UERxaup
lSJJVOuzlMN9Ayj2ngVBSFngbc0snoLJc1kou8rxQLY/6B2lu69s8/UM51jOw0Z7
1Rq1I9Vm6aGrVeLpur7S51pBZpc+GW+v4oB5A+4kG7djpEbwFyQ6n6oIkSEU8NKL
KwuxXpgoJNnyzq3nWW2kd/ryp6GUQO//WCpxZG6qrBhU4LHe+5BcUxTETXfIhdHg
usVTjAj7CM7T/dbO4QwO9xYblYVIssJsax5rYPS3jD7uyBRQD+e7eGXKVDpIjp35
bQ1eXs+7CYzsNaymBUMzc3JSq2YhZc8pymigpv0CAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBTbY0RbyptnCbivjOGtTpOJ/lpF2jAfBgNVHSMEGDAWgBQmpaqRjL/rPhKZ
fzOJD+sliQezQzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pxV3FrWXlfNno0U21YOHppUV9ySllrSHMwTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvMTQzM2VhLTEwODAtNDZlNS1iNjEyLTI5N2UyODJkNjZhOC8x
LzIyTkVXOHFiWndtNHI0emhyVTZUaWY1YVJkby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
MTQzM2VhLTEwODAtNDZlNS1iNjEyLTI5N2UyODJkNjZhOC8xL0pxV3FrWXlfNno0
U21YOHppUV9ySllrSHMwTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAlvkxAMEAFvqkgMEAFvtNAMEAVvv
QgMEArkFYAMEArkZlAMEArm0zAMEArnJcAMEAMERuDANBgkqhkiG9w0BAQsFAAOC
AQEAKSUFDflNmhcEh8qG7sK0So6xvbHuwRYIMVniltmnEvfTJuQBBGyYs5yiI+FV
LoBrHd0RG0/4F4pEyXlxjatrqgTF9Mb2PtsLqi/4NYZv2QTlgUFrQl3+T8okWWAn
dG1abc6KyBuQlRCWh3GuLOHe/dDk673vYG8tXshYCNdpO6O88Q9WzQ08gEFvAucR
pZ5NuAoLRW3TFKPVAeZUc+q6hFcf/ej+O3Od+gXjmcPT19Od93nbEMZ71ENwrZkE
wQhZgdaDIw6pPT2m8Te97jFMeovSFt41/goTTdZ3eKZZ34QDujOQTPlEdryrtXpN
MyWA3QyxXp6O+U+kB9I7bexAvQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:45 2023 by rpki-client on console-ams.rpki-client.org