Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/9cQtU3r4QnfiiCc_IxGB7ObSWqg.roa
File: 9cQtU3r4QnfiiCc_IxGB7ObSWqg.roa (raw, json)
Hash identifier: Cyvt0EHU0h92e3BCkMqQyhkvOTIuuYKnNRLZFtr6BOc=
Subject key identifier: F5:C4:2D:53:7A:F8:42:77:E2:88:27:3F:23:11:81:EC:E6:D2:5A:A8
Certificate issuer: /CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Certificate serial: 39D3C6F3
Authority key identifier: 66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/9cQtU3r4QnfiiCc_IxGB7ObSWqg.roa
Signing time: Tue 07 Jun 2022 09:28:21 +0000
ROA not before: Tue 07 Jun 2022 09:28:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39122
IP address blocks: 176.52.222.0/23 maxlen: 23
185.97.236.0/22 maxlen: 22
81.17.240.0/20 maxlen: 24
200.69.8.0/21 maxlen: 21
185.206.192.0/22 maxlen: 22
194.36.58.0/23 maxlen: 23
194.36.64.0/23 maxlen: 23
78.153.192.0/19 maxlen: 24
185.2.64.0/22 maxlen: 22
46.22.128.0/20 maxlen: 20
2a01:ac::/32 maxlen: 32
2a01:a8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 970180339 (0x39d3c6f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Validity
Not Before: Jun 7 09:28:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f5c42d537af84277e288273f231181ece6d25aa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:09:9f:9e:8e:88:2b:3d:28:dc:3c:a3:84:76:
a4:22:70:df:ec:9f:d8:b1:86:d5:b3:d6:56:a3:5e:
cd:cb:fc:98:3b:89:23:fd:c6:a4:b6:46:1e:96:e3:
4e:ef:4e:54:29:33:02:98:34:c6:ce:98:10:52:cf:
ac:d1:8b:4c:06:42:b8:dc:fc:6d:0c:99:3d:5b:2f:
70:e5:69:92:97:7a:e8:d4:67:15:cf:97:d0:b7:0a:
5a:79:4f:82:b0:5c:62:79:4e:92:b3:65:14:02:d0:
f0:57:6c:61:92:34:01:6c:3a:52:c1:81:ad:dd:f0:
f5:c2:42:57:50:cf:80:54:ed:b9:da:b4:e6:89:28:
87:27:17:f2:02:b5:e6:0d:f0:64:36:92:9a:da:e2:
88:15:5e:2f:be:be:f8:f2:5f:4b:a3:b2:7a:7a:ad:
ab:cd:03:87:ef:13:1b:95:f9:70:b5:28:87:97:83:
9a:79:42:1c:22:ae:39:86:9d:1d:ab:3c:b5:72:d8:
85:59:89:6e:92:36:e7:29:37:7d:e4:54:85:e3:d6:
aa:24:bc:72:a5:93:02:9f:d1:09:45:0c:d5:8b:b1:
b8:eb:2a:33:9a:60:c9:30:75:85:c6:fd:a3:02:12:
e5:6a:21:41:e3:07:bf:5a:f9:98:e0:ee:f9:ea:a9:
1b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:C4:2D:53:7A:F8:42:77:E2:88:27:3F:23:11:81:EC:E6:D2:5A:A8
X509v3 Authority Key Identifier:
keyid:66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/9cQtU3r4QnfiiCc_IxGB7ObSWqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Zpauprq3nEj13e5KRr9Ktk2GMWA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.128.0/20
78.153.192.0/19
81.17.240.0/20
176.52.222.0/23
185.2.64.0/22
185.97.236.0/22
185.206.192.0/22
194.36.58.0/23
194.36.64.0/23
200.69.8.0/21
IPv6:
2a01:a8::/32
2a01:ac::/32
Signature Algorithm: sha256WithRSAEncryption
55:5e:14:26:01:ee:57:bd:e3:f0:a7:d8:30:53:80:ff:5d:b4:
75:3f:49:59:6b:7e:ed:35:b0:f9:f4:65:46:39:ed:9b:90:eb:
62:32:e5:95:95:60:2c:e4:86:12:94:1d:a9:f8:be:5a:53:33:
29:2c:7e:60:ee:41:ed:1d:b1:c2:b8:06:bc:21:44:b6:99:f1:
0d:69:0c:7b:3d:02:31:ab:16:c6:62:77:61:89:e9:8d:75:ee:
c3:cf:3f:25:9f:f5:67:64:c9:71:5d:92:00:24:b1:51:6b:84:
45:fd:9b:58:d3:03:bd:54:99:93:a3:97:a5:62:f4:74:d5:78:
23:68:1a:7e:d6:ed:12:46:2f:cd:f0:1c:d7:81:17:57:3e:51:
75:b6:8a:68:74:ab:3e:2a:0b:1b:ee:32:7c:af:2a:c6:e4:3e:
63:c9:c7:ae:d6:53:fc:d0:11:bc:e0:51:3a:60:0e:d9:0d:d5:
ba:fd:51:0b:d4:78:6d:b8:67:9c:3e:e2:19:b2:ac:0d:fa:66:
40:f9:89:3e:7d:69:31:60:67:a1:f6:c3:21:a4:f2:af:fd:1e:
96:59:fe:d9:82:61:16:a5:02:78:83:99:0b:a7:e1:ee:a2:10:
fc:92:25:cf:0a:f9:c1:85:1f:4d:33:3c:77:20:42:9c:bb:be:
66:47:cd:ca
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIEOdPG8zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Njk2YWVhNmJhYjc5YzQ4ZjVkZGVlNGE0NmJmNGFiNjRkODYzMTYwMB4XDTIyMDYw
NzA5MjgyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjVjNDJkNTM3YWY4
NDI3N2UyODgyNzNmMjMxMTgxZWNlNmQyNWFhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKsJn56OiCs9KNw8o4R2pCJw3+yf2LGG1bPWVqNezcv8mDuJ
I/3GpLZGHpbjTu9OVCkzApg0xs6YEFLPrNGLTAZCuNz8bQyZPVsvcOVpkpd66NRn
Fc+X0LcKWnlPgrBcYnlOkrNlFALQ8FdsYZI0AWw6UsGBrd3w9cJCV1DPgFTtudq0
5okohycX8gK15g3wZDaSmtriiBVeL76++PJfS6Oyenqtq80Dh+8TG5X5cLUoh5eD
mnlCHCKuOYadHas8tXLYhVmJbpI25yk3feRUhePWqiS8cqWTAp/RCUUM1YuxuOsq
M5pgyTB1hcb9owIS5WohQeMHv1r5mODu+eqpG/sCAwEAAaOCAlUwggJRMB0GA1Ud
DgQWBBT1xC1TevhCd+KIJz8jEYHs5tJaqDAfBgNVHSMEGDAWgBRmlq6murecSPXd
7kpGv0q2TYYxYDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pwYXVwcnEzbkVqMTNlNUtScjlLdGsyR01XQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjMvNDUyYzJiLWYyY2YtNGE5Mi1hMWNkLWYwMTk4YzZjMjQ3NC8x
LzljUXRVM3I0UW5maWlDY19JeEdCN09iU1dxZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMv
NDUyYzJiLWYyY2YtNGE5Mi1hMWNkLWYwMTk4YzZjMjQ3NC8xL1pwYXVwcnEzbkVq
MTNlNUtScjlLdGsyR01XQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBr
BggrBgEFBQcBBwEB/wRcMFowQgQCAAEwPAMEBC4WgAMEBU6ZwAMEBFER8AMEAbA0
3gMEArkCQAMEArlh7AMEArnOwAMEAcIkOgMEAcIkQAMEA8hFCDAUBAIAAjAOAwUA
KgEAqAMFACoBAKwwDQYJKoZIhvcNAQELBQADggEBAFVeFCYB7le94/Cn2DBTgP9d
tHU/SVlrfu01sPn0ZUY57ZuQ62Iy5ZWVYCzkhhKUHan4vlpTMyksfmDuQe0dscK4
BrwhRLaZ8Q1pDHs9AjGrFsZid2GJ6Y117sPPPyWf9WdkyXFdkgAksVFrhEX9m1jT
A71UmZOjl6Vi9HTVeCNoGn7W7RJGL83wHNeBF1c+UXW2imh0qz4qCxvuMnyvKsbk
PmPJx67WU/zQEbzgUTpgDtkN1br9UQvUeG24Z5w+4hmyrA36ZkD5iT59aTFgZ6H2
wyGk8q/9HpZZ/tmCYRalAniDmQun4e6iEPySJc8K+cGFH00zPHcgQpy7vmZHzco=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:04 2023 by rpki-client on console-fra.rpki-client.org