Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/st73wP5I1lIxkEwT6lUHdJcJ3gE.roa
File: st73wP5I1lIxkEwT6lUHdJcJ3gE.roa (raw, json)
Hash identifier: mEGA1i/oelZB8XxAV3qy5GOJwouGGUawChLm55DIhhc=
Subject key identifier: B2:DE:F7:C0:FE:48:D6:52:31:90:4C:13:EA:55:07:74:97:09:DE:01
Certificate issuer: /CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Certificate serial: 386CC205
Authority key identifier: 66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/st73wP5I1lIxkEwT6lUHdJcJ3gE.roa
Signing time: Tue 04 Jan 2022 10:01:11 +0000
ROA not before: Tue 04 Jan 2022 10:01:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39122
IP address blocks: 176.52.222.0/23 maxlen: 23
185.97.236.0/22 maxlen: 22
81.17.240.0/20 maxlen: 24
194.36.58.0/23 maxlen: 23
194.36.64.0/23 maxlen: 23
78.153.192.0/19 maxlen: 24
185.2.64.0/22 maxlen: 22
46.22.128.0/20 maxlen: 20
2a01:ac::/32 maxlen: 32
2a01:a8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 946651653 (0x386cc205)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Validity
Not Before: Jan 4 10:01:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2def7c0fe48d65231904c13ea5507749709de01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:82:df:35:21:58:1c:cf:f2:36:5e:2a:75:0e:
bf:18:8c:0b:41:f7:a4:8d:a1:63:75:92:ac:36:b2:
9d:7e:e1:98:b6:cb:36:fa:8a:e9:ef:85:15:3e:13:
09:31:31:e0:7c:82:21:52:9b:a4:f1:5b:31:65:0f:
26:0a:23:7a:2e:02:6c:95:b0:e7:44:0d:77:57:e9:
b0:77:5c:76:00:23:61:c8:15:14:fb:86:be:34:eb:
cf:a8:4a:47:b8:80:b3:da:af:8d:37:50:e4:79:12:
15:4d:97:87:0f:7f:d7:c8:d8:24:f0:aa:ef:8b:33:
36:7e:19:44:9d:98:59:3d:db:cc:2d:96:ce:c4:5b:
c1:44:72:fa:e1:43:63:5d:1a:15:c9:d0:74:6a:a2:
39:b9:8b:6c:ec:d9:74:79:ba:f2:67:6b:79:57:bb:
30:a5:d1:fb:f8:5b:7d:6d:25:59:3a:66:d4:06:e8:
ce:13:bc:08:af:2b:fd:cf:f0:31:78:e2:85:97:4f:
9b:11:15:23:1a:f5:64:fa:1d:76:b7:51:e0:b4:9e:
f4:32:64:09:5c:39:be:1d:e0:62:03:cb:6f:d4:50:
c1:0c:56:82:8a:e4:49:87:c8:07:bd:ce:2b:1a:3a:
19:f0:d6:5d:f7:b8:bc:11:70:f6:c1:2a:c8:68:cd:
14:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:DE:F7:C0:FE:48:D6:52:31:90:4C:13:EA:55:07:74:97:09:DE:01
X509v3 Authority Key Identifier:
keyid:66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/st73wP5I1lIxkEwT6lUHdJcJ3gE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Zpauprq3nEj13e5KRr9Ktk2GMWA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.128.0/20
78.153.192.0/19
81.17.240.0/20
176.52.222.0/23
185.2.64.0/22
185.97.236.0/22
194.36.58.0/23
194.36.64.0/23
IPv6:
2a01:a8::/32
2a01:ac::/32
Signature Algorithm: sha256WithRSAEncryption
99:42:38:57:b8:7e:ff:7f:02:96:e8:fc:1c:29:57:86:72:1d:
09:98:9a:f5:c2:09:32:74:6a:ac:45:40:24:10:dd:72:ba:40:
b3:5c:6b:2c:16:30:08:30:26:90:8c:24:3c:21:06:9a:09:5e:
94:6d:fd:4b:ea:fb:40:1e:01:91:17:fc:47:da:e3:ca:cf:33:
b0:84:7e:04:ca:bf:64:11:f1:c3:f4:5c:4e:cd:e0:f0:21:b6:
17:b6:53:90:b1:a7:28:80:54:10:d6:76:72:cc:28:86:be:4b:
bb:fd:21:6d:05:54:74:09:9e:5d:62:9f:8d:48:f2:88:8d:e8:
37:da:a0:25:43:e8:6a:93:6c:27:24:5e:76:f3:60:5a:b8:60:
66:ba:21:8b:00:5c:2e:c6:fd:05:ac:1b:95:e8:7b:6a:5d:c0:
a1:f9:22:cd:36:ee:13:7b:e0:9e:81:5a:aa:e7:21:46:c3:30:
2a:87:5a:8b:f8:00:c3:a6:65:98:a4:12:31:18:8e:8f:8f:7a:
8a:f6:9d:65:5c:65:d6:1a:d9:e3:a0:98:d1:b7:4e:03:5a:cf:
13:69:fc:46:d2:df:13:2c:32:f0:21:6d:94:a7:9a:61:a1:3e:
be:3c:4b:00:51:37:a8:1f:b5:22:30:16:b7:0f:d2:22:ab:05:
40:51:f3:95
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIEOGzCBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Njk2YWVhNmJhYjc5YzQ4ZjVkZGVlNGE0NmJmNGFiNjRkODYzMTYwMB4XDTIyMDEw
NDEwMDExMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjJkZWY3YzBmZTQ4
ZDY1MjMxOTA0YzEzZWE1NTA3NzQ5NzA5ZGUwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN+C3zUhWBzP8jZeKnUOvxiMC0H3pI2hY3WSrDaynX7hmLbL
NvqK6e+FFT4TCTEx4HyCIVKbpPFbMWUPJgojei4CbJWw50QNd1fpsHdcdgAjYcgV
FPuGvjTrz6hKR7iAs9qvjTdQ5HkSFU2Xhw9/18jYJPCq74szNn4ZRJ2YWT3bzC2W
zsRbwURy+uFDY10aFcnQdGqiObmLbOzZdHm68mdreVe7MKXR+/hbfW0lWTpm1Abo
zhO8CK8r/c/wMXjihZdPmxEVIxr1ZPoddrdR4LSe9DJkCVw5vh3gYgPLb9RQwQxW
gorkSYfIB73OKxo6GfDWXfe4vBFw9sEqyGjNFLsCAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBSy3vfA/kjWUjGQTBPqVQd0lwneATAfBgNVHSMEGDAWgBRmlq6murecSPXd
7kpGv0q2TYYxYDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pwYXVwcnEzbkVqMTNlNUtScjlLdGsyR01XQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjMvNDUyYzJiLWYyY2YtNGE5Mi1hMWNkLWYwMTk4YzZjMjQ3NC8x
L3N0NzN3UDVJMWxJeGtFd1Q2bFVIZEpjSjNnRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMv
NDUyYzJiLWYyY2YtNGE5Mi1hMWNkLWYwMTk4YzZjMjQ3NC8xL1pwYXVwcnEzbkVq
MTNlNUtScjlLdGsyR01XQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wNgQCAAEwMAMEBC4WgAMEBU6ZwAMEBFER8AMEAbA0
3gMEArkCQAMEArlh7AMEAcIkOgMEAcIkQDAUBAIAAjAOAwUAKgEAqAMFACoBAKww
DQYJKoZIhvcNAQELBQADggEBAJlCOFe4fv9/Apbo/BwpV4ZyHQmYmvXCCTJ0aqxF
QCQQ3XK6QLNcaywWMAgwJpCMJDwhBpoJXpRt/Uvq+0AeAZEX/Efa48rPM7CEfgTK
v2QR8cP0XE7N4PAhthe2U5CxpyiAVBDWdnLMKIa+S7v9IW0FVHQJnl1in41I8oiN
6DfaoCVD6GqTbCckXnbzYFq4YGa6IYsAXC7G/QWsG5Xoe2pdwKH5Is027hN74J6B
WqrnIUbDMCqHWov4AMOmZZikEjEYjo+Peor2nWVcZdYa2eOgmNG3TgNazxNp/EbS
3xMsMvAhbZSnmmGhPr48SwBRN6gftSIwFrcP0iKrBUBR85U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:39 2024 by rpki-client on console-fra.rpki-client.org