Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/pkiYOviWyF_ikwOdFfen-_ZxJUs.roa
File: pkiYOviWyF_ikwOdFfen-_ZxJUs.roa (raw, json)
Hash identifier: /tvmN/xdFEQ9B14eT5brzFAOSpj2XzI0OzArc4e2T64=
Subject key identifier: A6:48:98:3A:F8:96:C8:5F:E2:93:03:9D:15:F7:A7:FB:F6:71:25:4B
Certificate issuer: /CN=f811fa5eff370bc36d0e3929625e3414081a2392
Certificate serial: 36CEDFB3
Authority key identifier: F8:11:FA:5E:FF:37:0B:C3:6D:0E:39:29:62:5E:34:14:08:1A:23:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-BH6Xv83C8NtDjkpYl40FAgaI5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/pkiYOviWyF_ikwOdFfen-_ZxJUs.roa
Signing time: Sat 01 Jan 2022 08:54:15 +0000
ROA not before: Sat 01 Jan 2022 08:54:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42187
IP address blocks: 185.33.120.0/22 maxlen: 22
94.127.94.0/24 maxlen: 24
94.127.92.0/24 maxlen: 24
78.41.88.0/22 maxlen: 22
78.41.92.0/22 maxlen: 24
91.190.232.0/22 maxlen: 24
94.127.88.0/22 maxlen: 24
2a01:9f00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 919527347 (0x36cedfb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f811fa5eff370bc36d0e3929625e3414081a2392
Validity
Not Before: Jan 1 08:54:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a648983af896c85fe293039d15f7a7fbf671254b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:48:88:41:3a:97:12:73:d5:74:6d:d2:7f:34:
53:bb:8b:61:bc:db:5e:9d:9f:a0:b8:58:9f:17:fd:
c2:3c:7b:2c:4c:e3:37:26:d1:67:54:2e:8e:29:22:
06:40:27:ec:9c:9c:e8:bd:5e:7f:9a:43:7e:42:be:
61:d4:cc:75:da:95:b5:42:21:b3:64:a3:c8:0c:9c:
d5:f3:00:c8:0c:99:4a:54:ea:11:47:42:99:3a:d4:
75:2d:b7:e5:6d:cb:69:16:5e:d3:ea:18:d9:b5:02:
b8:56:11:3f:33:ed:17:0c:e8:00:6d:8e:23:8d:71:
19:db:47:0c:ed:e8:a2:2e:0d:b2:36:54:87:58:29:
ac:0f:1c:72:ec:a5:bd:8b:76:19:b6:d6:87:60:9f:
6d:3f:e5:c5:0a:c0:77:8a:77:c5:ea:85:8a:ef:9a:
e2:09:e6:1d:13:63:aa:91:df:94:d9:22:f0:0a:bd:
1a:10:84:d2:2b:06:29:d6:7d:bf:18:14:d8:3c:ac:
c9:91:bb:c6:b4:86:2c:27:81:a2:ef:79:fb:b2:07:
ce:55:d5:89:3d:85:7a:b4:1a:39:4a:46:ad:65:5f:
49:af:b2:e7:66:59:6a:3c:97:d3:14:b9:68:86:e5:
b9:16:b2:25:4d:32:91:e9:b9:f4:2d:a0:2c:63:8b:
72:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:48:98:3A:F8:96:C8:5F:E2:93:03:9D:15:F7:A7:FB:F6:71:25:4B
X509v3 Authority Key Identifier:
keyid:F8:11:FA:5E:FF:37:0B:C3:6D:0E:39:29:62:5E:34:14:08:1A:23:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-BH6Xv83C8NtDjkpYl40FAgaI5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/pkiYOviWyF_ikwOdFfen-_ZxJUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/1-BH6Xv83C8NtDjkpYl40FAgaI5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.88.0/21
91.190.232.0/22
94.127.88.0-94.127.92.255
94.127.94.0/24
185.33.120.0/22
IPv6:
2a01:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
36:34:d0:e8:5b:3d:ad:fe:62:c7:03:a5:c1:3b:c3:fc:bb:46:
73:f3:01:e3:4e:c8:8d:b7:f2:79:40:ce:0a:30:4f:15:70:17:
5c:09:b4:ae:76:54:89:50:25:55:5c:3e:9d:b9:b7:6d:bf:70:
86:33:55:95:e0:7c:23:28:fe:b3:c7:85:2b:f0:3a:a9:4f:c9:
f3:60:39:e0:a6:fc:f6:bc:10:14:7b:96:52:20:cc:1e:c7:e4:
ef:ed:50:6a:94:5f:ed:14:f4:58:1e:d3:e1:4b:ed:da:68:66:
ea:ab:e8:82:32:31:48:28:c8:52:e8:0b:30:fc:0e:b5:9a:91:
83:de:16:fd:4c:b5:2c:dc:a3:a5:26:c4:f1:9c:7f:58:bf:ae:
a5:af:e5:0d:ba:d2:7c:cd:13:94:82:f1:41:44:da:dd:4d:f5:
a3:94:90:95:95:b9:22:bc:31:da:33:04:55:e1:46:46:d2:98:
14:b8:bb:83:60:bb:27:7a:be:1f:e3:a0:57:0d:05:2f:be:ec:
ff:af:02:51:6e:f2:49:a6:5c:e0:23:33:76:12:60:8a:94:bf:
6b:aa:0b:ad:36:2e:39:42:e9:2b:13:0b:39:c9:8d:ef:0f:85:
fa:2b:b3:72:b5:10:b5:90:2f:3e:dd:7e:d9:cf:23:14:84:a1:
3c:ee:a7:c5
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIENs7fszANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ODExZmE1ZWZmMzcwYmMzNmQwZTM5Mjk2MjVlMzQxNDA4MWEyMzkyMB4XDTIyMDEw
MTA4NTQxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTY0ODk4M2FmODk2
Yzg1ZmUyOTMwMzlkMTVmN2E3ZmJmNjcxMjU0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhIiEE6lxJz1XRt0n80U7uLYbzbXp2foLhYnxf9wjx7LEzj
NybRZ1QujikiBkAn7Jyc6L1ef5pDfkK+YdTMddqVtUIhs2SjyAyc1fMAyAyZSlTq
EUdCmTrUdS235W3LaRZe0+oY2bUCuFYRPzPtFwzoAG2OI41xGdtHDO3ooi4NsjZU
h1gprA8ccuylvYt2GbbWh2CfbT/lxQrAd4p3xeqFiu+a4gnmHRNjqpHflNki8Aq9
GhCE0isGKdZ9vxgU2DysyZG7xrSGLCeBou95+7IHzlXViT2FerQaOUpGrWVfSa+y
52ZZajyX0xS5aIbluRayJU0ykem59C2gLGOLch0CAwEAAaOCAjowggI2MB0GA1Ud
DgQWBBSmSJg6+JbIX+KTA50V96f79nElSzAfBgNVHSMEGDAWgBT4Efpe/zcLw20O
OSliXjQUCBojkjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtQkg2WHY4M0M4TnREamtwWWw0MEZBZ2FJNUkuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzZhLzRhMjkzZC0yYWQzLTQxMTQtYTJiMS0xY2M1MDU1MDFhMGYv
MS9wa2lZT3ZpV3lGX2lrd09kRmZlbi1fWnhKVXMucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZh
LzRhMjkzZC0yYWQzLTQxMTQtYTJiMS0xY2M1MDU1MDFhMGYvMS8xLUJINlh2ODND
OE50RGprcFlsNDBGQWdhSTVJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
ME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQDTilYAwQCW77oMAwDBANef1gD
BABef1wDBABef14DBAK5IXgwDQQCAAIwBwMFACoBnwAwDQYJKoZIhvcNAQELBQAD
ggEBADY00OhbPa3+YscDpcE7w/y7RnPzAeNOyI238nlAzgowTxVwF1wJtK52VIlQ
JVVcPp25t22/cIYzVZXgfCMo/rPHhSvwOqlPyfNgOeCm/Pa8EBR7llIgzB7H5O/t
UGqUX+0U9Fge0+FL7dpoZuqr6IIyMUgoyFLoCzD8DrWakYPeFv1MtSzco6UmxPGc
f1i/rqWv5Q260nzNE5SC8UFE2t1N9aOUkJWVuSK8MdozBFXhRkbSmBS4u4Nguyd6
vh/joFcNBS++7P+vAlFu8kmmXOAjM3YSYIqUv2uqC602LjlC6SsTCznJje8Phfor
s3K1ELWQLz7dftnPIxSEoTzup8U=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:25 2023 by rpki-client on console-fra.rpki-client.org