Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/1E9_odbRzn6ORzj8JRLiBE4YLpk.roa
File: 1E9_odbRzn6ORzj8JRLiBE4YLpk.roa (raw, json)
Hash identifier: sdOMGilpSj7xUj9LRucto+nolDYnYnUTvaLTHYb1MQg=
Subject key identifier: D4:4F:7F:A1:D6:D1:CE:7E:8E:47:38:FC:25:12:E2:04:4E:18:2E:99
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 05DCD3A7
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/1E9_odbRzn6ORzj8JRLiBE4YLpk.roa
Signing time: Sat 01 Jan 2022 11:02:56 +0000
ROA not before: Sat 01 Jan 2022 11:02:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21342
IP address blocks: 2.22.243.0/24 maxlen: 24
95.101.76.0/24 maxlen: 24
92.122.123.0/24 maxlen: 24
2.21.230.0/24 maxlen: 24
95.101.36.0/24 maxlen: 24
88.221.162.0/24 maxlen: 24
88.221.163.0/24 maxlen: 24
2.22.230.0/24 maxlen: 24
2.16.40.0/24 maxlen: 24
88.221.81.0/24 maxlen: 24
92.123.94.0/24 maxlen: 24
92.123.95.0/24 maxlen: 24
95.100.168.0/24 maxlen: 24
84.53.139.0/24 maxlen: 24
95.100.175.0/24 maxlen: 24
95.100.174.0/24 maxlen: 24
95.100.173.0/24 maxlen: 24
2.16.130.0/24 maxlen: 24
193.108.91.0/24 maxlen: 24
193.108.88.0/24 maxlen: 24
2a02:26f0:67::/48 maxlen: 48
2a02:26f0:117::/48 maxlen: 48
2a02:26f0:68::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98358183 (0x5dcd3a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 1 11:02:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d44f7fa1d6d1ce7e8e4738fc2512e2044e182e99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:df:38:a0:44:06:d2:56:a2:aa:22:9a:89:5a:
fe:99:ae:ca:a2:e2:e3:1c:88:c5:c2:6e:39:b6:85:
14:3b:51:6f:74:f7:97:70:ea:6a:49:09:aa:ff:18:
82:3b:9e:c2:34:cb:c6:a1:a6:0b:0b:9b:d5:9b:fd:
e9:fa:78:ef:47:cf:cb:86:43:31:90:6a:f7:ed:c2:
68:d3:12:f6:fb:5b:fa:77:36:57:fa:02:36:67:3e:
20:ec:f2:35:46:1c:8d:ff:1e:20:6e:21:90:17:3e:
e4:9c:dc:59:70:f7:64:3f:97:99:14:eb:39:2b:91:
b3:da:81:a4:32:30:cf:9d:e4:a0:69:fb:c0:ae:31:
11:3d:18:f1:44:f6:85:ff:9d:30:01:73:aa:7d:2e:
57:39:d9:4d:3f:34:6a:8c:a9:af:b2:0b:bc:e6:1f:
2d:6a:52:e8:49:18:39:7d:e5:c9:28:a5:c3:1a:49:
b3:73:be:a1:1e:20:8e:51:1f:2c:24:32:3c:0b:f2:
31:38:95:90:30:94:05:54:d1:66:c3:80:3b:0b:3e:
b9:23:06:75:7e:87:22:91:81:3e:01:a8:14:b1:a3:
d1:66:91:45:aa:92:ad:cf:2a:65:84:07:e6:3f:42:
86:be:ac:93:eb:f7:41:e6:e3:37:e0:59:8a:11:68:
e0:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:4F:7F:A1:D6:D1:CE:7E:8E:47:38:FC:25:12:E2:04:4E:18:2E:99
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/1E9_odbRzn6ORzj8JRLiBE4YLpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.40.0/24
2.16.130.0/24
2.21.230.0/24
2.22.230.0/24
2.22.243.0/24
84.53.139.0/24
88.221.81.0/24
88.221.162.0/23
92.122.123.0/24
92.123.94.0/23
95.100.168.0/24
95.100.173.0-95.100.175.255
95.101.36.0/24
95.101.76.0/24
193.108.88.0/24
193.108.91.0/24
IPv6:
2a02:26f0:67::-2a02:26f0:68:ffff:ffff:ffff:ffff:ffff
2a02:26f0:117::/48
Signature Algorithm: sha256WithRSAEncryption
2f:de:32:23:64:ff:7f:37:2c:be:f2:42:d5:c2:7d:b4:96:38:
58:eb:51:49:4e:73:99:51:5c:7c:aa:32:33:4e:f4:40:57:56:
db:3e:e3:f0:6e:a2:a8:7b:05:f2:4a:eb:c0:99:bb:a9:23:4a:
af:3b:25:90:c6:14:2e:4e:13:a5:18:cb:ff:5f:f0:2e:0e:a7:
88:5b:6d:63:d8:fd:1f:e8:a9:93:6c:aa:23:65:83:42:11:b1:
83:ce:e3:60:10:4f:ee:31:b4:3b:7d:96:fc:31:78:d9:b6:9e:
d7:d7:c4:ef:bd:f4:59:c6:c9:15:f8:d2:3a:26:8e:c9:5d:14:
44:74:1a:ff:3e:55:51:71:e9:fd:13:c5:0d:4e:27:18:14:d1:
fc:63:80:71:0b:4c:ff:2d:42:10:f0:4e:a9:c5:38:18:c0:a1:
2b:b2:e4:9e:5c:1c:31:b6:63:91:d7:81:8d:fc:2c:1d:d0:da:
4c:e2:10:8e:e5:21:8e:1a:24:e7:ae:e5:0a:e6:a9:a1:57:d2:
99:18:fd:f0:6e:7c:a4:ef:60:e9:7e:b8:63:8a:9a:99:e4:08:
fd:1c:f9:d9:ac:ec:4c:0e:43:08:f5:66:40:b2:fd:0d:60:e9:
68:1a:ad:92:0e:8f:ad:0c:17:26:05:3a:ee:be:13:0c:5e:0c:
18:44:99:ea
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIEBdzTpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YjVmY2JiZWE0ODkzN2E0NDJiYWJkYjMzMDIxMzJjNGJjOWJkNmFhMB4XDTIyMDEw
MTExMDI1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDQ0ZjdmYTFkNmQx
Y2U3ZThlNDczOGZjMjUxMmUyMDQ0ZTE4MmU5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALvfOKBEBtJWoqoimola/pmuyqLi4xyIxcJuObaFFDtRb3T3
l3DqakkJqv8YgjuewjTLxqGmCwub1Zv96fp470fPy4ZDMZBq9+3CaNMS9vtb+nc2
V/oCNmc+IOzyNUYcjf8eIG4hkBc+5JzcWXD3ZD+XmRTrOSuRs9qBpDIwz53koGn7
wK4xET0Y8UT2hf+dMAFzqn0uVznZTT80aoypr7ILvOYfLWpS6EkYOX3lySilwxpJ
s3O+oR4gjlEfLCQyPAvyMTiVkDCUBVTRZsOAOws+uSMGdX6HIpGBPgGoFLGj0WaR
RaqSrc8qZYQH5j9Chr6sk+v3QebjN+BZihFo4J0CAwEAAaOCApMwggKPMB0GA1Ud
DgQWBBTUT3+h1tHOfo5HOPwlEuIEThgumTAfBgNVHSMEGDAWgBRrX8u+pIk3pEK6
vbMwITLEvJvWqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ExX0x2cVNKTjZSQ3VyMnpNQ0V5eEx5YjFxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvMDQyMTg4LWRmYjYtNGFkNC05MWE0LTg4ZDFjYWM5ZTRmMS8x
LzFFOV9vZGJSem42T1J6ajhKUkxpQkU0WUxway5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
MDQyMTg4LWRmYjYtNGFkNC05MWE0LTg4ZDFjYWM5ZTRmMS8xL2ExX0x2cVNKTjZS
Q3VyMnpNQ0V5eEx5YjFxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
qAYIKwYBBQUHAQcBAf8EgZgwgZUwbgQCAAEwaAMEAAIQKAMEAAIQggMEAAIV5gME
AAIW5gMEAAIW8wMEAFQ1iwMEAFjdUQMEAVjdogMEAFx6ewMEAVx7XgMEAF9kqDAM
AwQAX2StAwQEX2SgAwQAX2UkAwQAX2VMAwQAwWxYAwQAwWxbMCMEAgACMB0wEgMH
ACoCJvAAZwMHACoCJvAAaAMHACoCJvABFzANBgkqhkiG9w0BAQsFAAOCAQEAL94y
I2T/fzcsvvJC1cJ9tJY4WOtRSU5zmVFcfKoyM070QFdW2z7j8G6iqHsF8krrwJm7
qSNKrzslkMYULk4TpRjL/1/wLg6niFttY9j9H+ipk2yqI2WDQhGxg87jYBBP7jG0
O32W/DF42bae19fE7730WcbJFfjSOiaOyV0URHQa/z5VUXHp/RPFDU4nGBTR/GOA
cQtM/y1CEPBOqcU4GMChK7LknlwcMbZjkdeBjfwsHdDaTOIQjuUhjhok567lCuap
oVfSmRj98G58pO9g6X64Y4qameQI/Rz52azsTA5DCPVmQLL9DWDpaBqtkg6PrQwX
JgU67r4TDF4MGESZ6g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:23 2023 by rpki-client on console-ams.rpki-client.org