Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/DAqmwhK6oJf2l7GJmqUGEB_Og90.roa
File: DAqmwhK6oJf2l7GJmqUGEB_Og90.roa (raw, json)
Hash identifier: 4+ua0TrspXI3BDpcHEiDmsj2tyC5pizI5LEPbtnxYjk=
Subject key identifier: 0C:0A:A6:C2:12:BA:A0:97:F6:97:B1:89:9A:A5:06:10:1F:CE:83:DD
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 0184A55364069B0B1937560A0BE0B4FC90F2
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/DAqmwhK6oJf2l7GJmqUGEB_Og90.roa
Signing time: Wed 23 Nov 2022 16:30:16 +0000
ROA not before: Wed 23 Nov 2022 16:30:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 32787
IP address blocks: 95.100.157.0/24 maxlen: 24
2.17.192.0/24 maxlen: 24
2.17.192.0/22 maxlen: 22
2.17.193.0/24 maxlen: 24
2.17.195.0/24 maxlen: 24
2.17.194.0/24 maxlen: 24
2.21.175.0/24 maxlen: 24
95.100.215.0/24 maxlen: 24
95.100.214.0/24 maxlen: 24
92.122.207.0/24 maxlen: 24
95.100.253.0/24 maxlen: 24
93.191.172.0/24 maxlen: 24
93.191.168.0/24 maxlen: 24
93.191.169.0/24 maxlen: 24
95.100.180.0/24 maxlen: 24
92.122.185.0/24 maxlen: 24
95.100.213.0/24 maxlen: 24
92.122.184.0/24 maxlen: 24
95.100.212.0/24 maxlen: 24
95.101.118.0/24 maxlen: 24
95.101.117.0/24 maxlen: 24
95.101.204.0/22 maxlen: 22
2.19.4.0/22 maxlen: 22
2a02:2370:2::/48 maxlen: 48
2a02:2370:102::/48 maxlen: 48
2a02:2370:202::/48 maxlen: 48
2a02:2370:6::/48 maxlen: 48
2a02:2370:106::/48 maxlen: 48
2a02:2370:206::/48 maxlen: 48
2a02:2370:1::/48 maxlen: 48
2a02:2370:101::/48 maxlen: 48
2a02:2370:201::/48 maxlen: 48
2a02:2370:204::/48 maxlen: 48
2a02:2370:4::/48 maxlen: 48
2a02:2370:104::/48 maxlen: 48
2a02:2370:103::/48 maxlen: 48
2a02:2370:203::/48 maxlen: 48
2a02:2370:3::/48 maxlen: 48
2a02:2370:200::/48 maxlen: 48
2a02:2370:5::/48 maxlen: 48
2a02:2370:105::/48 maxlen: 48
2a02:2370:205::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a5:53:64:06:9b:0b:19:37:56:0a:0b:e0:b4:fc:90:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Nov 23 16:30:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c0aa6c212baa097f697b1899aa506101fce83dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:93:95:ef:32:67:84:c9:12:2c:6f:1a:d9:31:
af:3c:34:70:05:57:b3:8f:78:75:53:3c:dd:55:ef:
d9:85:62:20:c3:b8:d8:06:e3:3b:61:e5:8f:67:b8:
eb:94:fc:e4:c9:b3:02:0e:b8:64:75:85:f6:09:06:
26:10:bd:5c:68:9b:40:0d:65:b2:64:0e:4a:1a:44:
46:c4:c5:b0:86:d9:65:09:5e:60:10:d5:9e:b5:b9:
db:dc:25:ce:dd:fe:7f:17:bf:6f:34:ca:d6:aa:42:
0f:75:95:cf:38:bc:44:eb:e9:17:8a:6c:0a:3f:45:
ca:e9:cf:2f:1c:5a:22:f8:62:3d:24:01:f2:e6:ed:
a7:0b:5b:77:59:20:e7:d4:50:7e:47:46:32:be:cb:
04:87:7b:04:03:5e:d6:38:97:e4:a4:b6:aa:e6:f3:
20:a1:b1:ae:42:00:13:a1:4e:0c:a9:a0:2d:0c:14:
bb:8a:dc:48:83:2e:91:f5:0c:3b:5d:0d:56:2b:45:
fe:5a:c3:bc:44:2a:08:d4:fd:1d:e1:f3:2c:19:47:
f9:04:0f:e3:56:95:51:a1:9a:29:5f:a1:2a:59:47:
09:1a:ac:c1:ec:5e:fa:6e:1c:e7:4f:f1:a2:b3:70:
c0:92:a6:17:86:96:b8:42:62:c6:df:a8:65:e3:0a:
76:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:0A:A6:C2:12:BA:A0:97:F6:97:B1:89:9A:A5:06:10:1F:CE:83:DD
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/DAqmwhK6oJf2l7GJmqUGEB_Og90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.17.192.0/22
2.19.4.0/22
2.21.175.0/24
92.122.184.0/23
92.122.207.0/24
93.191.168.0/23
93.191.172.0/24
95.100.157.0/24
95.100.180.0/24
95.100.212.0/22
95.100.253.0/24
95.101.117.0-95.101.118.255
95.101.204.0/22
IPv6:
2a02:2370:1::-2a02:2370:6:ffff:ffff:ffff:ffff:ffff
2a02:2370:101::-2a02:2370:106:ffff:ffff:ffff:ffff:ffff
2a02:2370:200::-2a02:2370:206:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
59:82:39:25:7a:3d:86:95:06:d6:fd:62:c2:08:79:bf:69:72:
88:4c:ea:5e:ce:62:7e:c5:9a:e4:26:fc:e8:cd:7e:6f:dc:70:
05:4f:2d:a9:f8:98:fe:e5:24:cb:9f:fd:99:92:ef:25:40:f9:
49:48:a7:69:2e:83:bd:68:2b:71:cc:b0:db:95:d1:e3:a3:35:
8c:bd:ce:8d:e7:15:3c:2a:cf:64:0d:bc:40:dc:57:71:c5:11:
35:0d:ea:64:a6:d2:ab:fa:6e:ed:1f:1a:82:29:42:7e:de:6a:
77:82:41:dc:de:5e:87:59:de:b7:49:77:01:d8:6a:f2:69:4d:
3d:9a:5e:fb:05:ec:67:53:60:24:f9:31:9c:8a:cd:7d:b5:ce:
18:6d:9f:ef:62:af:0f:e1:06:67:da:4b:0d:c9:f9:4d:39:7f:
0c:b0:5c:52:11:a0:ce:f4:e3:e9:42:18:50:7c:8b:83:de:7b:
6f:13:19:40:39:98:70:d6:d5:be:a0:71:7a:e8:e0:62:41:8d:
1e:87:ab:0f:ad:e8:6f:a2:ec:f2:6d:4d:8e:70:d4:95:f2:4a:
21:08:34:e7:93:e6:46:24:28:61:dc:c1:ab:0c:4b:25:c0:db:
f3:1b:de:2a:31:cc:1a:e2:1c:93:db:4d:4e:7d:c4:d9:3a:3b:
11:60:11:0b
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYSlU2QGmwsZN1YKC+C0/JDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjIxMTIzMTYzMDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzBhYTZjMjEyYmFhMDk3ZjY5N2IxODk5YWE1MDYxMDFmY2U4M2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZOV7zJnhMkSLG8a2TGvPDRwBVez
j3h1UzzdVe/ZhWIgw7jYBuM7YeWPZ7jrlPzkybMCDrhkdYX2CQYmEL1caJtADWWy
ZA5KGkRGxMWwhtllCV5gENWetbnb3CXO3f5/F79vNMrWqkIPdZXPOLxE6+kXimwK
P0XK6c8vHFoi+GI9JAHy5u2nC1t3WSDn1FB+R0YyvssEh3sEA17WOJfkpLaq5vMg
obGuQgAToU4MqaAtDBS7itxIgy6R9Qw7XQ1WK0X+WsO8RCoI1P0d4fMsGUf5BA/j
VpVRoZopX6EqWUcJGqzB7F76bhznT/Gis3DAkqYXhpa4QmLG36hl4wp2wQIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFAwKpsISuqCX9pexiZqlBhAfzoPdMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvREFxbXdoSzZvSmYybDdHSm1xVUdFQl9PZzkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTBcBAIAATBWAwQCAhHA
AwQCAhMEAwQAAhWvAwQBXHq4AwQAXHrPAwQBXb+oAwQAXb+sAwQAX2SdAwQAX2S0
AwQCX2TUAwQAX2T9MAwDBABfZXUDBABfZXYDBAJfZcwwQQQCAAIwOzASAwcAKgIj
cAABAwcAKgIjcAAGMBIDBwAqAiNwAQEDBwAqAiNwAQYwEQMGASoCI3ACAwcAKgIj
cAIGMA0GCSqGSIb3DQEBCwUAA4IBAQBZgjklej2GlQbW/WLCCHm/aXKITOpezmJ+
xZrkJvzozX5v3HAFTy2p+Jj+5STLn/2Zku8lQPlJSKdpLoO9aCtxzLDbldHjozWM
vc6N5xU8Ks9kDbxA3FdxxRE1DepkptKr+m7tHxqCKUJ+3mp3gkHc3l6HWd63SXcB
2GryaU09ml77BexnU2Ak+TGcis19tc4YbZ/vYq8P4QZn2ksNyflNOX8MsFxSEaDO
9OPpQhhQfIuD3ntvExlAOZhw1tW+oHF66OBiQY0eh6sPrehvouzybU2OcNSV8koh
CDTnk+ZGJChh3MGrDEslwNvzG94qMcwa4hyT201OfcTZOjsRYBEL
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:23 2023 by rpki-client on console-ams.rpki-client.org