Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/m69spt27KilCmG3DEE6-BRqOazM.roa
File: m69spt27KilCmG3DEE6-BRqOazM.roa (raw, json)
Hash identifier: EoVjWH7mrALGSTATrNeHgWr1CZ+UhWMNzhHAorbr8ZI=
Subject key identifier: 9B:AF:6C:A6:DD:BB:2A:29:42:98:6D:C3:10:4E:BE:05:1A:8E:6B:33
Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Certificate serial: 3897F5D3
Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/m69spt27KilCmG3DEE6-BRqOazM.roa
Signing time: Thu 21 Apr 2022 07:13:41 +0000
ROA not before: Thu 21 Apr 2022 07:13:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50149
IP address blocks: 62.122.216.0/22 maxlen: 22
94.154.128.0/22 maxlen: 22
89.104.107.0/24 maxlen: 24
89.104.125.0/24 maxlen: 24
89.104.119.0/24 maxlen: 24
2a00:ab01::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 949482963 (0x3897f5d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Validity
Not Before: Apr 21 07:13:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9baf6ca6ddbb2a2942986dc3104ebe051a8e6b33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b6:c6:54:e8:49:17:da:b6:31:d9:5b:6e:25:
23:ee:54:df:e4:cd:99:9d:43:4b:51:d6:41:c8:ea:
c7:0d:85:89:05:19:3d:a9:91:ec:38:2b:94:a6:e7:
95:79:ce:74:36:06:93:ad:51:5a:31:72:59:c0:c8:
30:93:de:44:05:ce:63:16:90:8f:2b:c3:84:d4:05:
4b:8c:4d:3e:4b:01:59:d9:e1:0c:4e:a2:34:c4:a7:
39:11:4a:e3:23:2a:64:6d:73:96:19:5b:ec:f6:c2:
02:d9:49:4a:b0:d0:c2:cd:5f:f6:86:d2:86:b4:2a:
8a:81:8b:80:22:6a:06:fe:b8:da:48:06:e1:d5:b5:
a0:f3:24:d8:58:ed:55:2f:2e:00:3d:23:98:a5:e9:
56:4c:4f:d8:12:f4:b5:cd:ec:51:5c:0b:7b:90:fd:
f6:14:39:02:56:a0:ff:1b:c8:59:d5:7e:c0:3f:22:
36:e3:2b:61:43:d2:10:4f:43:11:bb:f3:71:b3:35:
0c:f9:8c:af:54:4d:c2:2c:dd:a3:47:55:93:63:16:
db:72:90:03:de:2f:8b:d6:1f:4f:32:f2:86:d7:bb:
6d:4d:1d:18:08:26:33:4f:d1:b8:2d:ce:ff:4e:ce:
bc:54:f7:9d:56:f5:d0:24:39:62:9a:a2:df:db:97:
b8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:AF:6C:A6:DD:BB:2A:29:42:98:6D:C3:10:4E:BE:05:1A:8E:6B:33
X509v3 Authority Key Identifier:
keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/m69spt27KilCmG3DEE6-BRqOazM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.122.216.0/22
89.104.107.0/24
89.104.119.0/24
89.104.125.0/24
94.154.128.0/22
IPv6:
2a00:ab01::/32
Signature Algorithm: sha256WithRSAEncryption
48:b4:ed:76:13:fd:a1:be:1c:0d:da:e6:8a:d9:60:10:73:b7:
02:36:4d:0d:01:ab:34:81:ae:fa:2e:f9:f9:74:c2:70:e4:76:
95:5f:e9:08:34:c1:45:b6:36:e9:31:c5:da:9b:8c:22:ff:ab:
e7:c9:c4:0c:fa:60:eb:1a:e8:c6:03:43:e0:59:ed:ad:4a:e6:
f6:9e:cb:72:84:e7:71:6c:9a:b8:8b:02:8b:fa:ac:d4:8f:ad:
5c:45:b3:42:af:21:1a:9e:34:a9:ee:03:2b:4a:4b:5b:f1:26:
18:cc:f3:16:52:7d:f7:8f:c8:f6:36:6b:b8:95:d3:4b:13:54:
d0:28:08:c9:cf:c0:fc:6a:0b:22:a2:f4:e4:ea:e2:79:55:8e:
b6:0d:06:e3:52:0f:16:8b:bc:41:35:8c:6a:de:49:c8:f8:09:
9b:83:16:f9:85:2b:57:5d:23:1d:1f:2f:23:d3:0e:82:b6:a6:
a6:7e:db:a0:59:79:04:3f:24:53:63:40:72:3a:a3:ef:c7:20:
15:08:fd:7d:23:00:89:23:5a:ed:5c:18:18:f7:9e:f3:d9:f3:
50:b6:cf:db:c0:94:7a:79:cb:5d:5a:7a:d1:5e:ab:9f:07:ea:
01:86:7e:f5:92:2d:b4:51:02:d1:93:a2:d5:a5:21:fc:0d:cc:
e0:d1:bf:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEOJf10zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MWI2OWI1OWQxOWYyOTg3ZTQ5ZjE4NTJkNjBiYjE3NzdmODBhMzAxMB4XDTIyMDQy
MTA3MTM0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWJhZjZjYTZkZGJi
MmEyOTQyOTg2ZGMzMTA0ZWJlMDUxYThlNmIzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIy2xlToSRfatjHZW24lI+5U3+TNmZ1DS1HWQcjqxw2FiQUZ
PamR7DgrlKbnlXnOdDYGk61RWjFyWcDIMJPeRAXOYxaQjyvDhNQFS4xNPksBWdnh
DE6iNMSnORFK4yMqZG1zlhlb7PbCAtlJSrDQws1f9obShrQqioGLgCJqBv642kgG
4dW1oPMk2FjtVS8uAD0jmKXpVkxP2BL0tc3sUVwLe5D99hQ5Alag/xvIWdV+wD8i
NuMrYUPSEE9DEbvzcbM1DPmMr1RNwizdo0dVk2MW23KQA94vi9YfTzLyhte7bU0d
GAgmM0/RuC3O/07OvFT3nVb10CQ5Ypqi39uXuJ0CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSbr2ym3bsqKUKYbcMQTr4FGo5rMzAfBgNVHSMEGDAWgBQRtptZ0Z8ph+Sf
GFLWC7F3f4CjATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ViYWJXZEdmS1lma254aFMxZ3V4ZDMtQW93RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNWVkZjdhLWFiOWEtNDVlNy1hNjEyLWQxNjljMDg4YjQxMi8x
L202OXNwdDI3S2lsQ21HM0RFRTYtQlJxT2F6TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NWVkZjdhLWFiOWEtNDVlNy1hNjEyLWQxNjljMDg4YjQxMi8xL0ViYWJXZEdmS1lm
a254aFMxZ3V4ZDMtQW93RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAj562AMEAFloawMEAFlodwMEAFlo
fQMEAl6agDANBAIAAjAHAwUAKgCrATANBgkqhkiG9w0BAQsFAAOCAQEASLTtdhP9
ob4cDdrmitlgEHO3AjZNDQGrNIGu+i75+XTCcOR2lV/pCDTBRbY26THF2puMIv+r
58nEDPpg6xroxgND4FntrUrm9p7LcoTncWyauIsCi/qs1I+tXEWzQq8hGp40qe4D
K0pLW/EmGMzzFlJ994/I9jZruJXTSxNU0CgIyc/A/GoLIqL05OrieVWOtg0G41IP
Fou8QTWMat5JyPgJm4MW+YUrV10jHR8vI9MOgrampn7boFl5BD8kU2NAcjqj78cg
FQj9fSMAiSNa7VwYGPee89nzULbP28CUennLXVp60V6rnwfqAYZ+9ZIttFEC0ZOi
1aUh/A3M4NG/BQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:37 2024 by rpki-client on console-fra.rpki-client.org