Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/IfniAh5WsjfO3OaGpeHkNsrXjzw.roa
File: IfniAh5WsjfO3OaGpeHkNsrXjzw.roa (raw, json)
Hash identifier: tdekig7J+jhJXtM3cNoNdW+Go8dgqQXIBxwmaMxLzys=
Subject key identifier: 21:F9:E2:02:1E:56:B2:37:CE:DC:E6:86:A5:E1:E4:36:CA:D7:8F:3C
Certificate issuer: /CN=172537601a31697404922d957e74450f5a9cbe73
Certificate serial: 01A66928
Authority key identifier: 17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/IfniAh5WsjfO3OaGpeHkNsrXjzw.roa
Signing time: Sat 01 Jan 2022 00:56:08 +0000
ROA not before: Sat 01 Jan 2022 00:56:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25534
IP address blocks: 109.238.160.0/22 maxlen: 24
109.238.164.0/22 maxlen: 24
109.238.160.0/20 maxlen: 24
109.238.172.0/22 maxlen: 24
109.238.168.0/22 maxlen: 24
185.146.16.0/22 maxlen: 24
81.17.164.0/22 maxlen: 24
81.17.160.0/22 maxlen: 24
81.17.160.0/20 maxlen: 24
81.17.168.0/22 maxlen: 24
81.17.172.0/22 maxlen: 24
217.15.176.0/20 maxlen: 24
217.15.176.0/22 maxlen: 24
217.15.180.0/22 maxlen: 24
217.15.184.0/22 maxlen: 24
217.15.188.0/22 maxlen: 24
2a00:1a08::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27683112 (0x1a66928)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=172537601a31697404922d957e74450f5a9cbe73
Validity
Not Before: Jan 1 00:56:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21f9e2021e56b237cedce686a5e1e436cad78f3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ad:95:d2:97:45:da:02:0c:9c:7a:72:26:48:
c5:7c:24:99:70:f0:7c:db:00:c3:9f:0b:82:87:5c:
0b:cb:17:3b:bd:b7:92:3c:ca:6d:47:eb:83:74:c0:
9e:81:c7:ab:a6:72:f5:cd:f3:10:44:af:e5:d2:77:
53:dc:49:46:51:b2:26:ea:76:f1:dd:a4:ad:d7:d5:
44:30:99:3e:b8:27:f1:1a:c6:39:23:e0:a5:57:55:
bc:98:a6:b7:00:95:f3:1c:be:03:1f:91:1b:f2:60:
cb:86:53:11:32:73:7b:e8:39:a6:13:b3:e7:1e:22:
86:bf:c8:b7:6b:5c:99:46:ee:3d:45:00:a7:d4:b0:
d8:8e:8e:6a:b5:41:1c:ef:40:be:02:48:37:23:17:
b9:29:f8:00:a1:0b:a0:13:b7:f6:42:dd:cd:ad:a2:
0d:bc:89:c8:4f:8a:f0:c1:75:c9:17:8f:35:c3:7a:
2e:80:07:76:59:ed:15:10:33:74:f7:e9:a1:52:74:
d7:2e:e2:75:df:0f:05:ab:3f:e9:16:8e:99:14:9a:
b0:9d:70:13:3f:b7:c7:c5:9a:f9:d6:4d:46:89:cb:
e0:08:80:59:a4:ba:f1:d8:a4:45:64:2c:77:c1:8c:
60:dd:20:d2:7e:af:01:b4:e8:91:77:26:94:ae:e7:
de:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F9:E2:02:1E:56:B2:37:CE:DC:E6:86:A5:E1:E4:36:CA:D7:8F:3C
X509v3 Authority Key Identifier:
keyid:17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/IfniAh5WsjfO3OaGpeHkNsrXjzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.17.160.0/20
109.238.160.0/20
185.146.16.0/22
217.15.176.0/20
IPv6:
2a00:1a08::/32
Signature Algorithm: sha256WithRSAEncryption
71:3c:34:72:36:20:a2:bb:f8:62:6a:5b:a2:8e:bf:ce:52:c3:
56:44:c9:90:98:eb:b2:12:53:88:a3:ce:1f:8d:68:b4:a6:c5:
10:4e:06:a0:af:05:78:73:56:b3:8a:07:23:16:58:d4:32:71:
83:0c:ff:6f:03:86:29:94:79:8e:15:5b:c8:fb:aa:18:90:c9:
c5:a8:77:64:0f:a4:06:31:d0:e3:04:d4:50:f8:31:82:38:fa:
56:28:7d:28:1a:65:78:18:fe:9f:86:ab:54:a8:2d:a3:41:50:
f4:5d:db:3e:16:6a:ce:d5:07:07:e3:30:e2:56:5c:7c:7f:ee:
a1:24:a8:68:0e:a0:e2:e6:9e:e1:9e:1f:ed:ba:2b:0e:af:86:
ec:53:cf:d5:c4:2a:fe:1c:50:5c:a0:92:94:64:c8:88:23:35:
7e:5e:62:78:0a:3c:c1:a7:21:f8:2e:8f:b5:e7:7d:95:46:d5:
88:97:e0:6a:5f:f1:52:77:cf:58:10:0d:d7:8d:d0:d9:cb:91:
28:04:30:4e:87:58:52:8c:aa:d3:b1:e3:8b:79:4a:78:03:15:
23:45:a2:75:a7:d6:e9:0c:5a:45:9f:3d:03:4a:33:20:64:35:
91:84:7c:91:6a:a0:4a:76:72:c7:a5:8d:35:1e:48:71:c5:95:
e1:91:f0:60
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEAaZpKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NzI1Mzc2MDFhMzE2OTc0MDQ5MjJkOTU3ZTc0NDUwZjVhOWNiZTczMB4XDTIyMDEw
MTAwNTYwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjFmOWUyMDIxZTU2
YjIzN2NlZGNlNjg2YTVlMWU0MzZjYWQ3OGYzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKitldKXRdoCDJx6ciZIxXwkmXDwfNsAw58LgodcC8sXO723
kjzKbUfrg3TAnoHHq6Zy9c3zEESv5dJ3U9xJRlGyJup28d2krdfVRDCZPrgn8RrG
OSPgpVdVvJimtwCV8xy+Ax+RG/Jgy4ZTETJze+g5phOz5x4ihr/It2tcmUbuPUUA
p9Sw2I6OarVBHO9AvgJINyMXuSn4AKELoBO39kLdza2iDbyJyE+K8MF1yRePNcN6
LoAHdlntFRAzdPfpoVJ01y7idd8PBas/6RaOmRSasJ1wEz+3x8Wa+dZNRonL4AiA
WaS68dikRWQsd8GMYN0g0n6vAbTokXcmlK7n3pMCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQh+eICHlayN87c5oal4eQ2ytePPDAfBgNVHSMEGDAWgBQXJTdgGjFpdASS
LZV+dEUPWpy+czAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Z5VTNZQm94YVhRRWtpMlZmblJGRDFxY3ZuTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzcvMjE5Y2FlLTI2NGQtNDZhNy05ZTY0LWU2MDRiNjFiZTBlYS8x
L0lmbmlBaDVXc2pmTzNPYUdwZUhrTnNyWGp6dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcv
MjE5Y2FlLTI2NGQtNDZhNy05ZTY0LWU2MDRiNjFiZTBlYS8xL0Z5VTNZQm94YVhR
RWtpMlZmblJGRDFxY3ZuTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBFERoAMEBG3uoAMEArmSEAMEBNkP
sDANBAIAAjAHAwUAKgAaCDANBgkqhkiG9w0BAQsFAAOCAQEAcTw0cjYgorv4Ympb
oo6/zlLDVkTJkJjrshJTiKPOH41otKbFEE4GoK8FeHNWs4oHIxZY1DJxgwz/bwOG
KZR5jhVbyPuqGJDJxah3ZA+kBjHQ4wTUUPgxgjj6Vih9KBpleBj+n4arVKgto0FQ
9F3bPhZqztUHB+Mw4lZcfH/uoSSoaA6g4uae4Z4f7borDq+G7FPP1cQq/hxQXKCS
lGTIiCM1fl5ieAo8wach+C6Pted9lUbViJfgal/xUnfPWBAN143Q2cuRKAQwTodY
Uoyq07Hji3lKeAMVI0WidafW6QxaRZ89A0ozIGQ1kYR8kWqgSnZyx6WNNR5IccWV
4ZHwYA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:06 2023 by rpki-client on console-fra.rpki-client.org