Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/P7VfgCv4bxX2a5jzO40Yg2dJjHc.roa
File: P7VfgCv4bxX2a5jzO40Yg2dJjHc.roa (raw, json)
Hash identifier: 778XnBxzrd0+uwpwnGfG8avuXYbiNILgYjYMc+zsnWo=
Subject key identifier: 3F:B5:5F:80:2B:F8:6F:15:F6:6B:98:F3:3B:8D:18:83:67:49:8C:77
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 0387822E
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/P7VfgCv4bxX2a5jzO40Yg2dJjHc.roa
Signing time: Mon 23 May 2022 12:35:30 +0000
ROA not before: Mon 23 May 2022 12:35:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49074
IP address blocks: 193.242.196.0/22 maxlen: 22
109.166.32.0/22 maxlen: 22
91.228.140.0/22 maxlen: 22
194.40.204.0/22 maxlen: 22
91.234.56.0/22 maxlen: 22
151.248.64.0/24 maxlen: 24
151.248.65.0/24 maxlen: 24
151.248.66.0/24 maxlen: 24
151.248.67.0/24 maxlen: 24
151.248.95.0/24 maxlen: 24
176.124.72.0/22 maxlen: 22
176.124.76.0/22 maxlen: 22
176.113.104.0/22 maxlen: 22
176.113.108.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59212334 (0x387822e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: May 23 12:35:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3fb55f802bf86f15f66b98f33b8d188367498c77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ad:08:13:e8:ac:d3:7c:fc:9f:f2:27:b0:6b:
b4:42:c4:7d:dc:e4:06:44:df:f5:cf:92:46:db:d6:
5d:64:a8:ea:e1:6b:02:9a:67:04:ba:13:b7:5e:ea:
86:29:34:22:70:10:a9:2e:b1:56:04:c6:a5:a1:5a:
f9:29:02:a1:23:22:ba:b2:1c:b8:29:6f:25:32:3a:
ec:f3:a8:c5:84:be:5f:bb:53:64:85:cf:bb:a5:85:
a1:e1:b0:a2:74:92:30:6d:bd:d7:99:1e:40:6f:c1:
05:58:f4:39:8c:0b:f7:5b:bd:f9:59:e9:e4:22:4b:
d2:d7:62:a2:88:4c:09:ed:18:c8:9e:40:57:71:82:
78:ea:8e:a5:f6:3f:a3:f0:8f:7e:1e:d3:fd:54:2a:
ce:61:b4:90:2a:02:fa:79:14:62:2e:03:fa:a8:4d:
c1:d4:61:27:1f:65:dd:b4:6c:94:57:9c:f8:ee:97:
43:a2:a7:c2:3a:0b:df:4d:25:36:b6:7f:12:9a:99:
6d:1d:79:b6:ce:7d:5b:11:3f:8b:56:24:82:b7:28:
19:bc:5e:7a:79:c5:26:90:3a:6c:b9:d8:a8:db:63:
70:87:05:2e:22:34:ff:ac:23:cb:9d:a1:1c:9e:08:
8d:66:54:71:25:f7:1a:79:e3:0b:a7:1e:9e:f7:58:
6b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:B5:5F:80:2B:F8:6F:15:F6:6B:98:F3:3B:8D:18:83:67:49:8C:77
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/P7VfgCv4bxX2a5jzO40Yg2dJjHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.140.0/22
91.234.56.0/22
109.166.32.0/22
151.248.64.0/22
151.248.95.0/24
176.113.104.0/21
176.124.72.0/21
193.242.196.0/22
194.40.204.0/22
Signature Algorithm: sha256WithRSAEncryption
61:7b:f2:ce:2b:d8:58:66:ad:05:e0:24:09:ac:b6:5e:f3:55:
38:eb:9d:d8:47:f3:5a:48:0e:fc:e1:45:d6:d9:8a:ca:d8:02:
37:7b:99:87:55:8b:02:7c:92:bf:1f:93:3d:e3:10:12:96:e7:
dc:e5:a9:3e:4b:4b:b7:5a:e6:ba:e4:ba:15:d5:f1:79:43:42:
2c:c8:2d:f0:19:08:20:72:bd:1e:9a:84:c2:38:9e:0d:28:d5:
0d:04:a4:7d:0b:9f:e2:01:c0:93:ff:7a:3d:52:e8:49:d9:f7:
fb:1e:b6:e8:4d:b3:06:2f:a8:43:1b:26:76:45:b0:68:f6:06:
eb:f9:41:cf:c5:5e:16:9d:02:f9:42:6e:c6:a3:b0:07:58:3a:
c1:4c:69:94:42:93:ff:5a:4e:4b:2c:4d:1e:46:00:0d:95:d8:
4a:9f:9b:e4:64:22:ee:20:8f:44:52:b8:ad:9b:60:4f:cc:56:
04:05:ab:02:d6:e2:89:1a:cd:02:72:ca:57:fe:3c:bf:18:cb:
a5:d9:e9:b7:01:57:4b:66:5b:c3:6e:d3:a8:3c:70:3f:f7:af:
81:33:5e:83:11:a8:6f:5b:40:a8:4f:d8:fb:5c:65:6a:b9:5c:
aa:d1:2a:e0:37:1d:93:27:30:69:12:80:c8:a6:ea:79:3e:83:
1c:a8:32:bd
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEA4eCLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmYyYzJlN2JjMWRhNTRkOTE5Y2E1YjU5NDFkMzc4ODkyYjJjY2IyMB4XDTIyMDUy
MzEyMzUzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2ZiNTVmODAyYmY4
NmYxNWY2NmI5OGYzM2I4ZDE4ODM2NzQ5OGM3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJytCBPorNN8/J/yJ7BrtELEfdzkBkTf9c+SRtvWXWSo6uFr
AppnBLoTt17qhik0InAQqS6xVgTGpaFa+SkCoSMiurIcuClvJTI67POoxYS+X7tT
ZIXPu6WFoeGwonSSMG2915keQG/BBVj0OYwL91u9+Vnp5CJL0tdioohMCe0YyJ5A
V3GCeOqOpfY/o/CPfh7T/VQqzmG0kCoC+nkUYi4D+qhNwdRhJx9l3bRslFec+O6X
Q6KnwjoL300lNrZ/EpqZbR15ts59WxE/i1YkgrcoGbxeennFJpA6bLnYqNtjcIcF
LiI0/6wjy52hHJ4IjWZUcSX3GnnjC6cenvdYa58CAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQ/tV+AK/hvFfZrmPM7jRiDZ0mMdzAfBgNVHSMEGDAWgBQi8sLnvB2lTZGc
pbWUHTeIkrLMsjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0l2TEM1N3dkcFUyUm5LVzFsQjAzaUpLeXpMSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2IvNjAyNTMwLTZkMjItNDZmMS04ZTA1LTAyZGVmNmU4NGM5MS8x
L1A3VmZnQ3Y0YnhYMmE1anpPNDBZZzJkSmpIYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Iv
NjAyNTMwLTZkMjItNDZmMS04ZTA1LTAyZGVmNmU4NGM5MS8xL0l2TEM1N3dkcFUy
Um5LVzFsQjAzaUpLeXpMSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAlvkjAMEAlvqOAMEAm2mIAMEApf4
QAMEAJf4XwMEA7BxaAMEA7B8SAMEAsHyxAMEAsIozDANBgkqhkiG9w0BAQsFAAOC
AQEAYXvyzivYWGatBeAkCay2XvNVOOud2EfzWkgO/OFF1tmKytgCN3uZh1WLAnyS
vx+TPeMQEpbn3OWpPktLt1rmuuS6FdXxeUNCLMgt8BkIIHK9HpqEwjieDSjVDQSk
fQuf4gHAk/96PVLoSdn3+x626E2zBi+oQxsmdkWwaPYG6/lBz8VeFp0C+UJuxqOw
B1g6wUxplEKT/1pOSyxNHkYADZXYSp+b5GQi7iCPRFK4rZtgT8xWBAWrAtbiiRrN
AnLKV/48vxjLpdnptwFXS2Zbw27TqDxwP/evgTNegxGob1tAqE/Y+1xlarlcqtEq
4DcdkycwaRKAyKbqeT6DHKgyvQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:57 2023 by rpki-client on console-ams.rpki-client.org