Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/9hZjP9sT2FEncHHIa-U7PsF5Uck.roa
File: 9hZjP9sT2FEncHHIa-U7PsF5Uck.roa (raw, json)
Hash identifier: M1ZAvRjPJlVRw1v9/LPVh7JNkyX7ws3kgc7IEIE4JXo=
Subject key identifier: F6:16:63:3F:DB:13:D8:51:27:70:71:C8:6B:E5:3B:3E:C1:79:51:C9
Certificate issuer: /CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Certificate serial: 0D2FE8BE
Authority key identifier: 50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/9hZjP9sT2FEncHHIa-U7PsF5Uck.roa
Signing time: Sat 01 Jan 2022 06:01:43 +0000
ROA not before: Sat 01 Jan 2022 06:01:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15763
IP address blocks: 195.253.8.0/21 maxlen: 21
195.253.16.0/22 maxlen: 22
195.253.21.0/24 maxlen: 24
195.253.24.0/22 maxlen: 22
195.138.36.0/24 maxlen: 24
195.138.44.0/22 maxlen: 22
195.253.28.0/23 maxlen: 23
195.253.30.0/24 maxlen: 24
195.138.42.0/23 maxlen: 23
195.138.48.0/22 maxlen: 22
195.138.52.0/24 maxlen: 24
195.138.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 221243582 (0xd2fe8be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Validity
Not Before: Jan 1 06:01:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f616633fdb13d851277071c86be53b3ec17951c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:cb:7f:f2:30:58:91:4f:83:7b:87:79:88:48:
4f:18:d3:0b:0f:f5:23:ab:6a:3e:14:8e:10:07:9d:
29:39:28:c4:1f:07:bb:37:80:a7:30:b3:f1:33:fc:
67:62:d2:56:69:f3:63:d1:49:b6:02:ad:17:0d:73:
64:09:82:4f:da:0d:e7:bb:73:d5:e5:b6:8a:3a:1b:
e4:46:57:0c:60:7f:c9:f9:96:98:e2:df:62:d8:a8:
56:3f:cf:8c:a9:ad:96:4b:d4:ca:59:41:62:5d:91:
2f:8e:a1:96:7b:6b:73:65:09:c2:63:8d:96:5f:7a:
74:4d:ad:c6:b7:37:fe:17:de:6c:10:30:70:14:21:
0a:c1:9f:f3:86:0e:6e:c3:76:01:7f:cb:73:5d:b3:
32:b2:5b:e4:58:31:9d:ab:f4:4d:21:55:21:af:7f:
60:2d:e4:95:6e:17:55:b2:36:ff:7c:40:c3:8d:20:
7b:5f:b4:65:54:ec:d3:e2:10:5e:a1:8d:b7:80:e6:
50:cb:23:05:b2:ea:de:47:3d:ac:f0:3d:d6:d9:b1:
f8:61:d6:86:db:48:52:72:f3:51:a6:df:b0:fa:d3:
4d:32:79:e1:a0:c3:58:48:1c:9e:44:2f:93:2e:da:
0a:8d:b8:b1:7a:d9:5b:09:c4:f9:89:42:a9:85:82:
52:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:16:63:3F:DB:13:D8:51:27:70:71:C8:6B:E5:3B:3E:C1:79:51:C9
X509v3 Authority Key Identifier:
keyid:50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/9hZjP9sT2FEncHHIa-U7PsF5Uck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.138.36.0/24
195.138.42.0-195.138.52.255
195.138.59.0/24
195.253.8.0-195.253.19.255
195.253.21.0/24
195.253.24.0-195.253.30.255
Signature Algorithm: sha256WithRSAEncryption
62:6a:24:f2:1b:3a:0f:c3:66:f2:ac:41:9d:54:93:6a:a0:9b:
ab:3e:bc:db:2d:54:a5:1f:83:3c:d0:6d:fb:8f:5e:cc:a2:82:
b3:d7:39:88:68:96:d2:80:ff:c6:fc:66:dd:94:af:2b:fd:54:
d6:b5:9f:a7:1b:d6:d6:3a:8a:73:4f:9c:f4:11:ec:43:2b:92:
10:26:e6:d0:5b:05:7b:35:cd:d1:d3:7c:dc:72:01:a8:67:2f:
70:13:81:1c:e4:6c:52:0e:51:d1:d0:da:6f:c2:44:ee:d1:5d:
b7:10:b2:ec:5d:4f:10:6c:56:0e:b1:ad:be:db:36:19:ba:58:
55:3a:93:7a:49:25:6f:78:05:c2:67:55:ef:ff:de:3a:f1:c8:
91:e6:29:17:66:15:56:29:45:e8:62:a8:2f:72:c3:4e:16:60:
df:37:10:1b:27:bf:82:f9:71:44:c2:2e:68:6e:97:5a:e8:43:
91:dd:ac:bc:09:78:d4:dc:84:09:03:ff:2f:aa:69:8f:39:02:
80:25:4a:70:50:96:24:7a:4c:89:d2:f6:73:66:fd:4f:d4:a3:
b3:6e:ae:9a:6b:e8:ba:7c:3a:7b:8e:86:75:58:d9:7c:0d:51:
46:96:26:41:96:09:2c:cd:83:48:0d:65:b7:fe:f9:44:0c:2b:
5f:55:52:f7
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIEDS/ovjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MGMxZTQyNmY1OGU0MmFlMzBlNTZjZGI3ZmY0ZDhmOWRkZDg1YjMwMB4XDTIyMDEw
MTA2MDE0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjYxNjYzM2ZkYjEz
ZDg1MTI3NzA3MWM4NmJlNTNiM2VjMTc5NTFjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJnLf/IwWJFPg3uHeYhITxjTCw/1I6tqPhSOEAedKTkoxB8H
uzeApzCz8TP8Z2LSVmnzY9FJtgKtFw1zZAmCT9oN57tz1eW2ijob5EZXDGB/yfmW
mOLfYtioVj/PjKmtlkvUyllBYl2RL46hlntrc2UJwmONll96dE2txrc3/hfebBAw
cBQhCsGf84YObsN2AX/Lc12zMrJb5Fgxnav0TSFVIa9/YC3klW4XVbI2/3xAw40g
e1+0ZVTs0+IQXqGNt4DmUMsjBbLq3kc9rPA91tmx+GHWhttIUnLzUabfsPrTTTJ5
4aDDWEgcnkQvky7aCo24sXrZWwnE+YlCqYWCUtECAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBT2FmM/2xPYUSdwcchr5Ts+wXlRyTAfBgNVHSMEGDAWgBRQweQm9Y5CrjDl
bNt/9Nj53dhbMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VNSGtKdldPUXE0dzVXemJmX1RZLWQzWVd6QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2IvOWM2ZGFkLTM3N2EtNDQ0ZS1iMGRjLTA2M2NlNmNmNDYwZC8x
LzloWmpQOXNUMkZFbmNISElhLVU3UHNGNVVjay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Iv
OWM2ZGFkLTM3N2EtNDQ0ZS1iMGRjLTA2M2NlNmNmNDYwZC8xL1VNSGtKdldPUXE0
dzVXemJmX1RZLWQzWVd6QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAMOKJDAMAwQBw4oqAwQAw4o0AwQA
w4o7MAwDBAPD/QgDBALD/RADBADD/RUwDAMEA8P9GAMEAMP9HjANBgkqhkiG9w0B
AQsFAAOCAQEAYmok8hs6D8Nm8qxBnVSTaqCbqz682y1UpR+DPNBt+49ezKKCs9c5
iGiW0oD/xvxm3ZSvK/1U1rWfpxvW1jqKc0+c9BHsQyuSECbm0FsFezXN0dN83HIB
qGcvcBOBHORsUg5R0dDab8JE7tFdtxCy7F1PEGxWDrGtvts2GbpYVTqTekklb3gF
wmdV7//eOvHIkeYpF2YVVilF6GKoL3LDThZg3zcQGye/gvlxRMIuaG6XWuhDkd2s
vAl41NyECQP/L6ppjzkCgCVKcFCWJHpMidL2c2b9T9Sjs26ummvounw6e46GdVjZ
fA1RRpYmQZYJLM2DSA1lt/75RAwrX1VS9w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:09 2024 by rpki-client on console-fra.rpki-client.org