Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/2wc1dbqOUowFYR5Mo1jZyNChH1Q.roa
File: 2wc1dbqOUowFYR5Mo1jZyNChH1Q.roa (raw, json)
Hash identifier: uzQzDHYfzaRCfp0D1nXfvEM7QTRdhqAjwpdgdRIMTQI=
Subject key identifier: DB:07:35:75:BA:8E:52:8C:05:61:1E:4C:A3:58:D9:C8:D0:A1:1F:54
Certificate issuer: /CN=c7c1fdbaf9ac0e5adeec60a0923c4dd4a01e92dc
Certificate serial: 09DB15E1
Authority key identifier: C7:C1:FD:BA:F9:AC:0E:5A:DE:EC:60:A0:92:3C:4D:D4:A0:1E:92:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x8H9uvmsDlre7GCgkjxN1KAektw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/2wc1dbqOUowFYR5Mo1jZyNChH1Q.roa
Signing time: Sat 01 Jan 2022 08:58:19 +0000
ROA not before: Sat 01 Jan 2022 08:58:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8893
IP address blocks: 91.198.32.0/24 maxlen: 24
37.228.144.0/22 maxlen: 22
91.200.108.0/22 maxlen: 22
91.211.8.0/22 maxlen: 22
195.230.108.0/24 maxlen: 24
2a01:41e1::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165352929 (0x9db15e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7c1fdbaf9ac0e5adeec60a0923c4dd4a01e92dc
Validity
Not Before: Jan 1 08:58:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db073575ba8e528c05611e4ca358d9c8d0a11f54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d1:a9:2f:c0:c4:d4:71:f2:16:5a:7c:b3:bb:
fd:ca:e8:08:46:04:79:19:9e:d0:93:76:cf:11:cf:
1f:82:2d:56:b1:04:21:f0:42:71:eb:ee:51:01:ea:
25:5a:d1:48:c1:39:aa:00:f1:01:54:7d:18:3a:c7:
5e:fc:09:99:a4:32:85:cf:ac:e1:bb:91:bf:31:3e:
b0:5c:98:92:b6:b6:8a:c3:4d:9c:05:e7:b0:09:36:
b4:41:a2:19:62:b1:65:78:df:16:cb:1b:3c:ed:2c:
31:ca:2a:b6:58:3d:34:d2:08:53:4b:be:0b:5b:a5:
b4:ad:36:09:c2:16:f2:bc:3d:6c:b7:a2:81:7a:a8:
30:49:52:46:21:7a:73:e5:96:3a:39:8e:d0:91:25:
da:a9:5b:69:80:32:7a:01:5e:b5:31:fa:6a:af:ad:
ec:89:70:c3:0c:52:2b:28:75:39:23:71:d6:49:41:
75:db:1f:b6:a5:af:22:d5:f8:ad:37:89:92:72:4c:
4a:b5:b1:37:55:75:c1:47:5c:11:a4:cf:7b:02:51:
eb:c9:18:c9:f7:7c:78:bb:d8:5f:0b:f4:34:93:89:
8c:60:5b:25:e7:c9:1b:5d:06:ba:05:9a:0a:27:87:
44:af:e3:4b:39:88:98:c8:87:32:49:d0:20:67:43:
9c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:07:35:75:BA:8E:52:8C:05:61:1E:4C:A3:58:D9:C8:D0:A1:1F:54
X509v3 Authority Key Identifier:
keyid:C7:C1:FD:BA:F9:AC:0E:5A:DE:EC:60:A0:92:3C:4D:D4:A0:1E:92:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x8H9uvmsDlre7GCgkjxN1KAektw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/2wc1dbqOUowFYR5Mo1jZyNChH1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/x8H9uvmsDlre7GCgkjxN1KAektw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.144.0/22
91.198.32.0/24
91.200.108.0/22
91.211.8.0/22
195.230.108.0/24
IPv6:
2a01:41e1::/32
Signature Algorithm: sha256WithRSAEncryption
a4:69:34:75:36:06:73:87:4e:c6:94:40:bf:ac:9d:37:c8:52:
3f:67:0b:71:88:87:b6:c3:4c:00:1a:ac:6d:18:c4:16:7b:fb:
da:6c:21:5e:23:7a:f8:6f:d3:e5:6b:77:1a:ea:53:7c:dc:56:
01:32:a4:44:e5:2a:15:e7:8c:8e:84:5c:22:53:32:f3:09:0d:
70:92:b5:92:b8:1b:f3:6f:3c:85:d4:95:cc:b7:a1:e1:c8:9a:
4a:e4:eb:a7:cc:37:a1:7f:81:b1:a3:36:82:31:45:b0:d6:e3:
c3:00:1c:59:52:a3:83:d1:d3:4d:c9:e3:24:5b:ac:1e:ad:8d:
75:84:a0:d0:01:18:f9:63:6d:57:52:c3:12:ec:d0:45:79:98:
77:d9:7f:7b:7e:e6:67:f0:0e:aa:50:60:70:32:da:08:f0:ea:
d8:68:15:9c:68:ab:19:15:a0:c2:30:72:56:5a:d2:9a:00:8e:
eb:8a:11:c2:2c:dc:fe:28:3b:55:bb:e9:e7:d4:96:e2:04:29:
8a:6c:5f:42:8c:fd:28:15:d9:25:65:e6:aa:b1:40:38:78:0a:
e7:7c:9a:9f:aa:53:a0:ab:4c:30:9d:43:90:52:f4:ca:ae:29:
71:6e:57:f4:b0:90:ef:3d:17:6a:ba:9c:04:fb:7f:17:b0:a6:
9c:3d:da:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIECdsV4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
N2MxZmRiYWY5YWMwZTVhZGVlYzYwYTA5MjNjNGRkNGEwMWU5MmRjMB4XDTIyMDEw
MTA4NTgxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGIwNzM1NzViYThl
NTI4YzA1NjExZTRjYTM1OGQ5YzhkMGExMWY1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPRqS/AxNRx8hZafLO7/croCEYEeRme0JN2zxHPH4ItVrEE
IfBCcevuUQHqJVrRSME5qgDxAVR9GDrHXvwJmaQyhc+s4buRvzE+sFyYkra2isNN
nAXnsAk2tEGiGWKxZXjfFssbPO0sMcoqtlg9NNIIU0u+C1ultK02CcIW8rw9bLei
gXqoMElSRiF6c+WWOjmO0JEl2qlbaYAyegFetTH6aq+t7IlwwwxSKyh1OSNx1klB
ddsftqWvItX4rTeJknJMSrWxN1V1wUdcEaTPewJR68kYyfd8eLvYXwv0NJOJjGBb
JefJG10GugWaCieHRK/jSzmImMiHMknQIGdDnKUCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTbBzV1uo5SjAVhHkyjWNnI0KEfVDAfBgNVHSMEGDAWgBTHwf26+awOWt7s
YKCSPE3UoB6S3DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3g4SDl1dm1zRGxyZTdHQ2dranhOMUtBZWt0dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvNmEyNzJiLThiNmYtNGZlMy04ZjI5LWYwMDI5ODE2MDk3ZS8x
LzJ3YzFkYnFPVW93RllSNU1vMWpaeU5DaEgxUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
NmEyNzJiLThiNmYtNGZlMy04ZjI5LWYwMDI5ODE2MDk3ZS8xL3g4SDl1dm1zRGxy
ZTdHQ2dranhOMUtBZWt0dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAiXkkAMEAFvGIAMEAlvIbAMEAlvT
CAMEAMPmbDANBAIAAjAHAwUAKgFB4TANBgkqhkiG9w0BAQsFAAOCAQEApGk0dTYG
c4dOxpRAv6ydN8hSP2cLcYiHtsNMABqsbRjEFnv72mwhXiN6+G/T5Wt3GupTfNxW
ATKkROUqFeeMjoRcIlMy8wkNcJK1krgb8288hdSVzLeh4ciaSuTrp8w3oX+BsaM2
gjFFsNbjwwAcWVKjg9HTTcnjJFusHq2NdYSg0AEY+WNtV1LDEuzQRXmYd9l/e37m
Z/AOqlBgcDLaCPDq2GgVnGirGRWgwjByVlrSmgCO64oRwizc/ig7Vbvp59SW4gQp
imxfQoz9KBXZJWXmqrFAOHgK53yan6pToKtMMJ1DkFL0yq4pcW5X9LCQ7z0Xarqc
BPt/F7CmnD3aIQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:10 2024 by rpki-client on console-fra.rpki-client.org