Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/IpPQhowY4hvDPBTWGTliFJLhQ-0.roa
File: IpPQhowY4hvDPBTWGTliFJLhQ-0.roa (raw, json)
Hash identifier: G5/VaX56CcDEyOaIdusCZxfHmYWaLhMIXehNqI6FbtA=
Subject key identifier: 22:93:D0:86:8C:18:E2:1B:C3:3C:14:D6:19:39:62:14:92:E1:43:ED
Certificate issuer: /CN=0246e8a76d30c7c0495bc5ce8ee5110feab286e6
Certificate serial: 018225BCC02168AF73625550D08734642617
Authority key identifier: 02:46:E8:A7:6D:30:C7:C0:49:5B:C5:CE:8E:E5:11:0F:EA:B2:86:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Akbop20wx8BJW8XOjuURD-qyhuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/IpPQhowY4hvDPBTWGTliFJLhQ-0.roa
Signing time: Fri 22 Jul 2022 11:48:23 +0000
ROA not before: Fri 22 Jul 2022 11:48:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14537
IP address blocks: 193.33.228.0/23 maxlen: 24
193.31.208.0/20 maxlen: 24
109.202.112.0/21 maxlen: 24
45.85.4.0/22 maxlen: 24
78.24.208.0/21 maxlen: 24
5.62.80.0/20 maxlen: 24
66.84.64.0/20 maxlen: 24
185.28.72.0/22 maxlen: 24
94.125.56.0/21 maxlen: 24
2a03:9e00::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:25:bc:c0:21:68:af:73:62:55:50:d0:87:34:64:26:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0246e8a76d30c7c0495bc5ce8ee5110feab286e6
Validity
Not Before: Jul 22 11:48:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2293d0868c18e21bc33c14d61939621492e143ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:38:12:5b:42:a0:10:e3:7d:e8:d0:5e:e1:d2:
8f:4c:8d:5f:a6:c8:c7:d1:73:a3:47:2d:c5:17:fe:
59:22:88:3a:8c:df:a7:5f:43:6f:a4:cf:5a:de:40:
7f:37:66:79:0c:d9:fd:77:4e:3d:1b:21:b3:70:0b:
8c:0d:06:05:4f:16:48:f8:36:b1:c2:40:3b:32:64:
8b:d7:79:ea:9c:18:e7:9b:ae:f1:f9:7d:b2:7f:82:
3b:ba:2c:fc:93:5c:67:63:7c:9b:d4:b0:0e:cc:33:
eb:d4:89:18:0d:3c:f9:55:2d:81:23:bb:2b:b4:6a:
46:0a:d6:bc:45:7c:b0:b3:0e:5c:71:b9:ca:ec:3d:
6c:0f:cd:6d:ed:b7:b0:99:eb:d6:7f:4d:91:49:1a:
23:17:38:99:af:7b:f3:94:1b:b9:ec:5d:92:e4:93:
a0:a7:77:0d:73:17:e8:e8:2d:c7:6a:ed:91:3f:a6:
c2:23:2e:95:ae:fd:37:ae:92:53:85:e6:9b:17:ef:
f9:e6:9f:2a:72:b8:75:89:cc:4f:83:75:10:26:15:
ed:aa:06:0b:4c:21:45:1b:90:ac:22:75:a9:53:91:
a8:08:45:ca:ce:16:97:86:bd:3b:52:b1:48:4c:d2:
00:12:f0:a1:54:0a:41:b0:d2:9e:51:ab:47:30:40:
cf:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:93:D0:86:8C:18:E2:1B:C3:3C:14:D6:19:39:62:14:92:E1:43:ED
X509v3 Authority Key Identifier:
keyid:02:46:E8:A7:6D:30:C7:C0:49:5B:C5:CE:8E:E5:11:0F:EA:B2:86:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Akbop20wx8BJW8XOjuURD-qyhuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/IpPQhowY4hvDPBTWGTliFJLhQ-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/Akbop20wx8BJW8XOjuURD-qyhuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.80.0/20
45.85.4.0/22
66.84.64.0/20
78.24.208.0/21
94.125.56.0/21
109.202.112.0/21
185.28.72.0/22
193.31.208.0/20
193.33.228.0/23
IPv6:
2a03:9e00::/32
Signature Algorithm: sha256WithRSAEncryption
17:2d:5e:69:83:66:c2:7c:7f:28:f7:b6:78:ab:f6:73:3f:5c:
f6:2e:4e:c1:a7:f5:08:b3:26:63:8d:e5:89:e7:c3:09:c4:82:
7d:91:15:88:a8:e1:11:93:ca:ee:07:3d:08:33:5c:01:b1:4d:
ba:f1:88:f6:b5:b7:e0:ad:4a:e1:97:a6:40:9f:0f:db:a0:f3:
92:83:3d:5f:bc:de:75:af:56:75:99:3c:c0:89:a4:07:a3:c3:
59:49:99:30:0f:11:bb:11:b3:79:f5:71:ce:33:15:56:76:d0:
cc:ce:b4:c8:a7:e0:c2:a5:41:e9:61:c0:d6:10:b9:0b:62:eb:
13:ba:70:1e:21:48:e7:57:08:58:06:13:37:d2:db:81:8f:2d:
39:b2:90:ec:2f:63:bb:0b:e0:d8:56:94:51:12:c6:fa:fd:04:
5c:ac:75:17:27:5a:00:dc:4a:60:75:88:d7:27:1f:bb:84:b2:
d3:c2:86:1b:18:7d:77:c4:19:16:e0:2b:08:94:71:30:69:85:
b6:ba:29:2a:a9:af:99:a6:7b:22:b4:07:bd:e5:92:4d:49:bf:
43:41:6d:77:ab:2a:ee:24:84:30:6b:43:20:fa:db:89:b4:79:
ae:8f:a4:84:da:f0:3e:da:52:64:23:af:df:5c:42:cd:89:e3:
9c:b9:c6:60
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYIlvMAhaK9zYlVQ0Ic0ZCYXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNDZlOGE3NmQzMGM3YzA0OTViYzVjZThlZTUxMTBmZWFi
Mjg2ZTYwHhcNMjIwNzIyMTE0ODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjkzZDA4NjhjMThlMjFiYzMzYzE0ZDYxOTM5NjIxNDkyZTE0M2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTgSW0KgEON96NBe4dKPTI1fpsjH
0XOjRy3FF/5ZIog6jN+nX0NvpM9a3kB/N2Z5DNn9d049GyGzcAuMDQYFTxZI+Dax
wkA7MmSL13nqnBjnm67x+X2yf4I7uiz8k1xnY3yb1LAOzDPr1IkYDTz5VS2BI7sr
tGpGCta8RXywsw5ccbnK7D1sD81t7bewmevWf02RSRojFziZr3vzlBu57F2S5JOg
p3cNcxfo6C3Hau2RP6bCIy6Vrv03rpJTheabF+/55p8qcrh1icxPg3UQJhXtqgYL
TCFFG5CsInWpU5GoCEXKzhaXhr07UrFITNIAEvChVApBsNKeUatHMEDPfQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFCKT0IaMGOIbwzwU1hk5YhSS4UPtMB8GA1UdIwQY
MBaAFAJG6KdtMMfASVvFzo7lEQ/qsobmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWtib3AyMHd4OEJKVzhYT2p1VVJELXF5aHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jMGE1NzYtYTIyMC00ZGUwLWFhYzEt
N2I5NmE5OTk3NzE4LzEvSXBQUWhvd1k0aHZEUEJUV0dUbGlGSkxoUS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jMGE1NzYtYTIyMC00ZGUwLWFhYzEtN2I5NmE5OTk3NzE4
LzEvQWtib3AyMHd4OEJKVzhYT2p1VVJELXF5aHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQEBT5QAwQC
LVUEAwQEQlRAAwQDThjQAwQDXn04AwQDbcpwAwQCuRxIAwQEwR/QAwQBwSHkMA0E
AgACMAcDBQAqA54AMA0GCSqGSIb3DQEBCwUAA4IBAQAXLV5pg2bCfH8o97Z4q/Zz
P1z2Lk7Bp/UIsyZjjeWJ58MJxIJ9kRWIqOERk8ruBz0IM1wBsU268Yj2tbfgrUrh
l6ZAnw/boPOSgz1fvN51r1Z1mTzAiaQHo8NZSZkwDxG7EbN59XHOMxVWdtDMzrTI
p+DCpUHpYcDWELkLYusTunAeIUjnVwhYBhM30tuBjy05spDsL2O7C+DYVpRREsb6
/QRcrHUXJ1oA3EpgdYjXJx+7hLLTwoYbGH13xBkW4CsIlHEwaYW2uikqqa+Zpnsi
tAe95ZJNSb9DQW13qyruJIQwa0Mg+tuJtHmuj6SE2vA+2lJkI6/fXELNieOcucZg
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:33 2023 by rpki-client on console-ams.rpki-client.org