Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/2siK9-ElQ9CFx1yj0bdpHUKz3o0.roa
File: 2siK9-ElQ9CFx1yj0bdpHUKz3o0.roa (raw, json)
Hash identifier: Qf1kI9c92IwpDkNnKQMxd/J0uOwYcA7ed8qxL7PuiFI=
Subject key identifier: DA:C8:8A:F7:E1:25:43:D0:85:C7:5C:A3:D1:B7:69:1D:42:B3:DE:8D
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 01847BDABEA78D280963ABAFB50432747A7A
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/2siK9-ElQ9CFx1yj0bdpHUKz3o0.roa
Signing time: Tue 15 Nov 2022 15:14:03 +0000
ROA not before: Tue 15 Nov 2022 15:14:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 185.132.125.0/24 maxlen: 24
45.136.196.0/24 maxlen: 24
45.136.197.0/24 maxlen: 24
45.136.198.0/24 maxlen: 24
45.136.199.0/24 maxlen: 24
176.97.64.0/23 maxlen: 23
185.87.148.0/23 maxlen: 23
188.116.22.0/24 maxlen: 24
195.54.171.0/24 maxlen: 24
176.97.70.0/23 maxlen: 23
176.97.68.0/23 maxlen: 23
176.97.66.0/23 maxlen: 23
176.97.72.0/24 maxlen: 24
176.97.73.0/24 maxlen: 24
5.61.62.0/23 maxlen: 23
5.61.60.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7b:da:be:a7:8d:28:09:63:ab:af:b5:04:32:74:7a:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Nov 15 15:14:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dac88af7e12543d085c75ca3d1b7691d42b3de8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b2:01:a3:e4:e7:a2:8e:45:fb:1f:c2:ee:ca:
18:d0:3e:ca:ea:25:f9:fc:03:82:b5:05:98:e7:f6:
d5:14:d4:c1:9a:ba:be:99:ba:4d:8e:34:7f:f1:03:
92:f9:ef:70:74:a0:21:25:a5:d8:76:d6:ca:b1:f0:
e8:49:51:08:c3:34:e9:a8:45:a9:f6:9d:ff:5f:61:
a1:fb:ae:ac:cb:95:04:51:8f:9e:25:78:59:70:02:
fa:a0:10:1c:c4:18:14:ce:68:31:ae:31:09:f7:b4:
68:fe:fc:f7:bd:f6:1a:bd:ce:8a:2e:76:ce:70:ae:
69:15:22:47:f4:98:cb:28:d4:a0:9d:48:38:54:98:
40:87:1b:54:95:3a:ce:d0:d4:16:35:94:d5:b7:6b:
49:4a:23:01:aa:2c:ff:75:61:e1:c4:65:51:2c:1f:
91:35:b6:99:64:6a:e8:a1:74:bf:dd:75:9a:53:b8:
e3:c2:89:1c:4e:33:df:b6:af:d1:5c:bb:8b:10:9b:
1d:f7:17:2b:ad:2f:1e:a6:ba:bb:83:16:5c:14:7a:
4a:19:6b:27:c0:36:46:4c:f9:59:2f:f3:1c:a9:6a:
de:da:87:c0:4b:3f:ba:b6:28:da:cb:7a:dc:3d:10:
b3:e8:60:f6:21:80:a1:9a:68:a0:5f:62:88:22:ad:
57:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C8:8A:F7:E1:25:43:D0:85:C7:5C:A3:D1:B7:69:1D:42:B3:DE:8D
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/2siK9-ElQ9CFx1yj0bdpHUKz3o0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.60.0/22
45.136.196.0/22
176.97.64.0-176.97.73.255
185.87.148.0/23
185.132.125.0/24
188.116.22.0/24
195.54.171.0/24
Signature Algorithm: sha256WithRSAEncryption
67:f2:44:43:c8:4f:c8:01:ee:66:8d:70:4e:c2:f3:57:c9:2e:
37:45:3c:c4:37:fc:8b:cf:2b:d3:ad:69:4f:c8:b3:bc:6c:4f:
e9:b9:81:6b:d7:3d:b6:6c:df:df:8f:6d:52:57:80:30:12:6f:
24:ba:c4:16:8e:33:fd:af:be:23:46:2e:77:fb:ff:e5:c9:bf:
c8:22:ce:b4:de:da:31:d8:f8:d4:57:f9:63:93:38:15:2f:4a:
90:ca:1e:7b:c2:2b:2d:14:59:e7:dc:11:7a:54:fc:5f:5d:3f:
54:9e:07:13:5d:db:c7:57:b9:aa:0f:6a:e8:b0:2c:64:ab:ef:
17:03:ca:19:5c:75:a8:a3:2d:7c:0e:a6:1c:e3:35:15:8a:a6:
08:e6:42:32:5e:79:41:c7:dc:17:9a:e5:a4:54:c6:e7:e0:b0:
97:6a:f6:11:60:b5:6e:21:9a:19:4a:2c:ec:ee:03:9d:12:84:
20:3e:60:ee:8c:11:92:6c:71:b4:3d:f3:2a:77:af:78:d3:59:
0e:f3:e1:a2:f7:c8:8d:64:ae:c6:9f:0c:2f:10:96:52:7c:30:
85:f4:0f:d5:fd:57:74:d2:c7:c2:2f:46:3e:4c:37:da:7c:a9:
ef:01:dc:5b:ef:55:25:d4:ed:9b:aa:09:03:b2:6a:60:dd:a1:
d9:22:cd:9f
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYR72r6njSgJY6uvtQQydHp6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjIxMTE1MTUxNDAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWM4OGFmN2UxMjU0M2QwODVjNzVjYTNkMWI3NjkxZDQyYjNkZThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7IBo+Tnoo5F+x/C7soY0D7K6iX5
/AOCtQWY5/bVFNTBmrq+mbpNjjR/8QOS+e9wdKAhJaXYdtbKsfDoSVEIwzTpqEWp
9p3/X2Gh+66sy5UEUY+eJXhZcAL6oBAcxBgUzmgxrjEJ97Ro/vz3vfYavc6KLnbO
cK5pFSJH9JjLKNSgnUg4VJhAhxtUlTrO0NQWNZTVt2tJSiMBqiz/dWHhxGVRLB+R
NbaZZGrooXS/3XWaU7jjwokcTjPftq/RXLuLEJsd9xcrrS8eprq7gxZcFHpKGWsn
wDZGTPlZL/McqWre2ofASz+6tijay3rcPRCz6GD2IYChmmigX2KIIq1XYQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFNrIivfhJUPQhcdco9G3aR1Cs96NMB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvMnNpSzktRWxROUNGeDF5ajBiZHBIVUt6M28wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCBT08AwQC
LYjEMAwDBAawYUADBAGwYUgDBAG5V5QDBAC5hH0DBAC8dBYDBADDNqswDQYJKoZI
hvcNAQELBQADggEBAGfyREPIT8gB7maNcE7C81fJLjdFPMQ3/IvPK9OtaU/Is7xs
T+m5gWvXPbZs39+PbVJXgDASbyS6xBaOM/2vviNGLnf7/+XJv8gizrTe2jHY+NRX
+WOTOBUvSpDKHnvCKy0UWefcEXpU/F9dP1SeBxNd28dXuaoPauiwLGSr7xcDyhlc
daijLXwOphzjNRWKpgjmQjJeeUHH3Bea5aRUxufgsJdq9hFgtW4hmhlKLOzuA50S
hCA+YO6MEZJscbQ98yp3r3jTWQ7z4aL3yI1krsafDC8QllJ8MIX0D9X9V3TSx8Iv
Rj5MN9p8qe8B3FvvVSXU7ZuqCQOyamDdodkizZ8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:44 2024 by rpki-client on console-fra.rpki-client.org