Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/s98sSji7NiSgSWCVBSEL-ukK2qQ.roa
File: s98sSji7NiSgSWCVBSEL-ukK2qQ.roa (raw, json)
Hash identifier: VlFjwKJYME0rzvzxNa0yCGpMuBx/8j9iztVlI3mv2D8=
Subject key identifier: B3:DF:2C:4A:38:BB:36:24:A0:49:60:95:05:21:0B:FA:E9:0A:DA:A4
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 01834DCCBD9DD557E7AEF64E49FA6CF64B93
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/s98sSji7NiSgSWCVBSEL-ukK2qQ.roa
Signing time: Sat 17 Sep 2022 23:33:27 +0000
ROA not before: Sat 17 Sep 2022 23:33:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 185.132.125.0/24 maxlen: 24
45.136.196.0/24 maxlen: 24
45.136.197.0/24 maxlen: 24
45.136.198.0/24 maxlen: 24
45.136.199.0/24 maxlen: 24
176.97.64.0/23 maxlen: 23
185.87.148.0/23 maxlen: 23
195.54.171.0/24 maxlen: 24
176.97.70.0/23 maxlen: 23
176.97.68.0/23 maxlen: 23
176.97.66.0/23 maxlen: 23
5.61.62.0/23 maxlen: 23
5.61.60.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:4d:cc:bd:9d:d5:57:e7:ae:f6:4e:49:fa:6c:f6:4b:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Sep 17 23:33:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b3df2c4a38bb3624a049609505210bfae90adaa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:04:d9:88:79:4f:bf:0d:cd:a6:16:fd:a7:95:
16:6b:6c:50:6f:9b:22:23:da:bc:38:56:1f:21:ad:
03:92:7a:62:25:0e:ad:3c:e5:a0:58:b4:53:39:8a:
84:16:06:96:b1:b7:5a:77:01:34:63:a6:e6:6f:d7:
39:ff:f8:2f:a0:e4:83:41:47:65:c6:ac:0f:49:1f:
6b:af:b2:b4:63:a4:6e:4b:2d:6a:8d:f0:7f:20:b4:
8b:82:3a:03:12:35:b0:6d:b5:3b:17:8f:37:a7:2c:
02:a8:d0:b4:2d:c8:28:1c:58:af:6c:f0:c0:26:ef:
5b:e8:ab:25:8d:e5:9c:25:f4:a7:17:10:8d:07:ab:
f0:e8:2b:c3:60:ba:b8:24:c3:09:9d:a7:14:e5:33:
40:69:69:ee:d3:07:8c:36:d7:d0:aa:0b:9d:1f:89:
d5:1b:b5:9d:df:86:39:dc:78:ce:37:fa:15:00:22:
97:d9:94:3e:11:05:49:a8:6b:2f:53:27:11:cc:18:
36:43:92:b4:c3:94:16:96:ba:7a:25:03:99:6f:4e:
6e:6c:29:e6:1d:82:15:d7:ef:83:ff:de:6c:93:c3:
26:09:0a:d6:2f:08:18:22:04:50:1b:47:71:04:69:
d8:58:20:9f:a0:08:fb:3b:10:30:ab:0e:ac:8b:e8:
95:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:DF:2C:4A:38:BB:36:24:A0:49:60:95:05:21:0B:FA:E9:0A:DA:A4
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/s98sSji7NiSgSWCVBSEL-ukK2qQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.60.0/22
45.136.196.0/22
176.97.64.0/21
185.87.148.0/23
185.132.125.0/24
195.54.171.0/24
Signature Algorithm: sha256WithRSAEncryption
79:bd:da:20:90:8a:b0:3c:00:75:b0:e7:ec:3e:ca:fe:2e:2f:
5d:4b:74:88:dc:b7:23:8c:72:8e:56:b5:8f:2b:7f:0a:60:ad:
f2:67:50:59:0c:39:a0:65:1b:28:e9:2a:59:5b:e2:48:56:07:
70:de:24:51:38:36:b6:16:f4:51:e3:04:d6:4d:73:ef:db:18:
03:d2:35:73:23:9d:c1:50:90:b3:aa:eb:df:bb:2c:c2:28:ff:
b3:6a:70:a5:12:81:d9:7a:3a:83:2e:7d:66:09:4d:be:05:f4:
84:82:79:55:5b:c9:b5:c2:14:55:30:a9:4c:d0:9d:75:23:fb:
7c:c0:6c:a0:34:d2:5d:d7:28:56:e3:f1:92:96:46:c6:97:b1:
8a:68:e0:c2:b5:85:af:79:0f:5a:bf:79:ba:66:56:6e:e8:4f:
fa:54:e5:79:01:3f:16:fb:9b:b9:b7:9a:df:ea:01:c1:c5:b6:
52:b4:91:57:0d:8d:dd:ad:78:47:ad:66:b0:27:ea:fb:fd:9a:
f2:3c:3b:93:3d:3d:b2:69:85:e3:39:13:55:de:b1:e6:a5:19:
e3:14:f9:3c:a0:3e:05:88:9b:46:41:40:4e:2a:27:a0:68:08:
7e:5f:57:3e:99:03:9e:5c:b1:e2:97:62:65:8c:aa:50:bd:1b:
f6:e4:d5:8b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYNNzL2d1VfnrvZOSfps9kuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjIwOTE3MjMzMzI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2RmMmM0YTM4YmIzNjI0YTA0OTYwOTUwNTIxMGJmYWU5MGFkYWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQTZiHlPvw3Nphb9p5UWa2xQb5si
I9q8OFYfIa0DknpiJQ6tPOWgWLRTOYqEFgaWsbdadwE0Y6bmb9c5//gvoOSDQUdl
xqwPSR9rr7K0Y6RuSy1qjfB/ILSLgjoDEjWwbbU7F483pywCqNC0LcgoHFivbPDA
Ju9b6KsljeWcJfSnFxCNB6vw6CvDYLq4JMMJnacU5TNAaWnu0weMNtfQqgudH4nV
G7Wd34Y53HjON/oVACKX2ZQ+EQVJqGsvUycRzBg2Q5K0w5QWlrp6JQOZb05ubCnm
HYIV1++D/95sk8MmCQrWLwgYIgRQG0dxBGnYWCCfoAj7OxAwqw6si+iVhwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLPfLEo4uzYkoElglQUhC/rpCtqkMB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvczk4c1NqaTdOaVNnU1dDVkJTRUwtdWtLMnFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBT08AwQC
LYjEAwQDsGFAAwQBuVeUAwQAuYR9AwQAwzarMA0GCSqGSIb3DQEBCwUAA4IBAQB5
vdogkIqwPAB1sOfsPsr+Li9dS3SI3LcjjHKOVrWPK38KYK3yZ1BZDDmgZRso6SpZ
W+JIVgdw3iRRODa2FvRR4wTWTXPv2xgD0jVzI53BUJCzquvfuyzCKP+zanClEoHZ
ejqDLn1mCU2+BfSEgnlVW8m1whRVMKlM0J11I/t8wGygNNJd1yhW4/GSlkbGl7GK
aODCtYWveQ9av3m6ZlZu6E/6VOV5AT8W+5u5t5rf6gHBxbZStJFXDY3drXhHrWaw
J+r7/ZryPDuTPT2yaYXjORNV3rHmpRnjFPk8oD4FiJtGQUBOKiegaAh+X1c+mQOe
XLHil2JljKpQvRv25NWL
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:57 2023 by rpki-client on console-fra.rpki-client.org