Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/f7c4a2-b606-4292-b9f7-fa3c4ef5edf6/1/i2oxmWGKZClQf0ckNsJ8J7gU1Uw.roa
File: i2oxmWGKZClQf0ckNsJ8J7gU1Uw.roa (raw, json)
Hash identifier: BStOYyKaQsXSuJ61Uy1eRCnFdmcD78DoW8wPrDB/Mzc=
Subject key identifier: 8B:6A:31:99:61:8A:64:29:50:7F:47:24:36:C2:7C:27:B8:14:D5:4C
Certificate issuer: /CN=3da6e69e65dd0a540599703ed0c92474cb20e939
Certificate serial: 0580EC8C
Authority key identifier: 3D:A6:E6:9E:65:DD:0A:54:05:99:70:3E:D0:C9:24:74:CB:20:E9:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PabmnmXdClQFmXA-0MkkdMsg6Tk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/f7c4a2-b606-4292-b9f7-fa3c4ef5edf6/1/i2oxmWGKZClQf0ckNsJ8J7gU1Uw.roa
Signing time: Sat 01 Jan 2022 09:55:40 +0000
ROA not before: Sat 01 Jan 2022 09:55:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 55002
IP address blocks: 91.106.120.0/21 maxlen: 24
88.133.232.0/21 maxlen: 24
46.227.96.0/21 maxlen: 24
80.209.192.0/19 maxlen: 24
95.130.160.0/21 maxlen: 24
212.77.160.0/19 maxlen: 24
185.119.92.0/22 maxlen: 24
88.133.176.0/20 maxlen: 24
81.27.160.0/20 maxlen: 24
217.74.0.0/21 maxlen: 24
5.149.224.0/20 maxlen: 24
130.185.0.0/18 maxlen: 24
2001:16e0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92335244 (0x580ec8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3da6e69e65dd0a540599703ed0c92474cb20e939
Validity
Not Before: Jan 1 09:55:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b6a3199618a6429507f472436c27c27b814d54c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:07:22:a6:7e:15:dc:3e:f6:29:c8:b2:3c:35:
8e:02:c6:fa:1f:fb:a6:c3:69:fd:bb:1d:4e:57:e8:
7d:56:1b:33:aa:7c:d0:46:f5:49:6c:af:6c:a3:a4:
d3:ff:82:03:0c:98:c0:93:42:05:4d:63:fe:a8:1e:
1d:33:01:8e:66:cf:f1:ca:37:25:4f:13:30:b9:e2:
40:d0:8b:88:75:ce:8a:e0:9c:d9:3a:3b:72:bd:a0:
41:b7:62:b4:cb:09:a6:fe:d8:83:4a:21:a1:5c:a6:
ea:76:8e:d2:b4:b1:ab:90:2c:72:ae:8d:0f:3f:95:
8f:24:d9:37:40:5b:a7:94:c9:f9:b2:51:f0:bd:84:
9f:2c:56:29:6b:62:45:26:a1:19:5a:49:8e:ae:75:
2c:e1:be:55:ad:e8:ef:e3:94:af:0c:6f:b5:0a:c8:
1b:44:e7:dd:02:2a:b9:02:87:6e:7a:11:a4:b7:6a:
83:68:f9:fa:ad:bf:18:13:60:a1:ea:9d:72:da:04:
5a:3f:33:de:eb:2e:0c:03:68:a3:bd:1d:d0:45:e0:
13:2e:7c:e4:77:ce:77:b6:81:35:0b:0d:ed:70:62:
3a:5e:26:1e:bd:08:9d:27:59:cf:f2:64:17:52:65:
77:ce:29:fa:6c:2e:6b:6b:92:7b:f5:9b:1e:16:cd:
1a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:6A:31:99:61:8A:64:29:50:7F:47:24:36:C2:7C:27:B8:14:D5:4C
X509v3 Authority Key Identifier:
keyid:3D:A6:E6:9E:65:DD:0A:54:05:99:70:3E:D0:C9:24:74:CB:20:E9:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PabmnmXdClQFmXA-0MkkdMsg6Tk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/f7c4a2-b606-4292-b9f7-fa3c4ef5edf6/1/i2oxmWGKZClQf0ckNsJ8J7gU1Uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/f7c4a2-b606-4292-b9f7-fa3c4ef5edf6/1/PabmnmXdClQFmXA-0MkkdMsg6Tk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.224.0/20
46.227.96.0/21
80.209.192.0/19
81.27.160.0/20
88.133.176.0/20
88.133.232.0/21
91.106.120.0/21
95.130.160.0/21
130.185.0.0/18
185.119.92.0/22
212.77.160.0/19
217.74.0.0/21
IPv6:
2001:16e0::/29
Signature Algorithm: sha256WithRSAEncryption
2f:d9:9c:0e:04:83:13:fc:33:81:1e:2d:5e:da:f6:66:45:ce:
7d:26:8b:83:e3:c8:c1:06:16:a9:38:0f:76:4a:d5:65:8e:4d:
26:c2:fc:d1:f3:2f:92:92:9d:01:cd:e1:d5:13:75:d2:d4:36:
33:9e:8a:f1:56:cd:7b:0e:17:53:02:64:e8:c9:18:87:ae:c9:
05:a0:e0:ae:f2:1a:dd:10:a7:fd:b2:7d:8a:71:f6:02:75:8b:
d5:9b:13:83:31:b6:01:25:75:2f:b6:88:ce:4d:f4:e0:b3:4b:
c7:0b:a5:2e:5a:18:12:8b:e5:22:e4:8a:16:51:83:e3:3b:b9:
5f:27:c4:b0:54:33:33:00:35:07:df:1d:b3:8c:b3:ab:ea:39:
eb:af:3f:82:81:25:65:07:e7:54:c8:87:f4:09:b7:a9:3c:d6:
dd:51:34:8e:7d:dd:4f:12:eb:c7:39:cf:51:0b:43:e7:41:a6:
6f:32:f1:b9:30:ab:90:64:35:a5:f7:49:ca:48:1e:f0:65:2e:
09:28:72:e4:79:64:33:68:48:c7:87:35:30:f9:05:35:6e:1b:
c2:bb:09:e7:97:14:bf:c9:d5:91:51:e7:8a:71:11:5c:ad:81:
60:75:ec:88:c3:86:89:e5:82:8c:99:37:1f:b1:18:b3:2a:80:
80:02:1a:87
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIEBYDsjDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZGE2ZTY5ZTY1ZGQwYTU0MDU5OTcwM2VkMGM5MjQ3NGNiMjBlOTM5MB4XDTIyMDEw
MTA5NTU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGI2YTMxOTk2MThh
NjQyOTUwN2Y0NzI0MzZjMjdjMjdiODE0ZDU0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYHIqZ+Fdw+9inIsjw1jgLG+h/7psNp/bsdTlfofVYbM6p8
0Eb1SWyvbKOk0/+CAwyYwJNCBU1j/qgeHTMBjmbP8co3JU8TMLniQNCLiHXOiuCc
2To7cr2gQbditMsJpv7Yg0ohoVym6naO0rSxq5Ascq6NDz+VjyTZN0Bbp5TJ+bJR
8L2EnyxWKWtiRSahGVpJjq51LOG+Va3o7+OUrwxvtQrIG0Tn3QIquQKHbnoRpLdq
g2j5+q2/GBNgoeqdctoEWj8z3usuDANoo70d0EXgEy585HfOd7aBNQsN7XBiOl4m
Hr0InSdZz/JkF1Jld84p+mwua2uSe/WbHhbNGjkCAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBSLajGZYYpkKVB/RyQ2wnwnuBTVTDAfBgNVHSMEGDAWgBQ9puaeZd0KVAWZ
cD7QySR0yyDpOTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BhYm1ubVhkQ2xRRm1YQS0wTWtrZE1zZzZUay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvZjdjNGEyLWI2MDYtNDI5Mi1iOWY3LWZhM2M0ZWY1ZWRmNi8x
L2kyb3htV0dLWkNsUWYwY2tOc0o4SjdnVTFVdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
ZjdjNGEyLWI2MDYtNDI5Mi1iOWY3LWZhM2M0ZWY1ZWRmNi8xL1BhYm1ubVhkQ2xR
Rm1YQS0wTWtrZE1zZzZUay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSAMEBAWV4AMEAy7jYAMEBVDRwAMEBFEb
oAMEBFiFsAMEA1iF6AMEA1tqeAMEA1+CoAMEBoK5AAMEArl3XAMEBdRNoAMEA9lK
ADANBAIAAjAHAwUDIAEW4DANBgkqhkiG9w0BAQsFAAOCAQEAL9mcDgSDE/wzgR4t
Xtr2ZkXOfSaLg+PIwQYWqTgPdkrVZY5NJsL80fMvkpKdAc3h1RN10tQ2M56K8VbN
ew4XUwJk6MkYh67JBaDgrvIa3RCn/bJ9inH2AnWL1ZsTgzG2ASV1L7aIzk304LNL
xwulLloYEovlIuSKFlGD4zu5XyfEsFQzMwA1B98ds4yzq+o5668/goElZQfnVMiH
9Am3qTzW3VE0jn3dTxLrxznPUQtD50GmbzLxuTCrkGQ1pfdJykge8GUuCShy5Hlk
M2hIx4c1MPkFNW4bwrsJ55cUv8nVkVHninERXK2BYHXsiMOGieWCjJk3H7EYsyqA
gAIahw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:50 2024 by rpki-client on console-fra.rpki-client.org