Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/794yYYaPD-BXWMZT6qTWcXQtWzg.roa
File: 794yYYaPD-BXWMZT6qTWcXQtWzg.roa (raw, json)
Hash identifier: PpFmYXoib1JIi8oyZqzGnuPbf6TAnth7Vu9SUcpgzNY=
Subject key identifier: EF:DE:32:61:86:8F:0F:E0:57:58:C6:53:EA:A4:D6:71:74:2D:5B:38
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 053C7552
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/794yYYaPD-BXWMZT6qTWcXQtWzg.roa
Signing time: Fri 27 May 2022 17:40:14 +0000
ROA not before: Fri 27 May 2022 17:40:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199552
IP address blocks: 146.66.219.0/24 maxlen: 24
146.66.218.0/24 maxlen: 24
188.74.128.0/24 maxlen: 24
178.157.125.0/24 maxlen: 24
188.119.162.0/24 maxlen: 24
37.35.55.0/24 maxlen: 24
178.157.92.0/24 maxlen: 24
178.157.108.0/24 maxlen: 24
178.157.111.0/24 maxlen: 24
178.157.110.0/24 maxlen: 24
188.119.144.0/22 maxlen: 22
5.157.240.0/21 maxlen: 21
91.235.123.0/24 maxlen: 24
188.74.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87848274 (0x53c7552)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: May 27 17:40:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=efde3261868f0fe05758c653eaa4d671742d5b38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6e:6f:dd:f9:02:72:2a:5e:9e:c4:81:da:81:
ce:3c:bb:5a:07:69:b0:42:23:d6:6e:5f:22:23:0d:
44:ac:7a:dd:af:17:87:e3:c0:86:45:f7:b2:16:23:
b3:dd:ce:78:92:bd:92:0f:98:cb:f3:0d:ce:dc:b2:
46:cb:f0:f9:1e:0a:14:02:26:be:f6:1f:92:6a:e1:
8b:fc:80:8e:f3:4d:67:2a:73:0d:a1:10:cc:3b:e6:
de:6c:1f:af:43:ed:d3:32:7f:dc:0c:4c:9b:03:c8:
ab:e8:04:aa:a1:c5:bb:3a:33:cc:2b:df:ad:cc:7e:
c9:62:23:2e:11:97:6e:15:91:39:32:18:0f:7c:66:
61:c9:4d:18:a5:c9:3f:e2:12:df:70:d9:73:69:4d:
f2:92:be:0e:72:7d:3e:cd:f9:29:fd:bf:13:d4:9a:
09:56:60:6f:43:ac:64:65:25:ce:85:8b:0f:f2:d5:
94:f3:05:f2:9c:7a:df:7d:0d:94:ca:42:73:71:26:
fe:7a:32:5f:a0:7b:e3:1c:ed:13:16:fa:2f:80:10:
5b:4f:6e:20:d6:1e:34:0c:db:c5:d2:b4:8d:ad:ad:
a9:6b:89:34:26:20:eb:79:fe:cf:ae:41:e5:d4:29:
c6:3a:d2:84:b7:77:17:ed:8a:c4:98:4c:cd:99:99:
85:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:DE:32:61:86:8F:0F:E0:57:58:C6:53:EA:A4:D6:71:74:2D:5B:38
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/794yYYaPD-BXWMZT6qTWcXQtWzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.240.0/21
37.35.55.0/24
91.235.123.0/24
146.66.218.0/23
178.157.92.0/24
178.157.108.0/24
178.157.110.0/23
178.157.125.0/24
188.74.128.0/24
188.74.171.0/24
188.119.144.0/22
188.119.162.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:da:58:e1:4a:47:54:70:e0:cb:8d:67:7b:66:ae:4c:53:e0:
8d:54:23:80:a0:94:fb:5e:8c:c5:4f:cc:be:ea:ed:81:0c:18:
ad:11:9b:03:d2:58:a6:97:db:ac:a7:98:56:38:f2:65:74:2b:
bb:09:ec:42:57:4d:2a:2f:0f:95:3e:04:47:75:b3:1d:29:51:
c1:2f:16:34:09:77:c1:bb:3d:7e:1d:82:a1:a8:42:3e:5b:bb:
ac:7c:0c:80:7f:92:b0:04:60:a6:72:40:2d:f6:ef:0d:f4:66:
fc:e2:60:42:9b:b9:a7:71:86:0b:fb:ff:e8:a0:09:b0:3e:3a:
cd:43:bd:f5:21:67:28:2b:8d:c7:a5:44:56:bf:ec:02:4a:67:
6f:50:a5:7f:c3:5c:ef:a4:3a:ef:46:4a:a3:e0:d4:3d:56:84:
2e:71:73:39:ca:81:d6:ed:c1:92:96:1d:c7:e8:83:59:c5:d8:
75:2e:70:81:85:b3:85:c0:07:00:35:86:73:5e:b8:86:6a:21:
f4:74:8f:d4:c4:44:1b:9a:da:fc:c2:3e:35:35:24:84:f8:58:
ba:93:48:4d:09:9f:e7:ad:8a:1e:c9:d4:e7:68:73:d1:5b:57:
55:07:26:f2:ba:89:86:69:69:0f:7f:28:32:c2:9a:17:6e:41:
56:00:bd:a8
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEBTx1UjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YjIzM2Q3NTUwOGI0ZTg1Y2NjZjQ0MzQ5YTdjYjcwMzE5OGQxZDI2MB4XDTIyMDUy
NzE3NDAxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWZkZTMyNjE4Njhm
MGZlMDU3NThjNjUzZWFhNGQ2NzE3NDJkNWIzODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZub935AnIqXp7EgdqBzjy7WgdpsEIj1m5fIiMNRKx63a8X
h+PAhkX3shYjs93OeJK9kg+Yy/MNztyyRsvw+R4KFAImvvYfkmrhi/yAjvNNZypz
DaEQzDvm3mwfr0Pt0zJ/3AxMmwPIq+gEqqHFuzozzCvfrcx+yWIjLhGXbhWROTIY
D3xmYclNGKXJP+IS33DZc2lN8pK+DnJ9Ps35Kf2/E9SaCVZgb0OsZGUlzoWLD/LV
lPMF8px6330NlMpCc3Em/noyX6B74xztExb6L4AQW09uINYeNAzbxdK0ja2tqWuJ
NCYg63n+z65B5dQpxjrShLd3F+2KxJhMzZmZhQUCAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBTv3jJhho8P4FdYxlPqpNZxdC1bODAfBgNVHSMEGDAWgBRrIz11UItOhczP
RDSafLcDGY0dJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2F5TTlkVkNMVG9YTXowUTBtbnkzQXhtTkhTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTAvOWQ5MTkyLTI3M2MtNGNhOS1iMmJhLWZhOWNiNTFjZDBmMS8x
Lzc5NHlZWWFQRC1CWFdNWlQ2cVRXY1hRdFd6Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAv
OWQ5MTkyLTI3M2MtNGNhOS1iMmJhLWZhOWNiNTFjZDBmMS8xL2F5TTlkVkNMVG9Y
TXowUTBtbnkzQXhtTkhTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEAwWd8AMEACUjNwMEAFvrewMEAZJC
2gMEALKdXAMEALKdbAMEAbKdbgMEALKdfQMEALxKgAMEALxKqwMEArx3kAMEALx3
ojANBgkqhkiG9w0BAQsFAAOCAQEAitpY4UpHVHDgy41ne2auTFPgjVQjgKCU+16M
xU/MvurtgQwYrRGbA9JYppfbrKeYVjjyZXQruwnsQldNKi8PlT4ER3WzHSlRwS8W
NAl3wbs9fh2CoahCPlu7rHwMgH+SsARgpnJALfbvDfRm/OJgQpu5p3GGC/v/6KAJ
sD46zUO99SFnKCuNx6VEVr/sAkpnb1Clf8Nc76Q670ZKo+DUPVaELnFzOcqB1u3B
kpYdx+iDWcXYdS5wgYWzhcAHADWGc164hmoh9HSP1MREG5ra/MI+NTUkhPhYupNI
TQmf562KHsnU52hz0VtXVQcm8rqJhmlpD38oMsKaF25BVgC9qA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:14 2023 by rpki-client on console-ams.rpki-client.org