Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/R3Ovd-Qa8QNMXZpu-2rxT3b-2bs.roa
File: R3Ovd-Qa8QNMXZpu-2rxT3b-2bs.roa (raw, json)
Hash identifier: GPk7iDCQoNpHLwAEhcrGFWW7t033zy0+AA6gF7CqRe0=
Subject key identifier: 47:73:AF:77:E4:1A:F1:03:4C:5D:9A:6E:FB:6A:F1:4F:76:FE:D9:BB
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 053BC79A
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/R3Ovd-Qa8QNMXZpu-2rxT3b-2bs.roa
Signing time: Fri 27 May 2022 17:40:13 +0000
ROA not before: Fri 27 May 2022 17:40:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49687
IP address blocks: 146.66.212.0/22 maxlen: 22
146.66.216.0/23 maxlen: 23
5.157.224.0/22 maxlen: 22
178.157.127.0/24 maxlen: 24
5.157.136.0/21 maxlen: 21
5.157.144.0/21 maxlen: 21
188.119.176.0/22 maxlen: 22
188.74.191.0/24 maxlen: 24
37.35.44.0/22 maxlen: 22
188.74.154.0/23 maxlen: 23
188.74.153.0/24 maxlen: 24
188.74.170.0/24 maxlen: 24
2a03:8800::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87803802 (0x53bc79a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: May 27 17:40:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4773af77e41af1034c5d9a6efb6af14f76fed9bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a7:a4:14:7a:13:24:a6:e5:96:d3:35:a0:60:
b6:7b:14:2d:4e:d6:b4:4b:28:72:7b:dc:3b:e8:82:
7e:0f:61:3c:b3:4d:ed:ec:7f:e9:30:ea:ac:fa:75:
b3:51:15:4f:5f:4a:12:91:65:60:55:8b:07:05:33:
86:46:e1:cc:3d:78:e5:96:72:6f:6d:fb:4c:15:a6:
42:1b:c1:71:57:c3:a7:45:8f:5f:23:00:29:05:b8:
50:a5:54:a3:bd:a1:f0:6a:09:3e:08:ff:e5:0a:8d:
20:1e:01:da:61:23:c1:b8:08:d9:88:cc:06:95:4c:
17:85:18:65:e2:95:7f:a0:de:2b:5b:62:44:aa:3f:
29:10:68:0b:d8:32:ec:cb:87:9e:cf:10:77:dd:01:
8d:22:8f:ad:2f:c1:19:7b:58:dd:51:5f:67:31:aa:
7c:61:b8:4f:10:06:f2:9d:02:0c:8c:20:99:92:a9:
f4:0e:9c:72:c0:68:fc:eb:4d:9c:ec:8b:c2:fc:af:
38:14:f8:1a:62:ea:07:98:8b:6f:d7:b8:7a:ae:a2:
b3:88:12:d7:00:f3:56:8f:71:a8:de:d1:e0:74:87:
ba:88:3a:42:69:19:c7:a3:65:99:b8:eb:3a:5f:2e:
a7:2f:23:2d:dc:f8:ae:90:79:ce:6f:0e:95:e0:87:
87:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:73:AF:77:E4:1A:F1:03:4C:5D:9A:6E:FB:6A:F1:4F:76:FE:D9:BB
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/R3Ovd-Qa8QNMXZpu-2rxT3b-2bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.136.0-5.157.151.255
5.157.224.0/22
37.35.44.0/22
146.66.212.0-146.66.217.255
178.157.127.0/24
188.74.153.0-188.74.155.255
188.74.170.0/24
188.74.191.0/24
188.119.176.0/22
IPv6:
2a03:8800::/32
Signature Algorithm: sha256WithRSAEncryption
27:e5:e4:01:c8:fb:70:3b:a9:bc:c5:dd:e9:ba:79:ab:7c:f0:
19:21:15:c6:a5:bf:a8:c0:40:26:72:0e:fa:77:54:6c:72:10:
3f:35:04:b7:ae:3a:b7:7e:a4:e5:fb:51:56:10:a9:a4:8b:2c:
31:06:fe:d3:fc:6b:66:1c:bb:c7:bf:31:c8:85:fd:33:c8:6d:
09:b8:88:a9:83:6d:3a:90:12:4b:49:d8:f4:b9:49:62:fc:17:
04:1e:73:35:c6:a1:ee:67:cf:47:7e:50:0b:2c:03:a2:12:61:
b9:17:bb:e2:e1:da:6b:bb:72:e9:cb:83:d3:d6:01:70:3b:be:
f1:a5:5d:ab:62:d9:86:8f:a8:4c:a9:d2:97:ce:46:29:3e:af:
4c:62:a8:13:39:2e:bf:f2:00:02:89:02:98:12:45:61:47:27:
07:c8:ea:de:fd:7d:b9:33:63:dc:b6:16:1b:c4:4d:bd:bb:2b:
5b:0f:31:10:01:50:39:cc:82:e6:d6:57:ec:3a:e4:27:4b:5d:
94:10:b1:0e:cc:cd:99:5a:a3:a4:2f:db:f1:b2:34:49:de:65:
f1:88:07:68:fd:47:00:87:e9:65:71:8d:7d:5d:61:44:fa:19:
bf:36:c4:c3:e4:b8:84:bc:cf:5e:0f:13:a8:82:f2:49:3f:e5:
3d:b6:39:9c
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIEBTvHmjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YjIzM2Q3NTUwOGI0ZTg1Y2NjZjQ0MzQ5YTdjYjcwMzE5OGQxZDI2MB4XDTIyMDUy
NzE3NDAxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDc3M2FmNzdlNDFh
ZjEwMzRjNWQ5YTZlZmI2YWYxNGY3NmZlZDliYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOOnpBR6EySm5ZbTNaBgtnsULU7WtEsocnvcO+iCfg9hPLNN
7ex/6TDqrPp1s1EVT19KEpFlYFWLBwUzhkbhzD145ZZyb237TBWmQhvBcVfDp0WP
XyMAKQW4UKVUo72h8GoJPgj/5QqNIB4B2mEjwbgI2YjMBpVMF4UYZeKVf6DeK1ti
RKo/KRBoC9gy7MuHns8Qd90BjSKPrS/BGXtY3VFfZzGqfGG4TxAG8p0CDIwgmZKp
9A6ccsBo/OtNnOyLwvyvOBT4GmLqB5iLb9e4eq6is4gS1wDzVo9xqN7R4HSHuog6
QmkZx6NlmbjrOl8upy8jLdz4rpB5zm8OleCHh1sCAwEAAaOCAmAwggJcMB0GA1Ud
DgQWBBRHc6935BrxA0xdmm77avFPdv7ZuzAfBgNVHSMEGDAWgBRrIz11UItOhczP
RDSafLcDGY0dJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2F5TTlkVkNMVG9YTXowUTBtbnkzQXhtTkhTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTAvOWQ5MTkyLTI3M2MtNGNhOS1iMmJhLWZhOWNiNTFjZDBmMS8x
L1IzT3ZkLVFhOFFOTVhacHUtMnJ4VDNiLTJicy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAv
OWQ5MTkyLTI3M2MtNGNhOS1iMmJhLWZhOWNiNTFjZDBmMS8xL2F5TTlkVkNMVG9Y
TXowUTBtbnkzQXhtTkhTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB2
BggrBgEFBQcBBwEB/wRnMGUwVAQCAAEwTjAMAwQDBZ2IAwQDBZ2QAwQCBZ3gAwQC
JSMsMAwDBAKSQtQDBAGSQtgDBACynX8wDAMEALxKmQMEArxKmAMEALxKqgMEALxK
vwMEArx3sDANBAIAAjAHAwUAKgOIADANBgkqhkiG9w0BAQsFAAOCAQEAJ+XkAcj7
cDupvMXd6bp5q3zwGSEVxqW/qMBAJnIO+ndUbHIQPzUEt646t36k5ftRVhCppIss
MQb+0/xrZhy7x78xyIX9M8htCbiIqYNtOpASS0nY9LlJYvwXBB5zNcah7mfPR35Q
CywDohJhuRe74uHaa7ty6cuD09YBcDu+8aVdq2LZho+oTKnSl85GKT6vTGKoEzku
v/IAAokCmBJFYUcnB8jq3v19uTNj3LYWG8RNvbsrWw8xEAFQOcyC5tZX7DrkJ0td
lBCxDszNmVqjpC/b8bI0Sd5l8YgHaP1HAIfpZXGNfV1hRPoZvzbEw+S4hLzPXg8T
qILyST/lPbY5nA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:16 2024 by rpki-client on console-fra.rpki-client.org