Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/Z-JQSPWZZMnkbZsSyJ4KG69A958.roa
File: Z-JQSPWZZMnkbZsSyJ4KG69A958.roa (raw, json)
Hash identifier: w7rgnvPi19yy21mpMwhE6svy0RUMZHJpxoSapJ2YO6I=
Subject key identifier: 67:E2:50:48:F5:99:64:C9:E4:6D:9B:12:C8:9E:0A:1B:AF:40:F7:9F
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 01845C1FE0B077793D7EACE7E543F9FE3F5C
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/Z-JQSPWZZMnkbZsSyJ4KG69A958.roa
Signing time: Wed 09 Nov 2022 11:21:43 +0000
ROA not before: Wed 09 Nov 2022 11:21:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207743
IP address blocks: 188.74.129.0/24 maxlen: 24
188.74.132.0/22 maxlen: 24
188.119.156.0/23 maxlen: 24
5.154.252.0/23 maxlen: 23
5.157.130.0/23 maxlen: 23
5.157.129.0/24 maxlen: 24
5.154.254.0/23 maxlen: 23
37.35.42.0/23 maxlen: 23
37.35.40.0/23 maxlen: 23
178.157.72.0/22 maxlen: 24
188.74.210.0/23 maxlen: 23
178.157.102.0/23 maxlen: 23
188.74.240.0/22 maxlen: 24
188.74.140.0/22 maxlen: 22
188.74.168.0/23 maxlen: 23
188.74.182.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5c:1f:e0:b0:77:79:3d:7e:ac:e7:e5:43:f9:fe:3f:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Nov 9 11:21:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67e25048f59964c9e46d9b12c89e0a1baf40f79f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:35:ee:17:72:09:57:4a:05:7c:2b:ee:e5:5e:
55:c7:92:66:82:73:88:5b:14:32:fd:77:a9:e0:da:
ad:43:08:1e:5f:71:c6:ff:af:3b:32:ba:d5:76:b5:
cf:5d:90:f2:f1:06:58:22:48:a0:e0:e2:25:bd:9f:
18:98:ba:ac:2d:65:0c:09:cb:40:63:10:d5:84:8e:
54:b1:1a:7f:c5:9b:50:53:d5:c0:14:ae:0b:9c:39:
88:37:5c:da:29:7e:ce:b0:2d:5a:92:2e:1d:01:b8:
ff:86:94:6e:c7:2b:f9:ab:7b:39:5d:02:65:f7:08:
4e:ba:6c:f8:78:f5:d8:c0:95:fc:0b:1f:cc:40:4a:
4f:f4:04:cb:92:8e:8d:c8:dd:ac:c3:d6:15:b4:66:
5d:38:93:55:68:1f:43:c7:1a:ae:a6:dc:11:d9:6c:
e9:5e:dd:04:e0:1e:61:b6:55:ea:9d:a7:87:f6:df:
dd:27:40:ca:5d:7a:e4:e2:4d:e7:de:69:33:48:63:
ae:ef:cb:fe:62:03:81:ae:f9:07:06:77:a0:1d:92:
d2:c9:db:9d:87:0a:b9:2c:c6:a2:3b:c7:63:1d:ca:
e5:c5:60:62:d4:68:b3:a9:18:54:69:7c:aa:ad:9d:
6b:e3:17:c6:f9:19:73:d5:47:d4:15:ef:08:27:a7:
45:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:E2:50:48:F5:99:64:C9:E4:6D:9B:12:C8:9E:0A:1B:AF:40:F7:9F
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/Z-JQSPWZZMnkbZsSyJ4KG69A958.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.252.0/22
5.157.129.0-5.157.131.255
37.35.40.0/22
178.157.72.0/22
178.157.102.0/23
188.74.129.0/24
188.74.132.0/22
188.74.140.0/22
188.74.168.0/23
188.74.182.0/23
188.74.210.0/23
188.74.240.0/22
188.119.156.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:da:21:84:d1:62:a7:ac:9c:df:ad:9f:17:e9:bb:7f:c7:44:
dc:e2:6e:a3:94:72:4c:49:da:fa:72:1d:ca:fc:2a:6b:b4:5b:
cf:9c:db:82:9b:47:1d:17:b4:7e:2a:69:10:4a:6d:5b:cc:69:
18:98:ab:26:c2:26:13:49:88:d3:fb:30:3c:ea:73:68:d6:26:
92:b9:7f:5f:9d:a5:dc:cd:16:82:e1:db:d2:33:b7:6d:c3:70:
2d:6c:30:a2:f2:47:2a:49:7b:78:49:fc:3c:f3:ac:cf:ec:30:
ff:3e:d6:52:54:6f:f5:e7:44:4f:1e:2a:a7:e4:b8:b2:08:d5:
33:57:58:b1:21:52:89:8e:35:53:26:01:9e:af:d7:c5:4c:cb:
1c:5d:c7:fe:c0:dc:9a:37:d3:44:94:17:3b:f9:7a:25:30:93:
25:74:70:53:e3:fd:d4:27:51:70:f7:de:5f:c7:18:e5:a5:f5:
df:99:93:bc:26:9a:e6:08:41:d1:13:13:b7:e5:66:e9:39:9d:
49:43:7a:f7:57:ae:7c:66:60:9c:b8:88:aa:bf:c7:b3:96:18:
23:82:48:60:26:d1:52:65:20:5c:64:1b:f7:4d:98:ca:0f:63:
b6:13:09:04:72:35:e9:30:1b:de:fe:2c:64:1b:30:f3:51:c1:
ec:92:bd:61
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYRcH+Cwd3k9fqzn5UP5/j9cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjIxMTA5MTEyMTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2UyNTA0OGY1OTk2NGM5ZTQ2ZDliMTJjODllMGExYmFmNDBmNzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5zXuF3IJV0oFfCvu5V5Vx5JmgnOI
WxQy/Xep4NqtQwgeX3HG/687MrrVdrXPXZDy8QZYIkig4OIlvZ8YmLqsLWUMCctA
YxDVhI5UsRp/xZtQU9XAFK4LnDmIN1zaKX7OsC1aki4dAbj/hpRuxyv5q3s5XQJl
9whOumz4ePXYwJX8Cx/MQEpP9ATLko6NyN2sw9YVtGZdOJNVaB9DxxquptwR2Wzp
Xt0E4B5htlXqnaeH9t/dJ0DKXXrk4k3n3mkzSGOu78v+YgOBrvkHBnegHZLSydud
hwq5LMaiO8djHcrlxWBi1GizqRhUaXyqrZ1r4xfG+Rlz1UfUFe8IJ6dFWQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFGfiUEj1mWTJ5G2bEsieChuvQPefMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvWi1KUVNQV1paTW5rYlpzU3lKNEtHNjlBOTU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQCBZr8MAwD
BAAFnYEDBAIFnYADBAIlIygDBAKynUgDBAGynWYDBAC8SoEDBAK8SoQDBAK8SowD
BAG8SqgDBAG8SrYDBAG8StIDBAK8SvADBAG8d5wwDQYJKoZIhvcNAQELBQADggEB
AIvaIYTRYqesnN+tnxfpu3/HRNzibqOUckxJ2vpyHcr8Kmu0W8+c24KbRx0XtH4q
aRBKbVvMaRiYqybCJhNJiNP7MDzqc2jWJpK5f1+dpdzNFoLh29Izt23DcC1sMKLy
RypJe3hJ/DzzrM/sMP8+1lJUb/XnRE8eKqfkuLII1TNXWLEhUomONVMmAZ6v18VM
yxxdx/7A3Jo300SUFzv5eiUwkyV0cFPj/dQnUXD33l/HGOWl9d+Zk7wmmuYIQdET
E7flZuk5nUlDevdXrnxmYJy4iKq/x7OWGCOCSGAm0VJlIFxkG/dNmMoPY7YTCQRy
NekwG97+LGQbMPNRweySvWE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:16 2024 by rpki-client on console-fra.rpki-client.org