Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ma3qoVWjOqpsdoWIu-LEK5XRqIc.roa
File: ma3qoVWjOqpsdoWIu-LEK5XRqIc.roa (raw, json)
Hash identifier: +26fxr0Pf9ejdPqTFH/ON7nh17m18s95kiENvqhKHJQ=
Subject key identifier: 99:AD:EA:A1:55:A3:3A:AA:6C:76:85:88:BB:E2:C4:2B:95:D1:A8:87
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 0182CF008C9B3633D63206B7968A9BC2EED8
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ma3qoVWjOqpsdoWIu-LEK5XRqIc.roa
Signing time: Wed 24 Aug 2022 08:38:15 +0000
ROA not before: Wed 24 Aug 2022 08:38:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 91.225.15.0/24 maxlen: 24
146.66.209.0/24 maxlen: 24
146.66.208.0/24 maxlen: 24
178.157.124.0/24 maxlen: 24
178.157.126.0/24 maxlen: 24
188.119.166.0/24 maxlen: 24
188.119.165.0/24 maxlen: 24
188.74.190.0/24 maxlen: 24
37.35.39.0/24 maxlen: 24
188.74.209.0/24 maxlen: 24
188.74.208.0/24 maxlen: 24
178.157.94.0/24 maxlen: 24
188.74.152.0/24 maxlen: 24
188.74.181.0/24 maxlen: 24
37.35.37.0/24 maxlen: 24
37.35.36.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:cf:00:8c:9b:36:33:d6:32:06:b7:96:8a:9b:c2:ee:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Aug 24 08:38:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99adeaa155a33aaa6c768588bbe2c42b95d1a887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:52:f0:3d:eb:fa:70:6b:fe:1a:9e:1a:99:b3:
80:33:91:63:39:e1:4e:bd:06:5d:73:b7:f0:3f:02:
4d:4d:1f:92:fd:a5:c2:10:be:26:55:f1:00:35:40:
30:7b:b2:95:79:0d:02:6b:34:a9:f2:5f:8c:78:38:
34:73:c8:97:99:27:79:7f:9e:dc:75:d6:12:1e:68:
82:33:19:f4:c5:ff:9c:55:67:6b:7b:b5:39:1d:51:
fc:00:6f:52:41:84:5b:88:a2:07:c9:29:6c:8b:c7:
3c:07:7d:0e:2b:d1:ea:31:30:b7:08:72:ac:0a:55:
62:4d:ef:e3:95:48:0f:4e:47:1a:66:1d:ac:64:1b:
9d:c1:64:03:85:c4:0a:91:7c:91:d8:59:58:2f:00:
d2:e0:5c:98:97:78:d3:3c:8f:ec:42:d6:a8:d5:da:
3a:b5:47:9a:f7:01:41:fa:b6:1d:68:ed:9a:7a:11:
6c:8b:e7:48:3f:5f:62:f8:c7:ba:93:4e:5b:c1:4e:
e1:b9:5d:a0:c1:27:b8:9e:2e:5c:25:ff:59:cc:c1:
9c:cc:e1:b0:d7:a4:83:05:e0:f8:13:25:8b:d3:57:
4b:6c:69:95:fe:4b:f1:c7:12:8e:3c:ab:8a:95:2b:
41:bb:c5:88:5f:32:aa:b2:91:d2:4b:25:66:fc:4f:
92:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:AD:EA:A1:55:A3:3A:AA:6C:76:85:88:BB:E2:C4:2B:95:D1:A8:87
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ma3qoVWjOqpsdoWIu-LEK5XRqIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.36.0/23
37.35.39.0/24
91.225.15.0/24
146.66.208.0/23
178.157.94.0/24
178.157.124.0/24
178.157.126.0/24
188.74.152.0/24
188.74.181.0/24
188.74.190.0/24
188.74.208.0/23
188.119.165.0-188.119.166.255
Signature Algorithm: sha256WithRSAEncryption
6b:fa:84:4a:28:c5:5c:87:4e:44:4f:cc:c1:94:f8:67:06:f1:
0a:2c:38:d6:43:8d:cf:4b:d3:c5:de:cb:4f:7a:da:da:99:ed:
91:f1:0c:96:70:b9:bd:e0:90:ed:f8:17:24:97:85:78:93:b4:
e1:8e:f8:f2:cd:67:11:a9:5d:c5:ed:d3:41:f6:2f:a6:36:5e:
4e:42:be:5a:ff:b2:5a:54:8b:8d:d1:fd:4b:66:f2:0f:db:7b:
d9:57:07:4a:3f:0f:76:97:84:3c:a5:99:7f:1d:34:b1:71:59:
d0:25:00:7c:bf:42:0c:92:95:bf:a6:6e:32:64:fa:91:91:c3:
95:6c:51:c7:72:56:7f:55:14:6f:f7:1e:86:ec:aa:e4:c7:c8:
9b:3f:ca:93:6f:0b:11:9e:37:0f:5d:46:5a:36:6c:59:8b:80:
08:06:2f:98:cb:ab:28:fd:e2:a1:a9:85:90:79:61:28:22:83:
97:cd:d2:0e:7b:96:4d:13:30:3b:de:4c:00:8c:80:48:01:ad:
05:4c:8c:fa:4e:ea:d5:11:18:87:04:f5:bc:3a:5e:3c:2a:fb:
67:66:5e:22:93:8c:9f:c5:b4:74:58:de:d7:79:3a:77:d7:08:
7a:9c:73:f7:ea:95:92:02:26:55:d2:90:54:92:82:61:94:a1:
d0:ca:8a:96
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYLPAIybNjPWMga3loqbwu7YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjIwODI0MDgzODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWFkZWFhMTU1YTMzYWFhNmM3Njg1ODhiYmUyYzQyYjk1ZDFhODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFLwPev6cGv+Gp4ambOAM5FjOeFO
vQZdc7fwPwJNTR+S/aXCEL4mVfEANUAwe7KVeQ0CazSp8l+MeDg0c8iXmSd5f57c
ddYSHmiCMxn0xf+cVWdre7U5HVH8AG9SQYRbiKIHySlsi8c8B30OK9HqMTC3CHKs
ClViTe/jlUgPTkcaZh2sZBudwWQDhcQKkXyR2FlYLwDS4FyYl3jTPI/sQtao1do6
tUea9wFB+rYdaO2aehFsi+dIP19i+Me6k05bwU7huV2gwSe4ni5cJf9ZzMGczOGw
16SDBeD4EyWL01dLbGmV/kvxxxKOPKuKlStBu8WIXzKqspHSSyVm/E+S7QIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFJmt6qFVozqqbHaFiLvixCuV0aiHMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvbWEzcW9WV2pPcXBzZG9XSXUtTEVLNVhScUljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQBJSMkAwQA
JSMnAwQAW+EPAwQBkkLQAwQAsp1eAwQAsp18AwQAsp1+AwQAvEqYAwQAvEq1AwQA
vEq+AwQBvErQMAwDBAC8d6UDBAC8d6YwDQYJKoZIhvcNAQELBQADggEBAGv6hEoo
xVyHTkRPzMGU+GcG8QosONZDjc9L08Xey0962tqZ7ZHxDJZwub3gkO34FySXhXiT
tOGO+PLNZxGpXcXt00H2L6Y2Xk5Cvlr/slpUi43R/Utm8g/be9lXB0o/D3aXhDyl
mX8dNLFxWdAlAHy/QgySlb+mbjJk+pGRw5VsUcdyVn9VFG/3HobsquTHyJs/ypNv
CxGeNw9dRlo2bFmLgAgGL5jLqyj94qGphZB5YSgig5fN0g57lk0TMDveTACMgEgB
rQVMjPpO6tURGIcE9bw6Xjwq+2dmXiKTjJ/FtHRY3td5OnfXCHqcc/fqlZICJlXS
kFSSgmGUodDKipY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:50 2024 by rpki-client on console-ams.rpki-client.org