Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/xmQcIAImputoLsTcvy3DIQkhrT0.roa
File: xmQcIAImputoLsTcvy3DIQkhrT0.roa (raw, json)
Hash identifier: lLdFurPLAmvwvngNd4MnHroL1JfuAAIMM2ZIkiXEYTk=
Subject key identifier: C6:64:1C:20:02:26:A6:EB:68:2E:C4:DC:BF:2D:C3:21:09:21:AD:3D
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 01849B137C4D16CD58B22552750B82BB5A0B
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/xmQcIAImputoLsTcvy3DIQkhrT0.roa
Signing time: Mon 21 Nov 2022 16:44:16 +0000
ROA not before: Mon 21 Nov 2022 16:44:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199552
IP address blocks: 146.66.219.0/24 maxlen: 24
146.66.218.0/24 maxlen: 24
188.74.128.0/24 maxlen: 24
178.157.125.0/24 maxlen: 24
188.119.162.0/24 maxlen: 24
37.35.55.0/24 maxlen: 24
178.157.92.0/24 maxlen: 24
178.157.111.0/24 maxlen: 24
178.157.110.0/24 maxlen: 24
188.119.144.0/22 maxlen: 22
5.157.240.0/21 maxlen: 21
188.74.155.0/24 maxlen: 24
188.74.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9b:13:7c:4d:16:cd:58:b2:25:52:75:0b:82:bb:5a:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Nov 21 16:44:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6641c200226a6eb682ec4dcbf2dc3210921ad3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c6:5b:e2:4d:c5:40:49:1c:63:d0:c8:4e:d1:
76:79:50:2a:07:a7:83:cd:88:2c:dc:bc:23:02:07:
1b:ea:d7:49:be:d8:83:67:51:d8:5e:91:e7:92:37:
7d:94:46:de:4b:13:e0:be:ee:73:19:f1:f5:3a:b7:
fb:ab:33:c1:10:cb:28:85:63:6c:8e:af:f1:bd:7c:
3e:b5:57:dd:a8:93:15:bd:de:e5:96:66:03:03:d0:
2b:1c:0b:34:25:74:4e:8f:8c:4d:e9:e0:43:97:a7:
6c:c9:1c:e2:2c:6c:b9:18:df:57:95:29:7d:fa:e8:
9d:2b:fa:53:9f:ff:4c:e1:d1:0b:3b:ce:2d:47:6a:
94:17:9b:e2:7f:86:fa:92:c3:a9:86:7f:1d:fe:19:
85:e2:de:bd:b7:e4:7f:cb:20:f1:97:23:69:f1:52:
76:50:c9:b2:29:14:f1:ac:4d:ff:fe:50:29:2a:e9:
5e:79:6b:d3:46:6a:41:43:bf:c8:a5:be:5d:46:11:
45:d0:41:ac:b7:c8:a8:14:20:e4:c6:94:bd:e6:13:
ee:24:dd:58:29:55:83:4f:60:39:74:d6:a5:cd:62:
ba:1d:70:da:4e:34:cb:62:76:39:bb:61:e7:4a:8a:
24:2d:fe:c9:ce:f4:40:21:84:53:04:d9:dc:3a:8e:
6b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:64:1C:20:02:26:A6:EB:68:2E:C4:DC:BF:2D:C3:21:09:21:AD:3D
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/xmQcIAImputoLsTcvy3DIQkhrT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.240.0/21
37.35.55.0/24
146.66.218.0/23
178.157.92.0/24
178.157.110.0/23
178.157.125.0/24
188.74.128.0/24
188.74.155.0/24
188.74.171.0/24
188.119.144.0/22
188.119.162.0/24
Signature Algorithm: sha256WithRSAEncryption
57:c1:9a:b2:3f:a3:cc:25:d6:3a:42:f2:32:a4:c4:a5:5a:c7:
7c:15:ed:b8:c6:52:78:dd:54:20:d4:8f:eb:ba:d5:38:d6:46:
af:75:15:6c:33:34:9f:ab:cf:bd:95:ec:0e:c2:71:78:8b:b2:
33:30:4e:50:4e:e1:a9:f7:c8:f0:9b:8a:a9:e0:34:83:83:18:
71:66:77:c4:1a:d4:33:fb:98:e3:4e:87:9d:8e:b2:7e:3a:e3:
25:2a:45:94:bb:83:8b:64:a4:ea:2d:69:64:d6:4f:5c:44:bf:
17:21:bc:ed:65:13:bd:5d:8c:41:59:e0:63:e3:33:90:d5:2c:
bd:fa:22:b5:9d:0b:4c:7b:3b:bd:2b:aa:f7:90:84:ae:c0:34:
79:04:8d:59:ae:41:0a:84:9d:28:a5:d1:73:0d:06:a0:76:51:
6e:20:fe:2d:d4:bf:9f:c4:50:9f:1d:9e:e8:2e:f0:08:66:5f:
71:5f:9f:d2:25:e8:5b:2c:6a:fc:f8:06:5d:89:97:3e:fc:63:
25:aa:48:bd:2c:5a:92:98:b7:f4:75:3d:d0:54:74:43:d6:b4:
fa:0d:46:af:36:42:88:dd:5d:ef:bb:5a:b8:7b:71:af:99:d7:
aa:e0:1a:55:9d:12:77:94:12:d8:77:2a:fd:99:b6:99:15:91:
66:63:b2:3b
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYSbE3xNFs1YsiVSdQuCu1oLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjIxMTIxMTY0NDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjY0MWMyMDAyMjZhNmViNjgyZWM0ZGNiZjJkYzMyMTA5MjFhZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8Zb4k3FQEkcY9DITtF2eVAqB6eD
zYgs3LwjAgcb6tdJvtiDZ1HYXpHnkjd9lEbeSxPgvu5zGfH1Orf7qzPBEMsohWNs
jq/xvXw+tVfdqJMVvd7llmYDA9ArHAs0JXROj4xN6eBDl6dsyRziLGy5GN9XlSl9
+uidK/pTn/9M4dELO84tR2qUF5vif4b6ksOphn8d/hmF4t69t+R/yyDxlyNp8VJ2
UMmyKRTxrE3//lApKuleeWvTRmpBQ7/Ipb5dRhFF0EGst8ioFCDkxpS95hPuJN1Y
KVWDT2A5dNalzWK6HXDaTjTLYnY5u2HnSookLf7JzvRAIYRTBNncOo5r2wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFMZkHCACJqbraC7E3L8twyEJIa09MB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEveG1RY0lBSW1wdXRvTHNUY3Z5M0RJUWtoclQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQDBZ3wAwQA
JSM3AwQBkkLaAwQAsp1cAwQBsp1uAwQAsp19AwQAvEqAAwQAvEqbAwQAvEqrAwQC
vHeQAwQAvHeiMA0GCSqGSIb3DQEBCwUAA4IBAQBXwZqyP6PMJdY6QvIypMSlWsd8
Fe24xlJ43VQg1I/rutU41kavdRVsMzSfq8+9lewOwnF4i7IzME5QTuGp98jwm4qp
4DSDgxhxZnfEGtQz+5jjToedjrJ+OuMlKkWUu4OLZKTqLWlk1k9cRL8XIbztZRO9
XYxBWeBj4zOQ1Sy9+iK1nQtMezu9K6r3kISuwDR5BI1ZrkEKhJ0opdFzDQagdlFu
IP4t1L+fxFCfHZ7oLvAIZl9xX5/SJehbLGr8+AZdiZc+/GMlqki9LFqSmLf0dT3Q
VHRD1rT6DUavNkKI3V3vu1q4e3Gvmdeq4BpVnRJ3lBLYdyr9mbaZFZFmY7I7
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:14 2023 by rpki-client on console-ams.rpki-client.org