Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/01qpQmIPOcFh2Y8Trf41GAbDiR8.roa
File: 01qpQmIPOcFh2Y8Trf41GAbDiR8.roa (raw, json)
Hash identifier: 5w/H2ARQKZhoQ3+Cimj2LMdrzusvb7chhcKxlAZYN+w=
Subject key identifier: D3:5A:A9:42:62:0F:39:C1:61:D9:8F:13:AD:FE:35:18:06:C3:89:1F
Certificate issuer: /CN=3be2f0164b66a76795860b4ea3586fad563bac47
Certificate serial: 0184AE50F20EDB4CF04A68971638DED8D67C
Authority key identifier: 3B:E2:F0:16:4B:66:A7:67:95:86:0B:4E:A3:58:6F:AD:56:3B:AC:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/01qpQmIPOcFh2Y8Trf41GAbDiR8.roa
Signing time: Fri 25 Nov 2022 10:24:11 +0000
ROA not before: Fri 25 Nov 2022 10:24:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206264
IP address blocks: 5.183.209.0/24 maxlen: 24
185.191.125.0/24 maxlen: 24
185.191.124.0/24 maxlen: 24
89.249.49.0/24 maxlen: 24
185.191.126.0/24 maxlen: 24
93.123.72.0/24 maxlen: 24
94.156.33.0/24 maxlen: 24
185.191.127.0/24 maxlen: 24
45.139.122.0/24 maxlen: 24
2a0d:1000::/30 maxlen: 30
2a0d:1000::/29 maxlen: 29
2a0d:1004::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ae:50:f2:0e:db:4c:f0:4a:68:97:16:38:de:d8:d6:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3be2f0164b66a76795860b4ea3586fad563bac47
Validity
Not Before: Nov 25 10:24:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d35aa942620f39c161d98f13adfe351806c3891f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c4:19:54:d0:4e:27:eb:df:ca:e9:d1:5e:01:
f8:31:4c:4e:1e:4e:38:cf:14:8b:7f:95:50:fe:41:
a2:9f:8b:61:3a:2a:6c:d4:b7:6e:1f:5b:b1:42:5a:
55:b5:b9:8c:e8:d8:68:ec:8f:d7:b4:26:53:06:5c:
7f:a9:10:54:e1:f7:d3:b0:4f:12:38:ba:15:c5:ec:
af:30:87:b2:66:5e:61:c4:78:74:13:02:56:0d:4d:
14:e4:c6:b8:8f:fb:bd:40:e3:14:4a:ef:bc:c6:6e:
34:0b:8d:12:4d:74:79:d9:cf:c7:86:c1:d6:97:90:
a4:da:57:f1:33:d3:64:62:fc:c5:62:9e:35:af:94:
47:ea:61:b2:a9:30:35:8c:d5:3b:34:55:a0:58:20:
47:5e:e6:7f:44:d5:83:ac:71:01:35:b4:56:7c:b1:
aa:18:d7:ea:9b:ec:80:b8:f1:f5:8d:01:91:09:77:
c5:a1:67:f9:72:6a:b9:74:f5:10:a1:bc:a7:c1:8b:
e3:69:3d:9f:33:dd:ce:44:1e:a7:25:55:2c:6f:0f:
df:8f:60:de:ca:9f:e7:46:f0:1a:74:f5:a4:58:75:
dc:f6:2a:85:21:3e:58:e1:0d:92:02:59:4b:78:7a:
07:0f:d5:0a:63:84:04:7e:ea:39:05:f3:08:9b:45:
29:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:5A:A9:42:62:0F:39:C1:61:D9:8F:13:AD:FE:35:18:06:C3:89:1F
X509v3 Authority Key Identifier:
keyid:3B:E2:F0:16:4B:66:A7:67:95:86:0B:4E:A3:58:6F:AD:56:3B:AC:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/01qpQmIPOcFh2Y8Trf41GAbDiR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/O-LwFktmp2eVhgtOo1hvrVY7rEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.209.0/24
45.139.122.0/24
89.249.49.0/24
93.123.72.0/24
94.156.33.0/24
185.191.124.0/22
IPv6:
2a0d:1000::/29
Signature Algorithm: sha256WithRSAEncryption
6e:7d:9d:3c:f7:d6:eb:16:91:a1:91:55:95:32:2a:0b:03:ff:
a4:c6:bb:46:cf:9c:fa:e6:74:a8:23:2c:64:c1:e5:9f:2a:00:
cb:fd:4c:01:a2:dd:d9:55:95:47:ea:8c:cd:93:00:2d:5e:aa:
08:4a:c3:d4:0e:2f:e1:a3:43:8d:8d:c3:e8:fc:d0:28:63:13:
e2:78:16:ae:c2:70:05:74:99:63:af:9d:d6:03:29:d1:f7:81:
9f:e3:db:f4:ff:76:90:67:d7:dd:df:41:bf:a3:1b:e2:2a:7b:
fb:d6:5e:64:6b:8b:a0:3e:4c:ec:80:24:ea:69:b3:ef:7d:ad:
5a:8f:65:64:67:1e:e3:14:8d:67:19:64:d6:cc:8e:76:08:23:
c4:b3:12:2e:74:05:31:55:14:cd:d4:e9:0d:9f:7e:29:ed:a5:
e4:25:34:f0:38:67:b3:4e:4a:87:86:92:6e:34:8e:2b:1a:05:
3e:1e:7b:d4:bb:7d:3d:32:97:04:c2:da:3d:48:21:e5:47:50:
11:ff:dd:42:65:52:1e:eb:a8:97:24:69:51:9c:2e:6e:50:49:
35:51:fa:22:7d:6c:a5:90:77:05:d1:ce:4e:95:b1:90:2d:9b:
cf:05:d0:18:cb:94:d5:2d:65:e9:31:81:04:d3:40:48:57:d4:
87:13:70:96
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYSuUPIO20zwSmiXFjje2NZ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZTJmMDE2NGI2NmE3Njc5NTg2MGI0ZWEzNTg2ZmFkNTYz
YmFjNDcwHhcNMjIxMTI1MTAyNDExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzVhYTk0MjYyMGYzOWMxNjFkOThmMTNhZGZlMzUxODA2YzM4OTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8QZVNBOJ+vfyunRXgH4MUxOHk44
zxSLf5VQ/kGin4thOips1LduH1uxQlpVtbmM6Nho7I/XtCZTBlx/qRBU4ffTsE8S
OLoVxeyvMIeyZl5hxHh0EwJWDU0U5Ma4j/u9QOMUSu+8xm40C40STXR52c/HhsHW
l5Ck2lfxM9NkYvzFYp41r5RH6mGyqTA1jNU7NFWgWCBHXuZ/RNWDrHEBNbRWfLGq
GNfqm+yAuPH1jQGRCXfFoWf5cmq5dPUQobynwYvjaT2fM93ORB6nJVUsbw/fj2De
yp/nRvAadPWkWHXc9iqFIT5Y4Q2SAllLeHoHD9UKY4QEfuo5BfMIm0Up8QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFNNaqUJiDznBYdmPE63+NRgGw4kfMB8GA1UdIwQY
MBaAFDvi8BZLZqdnlYYLTqNYb61WO6xHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTy1Md0ZrdG1wMmVWaGd0T28xaHZyVlk3ckVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9jNzJiNjctNzZlYy00YWZhLWIzNzYt
ZjlhZDM4MDUxMjIwLzEvMDFxcFFtSVBPY0ZoMlk4VHJmNDFHQWJEaVI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9jNzJiNjctNzZlYy00YWZhLWIzNzYtZjlhZDM4MDUxMjIw
LzEvTy1Md0ZrdG1wMmVWaGd0T28xaHZyVlk3ckVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQABbfRAwQA
LYt6AwQAWfkxAwQAXXtIAwQAXpwhAwQCub98MA0EAgACMAcDBQMqDRAAMA0GCSqG
SIb3DQEBCwUAA4IBAQBufZ0899brFpGhkVWVMioLA/+kxrtGz5z65nSoIyxkweWf
KgDL/UwBot3ZVZVH6ozNkwAtXqoISsPUDi/ho0ONjcPo/NAoYxPieBauwnAFdJlj
r53WAynR94Gf49v0/3aQZ9fd30G/oxviKnv71l5ka4ugPkzsgCTqabPvfa1aj2Vk
Zx7jFI1nGWTWzI52CCPEsxIudAUxVRTN1OkNn34p7aXkJTTwOGezTkqHhpJuNI4r
GgU+HnvUu309MpcEwto9SCHlR1AR/91CZVIe66iXJGlRnC5uUEk1UfoifWylkHcF
0c5OlbGQLZvPBdAYy5TVLWXpMYEE00BIV9SHE3CW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:17 2024 by rpki-client on console-fra.rpki-client.org