Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/a11417-6abc-4c0d-8afa-1a29a448d309/1/2aKZsmxFgjs4SiYyx9kq898vwTo.roa
File: 2aKZsmxFgjs4SiYyx9kq898vwTo.roa (raw, json)
Hash identifier: 7CH5xnjJCt9WZapZaAEDPIV+r1k45PJWYUefSQRj73k=
Subject key identifier: D9:A2:99:B2:6C:45:82:3B:38:4A:26:32:C7:D9:2A:F3:DF:2F:C1:3A
Certificate issuer: /CN=d0ee0389687dbd445de6f9239c1d02c3770cf574
Certificate serial: 0183C664781BE0B4E282C2D84E97919A7362
Authority key identifier: D0:EE:03:89:68:7D:BD:44:5D:E6:F9:23:9C:1D:02:C3:77:0C:F5:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0O4DiWh9vURd5vkjnB0Cw3cM9XQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/a11417-6abc-4c0d-8afa-1a29a448d309/1/2aKZsmxFgjs4SiYyx9kq898vwTo.roa
Signing time: Tue 11 Oct 2022 09:33:36 +0000
ROA not before: Tue 11 Oct 2022 09:33:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25540
IP address blocks: 95.140.0.0/20 maxlen: 20
178.251.80.0/21 maxlen: 21
79.141.0.0/20 maxlen: 24
141.101.48.0/21 maxlen: 21
185.14.120.0/22 maxlen: 22
217.15.80.0/20 maxlen: 20
37.122.200.0/21 maxlen: 21
185.4.20.0/22 maxlen: 23
171.33.152.0/21 maxlen: 21
95.170.8.0/22 maxlen: 22
83.167.128.0/19 maxlen: 24
46.254.224.0/21 maxlen: 21
2a01:6380::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c6:64:78:1b:e0:b4:e2:82:c2:d8:4e:97:91:9a:73:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0ee0389687dbd445de6f9239c1d02c3770cf574
Validity
Not Before: Oct 11 09:33:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9a299b26c45823b384a2632c7d92af3df2fc13a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:33:6a:0a:28:da:b5:1b:2d:51:d4:dd:d5:ba:
b3:13:cb:b7:e8:c7:47:59:af:44:06:91:81:49:29:
bf:0c:71:1f:cf:e2:16:ed:d1:e5:0e:1e:32:63:b6:
ae:96:ec:48:ab:59:c0:9a:4f:fd:70:95:1e:48:9f:
5f:39:82:de:45:99:83:3b:b6:c4:1b:3e:e4:42:ec:
38:da:3d:13:64:f6:8e:16:26:f5:38:5d:30:29:1d:
e9:ee:1a:fe:cf:f8:4c:64:7d:68:ed:63:48:8e:61:
8a:40:76:4a:43:9c:14:50:a5:47:5a:55:cc:3d:f3:
56:f0:58:78:61:53:62:40:4c:6c:40:29:2f:1d:5f:
60:8c:71:00:a0:83:cf:83:f5:4a:78:51:f3:79:32:
fa:5f:2e:4d:8d:96:38:13:bf:74:ea:9e:6f:9d:79:
d4:88:8a:ab:25:38:98:ad:4d:5d:dd:12:67:00:82:
e9:b4:28:67:89:e1:8e:13:d0:78:99:1e:af:03:c2:
05:e9:21:75:01:39:b0:a8:e4:24:46:d7:34:9e:a2:
b3:77:16:b2:c8:f2:fd:ac:aa:ed:d9:c5:86:02:6b:
85:8c:2e:7c:50:f1:f1:e4:d9:ec:8e:06:bb:62:63:
7e:fc:69:b3:3d:c9:de:33:ea:91:d6:82:9a:52:2f:
57:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A2:99:B2:6C:45:82:3B:38:4A:26:32:C7:D9:2A:F3:DF:2F:C1:3A
X509v3 Authority Key Identifier:
keyid:D0:EE:03:89:68:7D:BD:44:5D:E6:F9:23:9C:1D:02:C3:77:0C:F5:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0O4DiWh9vURd5vkjnB0Cw3cM9XQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a11417-6abc-4c0d-8afa-1a29a448d309/1/2aKZsmxFgjs4SiYyx9kq898vwTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a11417-6abc-4c0d-8afa-1a29a448d309/1/0O4DiWh9vURd5vkjnB0Cw3cM9XQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.200.0/21
46.254.224.0/21
79.141.0.0/20
83.167.128.0/19
95.140.0.0/20
95.170.8.0/22
141.101.48.0/21
171.33.152.0/21
178.251.80.0/21
185.4.20.0/22
185.14.120.0/22
217.15.80.0/20
IPv6:
2a01:6380::/32
Signature Algorithm: sha256WithRSAEncryption
0c:e2:09:9f:d7:6f:95:61:75:9d:e0:c7:2a:30:fe:97:2a:8f:
78:1d:df:fe:c6:98:f8:57:22:e9:4e:6f:08:81:73:ba:01:2f:
6a:7f:8e:01:16:93:a5:c2:9e:1e:06:39:bf:ae:e1:e9:4c:ae:
d9:25:b0:cf:f5:db:20:9e:99:71:9c:07:e7:8a:a6:de:f7:f8:
ca:d4:e6:31:a4:2c:06:f5:d2:4e:c6:7c:6a:4a:0e:4a:5c:58:
f8:f7:aa:43:f4:8f:48:c9:86:b6:cd:86:74:62:3d:3b:24:88:
cb:56:cc:f8:ec:fe:6c:f6:e6:ba:45:00:48:fa:8f:24:5d:25:
76:62:c2:2c:7a:d1:60:b6:b9:8d:e5:2f:90:23:c9:f2:6f:e5:
cb:44:de:6b:29:5c:04:73:cb:1a:38:ce:e8:15:ad:26:e0:27:
36:af:35:96:cb:6b:da:dd:a6:c6:af:32:cc:71:7b:7a:db:78:
39:3c:cb:98:ef:5d:fe:2e:a9:83:39:22:fc:8f:db:4c:1a:29:
49:4b:c1:c8:4d:ad:b3:92:d1:43:53:28:ad:e2:e9:b5:69:ec:
50:9a:6c:e3:12:91:9b:1c:be:cf:9c:91:8e:1b:ea:a5:3e:02:
9c:5d:0e:b2:ef:1b:9f:9d:68:89:0a:f8:c4:a3:bd:a2:7d:10:
3f:12:38:3f
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYPGZHgb4LTigsLYTpeRmnNiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZWUwMzg5Njg3ZGJkNDQ1ZGU2ZjkyMzljMWQwMmMzNzcw
Y2Y1NzQwHhcNMjIxMDExMDkzMzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWEyOTliMjZjNDU4MjNiMzg0YTI2MzJjN2Q5MmFmM2RmMmZjMTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTNqCijatRstUdTd1bqzE8u36MdH
Wa9EBpGBSSm/DHEfz+IW7dHlDh4yY7auluxIq1nAmk/9cJUeSJ9fOYLeRZmDO7bE
Gz7kQuw42j0TZPaOFib1OF0wKR3p7hr+z/hMZH1o7WNIjmGKQHZKQ5wUUKVHWlXM
PfNW8Fh4YVNiQExsQCkvHV9gjHEAoIPPg/VKeFHzeTL6Xy5NjZY4E7906p5vnXnU
iIqrJTiYrU1d3RJnAILptChnieGOE9B4mR6vA8IF6SF1ATmwqOQkRtc0nqKzdxay
yPL9rKrt2cWGAmuFjC58UPHx5Nnsjga7YmN+/GmzPcneM+qR1oKaUi9XtwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFNmimbJsRYI7OEomMsfZKvPfL8E6MB8GA1UdIwQY
MBaAFNDuA4lofb1EXeb5I5wdAsN3DPV0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME80RGlXaDl2VVJkNXZram5CMEN3M2NNOVhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9hMTE0MTctNmFiYy00YzBkLThhZmEt
MWEyOWE0NDhkMzA5LzEvMmFLWnNteEZnanM0U2lZeXg5a3E4OTh2d1RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9hMTE0MTctNmFiYy00YzBkLThhZmEtMWEyOWE0NDhkMzA5
LzEvME80RGlXaDl2VVJkNXZram5CMEN3M2NNOVhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDJXrIAwQD
Lv7gAwQET40AAwQFU6eAAwQEX4wAAwQCX6oIAwQDjWUwAwQDqyGYAwQDsvtQAwQC
uQQUAwQCuQ54AwQE2Q9QMA0EAgACMAcDBQAqAWOAMA0GCSqGSIb3DQEBCwUAA4IB
AQAM4gmf12+VYXWd4McqMP6XKo94Hd/+xpj4VyLpTm8IgXO6AS9qf44BFpOlwp4e
Bjm/ruHpTK7ZJbDP9dsgnplxnAfniqbe9/jK1OYxpCwG9dJOxnxqSg5KXFj496pD
9I9IyYa2zYZ0Yj07JIjLVsz47P5s9ua6RQBI+o8kXSV2YsIsetFgtrmN5S+QI8ny
b+XLRN5rKVwEc8saOM7oFa0m4Cc2rzWWy2va3abGrzLMcXt623g5PMuY713+LqmD
OSL8j9tMGilJS8HITa2zktFDUyit4um1aexQmmzjEpGbHL7PnJGOG+qlPgKcXQ6y
7xufnWiJCvjEo72ifRA/Ejg/
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:26 2023 by rpki-client on console-ams.rpki-client.org