Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/5QD2Y7jt8BJFRqC32JvM_ga3hK4.roa
File: 5QD2Y7jt8BJFRqC32JvM_ga3hK4.roa (raw, json)
Hash identifier: iA0urLjV4U7RzmIdB824LzoFgXm8WX9fsEoKhLE44fM=
Subject key identifier: E5:00:F6:63:B8:ED:F0:12:45:46:A0:B7:D8:9B:CC:FE:06:B7:84:AE
Certificate issuer: /CN=0bac82804700ad36538bf86f34c073e971430da5
Certificate serial: 19ACC46C
Authority key identifier: 0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/5QD2Y7jt8BJFRqC32JvM_ga3hK4.roa
Signing time: Wed 22 Jun 2022 09:03:44 +0000
ROA not before: Wed 22 Jun 2022 09:03:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8674
IP address blocks: 213.32.232.0/21 maxlen: 21
194.58.192.0/22 maxlen: 22
194.58.192.0/24 maxlen: 24
194.58.195.0/24 maxlen: 24
194.58.196.0/24 maxlen: 24
194.58.197.0/24 maxlen: 24
194.58.198.0/24 maxlen: 24
194.58.193.0/24 maxlen: 24
194.58.194.0/24 maxlen: 24
194.58.194.0/23 maxlen: 23
194.58.199.0/24 maxlen: 24
194.146.105.0/24 maxlen: 24
194.146.106.0/24 maxlen: 24
194.146.106.0/23 maxlen: 24
194.146.107.0/24 maxlen: 24
212.237.194.0/24 maxlen: 24
212.237.195.0/24 maxlen: 24
185.42.136.0/23 maxlen: 23
77.72.224.0/21 maxlen: 21
2001:67c:1011::/48 maxlen: 48
2001:67c:1010::/48 maxlen: 48
2001:67c:1010::/47 maxlen: 47
2a01:3f1:8000::/38 maxlen: 38
2a01:3f1::/32 maxlen: 32
2a01:3f1:5000::/38 maxlen: 38
2a01:3f1:a000::/38 maxlen: 38
2a01:3f1:400::/38 maxlen: 38
2a01:3f1:f000::/36 maxlen: 48
2a01:3f1:c000::/38 maxlen: 38
2a01:3f1::/38 maxlen: 38
2a01:3f1:3000::/38 maxlen: 38
2a01:3f1:800::/38 maxlen: 38
2a01:3f0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 430752876 (0x19acc46c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bac82804700ad36538bf86f34c073e971430da5
Validity
Not Before: Jun 22 09:03:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e500f663b8edf0124546a0b7d89bccfe06b784ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:73:6a:09:45:23:43:cd:3a:e9:ee:c1:5b:90:
84:a0:90:2e:4a:6b:c7:66:b1:19:ee:37:55:db:a4:
8a:14:9b:06:85:c5:2e:40:a9:b5:d0:5d:0d:d3:46:
98:68:1a:6a:78:fb:3d:c5:5f:83:3c:c5:2c:ab:c4:
d3:6a:23:c6:66:4a:39:37:85:7f:ab:9a:3e:ae:89:
c2:fa:f2:55:0d:57:50:46:5b:02:7a:72:2a:4f:0f:
a8:97:00:74:44:b2:32:c1:85:a9:81:a5:36:34:1b:
55:e4:8f:e7:91:40:19:b0:27:78:77:83:33:f0:78:
39:4f:26:b8:52:0d:d6:af:5e:b5:6a:f1:8c:ac:d6:
8e:4e:21:df:cf:dd:20:85:bd:56:6e:55:64:fa:3e:
5c:fe:b0:7c:cc:7c:c7:ff:25:07:96:ff:23:38:95:
0a:e4:f8:fb:0b:23:5d:53:a4:e7:f1:a8:c8:c9:d2:
26:c8:a9:10:b9:3e:47:91:ad:0a:d0:65:85:e3:bc:
3a:ee:a5:94:61:2f:60:df:bf:1a:8a:67:95:71:8d:
73:2d:e4:f6:ec:c5:7f:9e:5d:ed:9a:3d:c1:f3:f3:
55:67:94:46:48:9e:c6:0c:b2:10:fd:1d:30:6e:d8:
eb:2a:49:7a:f2:9b:f8:fc:1e:03:96:7b:fe:5e:23:
54:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:00:F6:63:B8:ED:F0:12:45:46:A0:B7:D8:9B:CC:FE:06:B7:84:AE
X509v3 Authority Key Identifier:
keyid:0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/5QD2Y7jt8BJFRqC32JvM_ga3hK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.224.0/21
185.42.136.0/23
194.58.192.0/21
194.146.105.0-194.146.107.255
212.237.194.0/23
213.32.232.0/21
IPv6:
2001:67c:1010::/47
2a01:3f0::/31
Signature Algorithm: sha256WithRSAEncryption
9e:9d:cc:69:4b:ef:39:94:b4:60:90:5f:6c:a9:f1:9e:77:0b:
3d:1d:da:19:aa:fb:1d:a7:df:31:f2:62:2e:ba:91:15:26:f9:
00:4e:86:ec:a0:9e:70:0f:95:f9:ec:bb:07:b6:de:3a:31:4a:
8b:bb:c9:9e:c8:0b:0e:60:af:49:13:4b:1f:0d:fa:f2:69:30:
cb:33:ae:ec:69:cd:1a:4f:d7:39:e7:d7:49:92:d1:e1:d9:6e:
a0:ae:7f:0c:3a:9e:e2:bd:00:d7:8f:0b:f4:2c:92:b0:6c:28:
b1:23:8d:43:73:97:6f:32:d7:06:65:15:20:4e:b2:05:91:2c:
67:87:09:ae:69:9d:ed:b9:41:ff:61:92:5e:02:69:45:1a:fb:
15:e3:9d:fb:7e:ec:e5:8d:88:d4:11:e0:e1:46:46:36:49:f9:
95:26:3d:fe:e7:de:31:eb:b6:c0:04:34:17:61:07:d2:75:19:
71:c2:22:96:a3:d3:b6:0b:45:ce:f1:a6:44:f3:61:35:03:74:
88:9d:74:17:a8:51:f7:d9:1d:51:d6:87:6e:8a:c1:e4:db:5c:
35:c3:0a:be:b6:b3:ca:ad:f5:5e:d2:66:8f:e1:32:bd:9d:0b:
ea:a1:48:ac:39:32:ff:e2:fa:c8:04:fb:76:d1:60:f6:7f:c3:
c9:99:5f:ec
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIEGazEbDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YmFjODI4MDQ3MDBhZDM2NTM4YmY4NmYzNGMwNzNlOTcxNDMwZGE1MB4XDTIyMDYy
MjA5MDM0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTUwMGY2NjNiOGVk
ZjAxMjQ1NDZhMGI3ZDg5YmNjZmUwNmI3ODRhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKJzaglFI0PNOunuwVuQhKCQLkprx2axGe43VdukihSbBoXF
LkCptdBdDdNGmGgaanj7PcVfgzzFLKvE02ojxmZKOTeFf6uaPq6JwvryVQ1XUEZb
AnpyKk8PqJcAdESyMsGFqYGlNjQbVeSP55FAGbAneHeDM/B4OU8muFIN1q9etWrx
jKzWjk4h38/dIIW9Vm5VZPo+XP6wfMx8x/8lB5b/IziVCuT4+wsjXVOk5/GoyMnS
JsipELk+R5GtCtBlheO8Ou6llGEvYN+/GopnlXGNcy3k9uzFf55d7Zo9wfPzVWeU
RkiexgyyEP0dMG7Y6ypJevKb+PweA5Z7/l4jVPMCAwEAAaOCAkcwggJDMB0GA1Ud
DgQWBBTlAPZjuO3wEkVGoLfYm8z+BreErjAfBgNVHSMEGDAWgBQLrIKARwCtNlOL
+G80wHPpcUMNpTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0M2eUNnRWNBclRaVGlfaHZOTUJ6NlhGRERhVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWEvYTcyODkxLWRlMmYtNDE1Ni1hMDExLTQzZjY0YmNlYTk5ZC8x
LzVRRDJZN2p0OEJKRlJxQzMySnZNX2dhM2hLNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEv
YTcyODkxLWRlMmYtNDE1Ni1hMDExLTQzZjY0YmNlYTk5ZC8xL0M2eUNnRWNBclRa
VGlfaHZOTUJ6NlhGRERhVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBd
BggrBgEFBQcBBwEB/wROMEwwMgQCAAEwLAMEA01I4AMEAbkqiAMEA8I6wDAMAwQA
wpJpAwQCwpJoAwQB1O3CAwQD1SDoMBYEAgACMBADBwEgAQZ8EBADBQEqAQPwMA0G
CSqGSIb3DQEBCwUAA4IBAQCencxpS+85lLRgkF9sqfGedws9HdoZqvsdp98x8mIu
upEVJvkATobsoJ5wD5X57LsHtt46MUqLu8meyAsOYK9JE0sfDfryaTDLM67sac0a
T9c559dJktHh2W6grn8MOp7ivQDXjwv0LJKwbCixI41Dc5dvMtcGZRUgTrIFkSxn
hwmuaZ3tuUH/YZJeAmlFGvsV4537fuzljYjUEeDhRkY2SfmVJj3+594x67bABDQX
YQfSdRlxwiKWo9O2C0XO8aZE82E1A3SInXQXqFH32R1R1oduisHk21w1wwq+trPK
rfVe0maP4TK9nQvqoUisOTL/4vrIBPt20WD2f8PJmV/s
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:54 2023 by rpki-client on console-fra.rpki-client.org