Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/d-rPTa9mfY5CfNhUpMcVXy_pVDw.roa
File: d-rPTa9mfY5CfNhUpMcVXy_pVDw.roa (raw, json)
Hash identifier: CX5HoC9U7s4AC/On1gBsezshg3AyEj/zsy37MJuZelE=
Subject key identifier: 77:EA:CF:4D:AF:66:7D:8E:42:7C:D8:54:A4:C7:15:5F:2F:E9:54:3C
Certificate issuer: /CN=942f565ed16d8c337a8c8ab3cdc572ef1150f5a9
Certificate serial: 0BBA28AF
Authority key identifier: 94:2F:56:5E:D1:6D:8C:33:7A:8C:8A:B3:CD:C5:72:EF:11:50:F5:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/d-rPTa9mfY5CfNhUpMcVXy_pVDw.roa
Signing time: Sat 01 Jan 2022 05:52:18 +0000
ROA not before: Sat 01 Jan 2022 05:52:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47332
IP address blocks: 93.191.44.0/24 maxlen: 24
93.191.41.0/24 maxlen: 24
93.191.42.0/24 maxlen: 24
93.191.43.0/24 maxlen: 24
93.191.40.0/24 maxlen: 24
93.191.45.0/24 maxlen: 24
93.191.46.0/24 maxlen: 24
93.191.47.0/24 maxlen: 24
185.153.244.0/24 maxlen: 24
37.148.240.0/24 maxlen: 24
37.148.241.0/24 maxlen: 24
37.148.247.0/24 maxlen: 24
195.13.34.0/24 maxlen: 24
195.13.32.0/24 maxlen: 24
195.13.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 196749487 (0xbba28af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=942f565ed16d8c337a8c8ab3cdc572ef1150f5a9
Validity
Not Before: Jan 1 05:52:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=77eacf4daf667d8e427cd854a4c7155f2fe9543c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:0c:ce:d9:7e:ac:ec:8b:2e:dc:f2:47:72:d2:
81:3f:30:29:66:17:23:f7:a1:a6:bf:1e:ab:67:60:
c0:1f:09:52:79:6d:b9:01:e0:69:a6:50:90:52:32:
a2:ac:6a:85:4f:6d:97:01:d9:4b:bb:d6:70:4d:75:
bb:76:9b:93:27:14:03:2a:6e:39:4e:26:ac:f4:6e:
4c:48:2c:1d:07:99:43:b9:5f:5d:48:61:d3:60:18:
66:c2:1a:cb:88:5e:37:ca:2a:f2:73:09:fd:04:a3:
f7:6c:7a:fe:3e:99:2d:04:45:81:bb:aa:0c:01:88:
dc:00:3e:22:18:bf:96:23:58:22:7c:9f:fc:f0:f2:
86:f6:68:8e:e3:44:25:75:93:35:8d:33:cd:98:9d:
6e:f0:fc:b4:67:bb:93:6d:ba:79:42:e9:de:43:f7:
95:b1:94:9e:38:92:09:2f:17:e8:b7:5a:55:4d:6b:
97:da:ec:8c:af:7d:ac:28:fe:31:8b:6b:45:d7:ac:
a7:ec:ac:00:06:c9:8f:6c:3b:f7:55:30:ba:e7:f4:
30:11:1c:b9:b0:4d:ac:27:91:ca:cc:d3:50:7e:bd:
ee:53:42:44:93:98:35:53:70:50:5e:66:8b:11:74:
7c:59:ac:53:f8:7f:30:b2:6c:bb:d4:0f:4b:9e:aa:
1a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:EA:CF:4D:AF:66:7D:8E:42:7C:D8:54:A4:C7:15:5F:2F:E9:54:3C
X509v3 Authority Key Identifier:
keyid:94:2F:56:5E:D1:6D:8C:33:7A:8C:8A:B3:CD:C5:72:EF:11:50:F5:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/d-rPTa9mfY5CfNhUpMcVXy_pVDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.240.0/23
37.148.247.0/24
93.191.40.0/21
185.153.244.0/24
195.13.32.0-195.13.34.255
Signature Algorithm: sha256WithRSAEncryption
0d:89:27:78:3f:9b:0d:a1:63:0a:ce:4a:34:c3:32:d4:3b:1f:
9a:23:36:96:b0:28:b5:5b:db:83:01:d1:8f:7f:16:3c:9d:65:
72:74:86:ab:89:8e:90:8d:40:7d:ce:a5:50:e1:2c:30:3a:92:
38:c2:fb:4b:ac:ad:9b:e6:a1:63:d5:a9:59:10:21:96:d0:30:
46:86:1b:0a:c6:f0:e6:2e:2b:81:49:e0:66:8d:15:d3:7c:51:
fb:69:03:14:5a:8a:14:7f:e7:16:a4:e9:db:58:fb:d0:cd:36:
ce:e9:20:27:b1:bf:b0:a6:25:fd:cb:61:fc:e0:f9:2a:f6:b0:
d0:40:c2:74:c7:7a:e6:43:e1:10:66:8f:c2:ec:5b:e8:32:81:
be:ca:ca:cd:f3:ca:0b:01:57:6f:56:fa:17:68:f7:e4:36:1a:
20:8f:d0:5f:08:3b:89:a4:91:ee:f8:8a:5a:00:4e:f9:6e:91:
35:01:3f:01:c1:30:a6:e5:3d:ac:53:24:ad:2f:df:66:b2:2f:
58:b8:28:cf:b8:79:05:7c:6a:93:d9:f6:12:ea:90:6d:7c:86:
a0:b1:10:ec:61:79:e4:d7:62:1b:5e:2c:2c:2e:37:8e:e7:a7:
6f:38:59:0a:c1:99:28:9a:0f:fd:1b:b0:42:42:66:d8:aa:40:
0d:34:e7:b4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEC7oorzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDJmNTY1ZWQxNmQ4YzMzN2E4YzhhYjNjZGM1NzJlZjExNTBmNWE5MB4XDTIyMDEw
MTA1NTIxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzdlYWNmNGRhZjY2
N2Q4ZTQyN2NkODU0YTRjNzE1NWYyZmU5NTQzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOMMztl+rOyLLtzyR3LSgT8wKWYXI/ehpr8eq2dgwB8JUnlt
uQHgaaZQkFIyoqxqhU9tlwHZS7vWcE11u3abkycUAypuOU4mrPRuTEgsHQeZQ7lf
XUhh02AYZsIay4heN8oq8nMJ/QSj92x6/j6ZLQRFgbuqDAGI3AA+Ihi/liNYInyf
/PDyhvZojuNEJXWTNY0zzZidbvD8tGe7k226eULp3kP3lbGUnjiSCS8X6LdaVU1r
l9rsjK99rCj+MYtrRdesp+ysAAbJj2w791Uwuuf0MBEcubBNrCeRyszTUH697lNC
RJOYNVNwUF5mixF0fFmsU/h/MLJsu9QPS56qGi0CAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBR36s9Nr2Z9jkJ82FSkxxVfL+lUPDAfBgNVHSMEGDAWgBSUL1Ze0W2MM3qM
irPNxXLvEVD1qTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xDOVdYdEZ0akRONmpJcXp6Y1Z5N3hGUTlhay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvN2YxNjQ5LTBjOWQtNDA1ZC1hMTM0LTY2ZDI1MzQzMmY1Zi8x
L2QtclBUYTltZlk1Q2ZOaFVwTWNWWHlfcFZEdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
N2YxNjQ5LTBjOWQtNDA1ZC1hMTM0LTY2ZDI1MzQzMmY1Zi8xL2xDOVdYdEZ0akRO
NmpJcXp6Y1Z5N3hGUTlhay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJgMEASWU8AMEACWU9wMEA12/KAMEALmZ
9DAMAwQFww0gAwQAww0iMA0GCSqGSIb3DQEBCwUAA4IBAQANiSd4P5sNoWMKzko0
wzLUOx+aIzaWsCi1W9uDAdGPfxY8nWVydIariY6QjUB9zqVQ4SwwOpI4wvtLrK2b
5qFj1alZECGW0DBGhhsKxvDmLiuBSeBmjRXTfFH7aQMUWooUf+cWpOnbWPvQzTbO
6SAnsb+wpiX9y2H84Pkq9rDQQMJ0x3rmQ+EQZo/C7FvoMoG+ysrN88oLAVdvVvoX
aPfkNhogj9BfCDuJpJHu+IpaAE75bpE1AT8BwTCm5T2sUyStL99msi9YuCjPuHkF
fGqT2fYS6pBtfIagsRDsYXnk12IbXiwsLjeO56dvOFkKwZkomg/9G7BCQmbYqkAN
NOe0
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:46 2023 by rpki-client on console-ams.rpki-client.org