Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/a06407-a1f2-4b47-96c7-0a9e3cb4dc13/1/Dy_7t5jguwhDpEcK-2L26bWx4zo.roa
File: Dy_7t5jguwhDpEcK-2L26bWx4zo.roa (raw, json)
Hash identifier: P2iEJbLk6VCRXHxInLg1YmUfdO1wPmXUWajUsfndK4o=
Subject key identifier: 0F:2F:FB:B7:98:E0:BB:08:43:A4:47:0A:FB:62:F6:E9:B5:B1:E3:3A
Certificate issuer: /CN=587ed7e9f98a1f1975ee9fbcb095c3adfa28aec0
Certificate serial: 05D4F769
Authority key identifier: 58:7E:D7:E9:F9:8A:1F:19:75:EE:9F:BC:B0:95:C3:AD:FA:28:AE:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WH7X6fmKHxl17p-8sJXDrfoorsA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/a06407-a1f2-4b47-96c7-0a9e3cb4dc13/1/Dy_7t5jguwhDpEcK-2L26bWx4zo.roa
Signing time: Sat 01 Jan 2022 06:02:46 +0000
ROA not before: Sat 01 Jan 2022 06:02:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198144
IP address blocks: 176.97.230.0/23 maxlen: 23
176.97.228.0/22 maxlen: 22
176.97.228.0/23 maxlen: 23
93.117.65.0/24 maxlen: 24
212.85.238.0/23 maxlen: 23
212.85.236.0/22 maxlen: 22
212.85.236.0/23 maxlen: 23
128.65.152.0/23 maxlen: 23
128.65.152.0/21 maxlen: 21
128.65.156.0/24 maxlen: 24
128.65.155.0/24 maxlen: 24
128.65.154.0/24 maxlen: 24
128.65.159.0/24 maxlen: 24
128.65.158.0/24 maxlen: 24
128.65.157.0/24 maxlen: 24
188.208.111.0/24 maxlen: 24
185.78.212.0/22 maxlen: 22
185.78.212.0/23 maxlen: 23
185.78.214.0/23 maxlen: 23
188.211.239.0/24 maxlen: 24
93.113.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97843049 (0x5d4f769)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=587ed7e9f98a1f1975ee9fbcb095c3adfa28aec0
Validity
Not Before: Jan 1 06:02:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f2ffbb798e0bb0843a4470afb62f6e9b5b1e33a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:48:54:e8:dd:c6:61:7f:bb:5e:0f:7c:70:a7:
8f:2d:a4:a4:8a:15:f3:e2:9f:44:7f:b2:bd:f5:21:
e3:d0:ac:5b:a7:a9:61:4d:7c:f8:4d:db:00:b4:fa:
4f:bf:0a:ce:1f:92:ec:00:e8:48:16:29:c8:ff:12:
33:81:3f:39:50:1c:11:9c:f6:fd:62:03:4e:32:1b:
ca:60:a2:6c:e5:02:d6:4a:2a:c6:57:1d:3b:00:e3:
d3:57:51:46:32:20:2f:cc:89:5e:9e:79:d1:1f:c9:
c5:8f:15:88:ef:6c:7f:18:90:75:df:8d:f8:63:3c:
61:c2:e8:33:84:9d:4d:96:c6:d7:da:6d:af:0c:5f:
07:00:72:24:cc:49:0d:36:2e:e8:62:fd:5b:7c:a5:
09:fa:a0:0d:fc:49:d9:01:3a:76:3a:30:64:ef:7e:
43:75:0b:d2:a9:ec:19:62:55:c2:95:23:0e:26:55:
76:5c:e5:aa:2e:90:9c:ba:83:e4:99:0a:8a:43:07:
d0:fc:c6:50:a0:3b:fe:0f:66:d1:14:7e:f7:8b:7f:
f8:e5:3d:d7:67:df:ba:e3:13:9a:a0:d7:39:41:07:
a8:5c:de:6a:3a:81:e7:68:cf:db:0e:00:7f:84:bf:
1a:1c:e9:b9:69:93:b5:89:ef:27:08:dc:d7:d8:15:
45:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:2F:FB:B7:98:E0:BB:08:43:A4:47:0A:FB:62:F6:E9:B5:B1:E3:3A
X509v3 Authority Key Identifier:
keyid:58:7E:D7:E9:F9:8A:1F:19:75:EE:9F:BC:B0:95:C3:AD:FA:28:AE:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WH7X6fmKHxl17p-8sJXDrfoorsA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/a06407-a1f2-4b47-96c7-0a9e3cb4dc13/1/Dy_7t5jguwhDpEcK-2L26bWx4zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/a06407-a1f2-4b47-96c7-0a9e3cb4dc13/1/WH7X6fmKHxl17p-8sJXDrfoorsA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.113.102.0/24
93.117.65.0/24
128.65.152.0/21
176.97.228.0/22
185.78.212.0/22
188.208.111.0/24
188.211.239.0/24
212.85.236.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:68:10:d5:aa:30:ab:ef:3c:43:c3:05:3a:f9:da:e2:17:b1:
d4:3e:06:63:13:4e:eb:f9:1f:a3:e7:1d:18:91:73:27:35:f3:
bb:1f:f6:66:f9:57:b5:46:ae:88:ba:e0:97:70:5b:07:c1:30:
6a:e1:10:7b:b5:c4:83:90:75:c3:ba:b5:3d:ee:64:ea:5c:88:
29:0d:50:46:78:19:b2:f3:c5:53:42:2c:b4:83:69:e3:95:c5:
69:10:c3:22:6f:40:93:f7:3e:99:ab:35:84:47:fc:29:cb:fc:
f2:43:da:29:78:93:ae:68:8d:11:fc:00:e3:d2:a5:11:f2:4e:
39:80:97:4a:3d:ef:3e:d5:41:b3:82:71:bf:1c:16:78:3e:95:
e0:0d:f8:53:27:59:c0:d4:38:ee:0f:b0:21:9a:bf:2b:0d:94:
f5:92:88:4d:f5:d6:0d:01:75:04:75:cb:a2:40:d7:af:24:00:
f4:dc:29:46:12:b6:37:a1:56:f3:e6:11:dc:65:48:14:e3:82:
84:47:5d:b2:ee:12:77:e1:d5:65:25:02:2a:21:87:01:44:56:
eb:43:87:e5:48:ed:ba:b1:fe:24:48:03:96:ff:44:7f:69:9e:
ab:72:a6:81:b0:38:70:34:ae:60:8c:fd:03:46:04:68:d7:7a:
4c:87:7e:36
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEBdT3aTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODdlZDdlOWY5OGExZjE5NzVlZTlmYmNiMDk1YzNhZGZhMjhhZWMwMB4XDTIyMDEw
MTA2MDI0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGYyZmZiYjc5OGUw
YmIwODQzYTQ0NzBhZmI2MmY2ZTliNWIxZTMzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKdIVOjdxmF/u14PfHCnjy2kpIoV8+KfRH+yvfUh49CsW6ep
YU18+E3bALT6T78Kzh+S7ADoSBYpyP8SM4E/OVAcEZz2/WIDTjIbymCibOUC1koq
xlcdOwDj01dRRjIgL8yJXp550R/JxY8ViO9sfxiQdd+N+GM8YcLoM4SdTZbG19pt
rwxfBwByJMxJDTYu6GL9W3ylCfqgDfxJ2QE6djowZO9+Q3UL0qnsGWJVwpUjDiZV
dlzlqi6QnLqD5JkKikMH0PzGUKA7/g9m0RR+94t/+OU912ffuuMTmqDXOUEHqFze
ajqB52jP2w4Af4S/GhzpuWmTtYnvJwjc19gVRYMCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBQPL/u3mOC7CEOkRwr7YvbptbHjOjAfBgNVHSMEGDAWgBRYftfp+YofGXXu
n7ywlcOt+iiuwDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dIN1g2Zm1LSHhsMTdwLThzSlhEcmZvb3JzQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvYTA2NDA3LWExZjItNGI0Ny05NmM3LTBhOWUzY2I0ZGMxMy8x
L0R5Xzd0NWpndXdoRHBFY0stMkwyNmJXeDR6by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
YTA2NDA3LWExZjItNGI0Ny05NmM3LTBhOWUzY2I0ZGMxMy8xL1dIN1g2Zm1LSHhs
MTdwLThzSlhEcmZvb3JzQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAF1xZgMEAF11QQMEA4BBmAMEArBh
5AMEArlO1AMEALzQbwMEALzT7wMEAtRV7DANBgkqhkiG9w0BAQsFAAOCAQEAjWgQ
1aowq+88Q8MFOvna4hex1D4GYxNO6/kfo+cdGJFzJzXzux/2ZvlXtUauiLrgl3Bb
B8EwauEQe7XEg5B1w7q1Pe5k6lyIKQ1QRngZsvPFU0IstINp45XFaRDDIm9Ak/c+
mas1hEf8Kcv88kPaKXiTrmiNEfwA49KlEfJOOYCXSj3vPtVBs4JxvxwWeD6V4A34
UydZwNQ47g+wIZq/Kw2U9ZKITfXWDQF1BHXLokDXryQA9NwpRhK2N6FW8+YR3GVI
FOOChEddsu4Sd+HVZSUCKiGHAURW60OH5UjturH+JEgDlv9Ef2meq3KmgbA4cDSu
YIz9A0YEaNd6TId+Ng==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:05 2023 by rpki-client on console-fra.rpki-client.org