Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/m6w4JluVnZzduNlZYWkSngosw6M.roa
File: m6w4JluVnZzduNlZYWkSngosw6M.roa (raw, json)
Hash identifier: mfCDvB0PYzugm6ztJoxg2A3HtSehcj6IbBiQE2xsqBE=
Subject key identifier: 9B:AC:38:26:5B:95:9D:9C:DD:B8:D9:59:61:69:12:9E:0A:2C:C3:A3
Certificate issuer: /CN=d9d0318f2685e32d2dba923f6662771427359738
Certificate serial: 3799F29D
Authority key identifier: D9:D0:31:8F:26:85:E3:2D:2D:BA:92:3F:66:62:77:14:27:35:97:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/m6w4JluVnZzduNlZYWkSngosw6M.roa
Signing time: Thu 24 Mar 2022 18:04:38 +0000
ROA not before: Thu 24 Mar 2022 18:04:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8728
IP address blocks: 84.52.0.0/18 maxlen: 32
212.7.0.0/19 maxlen: 32
82.147.160.0/19 maxlen: 32
82.147.160.0/21 maxlen: 32
185.200.68.0/22 maxlen: 32
82.147.168.0/21 maxlen: 32
212.7.30.0/24 maxlen: 32
89.235.192.0/18 maxlen: 32
109.235.240.0/21 maxlen: 32
2001:1b28::/32 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 932835997 (0x3799f29d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d0318f2685e32d2dba923f6662771427359738
Validity
Not Before: Mar 24 18:04:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9bac38265b959d9cddb8d9596169129e0a2cc3a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:79:fe:2e:b2:3e:ea:7c:80:de:71:0e:32:f1:
d9:77:db:4a:af:a0:77:61:92:8b:5c:8f:54:c3:c2:
4c:27:3f:4a:20:31:cb:0f:6c:e6:6f:4c:8a:98:e2:
91:c4:f1:00:31:24:46:1a:a7:6f:71:10:74:86:1a:
d0:6a:bc:54:70:7d:2b:51:97:08:3c:97:69:f5:ca:
4e:a4:5b:a0:c9:34:d2:d1:a5:3b:5d:74:fe:98:5f:
d6:7f:0e:3b:68:1b:4b:a2:f1:e8:c0:b4:bd:e9:99:
d9:c2:49:0f:fc:f3:13:7c:f3:f6:ba:34:f2:ef:fd:
31:d3:92:b0:c3:af:6a:ae:c7:58:72:ff:50:51:ed:
b2:60:89:3e:ea:47:cd:d0:c6:4b:2a:f7:25:10:ec:
3b:57:42:21:5c:e8:a3:ee:db:32:21:ac:dd:4f:c2:
35:3e:12:66:21:d7:ba:27:1d:01:18:99:54:4e:ef:
44:ae:fb:43:7b:44:f9:a7:bf:63:33:dd:eb:95:1b:
fb:82:ae:b7:34:6b:26:13:26:e6:f4:cd:58:b0:db:
f9:1e:6d:d2:57:12:f4:99:5b:50:94:ca:c0:b0:94:
9f:6e:b8:d0:00:cc:e9:f0:8c:ea:ac:35:0b:75:24:
6e:fd:f1:01:5b:1d:47:f7:b7:77:4f:2a:74:ef:ac:
c9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:AC:38:26:5B:95:9D:9C:DD:B8:D9:59:61:69:12:9E:0A:2C:C3:A3
X509v3 Authority Key Identifier:
keyid:D9:D0:31:8F:26:85:E3:2D:2D:BA:92:3F:66:62:77:14:27:35:97:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/m6w4JluVnZzduNlZYWkSngosw6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.147.160.0/19
84.52.0.0/18
89.235.192.0/18
109.235.240.0/21
185.200.68.0/22
212.7.0.0/19
IPv6:
2001:1b28::/32
Signature Algorithm: sha256WithRSAEncryption
74:11:29:70:9e:54:fa:82:31:79:41:da:1f:0c:61:1b:81:81:
c9:f3:2e:b8:b2:e2:9d:2c:bb:50:dc:3e:44:ea:ca:71:3b:33:
68:fd:1a:6d:b4:71:dc:48:ba:6a:4f:29:ba:42:91:4e:e9:fe:
a1:14:7c:7e:bb:82:41:99:c6:ef:71:d4:21:03:89:a0:c1:40:
05:69:b0:76:b8:65:34:18:c9:7e:b6:ea:3a:a3:ac:23:bd:1b:
c3:d0:81:25:1c:24:f7:9d:6e:e0:25:2f:00:42:48:93:1a:6c:
a5:52:58:51:dc:5b:4e:66:4f:35:44:d1:90:80:a8:59:e7:f5:
e6:53:44:aa:78:28:51:7e:ba:82:c2:96:3c:9a:33:e6:e7:76:
4d:83:c5:82:e2:df:fd:b2:30:5c:fa:f7:78:42:7f:c8:9e:b4:
98:d9:37:07:04:9c:b3:c5:95:0f:68:b1:42:23:61:4a:d5:cc:
e6:7d:ca:c4:e3:50:20:09:c3:94:63:f5:68:94:b3:37:d5:9d:
d1:ee:69:d8:23:45:4d:7c:82:5e:fd:bb:45:36:82:d1:30:4a:
75:1f:e2:f7:41:a3:55:cb:32:8c:d7:e4:48:6b:38:fe:65:b2:
39:49:47:05:98:ea:ca:5e:41:24:28:05:4e:68:43:5b:ac:5d:
1c:db:b2:e1
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEN5nynTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OWQwMzE4ZjI2ODVlMzJkMmRiYTkyM2Y2NjYyNzcxNDI3MzU5NzM4MB4XDTIyMDMy
NDE4MDQzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWJhYzM4MjY1Yjk1
OWQ5Y2RkYjhkOTU5NjE2OTEyOWUwYTJjYzNhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKZ5/i6yPup8gN5xDjLx2XfbSq+gd2GSi1yPVMPCTCc/SiAx
yw9s5m9MipjikcTxADEkRhqnb3EQdIYa0Gq8VHB9K1GXCDyXafXKTqRboMk00tGl
O110/phf1n8OO2gbS6Lx6MC0vemZ2cJJD/zzE3zz9ro08u/9MdOSsMOvaq7HWHL/
UFHtsmCJPupHzdDGSyr3JRDsO1dCIVzoo+7bMiGs3U/CNT4SZiHXuicdARiZVE7v
RK77Q3tE+ae/YzPd65Ub+4KutzRrJhMm5vTNWLDb+R5t0lcS9JlbUJTKwLCUn264
0ADM6fCM6qw1C3Ukbv3xAVsdR/e3d08qdO+syQECAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBSbrDgmW5WdnN242VlhaRKeCizDozAfBgNVHSMEGDAWgBTZ0DGPJoXjLS26
kj9mYncUJzWXODAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJkQXhqeWFGNHkwdHVwSV9abUozRkNjMWx6Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvOGNlNjA5LWRiMWQtNDk5Ny05ZDhhLTk2ZGRkNWEwMjM5ZC8x
L202dzRKbHVWblp6ZHVObFpZV2tTbmdvc3c2TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
OGNlNjA5LWRiMWQtNDk5Ny05ZDhhLTk2ZGRkNWEwMjM5ZC8xLzJkQXhqeWFGNHkw
dHVwSV9abUozRkNjMWx6Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEBVKToAMEBlQ0AAMEBlnrwAMEA23r
8AMEArnIRAMEBdQHADANBAIAAjAHAwUAIAEbKDANBgkqhkiG9w0BAQsFAAOCAQEA
dBEpcJ5U+oIxeUHaHwxhG4GByfMuuLLinSy7UNw+ROrKcTszaP0abbRx3Ei6ak8p
ukKRTun+oRR8fruCQZnG73HUIQOJoMFABWmwdrhlNBjJfrbqOqOsI70bw9CBJRwk
951u4CUvAEJIkxpspVJYUdxbTmZPNUTRkICoWef15lNEqngoUX66gsKWPJoz5ud2
TYPFguLf/bIwXPr3eEJ/yJ60mNk3BwScs8WVD2ixQiNhStXM5n3KxONQIAnDlGP1
aJSzN9Wd0e5p2CNFTXyCXv27RTaC0TBKdR/i90GjVcsyjNfkSGs4/mWyOUlHBZjq
yl5BJCgFTmhDW6xdHNuy4Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:55 2023 by rpki-client on console-ams.rpki-client.org