Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/aix7t0qNor4I-l9fLpuU65fM2kg.roa
File: aix7t0qNor4I-l9fLpuU65fM2kg.roa (raw, json)
Hash identifier: I4B2FULApN3VZGMZWt63zXB09mmGgKoMp8mUdHWTDqo=
Subject key identifier: 6A:2C:7B:B7:4A:8D:A2:BE:08:FA:5F:5F:2E:9B:94:EB:97:CC:DA:48
Certificate issuer: /CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Certificate serial: 018534FEC81AD3DF6BF62423B9271B1936E9
Authority key identifier: A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/aix7t0qNor4I-l9fLpuU65fM2kg.roa
Signing time: Wed 21 Dec 2022 14:03:10 +0000
ROA not before: Wed 21 Dec 2022 14:03:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15440
IP address blocks: 195.14.160.0/19 maxlen: 19
185.65.48.0/24 maxlen: 24
185.216.209.0/24 maxlen: 24
217.117.16.0/20 maxlen: 20
77.241.192.0/20 maxlen: 20
79.142.112.0/20 maxlen: 20
185.11.26.0/24 maxlen: 24
45.82.32.0/22 maxlen: 24
5.133.66.0/24 maxlen: 24
5.133.65.0/24 maxlen: 24
92.62.139.0/24 maxlen: 24
92.62.138.0/24 maxlen: 24
92.62.137.0/24 maxlen: 24
92.62.136.0/24 maxlen: 24
92.62.135.0/24 maxlen: 24
92.62.143.0/24 maxlen: 24
92.62.142.0/24 maxlen: 24
92.62.141.0/24 maxlen: 24
92.62.140.0/24 maxlen: 24
89.249.80.0/20 maxlen: 20
92.62.132.0/23 maxlen: 23
92.62.131.0/24 maxlen: 24
92.62.130.0/24 maxlen: 24
92.62.128.0/20 maxlen: 20
92.62.129.0/24 maxlen: 24
92.62.128.0/24 maxlen: 24
213.197.128.0/18 maxlen: 18
2a0d:5000:2::/48 maxlen: 48
2001:1ab8::/32 maxlen: 32
2001:1ab9::/32 maxlen: 32
2001:1ab8::/31 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:34:fe:c8:1a:d3:df:6b:f6:24:23:b9:27:1b:19:36:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Validity
Not Before: Dec 21 14:03:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a2c7bb74a8da2be08fa5f5f2e9b94eb97ccda48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:95:46:0d:d4:9a:8d:01:b9:b3:84:12:a3:c1:
96:20:3e:19:db:e0:89:6b:df:cf:0f:54:04:f3:77:
8c:9e:0c:20:a0:db:55:9b:14:6c:fb:5b:a2:da:37:
4a:4c:bb:ad:63:e7:0a:37:7f:07:15:4e:dd:4e:ff:
12:41:d4:5c:1c:36:fd:e2:a4:e5:85:8d:74:66:47:
94:e7:fe:e1:e6:3e:50:a2:2a:7f:87:33:91:c0:2b:
d7:d7:ed:db:c8:48:f2:00:b9:5c:80:6b:b0:63:f5:
17:6b:2b:5e:cb:71:0a:34:f9:2a:fa:4c:e4:3e:4f:
70:21:76:39:82:7d:95:05:3f:57:26:97:25:db:b6:
ae:2e:27:f4:63:0b:39:87:c8:b0:3e:22:1a:74:7a:
4f:33:1a:51:ce:77:8b:b6:04:8d:66:d0:07:0d:98:
a2:51:5e:a9:c2:b9:36:e8:37:bc:3c:a7:7c:02:32:
8e:15:c7:49:e4:ce:24:85:db:18:bb:d4:94:dd:6f:
df:13:ea:2e:ea:de:f1:d1:c5:24:64:13:ee:a1:47:
cf:6d:7f:46:23:67:fd:db:97:ce:9a:f0:18:06:3c:
84:c2:15:3b:4b:c6:97:ef:1c:4f:cb:3b:0e:3a:ac:
c7:45:98:e3:5b:ce:ad:f5:39:6b:37:8b:ed:83:90:
19:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:2C:7B:B7:4A:8D:A2:BE:08:FA:5F:5F:2E:9B:94:EB:97:CC:DA:48
X509v3 Authority Key Identifier:
keyid:A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/aix7t0qNor4I-l9fLpuU65fM2kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.65.0-5.133.66.255
45.82.32.0/22
77.241.192.0/20
79.142.112.0/20
89.249.80.0/20
92.62.128.0/20
185.11.26.0/24
185.65.48.0/24
185.216.209.0/24
195.14.160.0/19
213.197.128.0/18
217.117.16.0/20
IPv6:
2001:1ab8::/31
2a0d:5000:2::/48
Signature Algorithm: sha256WithRSAEncryption
8f:87:a9:b1:5e:f7:16:b4:2a:11:5c:c2:11:ac:fa:b6:c0:80:
d1:81:75:bd:1d:f6:7f:a1:70:b2:14:ce:05:32:ff:18:99:ee:
8e:a7:9b:63:41:6e:1b:66:9a:82:ec:b5:b4:25:b6:ba:43:81:
bb:c8:58:b3:c9:9a:a1:cc:96:f9:91:b8:c3:b6:c2:ac:2c:ed:
10:20:3d:be:0c:2c:db:c7:b7:e5:39:52:7c:8c:fa:17:e7:85:
95:df:6d:be:0c:8b:68:ce:36:dd:a3:85:33:dd:60:d2:4e:c4:
d5:b6:6f:67:f7:30:50:1e:22:55:cd:6d:81:0f:04:46:c4:0f:
de:fd:04:a7:f1:3f:01:5c:f0:d4:86:33:9d:9b:b7:73:8b:8c:
9d:5e:bf:d1:1b:bc:42:91:d7:f4:29:63:1c:ac:58:ed:3d:1c:
77:42:37:95:1a:99:43:b0:05:28:0f:98:7a:05:d3:6e:25:b1:
09:a1:44:17:be:55:00:c1:35:d9:17:96:0d:45:a6:1b:ed:91:
09:7d:5a:e1:5d:95:33:ca:90:9f:dc:b1:f5:13:53:d1:68:9a:
5f:8b:a0:e3:ad:94:93:e2:f6:ec:fa:d0:21:c3:55:32:13:84:
c2:4c:d2:4d:8b:7a:41:07:70:74:88:3a:62:60:69:02:4d:07:
c0:92:90:5f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYU0/sga099r9iQjuScbGTbpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNTRhOWYzYTI2NjUxM2RkYzY5MzVkOGJlMDIyZTdlNTIz
MGVhMTAwHhcNMjIxMjIxMTQwMzEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTJjN2JiNzRhOGRhMmJlMDhmYTVmNWYyZTliOTRlYjk3Y2NkYTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipVGDdSajQG5s4QSo8GWID4Z2+CJ
a9/PD1QE83eMngwgoNtVmxRs+1ui2jdKTLutY+cKN38HFU7dTv8SQdRcHDb94qTl
hY10ZkeU5/7h5j5Qoip/hzORwCvX1+3byEjyALlcgGuwY/UXaytey3EKNPkq+kzk
Pk9wIXY5gn2VBT9XJpcl27auLif0Yws5h8iwPiIadHpPMxpRzneLtgSNZtAHDZii
UV6pwrk26De8PKd8AjKOFcdJ5M4khdsYu9SU3W/fE+ou6t7x0cUkZBPuoUfPbX9G
I2f925fOmvAYBjyEwhU7S8aX7xxPyzsOOqzHRZjjW86t9TlrN4vtg5AZ/QIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFGose7dKjaK+CPpfXy6blOuXzNpIMB8GA1UdIwQY
MBaAFKJUqfOiZlE93Gk12L4CLn5SMOoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTkt
YWRkZjBlMTg0OWViLzEvYWl4N3QwcU5vcjRJLWw5ZkxwdVU2NWZNMmtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTktYWRkZjBlMTg0OWVi
LzEvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwVgQCAAEwUDAMAwQABYVB
AwQABYVCAwQCLVIgAwQETfHAAwQET45wAwQEWflQAwQEXD6AAwQAuQsaAwQAuUEw
AwQAudjRAwQFww6gAwQG1cWAAwQE2XUQMBYEAgACMBADBQEgARq4AwcAKg1QAAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQCPh6mxXvcWtCoRXMIRrPq2wIDRgXW9HfZ/oXCy
FM4FMv8Yme6Op5tjQW4bZpqC7LW0Jba6Q4G7yFizyZqhzJb5kbjDtsKsLO0QID2+
DCzbx7flOVJ8jPoX54WV322+DItozjbdo4Uz3WDSTsTVtm9n9zBQHiJVzW2BDwRG
xA/e/QSn8T8BXPDUhjOdm7dzi4ydXr/RG7xCkdf0KWMcrFjtPRx3QjeVGplDsAUo
D5h6BdNuJbEJoUQXvlUAwTXZF5YNRaYb7ZEJfVrhXZUzypCf3LH1E1PRaJpfi6Dj
rZST4vbs+tAhw1UyE4TCTNJNi3pBB3B0iDpiYGkCTQfAkpBf
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:32 2023 by rpki-client on console-fra.rpki-client.org