Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/a2Yj36Pp1Ec_zK4fACdECczAhko.roa
File: a2Yj36Pp1Ec_zK4fACdECczAhko.roa (raw, json)
Hash identifier: swBN8/MQV8+PPs3LAlEO7Qt9LLViTUcKIp4CDKSSsaE=
Subject key identifier: 6B:66:23:DF:A3:E9:D4:47:3F:CC:AE:1F:00:27:44:09:CC:C0:86:4A
Certificate issuer: /CN=de9572fcbd665f72e00e5ffdb8db802d1cbec894
Certificate serial: 0184C20F1C1B194E6C1340AFE0C46CDC5894
Authority key identifier: DE:95:72:FC:BD:66:5F:72:E0:0E:5F:FD:B8:DB:80:2D:1C:BE:C8:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3pVy_L1mX3LgDl_9uNuALRy-yJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/a2Yj36Pp1Ec_zK4fACdECczAhko.roa
Signing time: Tue 29 Nov 2022 06:24:40 +0000
ROA not before: Tue 29 Nov 2022 06:24:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43070
IP address blocks: 89.187.192.0/22 maxlen: 22
89.187.196.0/23 maxlen: 23
77.95.40.0/21 maxlen: 21
185.45.136.0/22 maxlen: 22
2a02:910::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c2:0f:1c:1b:19:4e:6c:13:40:af:e0:c4:6c:dc:58:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de9572fcbd665f72e00e5ffdb8db802d1cbec894
Validity
Not Before: Nov 29 06:24:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b6623dfa3e9d4473fccae1f00274409ccc0864a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:39:fa:0c:d2:ae:69:f0:c8:af:c2:d4:c3:6f:
9c:40:6e:3b:13:74:31:90:10:bd:52:0f:33:1f:6d:
c4:fa:95:53:03:d8:8a:95:a9:cd:40:76:a4:64:be:
66:5a:6f:46:05:00:1d:3b:e4:92:f9:90:44:c1:f1:
0d:77:14:93:da:bd:ea:1b:42:fd:8b:f9:f6:b6:0a:
3e:ef:d3:13:2f:b3:9b:18:01:6a:e8:b3:c7:95:b8:
1f:a0:ac:27:2b:b0:32:f5:74:80:8d:39:3e:76:fb:
8b:14:03:23:b1:29:d3:e8:74:28:d4:14:69:3f:52:
49:2d:71:f8:27:31:f7:54:21:ff:14:ee:5a:ce:bd:
07:02:40:71:4a:f2:11:39:f3:f6:ff:3c:7c:de:60:
ff:56:e3:4c:a3:b2:cf:5c:eb:b2:e8:52:a2:2b:fb:
3d:5c:3f:66:4c:52:13:bb:a4:62:7e:76:59:48:05:
c1:04:8b:b9:74:cd:3f:c5:3c:3f:65:73:21:ba:29:
96:86:51:83:fc:9e:71:5f:e8:c8:72:0d:4c:da:2f:
44:91:3e:65:f5:49:29:20:35:6c:b7:26:b1:04:7e:
26:40:5a:c8:ad:57:97:ea:4e:4a:d3:2c:3b:9c:3a:
ff:23:7f:8b:b7:ff:8d:3e:c7:ec:86:04:87:ac:68:
45:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:66:23:DF:A3:E9:D4:47:3F:CC:AE:1F:00:27:44:09:CC:C0:86:4A
X509v3 Authority Key Identifier:
keyid:DE:95:72:FC:BD:66:5F:72:E0:0E:5F:FD:B8:DB:80:2D:1C:BE:C8:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pVy_L1mX3LgDl_9uNuALRy-yJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/a2Yj36Pp1Ec_zK4fACdECczAhko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/3pVy_L1mX3LgDl_9uNuALRy-yJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.40.0/21
89.187.192.0-89.187.197.255
185.45.136.0/22
IPv6:
2a02:910::/32
Signature Algorithm: sha256WithRSAEncryption
33:7c:8f:55:4e:59:e9:e9:81:00:ce:1d:48:31:94:37:af:4d:
f5:28:34:5a:34:c6:aa:cf:f2:68:41:3a:10:bc:71:f5:cf:3a:
1d:0b:71:99:78:55:12:d8:ed:7a:1c:e0:f1:d2:7f:65:de:79:
24:dd:a8:5f:ea:87:e2:fa:23:d4:f4:54:e0:f2:a3:7e:39:b5:
77:58:46:39:c3:a0:7c:22:c7:81:11:60:70:00:e8:64:e7:5d:
83:eb:78:8c:4e:91:09:d6:c6:f4:19:bc:1d:6d:69:b7:4a:7c:
b1:8a:f0:01:7a:12:9d:53:05:69:91:59:5e:a5:cc:a2:9a:92:
6c:7d:33:5e:71:1c:53:3e:b3:37:99:e0:3a:15:66:1f:42:75:
63:a9:a1:36:64:a7:da:67:3e:fc:a2:1d:68:e0:5e:1a:42:29:
d5:c8:31:35:19:f1:f3:dc:58:70:53:2b:4a:af:5f:c3:31:1d:
e5:fd:97:99:1b:af:f2:b0:7b:99:01:09:76:3e:06:76:e8:50:
15:73:9a:17:04:18:e8:b4:55:7b:dc:45:ad:b0:cc:98:b8:df:
ac:82:24:38:1e:c6:4a:dc:47:a4:4f:ef:42:74:d3:0f:d6:af:
1d:ac:d9:a6:a3:dd:ff:5b:71:86:a0:03:e7:9a:a3:d3:4f:9f:
8e:05:e3:39
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYTCDxwbGU5sE0Cv4MRs3FiUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTU3MmZjYmQ2NjVmNzJlMDBlNWZmZGI4ZGI4MDJkMWNi
ZWM4OTQwHhcNMjIxMTI5MDYyNDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjY2MjNkZmEzZTlkNDQ3M2ZjY2FlMWYwMDI3NDQwOWNjYzA4NjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDn6DNKuafDIr8LUw2+cQG47E3Qx
kBC9Ug8zH23E+pVTA9iKlanNQHakZL5mWm9GBQAdO+SS+ZBEwfENdxST2r3qG0L9
i/n2tgo+79MTL7ObGAFq6LPHlbgfoKwnK7Ay9XSAjTk+dvuLFAMjsSnT6HQo1BRp
P1JJLXH4JzH3VCH/FO5azr0HAkBxSvIROfP2/zx83mD/VuNMo7LPXOuy6FKiK/s9
XD9mTFITu6RifnZZSAXBBIu5dM0/xTw/ZXMhuimWhlGD/J5xX+jIcg1M2i9EkT5l
9UkpIDVstyaxBH4mQFrIrVeX6k5K0yw7nDr/I3+Lt/+NPsfshgSHrGhFUwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFGtmI9+j6dRHP8yuHwAnRAnMwIZKMB8GA1UdIwQY
MBaAFN6Vcvy9Zl9y4A5f/bjbgC0cvsiUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BWeV9MMW1YM0xnRGxfOXVOdUFMUnkteUpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS83OTIyMDAtMmRhMC00MWJmLTg1ODct
YTkyOTM0Y2IxZGU4LzEvYTJZajM2UHAxRWNfeks0ZkFDZEVDY3pBaGtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS83OTIyMDAtMmRhMC00MWJmLTg1ODctYTkyOTM0Y2IxZGU4
LzEvM3BWeV9MMW1YM0xnRGxfOXVOdUFMUnkteUpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQDTV8oMAwD
BAZZu8ADBAFZu8QDBAK5LYgwDQQCAAIwBwMFACoCCRAwDQYJKoZIhvcNAQELBQAD
ggEBADN8j1VOWenpgQDOHUgxlDevTfUoNFo0xqrP8mhBOhC8cfXPOh0LcZl4VRLY
7Xoc4PHSf2XeeSTdqF/qh+L6I9T0VODyo345tXdYRjnDoHwix4ERYHAA6GTnXYPr
eIxOkQnWxvQZvB1tabdKfLGK8AF6Ep1TBWmRWV6lzKKakmx9M15xHFM+szeZ4DoV
Zh9CdWOpoTZkp9pnPvyiHWjgXhpCKdXIMTUZ8fPcWHBTK0qvX8MxHeX9l5kbr/Kw
e5kBCXY+BnboUBVzmhcEGOi0VXvcRa2wzJi436yCJDgexkrcR6RP70J00w/Wrx2s
2aaj3f9bcYagA+eao9NPn44F4zk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:45 2023 by rpki-client on console-fra.rpki-client.org