Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e85180-1910-4c42-a1f5-73202f0e1d03/1/7mlBiyZP32Jd9S7VKwIqyEDB6TU.roa
File: 7mlBiyZP32Jd9S7VKwIqyEDB6TU.roa (raw, json)
Hash identifier: TveNwTO5ZZ3UJnCsGCcAfcl8BHN65C+v9aMSyF/g7zs=
Subject key identifier: EE:69:41:8B:26:4F:DF:62:5D:F5:2E:D5:2B:02:2A:C8:40:C1:E9:35
Certificate issuer: /CN=d62329d8d7e541953e120fd05f66cc6ebab0684d
Certificate serial: 0B15E707
Authority key identifier: D6:23:29:D8:D7:E5:41:95:3E:12:0F:D0:5F:66:CC:6E:BA:B0:68:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1iMp2NflQZU-Eg_QX2bMbrqwaE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e85180-1910-4c42-a1f5-73202f0e1d03/1/7mlBiyZP32Jd9S7VKwIqyEDB6TU.roa
Signing time: Sat 01 Jan 2022 08:54:32 +0000
ROA not before: Sat 01 Jan 2022 08:54:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25151
IP address blocks: 37.46.136.0/21 maxlen: 24
109.235.72.0/21 maxlen: 24
85.158.200.0/21 maxlen: 24
185.54.112.0/22 maxlen: 24
93.94.224.0/21 maxlen: 24
2a01:518::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 185984775 (0xb15e707)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d62329d8d7e541953e120fd05f66cc6ebab0684d
Validity
Not Before: Jan 1 08:54:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ee69418b264fdf625df52ed52b022ac840c1e935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6b:52:0b:b7:b1:c0:be:1c:47:63:36:5f:c0:
1e:4e:fa:2a:9a:26:fb:0e:ee:a8:9a:d6:a1:fa:41:
5a:bb:bd:85:73:78:0a:31:91:48:09:8a:7c:bd:8b:
2d:c8:69:0a:d8:2a:bf:60:a8:e6:fe:02:57:e0:28:
02:ee:3c:f3:8e:e5:bb:b9:27:e3:a3:0c:5f:f2:3d:
69:85:e1:cd:81:95:8b:d8:25:d7:28:4f:44:b1:b2:
d5:30:bd:86:bd:71:00:3d:24:34:8d:8f:21:ef:f0:
a3:ab:1d:a9:09:20:29:e9:c3:24:b8:66:cf:17:5f:
d1:92:10:a0:07:b5:7a:ae:f0:30:cf:0a:23:a5:1a:
d7:69:64:5f:2f:c1:31:d0:af:a0:ec:32:11:8e:e9:
86:a3:dc:d0:d0:97:c5:f5:dc:f2:8b:61:8f:0b:b3:
2b:cc:51:26:06:cc:74:1a:e4:f4:98:16:7c:c0:9c:
55:32:37:88:fb:79:4a:0e:d6:4c:94:15:3b:84:06:
d6:1c:cb:53:bb:26:74:93:b7:85:38:91:53:07:ab:
b2:99:24:e1:96:f1:ec:d1:f4:b1:75:0b:09:96:22:
9c:35:19:39:16:34:cb:b3:27:51:e5:ee:78:44:73:
aa:a9:52:aa:f6:a2:8d:2c:03:de:a5:a9:e6:4a:48:
8b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:69:41:8B:26:4F:DF:62:5D:F5:2E:D5:2B:02:2A:C8:40:C1:E9:35
X509v3 Authority Key Identifier:
keyid:D6:23:29:D8:D7:E5:41:95:3E:12:0F:D0:5F:66:CC:6E:BA:B0:68:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1iMp2NflQZU-Eg_QX2bMbrqwaE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e85180-1910-4c42-a1f5-73202f0e1d03/1/7mlBiyZP32Jd9S7VKwIqyEDB6TU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e85180-1910-4c42-a1f5-73202f0e1d03/1/1iMp2NflQZU-Eg_QX2bMbrqwaE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.136.0/21
85.158.200.0/21
93.94.224.0/21
109.235.72.0/21
185.54.112.0/22
IPv6:
2a01:518::/32
Signature Algorithm: sha256WithRSAEncryption
77:80:15:37:75:02:ae:7b:04:58:2d:83:00:46:47:41:3f:91:
3b:91:11:39:9c:b0:b3:51:13:12:78:d1:78:84:7f:64:c5:26:
31:9c:24:23:98:7a:f8:c0:09:f7:20:a8:a6:28:e9:f5:c2:22:
55:0b:9c:e9:d7:40:aa:a1:05:76:89:56:3a:c5:cf:47:78:16:
d3:cc:44:ed:bc:94:de:96:44:14:99:c4:37:9b:25:ac:1a:10:
b5:6f:eb:92:a1:7b:e4:e2:58:d1:a2:a3:65:2d:a9:9d:87:53:
4c:be:94:5f:c3:d2:69:59:91:5e:ca:f3:05:62:bd:7e:32:53:
72:ca:a9:d9:2d:c5:21:ae:ef:27:cc:c8:a9:d7:cc:26:13:d3:
cb:71:d1:04:89:93:7e:5b:aa:89:5f:57:a6:5c:db:d4:85:e7:
35:48:5f:bb:d0:60:18:6c:3c:4d:59:93:21:56:bd:e7:58:6c:
22:48:47:2f:6d:71:87:fe:8a:ad:e9:e9:a8:fb:00:41:b3:e8:
39:26:77:dc:61:cf:26:11:2b:a3:0e:e7:3e:16:66:8b:57:17:
65:89:f4:0c:7c:08:71:f9:ec:73:a6:6e:e3:23:72:44:c5:c3:
af:31:3a:ff:10:74:eb:6c:10:82:d5:33:bb:e5:cf:f2:ba:38:
0e:80:28:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIECxXnBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NjIzMjlkOGQ3ZTU0MTk1M2UxMjBmZDA1ZjY2Y2M2ZWJhYjA2ODRkMB4XDTIyMDEw
MTA4NTQzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWU2OTQxOGIyNjRm
ZGY2MjVkZjUyZWQ1MmIwMjJhYzg0MGMxZTkzNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMFrUgu3scC+HEdjNl/AHk76Kpom+w7uqJrWofpBWru9hXN4
CjGRSAmKfL2LLchpCtgqv2Co5v4CV+AoAu48847lu7kn46MMX/I9aYXhzYGVi9gl
1yhPRLGy1TC9hr1xAD0kNI2PIe/wo6sdqQkgKenDJLhmzxdf0ZIQoAe1eq7wMM8K
I6Ua12lkXy/BMdCvoOwyEY7phqPc0NCXxfXc8othjwuzK8xRJgbMdBrk9JgWfMCc
VTI3iPt5Sg7WTJQVO4QG1hzLU7smdJO3hTiRUwerspkk4Zbx7NH0sXULCZYinDUZ
ORY0y7MnUeXueERzqqlSqvaijSwD3qWp5kpIi20CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTuaUGLJk/fYl31LtUrAirIQMHpNTAfBgNVHSMEGDAWgBTWIynY1+VBlT4S
D9BfZsxuurBoTTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFpTXAyTmZsUVpVLUVnX1FYMmJNYnJxd2FFMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvZTg1MTgwLTE5MTAtNGM0Mi1hMWY1LTczMjAyZjBlMWQwMy8x
LzdtbEJpeVpQMzJKZDlTN1ZLd0lxeUVEQjZUVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
ZTg1MTgwLTE5MTAtNGM0Mi1hMWY1LTczMjAyZjBlMWQwMy8xLzFpTXAyTmZsUVpV
LUVnX1FYMmJNYnJxd2FFMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAyUuiAMEA1WeyAMEA11e4AMEA23r
SAMEArk2cDANBAIAAjAHAwUAKgEFGDANBgkqhkiG9w0BAQsFAAOCAQEAd4AVN3UC
rnsEWC2DAEZHQT+RO5EROZyws1ETEnjReIR/ZMUmMZwkI5h6+MAJ9yCopijp9cIi
VQuc6ddAqqEFdolWOsXPR3gW08xE7byU3pZEFJnEN5slrBoQtW/rkqF75OJY0aKj
ZS2pnYdTTL6UX8PSaVmRXsrzBWK9fjJTcsqp2S3FIa7vJ8zIqdfMJhPTy3HRBImT
fluqiV9Xplzb1IXnNUhfu9BgGGw8TVmTIVa951hsIkhHL21xh/6KrenpqPsAQbPo
OSZ33GHPJhErow7nPhZmi1cXZYn0DHwIcfnsc6Zu4yNyRMXDrzE6/xB062wQgtUz
u+XP8ro4DoAo9w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:51 2023 by rpki-client on console-ams.rpki-client.org