Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/7i5n61rvjUQbvAc0ME_QGQJn1HY.roa
File: 7i5n61rvjUQbvAc0ME_QGQJn1HY.roa (raw, json)
Hash identifier: qaKikIMu+kZ46cY10zqKpqfY7afYwscp+jc3D0u+B8c=
Subject key identifier: EE:2E:67:EB:5A:EF:8D:44:1B:BC:07:34:30:4F:D0:19:02:67:D4:76
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 08E9D6A6
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/7i5n61rvjUQbvAc0ME_QGQJn1HY.roa
Signing time: Sat 04 Jun 2022 15:05:20 +0000
ROA not before: Sat 04 Jun 2022 15:05:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 176.105.229.0/24 maxlen: 24
176.105.228.0/22 maxlen: 24
91.239.148.0/23 maxlen: 24
212.115.124.0/22 maxlen: 24
45.132.80.0/22 maxlen: 24
91.244.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149542566 (0x8e9d6a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Jun 4 15:05:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ee2e67eb5aef8d441bbc0734304fd0190267d476
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e4:dc:a2:8b:c4:14:6b:c1:f6:6b:8c:ea:7e:
1f:b2:94:5b:69:0a:15:ca:72:e6:6d:85:d5:2e:a3:
df:9e:e7:14:3a:65:3d:95:94:5b:03:95:45:a9:93:
f3:c9:b3:b1:14:47:cd:86:e6:90:1e:72:49:6f:eb:
a9:45:ad:ef:7f:57:34:d6:89:69:ff:2d:a7:9b:b1:
00:a7:30:6f:1d:b8:94:08:a7:d0:9a:26:42:9f:5b:
78:c4:e7:52:f5:82:a9:43:83:ca:a7:31:13:ca:4e:
55:64:32:ba:2e:d6:dd:82:48:73:46:19:a6:c5:32:
c2:59:75:2f:94:97:ec:20:36:b7:8d:5e:53:4b:59:
12:ba:84:ed:d6:55:3c:39:d2:f1:cf:a2:48:18:e0:
ba:84:3d:27:a6:d2:ea:ee:00:54:ea:24:dd:06:de:
22:9a:5c:c1:89:94:c7:f8:e0:3c:98:5c:44:bd:6f:
44:26:ba:27:15:d8:57:d5:2b:9f:75:0b:34:a0:fb:
ee:a3:a7:47:1a:82:61:d0:a5:ac:d9:8a:e7:1b:5b:
2a:a7:be:e8:12:d3:aa:a3:18:f7:ff:42:38:29:76:
a5:6d:76:f3:73:89:9e:e5:ac:2b:e0:90:74:15:46:
9a:79:f7:bf:08:40:d3:8e:04:40:11:90:4a:f0:dc:
e9:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:2E:67:EB:5A:EF:8D:44:1B:BC:07:34:30:4F:D0:19:02:67:D4:76
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/7i5n61rvjUQbvAc0ME_QGQJn1HY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.80.0/22
91.239.148.0/23
91.244.199.0/24
176.105.228.0/22
212.115.124.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:6e:d4:55:03:4a:2f:89:a0:c3:b3:0a:24:f7:e6:fb:31:43:
9a:af:cf:41:b3:7e:7e:64:a3:1f:5c:80:c5:12:de:ff:95:d7:
a8:2b:3c:17:4b:43:56:a2:8f:fd:66:23:86:48:03:81:60:c9:
35:e6:d4:8f:31:f8:cc:9a:f6:1a:10:f0:c9:6f:cd:c5:07:92:
8f:f7:ab:0d:24:38:2e:4c:8f:f3:0d:08:3c:74:20:68:10:2d:
1c:aa:d5:78:b1:ce:02:ea:1d:0b:bd:ac:31:14:60:40:d8:a4:
3e:5d:5e:5a:f8:b8:0b:61:0c:af:e1:00:71:1a:15:1f:cc:84:
e3:59:78:02:ab:1d:c5:95:ac:c4:9c:4c:fd:e1:ec:cf:85:c0:
6f:33:2a:56:0d:48:7e:bd:ea:96:0b:fc:cd:10:33:d1:90:86:
6f:ec:a4:46:e9:0e:e3:16:13:4b:76:e4:0c:b9:a6:f2:0d:c5:
80:3b:c5:e2:aa:71:f8:c5:82:c0:db:76:08:43:2e:d6:ca:c9:
fe:92:34:59:d0:2e:37:24:0a:e8:5c:43:e7:3d:7a:b7:37:9b:
88:06:1e:27:d8:a6:b2:c9:9c:e0:9e:b7:79:50:23:b8:1f:28:
b7:b9:a8:dc:5b:db:e3:d0:b2:fa:c3:74:07:0c:a7:b2:77:27:
de:b8:cc:a4
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECOnWpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjBjMGQwNDIyNTU2NmRiOTVlOWFkM2IyZWY2MDUwMTQ5NzVhYWEyMB4XDTIyMDYw
NDE1MDUyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWUyZTY3ZWI1YWVm
OGQ0NDFiYmMwNzM0MzA0ZmQwMTkwMjY3ZDQ3NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK7k3KKLxBRrwfZrjOp+H7KUW2kKFcpy5m2F1S6j357nFDpl
PZWUWwOVRamT88mzsRRHzYbmkB5ySW/rqUWt739XNNaJaf8tp5uxAKcwbx24lAin
0JomQp9beMTnUvWCqUODyqcxE8pOVWQyui7W3YJIc0YZpsUywll1L5SX7CA2t41e
U0tZErqE7dZVPDnS8c+iSBjguoQ9J6bS6u4AVOok3QbeIppcwYmUx/jgPJhcRL1v
RCa6JxXYV9Urn3ULNKD77qOnRxqCYdClrNmK5xtbKqe+6BLTqqMY9/9COCl2pW12
83OJnuWsK+CQdBVGmnn3vwhA044EQBGQSvDc6TkCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTuLmfrWu+NRBu8BzQwT9AZAmfUdjAfBgNVHSMEGDAWgBSbDA0EIlVm25Xp
rTsu9gUBSXWqojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L213d05CQ0pWWnR1VjZhMDdMdllGQVVsMXFxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvMGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8x
LzdpNW42MXJ2alVRYnZBYzBNRV9RR1FKbjFIWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
MGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8xL213d05CQ0pWWnR1
VjZhMDdMdllGQVVsMXFxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAi2EUAMEAVvvlAMEAFv0xwMEArBp
5AMEAtRzfDANBgkqhkiG9w0BAQsFAAOCAQEADm7UVQNKL4mgw7MKJPfm+zFDmq/P
QbN+fmSjH1yAxRLe/5XXqCs8F0tDVqKP/WYjhkgDgWDJNebUjzH4zJr2GhDwyW/N
xQeSj/erDSQ4LkyP8w0IPHQgaBAtHKrVeLHOAuodC72sMRRgQNikPl1eWvi4C2EM
r+EAcRoVH8yE41l4AqsdxZWsxJxM/eHsz4XAbzMqVg1Ifr3qlgv8zRAz0ZCGb+yk
RukO4xYTS3bkDLmm8g3FgDvF4qpx+MWCwNt2CEMu1srJ/pI0WdAuNyQK6FxD5z16
tzebiAYeJ9imssmc4J63eVAjuB8ot7mo3Fvb49Cy+sN0Bwynsncn3rjMpA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:18 2023 by rpki-client on console-fra.rpki-client.org