Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/3090dc-7d28-4228-8380-fe3b918c3097/1/m_2rS3EhuXV6c3MTRYLGV3i45Ss.roa
File: m_2rS3EhuXV6c3MTRYLGV3i45Ss.roa (raw, json)
Hash identifier: oqLpFUeXu0mAJIS8bBIOYPmayYYfBD5nmvmaKMFD5nU=
Subject key identifier: 9B:FD:AB:4B:71:21:B9:75:7A:73:73:13:45:82:C6:57:78:B8:E5:2B
Certificate issuer: /CN=65ba15d47ba4f4482764472d8d97146a1ebbbf86
Certificate serial: 335E3029
Authority key identifier: 65:BA:15:D4:7B:A4:F4:48:27:64:47:2D:8D:97:14:6A:1E:BB:BF:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZboV1Huk9EgnZEctjZcUah67v4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/3090dc-7d28-4228-8380-fe3b918c3097/1/m_2rS3EhuXV6c3MTRYLGV3i45Ss.roa
Signing time: Sat 01 Jan 2022 07:04:16 +0000
ROA not before: Sat 01 Jan 2022 07:04:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51942
IP address blocks: 91.235.174.0/24 maxlen: 24
195.88.202.0/23 maxlen: 23
195.69.225.0/24 maxlen: 24
188.227.204.0/22 maxlen: 22
185.38.103.0/24 maxlen: 24
2a02:7f80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 861810729 (0x335e3029)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65ba15d47ba4f4482764472d8d97146a1ebbbf86
Validity
Not Before: Jan 1 07:04:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9bfdab4b7121b9757a7373134582c65778b8e52b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:90:bc:5c:cf:84:15:5a:0e:24:ef:36:2d:0c:
d5:ca:25:04:81:5f:f3:50:04:1b:e9:bb:4b:53:f1:
80:cd:58:1d:9b:3d:71:44:16:ee:5b:91:36:bf:6e:
34:61:90:ce:99:0d:09:f9:15:5f:a1:cd:1a:21:95:
a8:9c:5e:9c:33:75:1a:e7:c1:97:b3:dd:17:3b:95:
d3:f9:9a:3b:32:8e:9b:0c:4a:d4:11:8e:f0:36:db:
43:cd:f4:ad:15:9c:0a:58:89:58:61:63:9c:cf:04:
02:cb:af:0a:6f:ea:50:94:be:2a:2f:0c:56:0d:c7:
ff:ec:1e:bd:c6:8c:0d:03:35:9b:7e:66:01:f7:f5:
e4:ff:fd:83:c5:eb:45:73:a2:38:8d:c9:0f:3e:20:
33:3d:e1:66:68:1a:b6:89:f7:cd:15:26:f9:c5:9f:
47:9e:a8:42:31:51:21:6e:e8:78:36:3e:7a:5a:f0:
98:2e:8b:0e:45:1e:16:cf:27:08:89:ce:3d:1e:e0:
86:25:a4:8b:c7:52:f3:e1:14:0d:70:9b:b6:b2:4f:
a3:23:d6:6f:dc:52:75:d8:b7:ce:4b:5f:8a:08:cd:
67:0b:df:5f:75:2f:a6:5b:5b:b6:10:d9:21:3a:50:
4e:8e:18:45:9d:71:53:0c:5b:71:c8:48:25:c1:9e:
ac:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:FD:AB:4B:71:21:B9:75:7A:73:73:13:45:82:C6:57:78:B8:E5:2B
X509v3 Authority Key Identifier:
keyid:65:BA:15:D4:7B:A4:F4:48:27:64:47:2D:8D:97:14:6A:1E:BB:BF:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZboV1Huk9EgnZEctjZcUah67v4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/3090dc-7d28-4228-8380-fe3b918c3097/1/m_2rS3EhuXV6c3MTRYLGV3i45Ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/3090dc-7d28-4228-8380-fe3b918c3097/1/ZboV1Huk9EgnZEctjZcUah67v4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.174.0/24
185.38.103.0/24
188.227.204.0/22
195.69.225.0/24
195.88.202.0/23
IPv6:
2a02:7f80::/29
Signature Algorithm: sha256WithRSAEncryption
83:a8:f7:24:48:78:1b:a6:5b:b3:17:0a:88:86:8b:e4:7d:6c:
35:b3:70:d7:0b:33:87:ef:8a:5d:3b:29:79:56:08:5e:01:75:
b1:58:df:ac:ee:d8:86:7f:b2:da:20:ad:2e:ce:97:33:66:68:
f6:54:2a:94:d8:41:77:81:12:6b:96:ea:d4:0f:7d:ac:dd:96:
74:1b:e8:a4:cf:3c:93:dc:4f:28:aa:aa:f9:f7:0d:e5:97:19:
1b:55:fa:46:8e:68:83:13:02:96:b7:fc:ca:eb:77:a2:2d:2c:
66:0a:3c:55:e9:8b:5d:38:64:e3:ec:6c:ca:dd:40:a8:a3:65:
1c:47:d8:8b:f1:c7:ff:75:d4:24:42:77:1a:70:77:99:0d:27:
21:c5:24:27:69:b1:c0:16:14:2f:ef:9d:04:62:bb:98:ad:23:
c9:50:8b:24:35:d3:c7:53:db:ec:26:12:26:98:70:52:96:ae:
20:78:af:c4:6b:a2:76:30:ca:55:b4:90:ae:60:cf:99:6c:9b:
0f:d1:5a:8a:1b:bb:d9:cb:fc:e7:4b:cf:a8:ba:37:b9:8e:6a:
e1:4b:0a:18:bc:c4:02:b3:92:4b:58:39:38:8e:a6:6b:24:31:
69:9c:bb:7d:1f:56:51:01:90:2f:bb:59:a9:53:f1:75:a3:86:
1f:8a:5e:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEM14wKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NWJhMTVkNDdiYTRmNDQ4Mjc2NDQ3MmQ4ZDk3MTQ2YTFlYmJiZjg2MB4XDTIyMDEw
MTA3MDQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWJmZGFiNGI3MTIx
Yjk3NTdhNzM3MzEzNDU4MmM2NTc3OGI4ZTUyYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKQvFzPhBVaDiTvNi0M1colBIFf81AEG+m7S1PxgM1YHZs9
cUQW7luRNr9uNGGQzpkNCfkVX6HNGiGVqJxenDN1GufBl7PdFzuV0/maOzKOmwxK
1BGO8DbbQ830rRWcCliJWGFjnM8EAsuvCm/qUJS+Ki8MVg3H/+wevcaMDQM1m35m
Aff15P/9g8XrRXOiOI3JDz4gMz3hZmgaton3zRUm+cWfR56oQjFRIW7oeDY+elrw
mC6LDkUeFs8nCInOPR7ghiWki8dS8+EUDXCbtrJPoyPWb9xSddi3zktfigjNZwvf
X3UvpltbthDZITpQTo4YRZ1xUwxbcchIJcGerIECAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSb/atLcSG5dXpzcxNFgsZXeLjlKzAfBgNVHSMEGDAWgBRluhXUe6T0SCdk
Ry2NlxRqHru/hjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pib1YxSHVrOUVnblpFY3RqWmNVYWg2N3Y0WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvMzA5MGRjLTdkMjgtNDIyOC04MzgwLWZlM2I5MThjMzA5Ny8x
L21fMnJTM0VodVhWNmMzTVRSWUxHVjNpNDVTcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
MzA5MGRjLTdkMjgtNDIyOC04MzgwLWZlM2I5MThjMzA5Ny8xL1pib1YxSHVrOUVn
blpFY3RqWmNVYWg2N3Y0WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAFvrrgMEALkmZwMEArzjzAMEAMNF
4QMEAcNYyjANBAIAAjAHAwUDKgJ/gDANBgkqhkiG9w0BAQsFAAOCAQEAg6j3JEh4
G6ZbsxcKiIaL5H1sNbNw1wszh++KXTspeVYIXgF1sVjfrO7Yhn+y2iCtLs6XM2Zo
9lQqlNhBd4ESa5bq1A99rN2WdBvopM88k9xPKKqq+fcN5ZcZG1X6Ro5ogxMClrf8
yut3oi0sZgo8VemLXThk4+xsyt1AqKNlHEfYi/HH/3XUJEJ3GnB3mQ0nIcUkJ2mx
wBYUL++dBGK7mK0jyVCLJDXTx1Pb7CYSJphwUpauIHivxGuidjDKVbSQrmDPmWyb
D9Faihu72cv850vPqLo3uY5q4UsKGLzEArOSS1g5OI6mayQxaZy7fR9WUQGQL7tZ
qVPxdaOGH4peUw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:33 2023 by rpki-client on console-fra.rpki-client.org