Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/k5TrjWXzhOSEtXwV7C9py_9SkQI.roa
File: k5TrjWXzhOSEtXwV7C9py_9SkQI.roa (raw, json)
Hash identifier: +KuVyb3HkibUGEpGuvVEUelhAoj8yVvJS1q563MmWto=
Subject key identifier: 93:94:EB:8D:65:F3:84:E4:84:B5:7C:15:EC:2F:69:CB:FF:52:91:02
Certificate issuer: /CN=00642b607b94a143ff41c554c913bd5a651f8c05
Certificate serial: 0951DBEB
Authority key identifier: 00:64:2B:60:7B:94:A1:43:FF:41:C5:54:C9:13:BD:5A:65:1F:8C:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AGQrYHuUoUP_QcVUyRO9WmUfjAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/k5TrjWXzhOSEtXwV7C9py_9SkQI.roa
Signing time: Sat 01 Jan 2022 09:57:39 +0000
ROA not before: Sat 01 Jan 2022 09:57:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50563
IP address blocks: 37.98.204.0/22 maxlen: 22
37.98.205.0/24 maxlen: 24
37.98.206.0/23 maxlen: 23
37.98.206.0/24 maxlen: 24
37.98.204.0/24 maxlen: 24
37.98.204.0/23 maxlen: 23
37.98.207.0/24 maxlen: 24
93.119.16.0/23 maxlen: 23
93.119.16.0/24 maxlen: 24
93.119.17.0/24 maxlen: 24
93.119.19.0/24 maxlen: 24
195.189.208.0/23 maxlen: 23
195.189.208.0/24 maxlen: 24
195.189.209.0/24 maxlen: 24
188.240.192.0/24 maxlen: 24
188.240.193.0/24 maxlen: 24
185.72.112.0/22 maxlen: 22
185.72.112.0/23 maxlen: 23
185.72.112.0/24 maxlen: 24
185.72.115.0/24 maxlen: 24
185.72.113.0/24 maxlen: 24
185.72.114.0/23 maxlen: 23
185.72.114.0/24 maxlen: 24
185.66.44.0/24 maxlen: 24
185.66.44.0/23 maxlen: 23
185.66.44.0/22 maxlen: 22
185.66.45.0/24 maxlen: 24
185.66.46.0/23 maxlen: 23
185.66.46.0/24 maxlen: 24
185.66.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156359659 (0x951dbeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00642b607b94a143ff41c554c913bd5a651f8c05
Validity
Not Before: Jan 1 09:57:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9394eb8d65f384e484b57c15ec2f69cbff529102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:bd:10:71:de:19:ad:de:d9:cb:8d:13:cd:fb:
80:4a:63:d3:1b:1b:48:a1:2a:93:bf:49:e8:71:4e:
7a:6d:ed:b4:e9:41:44:f1:56:0a:9c:33:50:41:08:
3b:a5:47:f6:99:96:f6:2c:da:32:b7:da:b5:f9:5a:
0c:5b:16:81:22:08:67:e1:11:af:f6:28:74:2d:39:
0e:7e:70:7e:6f:88:cf:e6:e5:19:ac:06:89:93:1c:
90:58:02:d7:f9:c9:7a:b4:a8:da:9a:39:92:7b:c9:
ca:28:f1:fa:f2:c4:46:76:21:0a:86:87:1d:35:5b:
14:dc:ce:76:b2:5f:ac:66:2e:1f:1f:ec:5e:84:f4:
a8:c4:b4:8c:6b:c3:47:ce:cd:6b:c8:45:3a:02:8d:
5b:9a:d9:a3:b4:e3:6a:40:24:dc:a4:ec:c7:c6:d0:
c2:3f:31:1a:73:8a:97:f1:57:4e:78:8c:5a:23:1e:
fb:56:0d:b0:e6:3f:28:f6:96:44:c3:12:4c:26:f5:
69:29:8d:4a:06:be:8b:c5:d2:c7:b7:fb:d9:26:29:
5e:57:ee:fa:da:07:16:7d:12:0d:c9:0a:dd:d5:63:
02:1d:c2:b8:17:3e:23:11:e6:93:7b:f7:5f:fe:a5:
1e:c7:9d:ae:ae:af:d9:08:46:32:62:35:aa:8d:41:
f2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:94:EB:8D:65:F3:84:E4:84:B5:7C:15:EC:2F:69:CB:FF:52:91:02
X509v3 Authority Key Identifier:
keyid:00:64:2B:60:7B:94:A1:43:FF:41:C5:54:C9:13:BD:5A:65:1F:8C:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AGQrYHuUoUP_QcVUyRO9WmUfjAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/k5TrjWXzhOSEtXwV7C9py_9SkQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/AGQrYHuUoUP_QcVUyRO9WmUfjAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.204.0/22
93.119.16.0/23
93.119.19.0/24
185.66.44.0/22
185.72.112.0/22
188.240.192.0/23
195.189.208.0/23
Signature Algorithm: sha256WithRSAEncryption
32:44:43:ea:01:a6:8b:e8:54:96:89:0c:1e:95:11:3d:65:9f:
bc:38:56:4f:4c:79:61:d8:b9:41:ba:58:f5:d0:9c:ed:22:c2:
a7:6d:8c:d0:34:4e:35:d4:82:60:fb:f6:a9:2b:dd:15:d2:2a:
fd:d6:5b:a3:3c:2b:b4:c9:9b:ba:96:8b:80:e7:e6:b1:50:69:
de:e3:bc:e0:eb:c9:a7:8a:9a:1d:af:0b:50:3a:40:ce:37:a6:
80:f1:69:9a:40:67:f3:6e:c4:40:7b:36:61:f3:c9:bd:2d:99:
1f:d5:4a:af:cd:65:c9:84:5b:70:13:4f:82:f3:5e:9b:81:78:
ad:78:26:ac:d7:c5:0f:7e:66:6b:1d:8f:a1:50:a4:f3:ff:a1:
bf:36:54:5b:9f:f0:95:a4:fa:51:f9:db:f3:fb:6b:d1:66:e1:
05:df:21:95:b3:90:d6:a8:73:b1:78:1a:bc:5a:fc:fd:da:36:
2a:5a:96:eb:b7:ef:a9:2f:03:37:e0:7e:00:0f:cf:67:1e:b6:
35:43:8a:8c:2b:f0:79:cb:12:60:fb:5a:61:68:04:ee:93:e6:
96:87:55:1a:77:df:95:5a:a9:fa:45:d6:aa:dc:1c:52:49:c6:
93:0a:86:3a:5c:aa:6e:8f:7e:89:d9:ae:63:39:3b:65:66:c0:
ea:98:96:cf
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIECVHb6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MDY0MmI2MDdiOTRhMTQzZmY0MWM1NTRjOTEzYmQ1YTY1MWY4YzA1MB4XDTIyMDEw
MTA5NTczOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTM5NGViOGQ2NWYz
ODRlNDg0YjU3YzE1ZWMyZjY5Y2JmZjUyOTEwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALu9EHHeGa3e2cuNE837gEpj0xsbSKEqk79J6HFOem3ttOlB
RPFWCpwzUEEIO6VH9pmW9izaMrfatflaDFsWgSIIZ+ERr/YodC05Dn5wfm+Iz+bl
GawGiZMckFgC1/nJerSo2po5knvJyijx+vLERnYhCoaHHTVbFNzOdrJfrGYuHx/s
XoT0qMS0jGvDR87Na8hFOgKNW5rZo7TjakAk3KTsx8bQwj8xGnOKl/FXTniMWiMe
+1YNsOY/KPaWRMMSTCb1aSmNSga+i8XSx7f72SYpXlfu+toHFn0SDckK3dVjAh3C
uBc+IxHmk3v3X/6lHsedrq6v2QhGMmI1qo1B8vUCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBSTlOuNZfOE5IS1fBXsL2nL/1KRAjAfBgNVHSMEGDAWgBQAZCtge5ShQ/9B
xVTJE71aZR+MBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FHUXJZSHVVb1VQX1FjVlV5Uk85V21VZmpBVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvYWM5YWJhLTk3MzUtNGI5ZC04ZWFlLTE5YmM3YmRjY2JjMS8x
L2s1VHJqV1h6aE9TRXRYd1Y3QzlweV85U2tRSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
YWM5YWJhLTk3MzUtNGI5ZC04ZWFlLTE5YmM3YmRjY2JjMS8xL0FHUXJZSHVVb1VQ
X1FjVlV5Uk85V21VZmpBVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAiVizAMEAV13EAMEAF13EwMEArlC
LAMEArlIcAMEAbzwwAMEAcO90DANBgkqhkiG9w0BAQsFAAOCAQEAMkRD6gGmi+hU
lokMHpURPWWfvDhWT0x5Ydi5QbpY9dCc7SLCp22M0DRONdSCYPv2qSvdFdIq/dZb
ozwrtMmbupaLgOfmsVBp3uO84OvJp4qaHa8LUDpAzjemgPFpmkBn827EQHs2YfPJ
vS2ZH9VKr81lyYRbcBNPgvNem4F4rXgmrNfFD35max2PoVCk8/+hvzZUW5/wlaT6
Ufnb8/tr0WbhBd8hlbOQ1qhzsXgavFr8/do2KlqW67fvqS8DN+B+AA/PZx62NUOK
jCvwecsSYPtaYWgE7pPmlodVGnfflVqp+kXWqtwcUknGkwqGOlyqbo9+idmuYzk7
ZWbA6piWzw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:31 2023 by rpki-client on console-ams.rpki-client.org