Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/iV33aU4k-ZGwt-pqmQBjnisrm5k.roa
File: iV33aU4k-ZGwt-pqmQBjnisrm5k.roa (raw, json)
Hash identifier: 8Q0qvHvCDeDeaCq7SdiW4nJca9V+5hTxqqRlBaCnwCg=
Subject key identifier: 89:5D:F7:69:4E:24:F9:91:B0:B7:EA:6A:99:00:63:9E:2B:2B:9B:99
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 09AF0ABD
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/iV33aU4k-ZGwt-pqmQBjnisrm5k.roa
Signing time: Fri 17 Jun 2022 08:33:44 +0000
ROA not before: Fri 17 Jun 2022 08:33:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 91.186.216.0/22 maxlen: 24
91.186.220.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
178.253.12.0/23 maxlen: 24
94.241.176.0/21 maxlen: 24
83.147.232.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162466493 (0x9af0abd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jun 17 08:33:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=895df7694e24f991b0b7ea6a9900639e2b2b9b99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:41:bb:a4:fa:96:6a:07:53:f6:bb:c7:35:05:
d4:7e:02:20:9b:2c:83:fc:36:f7:94:bd:18:7b:eb:
39:2e:79:92:24:83:c0:9e:a9:1c:96:b7:31:e0:c5:
e8:09:2c:3a:99:f2:f4:21:bb:13:c2:a7:86:19:b1:
1e:e5:f0:f6:a0:51:61:54:fa:ea:f2:96:6c:75:f9:
c0:80:3d:90:38:fa:b1:a4:bd:92:6b:2d:21:07:18:
a5:63:3e:16:e9:ef:03:1e:93:bf:b4:51:da:3c:48:
f7:f0:07:63:9f:c5:b3:39:b0:9d:b6:58:74:28:b1:
e3:ec:b7:b9:39:1b:54:8a:65:27:94:fb:b7:6e:8e:
8c:59:ed:fe:45:0d:ec:de:a0:35:1d:ed:72:a0:6d:
9d:3e:08:ea:12:36:be:d8:b0:87:70:4b:0d:d0:28:
a4:74:9d:53:b5:64:dd:79:4c:f3:3c:e9:eb:28:7a:
3f:35:98:e9:8f:e5:bc:b2:7d:9b:10:88:a0:57:50:
fa:49:5b:dd:07:ae:a6:a8:6c:29:b5:34:6a:6d:00:
3f:35:a9:d1:ff:f5:46:36:d4:76:e8:32:2f:c8:fe:
35:3c:2e:38:37:61:07:9f:41:b6:68:1c:3e:57:7a:
ac:b8:93:46:c9:a7:42:3b:b1:fb:01:f6:bb:1c:77:
6e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:5D:F7:69:4E:24:F9:91:B0:B7:EA:6A:99:00:63:9E:2B:2B:9B:99
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/iV33aU4k-ZGwt-pqmQBjnisrm5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.232.0/22
91.186.216.0/21
94.241.168.0-94.241.183.255
178.253.12.0/23
Signature Algorithm: sha256WithRSAEncryption
86:98:76:20:f8:1f:ba:d4:f3:00:27:ab:3b:ed:c0:db:e0:df:
3a:88:d9:13:b6:02:e6:cb:98:87:3c:08:14:b8:39:d2:b5:03:
c9:3c:ca:bb:fb:f6:13:54:7e:0b:b0:ad:90:17:7d:cf:5c:50:
6f:ae:80:35:47:0b:84:38:7d:7f:36:b8:9f:e4:bd:ab:0c:d5:
d1:7a:3f:dc:60:4b:72:c1:3b:3d:1d:f8:c5:df:ec:bf:39:de:
a1:a7:dc:df:62:1a:cb:21:05:11:6f:bc:1a:a2:44:fb:5b:cd:
b4:0b:fc:e9:f1:7c:e4:09:60:6c:3f:c9:ea:07:03:53:50:21:
d6:df:14:f3:c3:50:a0:9a:51:39:df:ff:8e:01:c3:75:24:8b:
43:a1:9f:f4:b8:e0:de:b4:6f:7e:91:54:9b:08:b0:d5:98:9a:
83:cd:b1:26:3c:3e:a0:36:e2:83:36:7c:e2:af:16:43:3f:65:
01:c4:8f:cd:9d:2f:20:98:bd:f5:5b:78:6e:93:62:09:69:ee:
95:ed:1b:65:94:f6:24:8e:d6:c9:b3:7c:9e:24:b6:8b:06:6e:
6d:62:a7:b8:e0:f5:70:bb:71:3c:37:ea:bb:79:27:fa:1b:7a:
58:7e:74:02:80:4f:c5:b2:de:9f:1b:8d:c0:c7:f9:bd:68:ad:
83:94:fa:ee
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIECa8KvTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Mjc3OGRlMmE5YmU5ODAyMTIwMzgyZTc1MGQxNTllOTU4NzJjMmFlMB4XDTIyMDYx
NzA4MzM0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODk1ZGY3Njk0ZTI0
Zjk5MWIwYjdlYTZhOTkwMDYzOWUyYjJiOWI5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpBu6T6lmoHU/a7xzUF1H4CIJssg/w295S9GHvrOS55kiSD
wJ6pHJa3MeDF6AksOpny9CG7E8KnhhmxHuXw9qBRYVT66vKWbHX5wIA9kDj6saS9
kmstIQcYpWM+FunvAx6Tv7RR2jxI9/AHY5/FszmwnbZYdCix4+y3uTkbVIplJ5T7
t26OjFnt/kUN7N6gNR3tcqBtnT4I6hI2vtiwh3BLDdAopHSdU7Vk3XlM8zzp6yh6
PzWY6Y/lvLJ9mxCIoFdQ+klb3QeupqhsKbU0am0APzWp0f/1RjbUdugyL8j+NTwu
ODdhB59BtmgcPld6rLiTRsmnQjux+wH2uxx3blcCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBSJXfdpTiT5kbC36mqZAGOeKyubmTAfBgNVHSMEGDAWgBTCd43iqb6YAhID
gudQ0VnpWHLCrjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3duZU40cW0tbUFJU0E0TG5VTkZaNlZoeXdxNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQzNC8x
L2lWMzNhVTRrLVpHd3QtcHFtUUJqbmlzcm01ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQzNC8xL3duZU40cW0tbUFJ
U0E0TG5VTkZaNlZoeXdxNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAlOT6AMEA1u62DAMAwQDXvGoAwQD
XvGwAwQBsv0MMA0GCSqGSIb3DQEBCwUAA4IBAQCGmHYg+B+61PMAJ6s77cDb4N86
iNkTtgLmy5iHPAgUuDnStQPJPMq7+/YTVH4LsK2QF33PXFBvroA1RwuEOH1/Nrif
5L2rDNXRej/cYEtywTs9HfjF3+y/Od6hp9zfYhrLIQURb7waokT7W820C/zp8Xzk
CWBsP8nqBwNTUCHW3xTzw1CgmlE53/+OAcN1JItDoZ/0uODetG9+kVSbCLDVmJqD
zbEmPD6gNuKDNnzirxZDP2UBxI/NnS8gmL31W3huk2IJae6V7RtllPYkjtbJs3ye
JLaLBm5tYqe44PVwu3E8N+q7eSf6G3pYfnQCgE/Fst6fG43Ax/m9aK2DlPru
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:38 2023 by rpki-client on console-ams.rpki-client.org