Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/r1Oazb3llhcRlN-7NPD7Bk_3qfg.roa
File: r1Oazb3llhcRlN-7NPD7Bk_3qfg.roa (raw, json)
Hash identifier: iyS+g/zEhkyZdV7F4SYG8uEOtwbFBaTJdRztNzP8GQI=
Subject key identifier: AF:53:9A:CD:BD:E5:96:17:11:94:DF:BB:34:F0:FB:06:4F:F7:A9:F8
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0184DD618D40A360E0C726F71815CA33AE0E
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/r1Oazb3llhcRlN-7NPD7Bk_3qfg.roa
Signing time: Sun 04 Dec 2022 13:44:28 +0000
ROA not before: Sun 04 Dec 2022 13:44:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202492
IP address blocks: 83.147.196.0/22 maxlen: 22
83.147.195.0/24 maxlen: 24
94.241.188.0/22 maxlen: 22
83.147.200.0/22 maxlen: 22
83.147.204.0/22 maxlen: 22
83.147.208.0/24 maxlen: 24
83.147.210.0/24 maxlen: 24
83.147.211.0/24 maxlen: 24
83.147.209.0/24 maxlen: 24
83.147.218.0/23 maxlen: 23
83.147.220.0/23 maxlen: 23
83.147.224.0/22 maxlen: 22
83.147.228.0/22 maxlen: 22
83.147.236.0/22 maxlen: 22
178.253.0.0/21 maxlen: 21
94.241.144.0/21 maxlen: 21
178.253.14.0/23 maxlen: 23
178.253.17.0/24 maxlen: 24
178.253.20.0/23 maxlen: 23
178.253.24.0/23 maxlen: 23
178.253.28.0/23 maxlen: 24
178.253.30.0/24 maxlen: 24
178.253.36.0/23 maxlen: 23
178.253.34.0/23 maxlen: 23
178.253.46.0/23 maxlen: 23
178.253.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:dd:61:8d:40:a3:60:e0:c7:26:f7:18:15:ca:33:ae:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Dec 4 13:44:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af539acdbde596171194dfbb34f0fb064ff7a9f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9b:dd:d7:6c:a2:eb:bc:0e:f3:45:1b:83:46:
ac:a1:83:08:27:14:6b:61:da:cc:d8:6b:e1:e8:eb:
63:88:c6:ff:3b:c0:6a:8b:0c:85:36:41:12:0b:34:
b0:b4:d6:91:00:bb:6a:f7:c2:9d:40:33:cc:58:7a:
3a:87:c9:57:3d:35:f6:7d:b7:09:a7:2e:f2:f2:28:
86:66:68:08:71:fd:60:4c:60:6b:f6:d5:1d:86:23:
ca:cf:ae:0c:f1:17:ad:96:a3:c3:36:d5:3b:76:b5:
ef:42:aa:f4:52:9f:fa:f0:4f:d8:c9:57:ff:cf:01:
15:3f:8e:4d:25:a7:85:71:10:0f:88:08:bd:44:95:
81:8a:5c:49:70:4c:d0:ac:1c:7b:28:5a:57:3b:bc:
9b:20:c7:64:25:86:e0:5e:59:5f:45:a5:01:93:d4:
7e:0e:93:88:92:9f:cc:0b:b8:82:f0:ad:08:35:50:
5e:59:05:51:34:fe:81:51:2f:3f:8a:ff:28:be:b3:
ca:31:b4:b6:19:b9:58:08:a1:e8:61:5d:f1:0f:a0:
43:f2:0d:85:36:ad:34:36:5c:a4:42:9b:d9:05:13:
49:79:e5:14:21:e2:3c:2e:bf:b2:b3:95:b4:99:3a:
7c:33:4a:80:96:d5:21:3e:bf:96:05:75:fd:bb:ee:
df:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:53:9A:CD:BD:E5:96:17:11:94:DF:BB:34:F0:FB:06:4F:F7:A9:F8
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/r1Oazb3llhcRlN-7NPD7Bk_3qfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.195.0-83.147.211.255
83.147.218.0-83.147.221.255
83.147.224.0/21
83.147.236.0/22
94.241.144.0/21
94.241.188.0/22
178.253.0.0/21
178.253.14.0/23
178.253.17.0/24
178.253.20.0/23
178.253.24.0/23
178.253.28.0-178.253.30.255
178.253.34.0-178.253.37.255
178.253.46.0/23
178.253.54.0/24
Signature Algorithm: sha256WithRSAEncryption
56:8e:e6:f9:06:36:eb:bc:45:22:12:53:7a:db:d1:90:cb:24:
de:00:e1:51:86:42:52:ce:3f:bc:e2:b3:61:85:ac:ea:3d:0f:
ce:90:f1:cf:98:33:56:c5:a3:e4:e4:d4:ef:f7:10:6e:f0:08:
41:fb:fe:e8:7e:53:88:f3:75:51:71:c7:76:62:75:33:dd:73:
4d:e0:b4:2f:a6:11:c2:ba:a9:4b:85:d7:2a:0c:2a:36:26:64:
fd:00:ee:53:01:ff:cd:b1:1b:52:84:51:3b:c9:5a:48:4d:d0:
ee:5f:5c:01:2c:39:db:90:b3:65:f3:89:63:43:00:f3:d2:f3:
2e:cb:16:09:49:38:5b:a6:59:6d:ce:de:3d:db:5f:b1:8c:be:
14:8b:2a:5c:c4:40:75:34:58:ae:75:d4:ec:ba:77:73:eb:15:
9e:7d:10:81:60:ac:a6:6b:6f:13:a5:b6:6e:9d:df:e9:d9:2d:
f7:09:41:44:a3:4d:f2:d7:6b:f8:6b:40:ef:c5:1b:b9:3c:60:
da:1f:6a:e1:30:c1:79:6d:67:60:3c:0f:68:d5:5d:f8:74:48:
58:c5:49:e0:8e:bf:54:4a:40:eb:4e:94:7f:f5:ef:91:86:0f:
e5:35:b4:c1:de:82:61:5b:e1:47:77:d4:e0:1c:85:b7:78:5e:
cf:53:47:86
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYTdYY1Ao2Dgxyb3GBXKM64OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjIxMjA0MTM0NDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjUzOWFjZGJkZTU5NjE3MTE5NGRmYmIzNGYwZmIwNjRmZjdhOWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpvd12yi67wO80Ubg0asoYMIJxRr
YdrM2Gvh6OtjiMb/O8BqiwyFNkESCzSwtNaRALtq98KdQDPMWHo6h8lXPTX2fbcJ
py7y8iiGZmgIcf1gTGBr9tUdhiPKz64M8RetlqPDNtU7drXvQqr0Up/68E/YyVf/
zwEVP45NJaeFcRAPiAi9RJWBilxJcEzQrBx7KFpXO7ybIMdkJYbgXllfRaUBk9R+
DpOIkp/MC7iC8K0INVBeWQVRNP6BUS8/iv8ovrPKMbS2GblYCKHoYV3xD6BD8g2F
Nq00NlykQpvZBRNJeeUUIeI8Lr+ys5W0mTp8M0qAltUhPr+WBXX9u+7ftwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFK9Tms295ZYXEZTfuzTw+wZP96n4MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvcjFPYXpiM2xsaGNSbE4tN05QRDdCa18zcWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwejAMAwQA
U5PDAwQCU5PQMAwDBAFTk9oDBAFTk9wDBANTk+ADBAJTk+wDBANe8ZADBAJe8bwD
BAOy/QADBAGy/Q4DBACy/REDBAGy/RQDBAGy/RgwDAMEArL9HAMEALL9HjAMAwQB
sv0iAwQBsv0kAwQBsv0uAwQAsv02MA0GCSqGSIb3DQEBCwUAA4IBAQBWjub5Bjbr
vEUiElN629GQyyTeAOFRhkJSzj+84rNhhazqPQ/OkPHPmDNWxaPk5NTv9xBu8AhB
+/7oflOI83VRccd2YnUz3XNN4LQvphHCuqlLhdcqDCo2JmT9AO5TAf/NsRtShFE7
yVpITdDuX1wBLDnbkLNl84ljQwDz0vMuyxYJSThbplltzt4921+xjL4UiypcxEB1
NFiuddTsundz6xWefRCBYKyma28TpbZund/p2S33CUFEo03y12v4a0DvxRu5PGDa
H2rhMMF5bWdgPA9o1V34dEhYxUngjr9USkDrTpR/9e+Rhg/lNbTB3oJhW+FHd9Tg
HIW3eF7PU0eG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:10 2024 by rpki-client on console-fra.rpki-client.org