Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/r5zQOoYLXll-jXvx3V3nS7kE-A0.roa
File: r5zQOoYLXll-jXvx3V3nS7kE-A0.roa (raw, json)
Hash identifier: utXHdq4BUUA0tHbZBIJ/BgJsdoY4AvHL6P3K6bZiwWU=
Subject key identifier: AF:9C:D0:3A:86:0B:5E:59:7E:8D:7B:F1:DD:5D:E7:4B:B9:04:F8:0D
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0183C61C2470755AF2D53E9802E48072FAC5
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/r5zQOoYLXll-jXvx3V3nS7kE-A0.roa
Signing time: Tue 11 Oct 2022 08:14:36 +0000
ROA not before: Tue 11 Oct 2022 08:14:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16200
IP address blocks: 91.186.192.0/24 maxlen: 24
91.186.196.0/22 maxlen: 24
83.147.192.0/24 maxlen: 24
83.147.193.0/24 maxlen: 24
83.147.194.0/24 maxlen: 24
83.147.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c6:1c:24:70:75:5a:f2:d5:3e:98:02:e4:80:72:fa:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Oct 11 08:14:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af9cd03a860b5e597e8d7bf1dd5de74bb904f80d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d5:2e:0a:62:c2:17:c3:61:bf:4a:96:21:1d:
5e:c2:9d:ff:21:33:91:2c:9a:cb:29:48:3a:27:ea:
76:29:82:4f:36:a2:a8:d7:64:fe:6a:50:68:88:b1:
45:8d:5a:5a:92:65:72:bc:72:b5:a6:9e:34:43:a5:
d3:e7:2a:3a:19:63:c4:c5:fa:e3:d1:dd:b9:d4:bb:
eb:d6:cc:df:54:f3:3c:bd:72:76:94:a1:39:d1:03:
ba:20:25:40:b0:74:c8:94:aa:8e:d3:d4:da:18:37:
bf:13:fb:31:04:2b:d7:7c:ca:49:4b:06:93:50:01:
c1:fc:c6:7e:8c:90:78:75:89:7b:c5:2f:c3:c7:40:
30:00:32:fe:8a:6f:3a:82:fa:b9:99:d0:de:b5:d3:
8f:3f:9a:9b:dd:e5:97:2a:68:64:37:39:63:2d:ae:
ba:9d:1e:70:cc:b9:06:e3:6c:21:f4:bd:6a:de:13:
4e:ea:df:54:43:61:85:12:fb:88:6c:22:8c:ce:6d:
fd:d6:fc:8d:8e:74:19:17:f1:92:55:59:69:b1:d7:
0e:5f:2c:25:72:18:10:47:50:2d:50:43:ec:7b:4f:
64:ff:3c:38:6a:e1:bb:7a:2e:0c:fe:98:6e:ec:d1:
e6:65:58:fe:42:55:fc:68:be:72:ff:ec:e4:9c:72:
87:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:9C:D0:3A:86:0B:5E:59:7E:8D:7B:F1:DD:5D:E7:4B:B9:04:F8:0D
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/r5zQOoYLXll-jXvx3V3nS7kE-A0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.192.0-83.147.194.255
83.147.217.0/24
91.186.192.0/24
91.186.196.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:29:61:b9:26:a3:b7:78:f8:83:c9:c6:2f:a4:fb:46:73:85:
01:f4:1b:1e:67:81:21:c7:4d:8a:f9:14:0e:25:2b:23:36:df:
db:00:1e:75:6a:2c:f4:48:94:c8:c3:31:1e:be:53:9c:5e:c4:
b6:78:b9:08:fb:32:1c:37:98:9c:62:7d:fa:0a:12:2a:ea:7b:
24:c2:68:b2:2e:c0:84:89:2a:13:dc:ca:b9:e2:b5:b5:29:29:
41:af:81:41:42:41:47:35:48:ed:3e:0d:4b:cd:57:44:da:e0:
7c:f1:c3:68:6b:a4:f3:d2:72:6f:54:d1:9e:c8:49:46:a4:c3:
1c:c9:66:3b:7e:ce:6c:7d:b5:4a:66:15:78:d2:bb:e3:d0:55:
f1:75:99:85:a2:33:b5:5b:36:0e:18:98:91:9e:89:fd:2b:85:
85:d4:9e:0c:00:a9:75:f8:75:89:dd:1a:c7:12:db:e5:4e:33:
48:7b:c4:7d:e4:61:6c:2f:fe:67:3b:63:96:80:a9:1f:99:8f:
b0:90:7b:c9:d4:83:49:40:2e:e1:38:c2:dc:75:2f:92:d5:c8:
ac:2e:fe:b9:72:5e:b3:d5:bd:0e:28:7a:58:a0:ab:3e:89:16:
5b:f0:51:2c:02:95:1c:13:2c:64:c9:4b:29:c2:c9:8b:39:3d:
f9:f1:64:d2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYPGHCRwdVry1T6YAuSAcvrFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjIxMDExMDgxNDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjljZDAzYTg2MGI1ZTU5N2U4ZDdiZjFkZDVkZTc0YmI5MDRmODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNUuCmLCF8Nhv0qWIR1ewp3/ITOR
LJrLKUg6J+p2KYJPNqKo12T+alBoiLFFjVpakmVyvHK1pp40Q6XT5yo6GWPExfrj
0d251Lvr1szfVPM8vXJ2lKE50QO6ICVAsHTIlKqO09TaGDe/E/sxBCvXfMpJSwaT
UAHB/MZ+jJB4dYl7xS/Dx0AwADL+im86gvq5mdDetdOPP5qb3eWXKmhkNzljLa66
nR5wzLkG42wh9L1q3hNO6t9UQ2GFEvuIbCKMzm391vyNjnQZF/GSVVlpsdcOXywl
chgQR1AtUEPse09k/zw4auG7ei4M/phu7NHmZVj+QlX8aL5y/+zknHKHIQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFK+c0DqGC15Zfo178d1d50u5BPgNMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvcjV6UU9vWUxYbGwtalh2eDNWM25TN2tFLUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAZTk8AD
BABTk8IDBABTk9kDBABbusADBAJbusQwDQYJKoZIhvcNAQELBQADggEBAA0pYbkm
o7d4+IPJxi+k+0ZzhQH0Gx5ngSHHTYr5FA4lKyM239sAHnVqLPRIlMjDMR6+U5xe
xLZ4uQj7Mhw3mJxiffoKEirqeyTCaLIuwISJKhPcyrnitbUpKUGvgUFCQUc1SO0+
DUvNV0Ta4Hzxw2hrpPPScm9U0Z7ISUakwxzJZjt+zmx9tUpmFXjSu+PQVfF1mYWi
M7VbNg4YmJGeif0rhYXUngwAqXX4dYndGscS2+VOM0h7xH3kYWwv/mc7Y5aAqR+Z
j7CQe8nUg0lALuE4wtx1L5LVyKwu/rlyXrPVvQ4oeligqz6JFlvwUSwClRwTLGTJ
SynCyYs5PfnxZNI=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:44 2023 by rpki-client on console-fra.rpki-client.org