Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/a_azbZqWyW4i231XDS4fv0NSgfM.roa
File: a_azbZqWyW4i231XDS4fv0NSgfM.roa (raw, json)
Hash identifier: foa05h+usOYNsKuicQ2FwI3MtqoBp5ycFWrivmEfT8Y=
Subject key identifier: 6B:F6:B3:6D:9A:96:C9:6E:22:DB:7D:57:0D:2E:1F:BF:43:52:81:F3
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0D842736
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/a_azbZqWyW4i231XDS4fv0NSgfM.roa
Signing time: Thu 10 Mar 2022 10:20:21 +0000
ROA not before: Thu 10 Mar 2022 10:20:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25596
IP address blocks: 82.197.192.0/19 maxlen: 19
185.6.48.0/22 maxlen: 22
185.227.72.0/22 maxlen: 22
84.245.0.0/20 maxlen: 20
87.101.0.0/21 maxlen: 21
84.245.16.0/20 maxlen: 20
84.245.32.0/20 maxlen: 20
217.19.16.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 226764598 (0xd842736)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 10 10:20:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6bf6b36d9a96c96e22db7d570d2e1fbf435281f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b5:db:b6:4d:2b:7a:ce:13:13:a8:48:7e:ff:
7c:56:74:d9:5e:db:f2:5c:7c:40:3d:d4:0f:2d:36:
44:40:9b:37:74:aa:64:85:3d:6d:3e:1f:d9:3e:c0:
1e:7a:40:7a:7a:52:08:31:17:1d:56:7b:c8:9b:e2:
92:17:9b:06:5a:b7:87:bf:38:46:f3:cc:dd:bc:4b:
e3:a9:c7:65:3a:ca:fa:7d:20:c9:2d:f4:bf:a8:5b:
4b:11:92:e5:a3:5f:b8:7b:aa:b3:68:8b:46:0d:77:
87:0c:9b:61:0b:91:db:61:eb:23:d6:0e:74:17:74:
98:48:17:86:13:1b:b2:41:18:f9:e1:65:e8:1b:1b:
94:b2:d7:bf:b5:50:68:96:23:f4:44:f1:1e:2b:f7:
0a:2c:81:25:14:a1:d3:aa:8f:e2:57:4e:ef:fb:b7:
23:1c:4a:50:72:a2:e1:54:3b:bc:a4:c5:17:cd:85:
6f:f4:b4:cc:0a:03:06:d9:2b:db:97:be:cb:66:93:
ea:62:14:7f:e7:37:95:af:98:5d:5f:37:34:58:a9:
cd:67:31:fa:af:aa:aa:dd:60:ea:e7:cc:b0:0b:a5:
d3:e2:dd:7b:23:93:b7:14:ad:5c:de:2f:65:a7:7f:
c7:cd:69:95:34:6e:3f:d3:ff:15:ba:8a:bf:ef:94:
39:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:F6:B3:6D:9A:96:C9:6E:22:DB:7D:57:0D:2E:1F:BF:43:52:81:F3
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/a_azbZqWyW4i231XDS4fv0NSgfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.197.192.0/19
84.245.0.0-84.245.47.255
87.101.0.0/21
185.6.48.0/22
185.227.72.0/22
217.19.16.0/20
Signature Algorithm: sha256WithRSAEncryption
52:f5:0c:c2:70:d2:b2:31:04:94:c9:cc:9d:6d:10:dc:e2:6d:
47:12:97:55:f7:d2:d6:64:a9:3b:9b:ec:08:1f:73:4f:d0:29:
5c:de:e7:93:1f:ae:5f:88:4a:ce:27:a4:03:ca:dd:f8:ee:81:
c3:3c:44:43:19:e6:31:c1:2b:79:19:89:29:b6:a3:76:28:eb:
c3:6b:06:79:bc:c2:bf:72:ca:61:d9:9b:de:6c:e7:d8:d9:b7:
f2:ed:70:1e:8a:f1:72:79:db:6b:a3:e5:95:46:8e:66:68:ff:
b8:c4:38:81:c5:5a:ed:4a:43:3c:c1:2c:65:37:26:68:df:09:
80:07:e0:2d:c4:bf:9a:c1:df:4f:db:86:c1:74:6d:50:ca:ea:
6f:3b:2d:05:3e:3c:ba:83:e3:ff:27:89:f3:9f:ba:e1:48:f5:
de:c5:1e:28:59:58:86:cd:0a:3b:cf:3b:93:ca:ad:d6:4c:86:
aa:a6:fc:2f:7f:e6:5a:81:c8:08:01:6f:61:32:75:7d:3d:cb:
14:26:53:f7:7c:bd:83:b4:49:75:3b:d0:a4:12:92:21:5e:62:
5a:ed:c8:4b:6a:d9:f2:d4:4b:79:41:72:4a:e0:b9:09:05:62:
f4:cf:c9:9e:1c:3f:55:c6:5f:ff:17:dd:f6:f0:cb:16:9e:73:
65:65:59:c2
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIEDYQnNjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDMx
MDEwMjAyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmJmNmIzNmQ5YTk2
Yzk2ZTIyZGI3ZDU3MGQyZTFmYmY0MzUyODFmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMC127ZNK3rOExOoSH7/fFZ02V7b8lx8QD3UDy02RECbN3Sq
ZIU9bT4f2T7AHnpAenpSCDEXHVZ7yJvikhebBlq3h784RvPM3bxL46nHZTrK+n0g
yS30v6hbSxGS5aNfuHuqs2iLRg13hwybYQuR22HrI9YOdBd0mEgXhhMbskEY+eFl
6BsblLLXv7VQaJYj9ETxHiv3CiyBJRSh06qP4ldO7/u3IxxKUHKi4VQ7vKTFF82F
b/S0zAoDBtkr25e+y2aT6mIUf+c3la+YXV83NFipzWcx+q+qqt1g6ufMsAul0+Ld
eyOTtxStXN4vZad/x81plTRuP9P/FbqKv++UOR8CAwEAAaOCAi4wggIqMB0GA1Ud
DgQWBBRr9rNtmpbJbiLbfVcNLh+/Q1KB8zAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L2FfYXpiWnFXeVc0aTIzMVhEUzRmdjBOU2dmTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBE
BggrBgEFBQcBBwEB/wQ1MDMwMQQCAAEwKwMEBVLFwDALAwMAVPUDBARU9SADBANX
ZQADBAK5BjADBAK540gDBATZExAwDQYJKoZIhvcNAQELBQADggEBAFL1DMJw0rIx
BJTJzJ1tENzibUcSl1X30tZkqTub7Agfc0/QKVze55Mfrl+ISs4npAPK3fjugcM8
REMZ5jHBK3kZiSm2o3Yo68NrBnm8wr9yymHZm95s59jZt/LtcB6K8XJ522uj5ZVG
jmZo/7jEOIHFWu1KQzzBLGU3JmjfCYAH4C3Ev5rB30/bhsF0bVDK6m87LQU+PLqD
4/8nifOfuuFI9d7FHihZWIbNCjvPO5PKrdZMhqqm/C9/5lqByAgBb2EydX09yxQm
U/d8vYO0SXU70KQSkiFeYlrtyEtq2fLUS3lBckrguQkFYvTPyZ4cP1XGX/8X3fbw
yxaec2VlWcI=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:02 2023 by rpki-client on console-fra.rpki-client.org