Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tm9chXl2D-KEkbwn_g3PkR4RM1o.roa
File: tm9chXl2D-KEkbwn_g3PkR4RM1o.roa (raw, json)
Hash identifier: V77ba8wKMUx7Q07Vx4vOtEa170zd3U2k62LDfGLHMdk=
Subject key identifier: B6:6F:5C:85:79:76:0F:E2:84:91:BC:27:FE:0D:CF:91:1E:11:33:5A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0CC59233
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tm9chXl2D-KEkbwn_g3PkR4RM1o.roa
Signing time: Sat 01 Jan 2022 05:05:07 +0000
ROA not before: Sat 01 Jan 2022 05:05:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209854
IP address blocks: 185.244.139.0/24 maxlen: 24
212.119.32.0/23 maxlen: 24
212.119.34.0/24 maxlen: 24
194.169.168.0/22 maxlen: 24
212.119.35.0/24 maxlen: 24
193.218.35.0/24 maxlen: 24
91.190.101.0/24 maxlen: 24
91.190.102.0/23 maxlen: 24
91.190.100.0/24 maxlen: 24
62.197.144.0/20 maxlen: 24
92.62.120.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 214274611 (0xcc59233)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 05:05:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b66f5c8579760fe28491bc27fe0dcf911e11335a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:41:58:dd:ac:55:67:68:3a:da:b0:9d:5b:5a:
af:66:77:92:dd:e6:0f:70:d9:d5:2c:f5:21:be:94:
c5:5b:98:93:d6:e1:fe:dd:9e:89:23:43:21:2e:ac:
bf:ab:17:30:f8:01:6b:2c:a4:42:13:cb:63:dd:66:
12:3a:3b:be:a5:03:65:6e:42:4f:08:ae:0e:35:b0:
61:66:87:e0:37:37:37:47:74:60:92:5f:f3:a8:b6:
a2:e9:4f:2c:8f:50:90:e1:67:5b:d3:63:d8:a3:b0:
8d:dc:27:7d:9c:19:85:83:da:81:8d:81:26:bc:d9:
40:dc:5b:e4:84:cc:19:c4:f1:ee:bf:18:53:41:96:
57:64:1e:4a:b4:a2:16:fc:46:a5:5f:61:53:c1:a4:
61:36:11:29:c9:ad:f9:01:05:7c:8a:57:85:69:3a:
58:f5:72:ae:04:35:06:c9:f1:b5:14:4d:43:35:ba:
97:b3:28:fd:b1:4b:77:c8:aa:ae:fb:32:cf:91:6e:
62:3d:c0:f0:a6:62:4f:fa:7a:ec:53:c0:d0:87:92:
7c:ed:11:40:a2:86:99:02:12:e9:65:71:13:08:52:
7b:15:74:55:fd:49:72:3d:f2:ab:d1:42:e8:6a:5c:
8f:25:95:32:3d:d0:fd:4b:24:bc:0f:4b:d7:f0:35:
b1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:6F:5C:85:79:76:0F:E2:84:91:BC:27:FE:0D:CF:91:1E:11:33:5A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tm9chXl2D-KEkbwn_g3PkR4RM1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.197.144.0/20
91.190.100.0/22
92.62.120.0/22
185.244.139.0/24
193.218.35.0/24
194.169.168.0/22
212.119.32.0/22
Signature Algorithm: sha256WithRSAEncryption
98:5e:22:b7:48:48:63:fe:34:ba:13:ea:f4:f1:bb:df:29:28:
94:05:3e:cc:01:d4:f4:44:c7:96:ca:54:d0:cb:4b:a7:a2:91:
c9:ff:39:66:01:81:f7:82:9b:03:e6:8b:1c:41:51:68:6d:92:
02:ad:cb:96:dd:4e:51:00:d1:3a:fa:88:62:b4:93:2e:0e:1d:
23:f3:ce:6d:12:47:88:6a:30:10:0d:81:bc:13:f8:7f:d4:ea:
9a:07:9b:ce:e9:6c:c1:eb:49:22:46:45:3d:ff:0c:58:82:58:
7f:d0:0e:c1:bf:df:e3:63:a9:71:9d:72:e1:25:4c:5d:44:40:
e7:71:13:bb:21:ee:d8:8a:3a:3b:aa:60:8d:5e:a6:52:f3:dc:
85:88:4d:e0:0e:25:88:e7:10:11:32:07:df:7c:a4:af:e4:9f:
df:b2:78:63:90:41:be:92:c0:5f:68:4d:f1:41:36:08:01:38:
71:c5:b2:c7:50:e8:a2:4a:52:7f:3f:2e:35:07:30:b9:20:c6:
b5:1a:83:20:7d:b2:99:b2:80:82:08:44:08:dd:1e:43:f5:94:
3d:36:e5:9e:2c:ce:f4:8c:74:97:3b:29:25:34:4c:53:76:69:
8c:7c:7d:26:c3:55:8f:14:b9:11:91:bc:6d:29:4b:0e:c5:62:
15:54:65:d5
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEDMWSMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDEw
MTA1MDUwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjY2ZjVjODU3OTc2
MGZlMjg0OTFiYzI3ZmUwZGNmOTExZTExMzM1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMFBWN2sVWdoOtqwnVtar2Z3kt3mD3DZ1Sz1Ib6UxVuYk9bh
/t2eiSNDIS6sv6sXMPgBayykQhPLY91mEjo7vqUDZW5CTwiuDjWwYWaH4Dc3N0d0
YJJf86i2oulPLI9QkOFnW9Nj2KOwjdwnfZwZhYPagY2BJrzZQNxb5ITMGcTx7r8Y
U0GWV2QeSrSiFvxGpV9hU8GkYTYRKcmt+QEFfIpXhWk6WPVyrgQ1BsnxtRRNQzW6
l7Mo/bFLd8iqrvsyz5FuYj3A8KZiT/p67FPA0IeSfO0RQKKGmQIS6WVxEwhSexV0
Vf1Jcj3yq9FC6GpcjyWVMj3Q/UskvA9L1/A1sRsCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBS2b1yFeXYP4oSRvCf+Dc+RHhEzWjAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L3RtOWNoWGwyRC1LRWtid25fZzNQa1I0Uk0xby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEBD7FkAMEAlu+ZAMEAlw+eAMEALn0
iwMEAMHaIwMEAsKpqAMEAtR3IDANBgkqhkiG9w0BAQsFAAOCAQEAmF4it0hIY/40
uhPq9PG73ykolAU+zAHU9ETHlspU0MtLp6KRyf85ZgGB94KbA+aLHEFRaG2SAq3L
lt1OUQDROvqIYrSTLg4dI/PObRJHiGowEA2BvBP4f9TqmgebzulswetJIkZFPf8M
WIJYf9AOwb/f42OpcZ1y4SVMXURA53ETuyHu2Io6O6pgjV6mUvPchYhN4A4liOcQ
ETIH33ykr+Sf37J4Y5BBvpLAX2hN8UE2CAE4ccWyx1DookpSfz8uNQcwuSDGtRqD
IH2ymbKAgghECN0eQ/WUPTblnizO9Ix0lzspJTRMU3ZpjHx9JsNVjxS5EZG8bSlL
DsViFVRl1Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:03 2023 by rpki-client on console-fra.rpki-client.org