Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/onT9b_mcq6aBVRNeeVfpl4oRRzc.roa
File: onT9b_mcq6aBVRNeeVfpl4oRRzc.roa (raw, json)
Hash identifier: gVSbbUCe2WdFYRALhbpHQgaYPWoiH0yl/O4QyHRGGY4=
Subject key identifier: A2:74:FD:6F:F9:9C:AB:A6:81:55:13:5E:79:57:E9:97:8A:11:47:37
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 39FB5A4B
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/onT9b_mcq6aBVRNeeVfpl4oRRzc.roa
Signing time: Sat 01 Jan 2022 14:00:34 +0000
ROA not before: Sat 01 Jan 2022 14:00:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59958
IP address blocks: 217.153.252.0/22 maxlen: 22
85.219.176.0/20 maxlen: 20
89.174.160.0/23 maxlen: 23
89.174.162.0/24 maxlen: 24
217.153.168.0/23 maxlen: 23
89.174.192.0/20 maxlen: 20
217.153.84.0/26 maxlen: 26
217.153.85.192/26 maxlen: 26
89.174.208.0/22 maxlen: 22
89.174.128.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 972773963 (0x39fb5a4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 14:00:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a274fd6ff99caba68155135e7957e9978a114737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:94:2b:14:d6:c5:24:01:77:16:a0:06:2c:4a:
64:c0:70:cb:40:14:da:c6:75:c3:9e:87:57:fd:a3:
fa:fe:e7:36:50:65:45:6b:94:1d:a0:ba:83:80:b9:
f1:09:59:3a:cc:d8:4b:4c:a5:eb:3b:a6:ae:42:99:
03:d9:d6:36:b3:6c:b5:fe:33:37:42:4e:c0:9d:49:
dc:26:53:52:c9:74:df:dd:73:4f:ad:2c:56:6b:d0:
e1:52:78:fb:99:d2:7d:83:91:35:0a:59:02:2e:4d:
e8:b1:fe:65:6c:21:40:5e:9f:62:d4:4b:79:ec:3b:
1b:5f:f2:79:c4:d0:ce:62:b1:df:d1:9c:be:90:1f:
35:c5:3d:fa:cb:e5:73:8a:f2:bb:e9:cc:51:61:df:
8b:d4:53:d7:f4:5f:5e:38:6c:d2:f0:b3:3b:70:5f:
31:c1:c8:af:11:42:5b:2a:ab:f8:21:bc:fd:77:bf:
0c:7d:58:e2:da:39:71:db:29:7d:42:a9:85:24:42:
5f:8e:c8:ca:ae:08:a1:d2:4e:85:9b:34:4e:60:60:
d3:26:b2:df:4a:a8:d6:f0:40:1e:b3:a1:d4:10:47:
00:94:03:21:4c:0e:21:6c:0c:61:f8:5a:fa:8f:be:
4b:16:39:8b:94:e9:81:3e:1d:79:ef:ef:7f:4e:b0:
e2:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:74:FD:6F:F9:9C:AB:A6:81:55:13:5E:79:57:E9:97:8A:11:47:37
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/onT9b_mcq6aBVRNeeVfpl4oRRzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.219.176.0/20
89.174.128.0-89.174.162.255
89.174.192.0-89.174.211.255
217.153.84.0/26
217.153.85.192/26
217.153.168.0/23
217.153.252.0/22
Signature Algorithm: sha256WithRSAEncryption
58:3a:1b:06:41:c0:61:f3:03:75:05:79:52:a1:d5:79:4d:d8:
e7:6e:2a:d5:8a:9e:78:44:63:23:e7:79:38:5d:4b:c4:9e:30:
37:28:39:7f:d8:ca:e4:2c:3b:f0:e0:e0:e5:1e:50:61:66:69:
7c:d7:2b:43:83:c9:4f:bc:03:94:5b:b3:f0:12:9c:4d:e9:08:
9a:6e:5f:3e:0e:a4:9e:c6:c8:0f:29:dd:2b:fc:8e:c1:f1:92:
4b:62:73:96:ff:d6:c6:47:0a:7f:cc:a7:64:3b:b5:41:5d:87:
f8:10:5c:cb:c3:d1:81:05:5c:7c:06:13:66:3b:4e:3f:4d:f3:
7f:e3:b0:a7:c3:a8:6a:eb:d6:ab:3b:28:9e:60:34:ca:c9:4d:
29:d5:0b:2a:63:53:d8:69:c1:ea:8c:25:3f:e8:7b:d3:a7:f7:
67:99:e5:a5:7b:93:60:70:6e:5c:5f:85:79:e3:85:65:7d:47:
de:99:b2:fe:d4:68:a3:2a:ce:66:08:c7:69:cd:e9:9f:1a:44:
e0:cc:c8:44:fc:4d:5a:e2:d2:4c:ae:d3:79:a1:0d:83:d0:5b:
11:70:52:dc:ad:37:d5:68:46:64:29:75:b9:0f:e2:20:f5:43:
19:c6:d0:09:86:7d:d9:3d:f7:68:ee:49:12:57:a3:49:3a:a6:
2e:b0:b2:b0
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIEOftaSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWNhNjNkZjI0OGI3YWRmM2RkZDA3ZThjMmQzZWVkZDAyY2VmOTMzMB4XDTIyMDEw
MTE0MDAzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTI3NGZkNmZmOTlj
YWJhNjgxNTUxMzVlNzk1N2U5OTc4YTExNDczNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJqUKxTWxSQBdxagBixKZMBwy0AU2sZ1w56HV/2j+v7nNlBl
RWuUHaC6g4C58QlZOszYS0yl6zumrkKZA9nWNrNstf4zN0JOwJ1J3CZTUsl0391z
T60sVmvQ4VJ4+5nSfYORNQpZAi5N6LH+ZWwhQF6fYtRLeew7G1/yecTQzmKx39Gc
vpAfNcU9+svlc4ryu+nMUWHfi9RT1/RfXjhs0vCzO3BfMcHIrxFCWyqr+CG8/Xe/
DH1Y4to5cdspfUKphSRCX47Iyq4IodJOhZs0TmBg0yay30qo1vBAHrOh1BBHAJQD
IUwOIWwMYfha+o++SxY5i5TpgT4dee/vf06w4l0CAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBSidP1v+ZyrpoFVE155V+mXihFHNzAfBgNVHSMEGDAWgBQaymPfJIt63z3d
B+jC0+7dAs75MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dzcGozeVNMZXQ4OTNRZm93dFB1M1FMTy1UTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8x
L29uVDliX21jcTZhQlZSTmVlVmZwbDRvUlJ6Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8xL0dzcGozeVNMZXQ4
OTNRZm93dFB1M1FMTy1UTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEBFXbsDAMAwQHWa6AAwQAWa6iMAwD
BAZZrsADBAJZrtADBQbZmVQAAwUG2ZlVwAMEAdmZqAMEAtmZ/DANBgkqhkiG9w0B
AQsFAAOCAQEAWDobBkHAYfMDdQV5UqHVeU3Y524q1YqeeERjI+d5OF1LxJ4wNyg5
f9jK5Cw78ODg5R5QYWZpfNcrQ4PJT7wDlFuz8BKcTekImm5fPg6knsbIDyndK/yO
wfGSS2Jzlv/WxkcKf8ynZDu1QV2H+BBcy8PRgQVcfAYTZjtOP03zf+Owp8OoauvW
qzsonmA0yslNKdULKmNT2GnB6owlP+h706f3Z5nlpXuTYHBuXF+FeeOFZX1H3pmy
/tRooyrOZgjHac3pnxpE4MzIRPxNWuLSTK7TeaENg9BbEXBS3K031WhGZCl1uQ/i
IPVDGcbQCYZ92T33aO5JElejSTqmLrCysA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:09 2023 by rpki-client on console-fra.rpki-client.org