Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/Ql0xxoH6l-ghaDwuO_OWuFPcwxY.roa
File: Ql0xxoH6l-ghaDwuO_OWuFPcwxY.roa (raw, json)
Hash identifier: S4NMEQ/Lm9VpwD9aagkMUGg+lN/pKYD7dmlMMZkBHmQ=
Subject key identifier: 42:5D:31:C6:81:FA:97:E8:21:68:3C:2E:3B:F3:96:B8:53:DC:C3:16
Certificate issuer: /CN=1daf46a40c246d6540d992c321b1cc3623d65995
Certificate serial: 1BCA95D0
Authority key identifier: 1D:AF:46:A4:0C:24:6D:65:40:D9:92:C3:21:B1:CC:36:23:D6:59:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/Ql0xxoH6l-ghaDwuO_OWuFPcwxY.roa
Signing time: Sat 01 Jan 2022 13:54:54 +0000
ROA not before: Sat 01 Jan 2022 13:54:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62370
IP address blocks: 77.95.224.0/21 maxlen: 21
185.62.56.0/22 maxlen: 22
89.207.128.0/21 maxlen: 21
193.33.60.0/23 maxlen: 23
37.148.160.0/21 maxlen: 21
5.104.224.0/21 maxlen: 21
128.204.192.0/20 maxlen: 20
78.41.200.0/21 maxlen: 21
193.34.166.0/23 maxlen: 23
195.20.204.0/23 maxlen: 23
2a00:7b80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 466261456 (0x1bca95d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1daf46a40c246d6540d992c321b1cc3623d65995
Validity
Not Before: Jan 1 13:54:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=425d31c681fa97e821683c2e3bf396b853dcc316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:06:0e:f6:50:0c:73:1c:57:dd:e8:be:a0:70:
25:c6:1b:4e:03:6d:07:09:6c:d9:a9:35:c6:4e:a7:
5d:1d:39:65:6a:8c:a2:15:27:19:99:82:21:de:d0:
7d:ad:86:e6:cc:ea:80:5b:5b:cb:b7:e0:d4:d8:b5:
23:d1:db:62:04:25:bc:aa:20:ca:a6:3a:7a:38:3f:
21:b5:ef:df:8e:85:22:e8:e0:24:db:ad:36:5b:4e:
ef:88:76:6a:11:c6:ac:8e:63:21:fb:9f:3c:71:60:
dc:df:be:c4:6a:4c:2d:eb:0d:b0:f3:c6:df:86:73:
a7:15:aa:d5:5d:69:6e:d5:a5:ec:04:b7:1f:00:fa:
64:2e:f8:28:27:12:a0:3c:fb:e4:25:9f:00:14:71:
02:58:bb:9b:fb:2c:4e:07:07:14:06:45:14:b2:99:
b8:8a:c6:67:61:21:86:ff:3e:07:1a:e9:5f:7a:fe:
3d:df:f7:43:d4:e4:17:03:85:d2:41:15:cf:db:2a:
21:74:83:18:d9:e6:ce:1c:93:06:af:80:c7:4d:2f:
80:87:fb:2d:6c:f0:da:7f:84:17:1f:e2:1e:c4:4f:
a0:1b:97:44:a8:b0:34:ea:9c:1f:2d:e1:a6:7c:c1:
97:85:dd:07:91:66:ad:e9:1f:af:89:2a:c3:0f:30:
bb:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:5D:31:C6:81:FA:97:E8:21:68:3C:2E:3B:F3:96:B8:53:DC:C3:16
X509v3 Authority Key Identifier:
keyid:1D:AF:46:A4:0C:24:6D:65:40:D9:92:C3:21:B1:CC:36:23:D6:59:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/Ql0xxoH6l-ghaDwuO_OWuFPcwxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.224.0/21
37.148.160.0/21
77.95.224.0/21
78.41.200.0/21
89.207.128.0/21
128.204.192.0/20
185.62.56.0/22
193.33.60.0/23
193.34.166.0/23
195.20.204.0/23
IPv6:
2a00:7b80::/32
Signature Algorithm: sha256WithRSAEncryption
26:b4:86:d5:c7:11:82:5b:a6:b3:7f:82:3a:e1:25:ea:c6:c1:
dd:c1:59:c4:e0:42:50:de:2e:5b:70:c8:6b:e4:dd:00:85:3b:
6a:e2:39:e0:06:e1:6d:34:af:f2:b6:89:8d:4f:75:ea:a3:8e:
1d:3b:95:b1:ef:0d:e5:42:07:15:b2:2c:5b:dd:ea:3f:6d:c1:
c0:31:ab:52:ac:dc:f1:36:72:cf:70:d3:07:d2:8c:c2:1d:77:
61:9b:92:5e:4d:26:35:eb:a0:9b:98:71:9c:1d:e1:26:0d:f5:
bf:5f:f4:5a:c8:84:3e:ee:a4:fd:2f:b6:90:69:f3:15:d0:21:
fb:17:02:31:fc:4d:e3:a3:c3:fd:9e:bd:7e:fe:fa:ba:fc:de:
87:b5:a8:de:49:fa:a2:fb:41:60:1a:89:43:f2:e2:64:2d:b4:
2a:bb:72:37:13:88:1e:f3:e1:e5:aa:09:52:63:a8:5c:d6:cf:
09:6f:46:de:fe:c6:2c:05:ad:a0:e8:0e:18:75:22:5a:e4:85:
d0:8c:e9:90:61:dd:97:2d:d7:5b:ef:53:cc:d2:45:0b:b4:33:
8d:17:db:dd:61:78:f8:2a:16:bf:6d:a2:f7:39:1f:d7:ed:b2:
be:d3:67:38:46:48:14:2f:10:dd:31:18:f2:f6:4f:f3:f0:2a:
c8:48:57:e4
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIEG8qV0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZGFmNDZhNDBjMjQ2ZDY1NDBkOTkyYzMyMWIxY2MzNjIzZDY1OTk1MB4XDTIyMDEw
MTEzNTQ1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDI1ZDMxYzY4MWZh
OTdlODIxNjgzYzJlM2JmMzk2Yjg1M2RjYzMxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPwGDvZQDHMcV93ovqBwJcYbTgNtBwls2ak1xk6nXR05ZWqM
ohUnGZmCId7Qfa2G5szqgFtby7fg1Ni1I9HbYgQlvKogyqY6ejg/IbXv346FIujg
JNutNltO74h2ahHGrI5jIfufPHFg3N++xGpMLesNsPPG34ZzpxWq1V1pbtWl7AS3
HwD6ZC74KCcSoDz75CWfABRxAli7m/ssTgcHFAZFFLKZuIrGZ2Ehhv8+BxrpX3r+
Pd/3Q9TkFwOF0kEVz9sqIXSDGNnmzhyTBq+Ax00vgIf7LWzw2n+EFx/iHsRPoBuX
RKiwNOqcHy3hpnzBl4XdB5Fmrekfr4kqww8wu9MCAwEAAaOCAk4wggJKMB0GA1Ud
DgQWBBRCXTHGgfqX6CFoPC4785a4U9zDFjAfBgNVHSMEGDAWgBQdr0akDCRtZUDZ
ksMhscw2I9ZZlTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hhOUdwQXdrYldWQTJaTERJYkhNTmlQV1daVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvNDRjMGVmLTVkYTYtNGZmMi1iNWVmLTc5ZjA0OGJkMmE3YS8x
L1FsMHh4b0g2bC1naGFEd3VPX09XdUZQY3d4WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
NDRjMGVmLTVkYTYtNGZmMi1iNWVmLTc5ZjA0OGJkMmE3YS8xL0hhOUdwQXdrYldW
QTJaTERJYkhNTmlQV1daVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBk
BggrBgEFBQcBBwEB/wRVMFMwQgQCAAEwPAMEAwVo4AMEAyWUoAMEA01f4AMEA04p
yAMEA1nPgAMEBIDMwAMEArk+OAMEAcEhPAMEAcEipgMEAcMUzDANBAIAAjAHAwUA
KgB7gDANBgkqhkiG9w0BAQsFAAOCAQEAJrSG1ccRglums3+COuEl6sbB3cFZxOBC
UN4uW3DIa+TdAIU7auI54AbhbTSv8raJjU916qOOHTuVse8N5UIHFbIsW93qP23B
wDGrUqzc8TZyz3DTB9KMwh13YZuSXk0mNeugm5hxnB3hJg31v1/0WsiEPu6k/S+2
kGnzFdAh+xcCMfxN46PD/Z69fv76uvzeh7Wo3kn6ovtBYBqJQ/LiZC20KrtyNxOI
HvPh5aoJUmOoXNbPCW9G3v7GLAWtoOgOGHUiWuSF0IzpkGHdly3XW+9TzNJFC7Qz
jRfb3WF4+CoWv22i9zkf1+2yvtNnOEZIFC8Q3TEY8vZP8/AqyEhX5A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:10 2023 by rpki-client on console-fra.rpki-client.org