Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/mC3tzn2dvYiF_tiS0wEfR0HttFE.roa
File: mC3tzn2dvYiF_tiS0wEfR0HttFE.roa (raw, json)
Hash identifier: UJWa3ojJoPx1F1EvLhaPuUpQopUV8i3BcUC/1E1IZes=
Subject key identifier: 98:2D:ED:CE:7D:9D:BD:88:85:FE:D8:92:D3:01:1F:47:41:ED:B4:51
Certificate issuer: /CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Certificate serial: A215B2
Authority key identifier: 56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/mC3tzn2dvYiF_tiS0wEfR0HttFE.roa
Signing time: Tue 28 Jun 2022 09:44:02 +0000
ROA not before: Tue 28 Jun 2022 09:44:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8376
IP address blocks: 86.108.0.0/17 maxlen: 24
46.185.128.0/17 maxlen: 24
79.173.192.0/18 maxlen: 24
185.98.220.0/22 maxlen: 24
92.253.0.0/17 maxlen: 24
217.23.32.0/20 maxlen: 24
194.165.128.0/19 maxlen: 24
149.200.128.0/17 maxlen: 24
213.186.160.0/19 maxlen: 24
94.249.0.0/17 maxlen: 24
37.202.64.0/18 maxlen: 24
2a01:9700::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10622386 (0xa215b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Validity
Not Before: Jun 28 09:44:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=982dedce7d9dbd8885fed892d3011f4741edb451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4e:48:14:9d:3b:6b:33:dd:47:1e:dd:c0:68:
1a:f6:2a:85:94:48:71:c2:b1:71:e9:74:8f:90:90:
6b:11:1d:15:b1:4f:05:2c:e7:32:a3:93:43:7a:59:
54:e0:1d:ff:7b:02:a6:90:b4:31:5d:5a:d2:e7:4c:
69:44:9a:8a:29:c4:97:f4:7e:b6:25:bd:20:9f:38:
8c:44:3f:9b:4f:66:64:53:52:77:c7:77:7b:44:14:
f4:1d:9d:02:8e:59:24:7e:f9:a5:a0:00:ca:36:3e:
ca:33:37:aa:75:4e:23:46:1e:ae:cf:53:6e:f2:ea:
8b:a9:08:8a:fd:80:f3:71:4b:0d:64:25:f8:bc:2d:
f1:3a:bb:58:a4:ef:61:e3:36:7f:f1:ad:87:5e:4a:
9f:a4:19:ff:c7:a5:71:8b:0a:dd:ed:b5:49:33:f0:
4b:ce:47:d4:9d:0d:74:a8:ee:f1:c6:f6:57:56:74:
23:75:b6:cd:6f:fa:83:4b:14:49:eb:47:11:c9:0e:
77:bb:dd:b7:27:f1:d4:98:75:61:5f:a5:7f:43:97:
e9:6f:a0:c6:96:d8:44:8b:d4:ee:1c:56:ac:b5:ba:
3e:0b:bf:c9:16:d8:01:0a:cf:25:e0:90:7f:e5:a3:
58:16:b2:bc:cc:49:5b:e2:d8:4f:3a:a0:c1:bb:99:
f7:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:2D:ED:CE:7D:9D:BD:88:85:FE:D8:92:D3:01:1F:47:41:ED:B4:51
X509v3 Authority Key Identifier:
keyid:56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/mC3tzn2dvYiF_tiS0wEfR0HttFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/VtDjso8r4z7FqdLKAKxkFVU2y8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.64.0/18
46.185.128.0/17
79.173.192.0/18
86.108.0.0/17
92.253.0.0/17
94.249.0.0/17
149.200.128.0/17
185.98.220.0/22
194.165.128.0/19
213.186.160.0/19
217.23.32.0/20
IPv6:
2a01:9700::/32
Signature Algorithm: sha256WithRSAEncryption
22:d2:29:12:b8:ea:e5:71:35:ce:53:b8:4b:72:8f:88:d8:02:
7c:f1:4d:52:bc:82:38:76:85:d9:e9:ab:6d:84:e6:b2:3b:9c:
18:93:47:32:7c:f4:6f:e2:f4:f9:ed:91:b7:7b:4c:e5:e6:e1:
f5:67:40:a9:37:70:34:46:4c:2e:4e:c4:e5:20:97:ab:ba:fd:
c9:53:01:f9:0c:35:38:ed:77:01:e8:0a:06:a8:9b:1a:d9:08:
60:b5:f9:c9:7d:2a:bd:70:90:f6:bb:02:68:bd:08:7d:94:01:
af:4c:b7:ea:a3:cb:37:55:8b:5d:6e:0f:87:94:94:f8:d2:ce:
a6:e2:7d:57:00:53:df:f1:12:ef:f9:0c:22:c2:2c:22:9a:30:
d0:19:57:48:63:fe:07:f9:27:17:de:c9:e1:9c:63:e0:7b:66:
b5:b8:e5:73:b3:38:71:76:c1:c7:50:77:60:98:6f:f4:76:ce:
f4:22:ba:a2:d0:ba:b9:0b:7d:07:34:bf:33:dc:b5:f5:07:e5:
16:93:68:74:cb:be:79:2a:34:cc:b6:d0:54:10:cf:67:ce:cb:
26:1e:ec:50:61:d3:7c:10:36:bb:c0:5c:18:d0:65:84:c0:5c:
e7:04:7d:a6:e0:41:7b:fa:8c:26:7e:bd:04:e6:e3:f0:a8:7b:
20:9c:d5:69
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIEAKIVsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NmQwZTNiMjhmMmJlMzNlYzVhOWQyY2EwMGFjNjQxNTU1MzZjYmM2MB4XDTIyMDYy
ODA5NDQwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTgyZGVkY2U3ZDlk
YmQ4ODg1ZmVkODkyZDMwMTFmNDc0MWVkYjQ1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJpOSBSdO2sz3Uce3cBoGvYqhZRIccKxcel0j5CQaxEdFbFP
BSznMqOTQ3pZVOAd/3sCppC0MV1a0udMaUSaiinEl/R+tiW9IJ84jEQ/m09mZFNS
d8d3e0QU9B2dAo5ZJH75paAAyjY+yjM3qnVOI0Yers9TbvLqi6kIiv2A83FLDWQl
+Lwt8Tq7WKTvYeM2f/Gth15Kn6QZ/8elcYsK3e21STPwS85H1J0NdKju8cb2V1Z0
I3W2zW/6g0sUSetHEckOd7vdtyfx1Jh1YV+lf0OX6W+gxpbYRIvU7hxWrLW6Pgu/
yRbYAQrPJeCQf+WjWBayvMxJW+LYTzqgwbuZ95UCAwEAAaOCAlQwggJQMB0GA1Ud
DgQWBBSYLe3OfZ29iIX+2JLTAR9HQe20UTAfBgNVHSMEGDAWgBRW0OOyjyvjPsWp
0soArGQVVTbLxjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Z0RGpzbzhyNHo3RnFkTEtBS3hrRlZVMnk4WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvZmZiZjZhLTcyZjAtNDAxZi1iMmMzLThiOGQ3MjE3MjA5MC8x
L21DM3R6bjJkdllpRl90aVMwd0VmUjBIdHRGRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
ZmZiZjZhLTcyZjAtNDAxZi1iMmMzLThiOGQ3MjE3MjA5MC8xL1Z0RGpzbzhyNHo3
RnFkTEtBS3hrRlZVMnk4WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBq
BggrBgEFBQcBBwEB/wRbMFkwSAQCAAEwQgMEBiXKQAMEBy65gAMEBk+twAMEB1Zs
AAMEB1z9AAMEB175AAMEB5XIgAMEArli3AMEBcKlgAMEBdW6oAMEBNkXIDANBAIA
AjAHAwUAKgGXADANBgkqhkiG9w0BAQsFAAOCAQEAItIpErjq5XE1zlO4S3KPiNgC
fPFNUryCOHaF2emrbYTmsjucGJNHMnz0b+L0+e2Rt3tM5ebh9WdAqTdwNEZMLk7E
5SCXq7r9yVMB+Qw1OO13AegKBqibGtkIYLX5yX0qvXCQ9rsCaL0IfZQBr0y36qPL
N1WLXW4Ph5SU+NLOpuJ9VwBT3/ES7/kMIsIsIpow0BlXSGP+B/knF97J4Zxj4Htm
tbjlc7M4cXbBx1B3YJhv9HbO9CK6otC6uQt9BzS/M9y19QflFpNodMu+eSo0zLbQ
VBDPZ87LJh7sUGHTfBA2u8BcGNBlhMBc5wR9puBBe/qMJn69BObj8Kh7IJzVaQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:13 2023 by rpki-client on console-fra.rpki-client.org