Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/iEHYCO1Kxah_mQe-vJwH2lMvbBA.roa
File: iEHYCO1Kxah_mQe-vJwH2lMvbBA.roa (raw, json)
Hash identifier: OKN8OzTvf7FJgvFH+E9INqSerBIp3+8mPO1WSqMAhcs=
Subject key identifier: 88:41:D8:08:ED:4A:C5:A8:7F:99:07:BE:BC:9C:07:DA:53:2F:6C:10
Certificate issuer: /CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Certificate serial: 34B2477E
Authority key identifier: B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/iEHYCO1Kxah_mQe-vJwH2lMvbBA.roa
Signing time: Sat 01 Jan 2022 14:57:41 +0000
ROA not before: Sat 01 Jan 2022 14:57:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25252
IP address blocks: 153.112.160.0/21 maxlen: 21
153.112.176.0/20 maxlen: 20
153.112.173.0/24 maxlen: 24
79.170.17.0/24 maxlen: 24
79.170.16.0/24 maxlen: 24
79.170.21.0/24 maxlen: 24
79.170.22.0/24 maxlen: 24
79.170.23.0/24 maxlen: 24
79.170.18.0/24 maxlen: 24
79.170.19.0/24 maxlen: 24
79.170.20.0/24 maxlen: 24
153.112.208.0/23 maxlen: 23
153.112.132.0/22 maxlen: 22
153.112.139.0/24 maxlen: 24
153.112.150.0/23 maxlen: 23
153.112.149.0/24 maxlen: 24
192.138.109.0/24 maxlen: 24
192.138.110.0/23 maxlen: 23
192.138.116.0/23 maxlen: 23
192.157.11.0/24 maxlen: 24
192.157.8.0/23 maxlen: 23
192.157.8.0/24 maxlen: 24
192.157.9.0/24 maxlen: 24
192.157.10.0/24 maxlen: 24
153.112.240.0/24 maxlen: 24
153.112.241.0/24 maxlen: 24
2a02:f784:30::/48 maxlen: 48
2a02:f784:8001::/48 maxlen: 48
2a02:f784:20::/48 maxlen: 48
2a02:f784:8000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 884098942 (0x34b2477e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Validity
Not Before: Jan 1 14:57:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8841d808ed4ac5a87f9907bebc9c07da532f6c10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8a:cc:51:d5:f1:ff:ef:6f:62:4e:2b:fb:dc:
ac:7f:1b:b3:45:a1:3d:63:cb:24:a5:98:a7:99:6c:
04:cd:84:c1:29:11:35:ac:e9:10:c3:b5:3e:b2:d3:
23:25:8a:79:88:0a:55:f6:63:d9:1d:a1:d7:d2:ec:
3c:6a:90:09:00:a1:03:38:32:33:32:3c:b3:5a:ae:
88:1a:56:ca:12:55:57:33:17:26:41:f4:b5:97:14:
58:1c:37:9c:4c:55:97:60:6c:33:a7:6f:39:dd:9f:
5e:dc:5b:59:14:cb:5f:56:32:00:44:0c:09:bf:b6:
52:c2:91:e6:18:29:03:56:a4:fd:44:d0:db:3f:e2:
6a:be:64:8d:7b:84:ef:f9:d3:7d:94:8b:59:65:6e:
04:87:4e:4a:39:68:f9:32:6d:04:1b:32:9a:21:40:
8d:96:65:5d:de:0a:ad:f6:12:a7:2a:2f:5c:16:74:
95:7a:d7:06:fa:cd:aa:f6:a7:30:96:cd:92:aa:5e:
b6:4e:0a:10:fd:7b:4b:e2:db:f4:28:c4:f7:37:5e:
5a:29:59:3b:09:c0:68:4e:bc:8d:ab:d9:c8:d0:6c:
e7:6e:db:f4:2a:54:a6:44:f4:e4:8f:89:a3:c1:c9:
c9:04:f0:ff:93:66:51:5b:65:de:22:f6:cc:21:c6:
e7:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:41:D8:08:ED:4A:C5:A8:7F:99:07:BE:BC:9C:07:DA:53:2F:6C:10
X509v3 Authority Key Identifier:
keyid:B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/iEHYCO1Kxah_mQe-vJwH2lMvbBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.16.0/21
153.112.132.0/22
153.112.139.0/24
153.112.149.0-153.112.151.255
153.112.160.0/21
153.112.173.0/24
153.112.176.0/20
153.112.208.0/23
153.112.240.0/23
192.138.109.0-192.138.111.255
192.138.116.0/23
192.157.8.0/22
IPv6:
2a02:f784:20::/48
2a02:f784:30::/48
2a02:f784:8000::/47
Signature Algorithm: sha256WithRSAEncryption
62:f6:1c:e6:de:c6:e5:fb:81:23:bc:79:86:96:ad:77:e0:84:
16:10:4b:dd:dc:0c:e4:68:9c:09:a9:df:52:96:97:f8:13:8f:
56:62:dd:70:4d:02:59:aa:db:d6:13:75:67:00:21:2c:71:71:
18:27:a4:b5:c6:18:34:5f:2e:f1:c8:b2:ac:4e:8f:aa:e2:b9:
07:82:ad:1e:14:e2:05:72:79:0f:59:f7:23:ce:1c:53:b3:a5:
f5:4d:54:3e:36:c9:dc:cd:a2:97:18:10:f5:6f:b1:74:d7:dd:
c8:04:ae:7b:5a:17:b7:22:d2:8a:a8:c4:df:e5:88:69:e7:ec:
90:a3:f2:9f:2e:ab:64:56:33:01:30:7f:3b:ad:a8:6e:4f:63:
30:5d:c7:9d:fa:80:ee:2a:0c:9e:60:cd:67:c6:69:2e:78:ec:
63:1a:d2:ac:0c:4a:71:cd:66:5c:09:28:dd:72:33:d6:57:b3:
e5:bb:9a:bd:cd:75:e6:cd:43:8c:cf:f4:cb:70:b2:19:88:9a:
6a:72:50:c8:e4:9c:af:bb:28:0e:58:e9:c2:a2:a3:c0:32:fa:
1e:0d:ae:b3:21:fd:c9:ef:6a:d9:cc:16:cf:cc:db:21:f2:b1:
f9:99:9b:e1:4f:2b:a1:4a:98:61:57:01:5b:d3:56:6d:00:97:
ad:c4:56:ec
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIENLJHfjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDg1MmZmYmE3ZDU3YzVhOGFmYmI2ZWE1YmVhZjdkZmVjMGMxNDVhMB4XDTIyMDEw
MTE0NTc0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODg0MWQ4MDhlZDRh
YzVhODdmOTkwN2JlYmM5YzA3ZGE1MzJmNmMxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALmKzFHV8f/vb2JOK/vcrH8bs0WhPWPLJKWYp5lsBM2EwSkR
NazpEMO1PrLTIyWKeYgKVfZj2R2h19LsPGqQCQChAzgyMzI8s1quiBpWyhJVVzMX
JkH0tZcUWBw3nExVl2BsM6dvOd2fXtxbWRTLX1YyAEQMCb+2UsKR5hgpA1ak/UTQ
2z/iar5kjXuE7/nTfZSLWWVuBIdOSjlo+TJtBBsymiFAjZZlXd4KrfYSpyovXBZ0
lXrXBvrNqvanMJbNkqpetk4KEP17S+Lb9CjE9zdeWilZOwnAaE68javZyNBs527b
9CpUpkT05I+Jo8HJyQTw/5NmUVtl3iL2zCHG5w0CAwEAAaOCAoEwggJ9MB0GA1Ud
DgQWBBSIQdgI7UrFqH+ZB768nAfaUy9sEDAfBgNVHSMEGDAWgBS0hS/7p9V8Wor7
tupb6vff7AwUWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RJVXYtNmZWZkZxSy03YnFXLXIzMy13TUZGby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvZTQ1ZTMwLWU3ZDgtNGZiOC05MGFkLWY3MTAzOGU5NjdhNC8x
L2lFSFlDTzFLeGFoX21RZS12SndIMmxNdmJCQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
ZTQ1ZTMwLWU3ZDgtNGZiOC05MGFkLWY3MTAzOGU5NjdhNC8xL3RJVXYtNmZWZkZx
Sy03YnFXLXIzMy13TUZGby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
lgYIKwYBBQUHAQcBAf8EgYYwgYMwXgQCAAEwWAMEA0+qEAMEAplwhAMEAJlwizAM
AwQAmXCVAwQDmXCQAwQDmXCgAwQAmXCtAwQEmXCwAwQBmXDQAwQBmXDwMAwDBADA
im0DBATAimADBAHAinQDBALAnQgwIQQCAAIwGwMHACoC94QAIAMHACoC94QAMAMH
ASoC94SAADANBgkqhkiG9w0BAQsFAAOCAQEAYvYc5t7G5fuBI7x5hpatd+CEFhBL
3dwM5GicCanfUpaX+BOPVmLdcE0CWarb1hN1ZwAhLHFxGCektcYYNF8u8ciyrE6P
quK5B4KtHhTiBXJ5D1n3I84cU7Ol9U1UPjbJ3M2ilxgQ9W+xdNfdyASue1oXtyLS
iqjE3+WIaefskKPyny6rZFYzATB/O62obk9jMF3HnfqA7ioMnmDNZ8ZpLnjsYxrS
rAxKcc1mXAko3XIz1lez5buavc115s1DjM/0y3CyGYiaanJQyOScr7soDljpwqKj
wDL6Hg2usyH9ye9q2cwWz8zbIfKx+Zmb4U8roUqYYVcBW9NWbQCXrcRW7A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:31 2024 by rpki-client on console-fra.rpki-client.org