Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/pKD7zLYb9aeRc57V3GOCuScfGpw.roa
File: pKD7zLYb9aeRc57V3GOCuScfGpw.roa (raw, json)
Hash identifier: DGWm9cGpEDial2nKc2lvOa2A1zUx2TK/P/WBLL38+Lg=
Subject key identifier: A4:A0:FB:CC:B6:1B:F5:A7:91:73:9E:D5:DC:63:82:B9:27:1F:1A:9C
Certificate issuer: /CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Certificate serial: 0182EE2171B56E85C9007889D4AEB0969338
Authority key identifier: 86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/pKD7zLYb9aeRc57V3GOCuScfGpw.roa
Signing time: Tue 30 Aug 2022 09:42:25 +0000
ROA not before: Tue 30 Aug 2022 09:42:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8784
IP address blocks: 83.169.120.0/24 maxlen: 24
83.169.119.0/24 maxlen: 24
83.169.123.0/24 maxlen: 24
83.169.122.0/24 maxlen: 24
83.169.121.0/24 maxlen: 24
83.169.71.0/24 maxlen: 24
83.169.70.0/24 maxlen: 24
83.169.69.0/24 maxlen: 24
83.169.64.0/18 maxlen: 18
83.169.73.0/24 maxlen: 24
83.169.85.0/24 maxlen: 24
83.169.84.0/24 maxlen: 24
83.169.81.0/24 maxlen: 24
83.169.80.0/24 maxlen: 24
83.169.103.0/24 maxlen: 24
83.169.102.0/24 maxlen: 24
83.169.100.0/24 maxlen: 24
83.169.99.0/24 maxlen: 24
83.169.118.0/24 maxlen: 24
83.169.117.0/24 maxlen: 24
83.169.116.0/24 maxlen: 24
83.169.115.0/24 maxlen: 24
83.169.114.0/24 maxlen: 24
194.117.211.0/24 maxlen: 24
194.117.208.0/20 maxlen: 20
194.117.219.0/24 maxlen: 24
195.46.192.0/19 maxlen: 19
213.139.96.0/19 maxlen: 19
195.46.198.0/24 maxlen: 24
195.46.195.0/24 maxlen: 24
195.46.193.0/24 maxlen: 24
213.139.112.0/24 maxlen: 24
213.139.111.0/24 maxlen: 24
195.46.204.0/24 maxlen: 24
195.46.213.0/24 maxlen: 24
213.139.117.0/24 maxlen: 24
195.46.210.0/24 maxlen: 24
195.46.209.0/24 maxlen: 24
195.46.216.0/24 maxlen: 24
195.46.214.0/24 maxlen: 24
195.46.219.0/24 maxlen: 24
213.139.123.0/24 maxlen: 24
195.46.223.0/24 maxlen: 24
178.22.152.0/21 maxlen: 21
212.37.192.0/19 maxlen: 19
194.153.214.0/24 maxlen: 24
2a02:d50::/32 maxlen: 32
2001:4b90::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ee:21:71:b5:6e:85:c9:00:78:89:d4:ae:b0:96:93:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Validity
Not Before: Aug 30 09:42:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a4a0fbccb61bf5a791739ed5dc6382b9271f1a9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:39:1b:57:64:6f:d9:f4:2c:d9:db:68:91:3b:
3e:a5:03:3b:e5:cf:63:98:27:e0:5b:75:12:a2:2f:
35:aa:94:4f:34:45:5e:b8:eb:fb:01:65:61:b9:27:
b0:df:45:c3:b0:18:97:da:4c:44:8f:31:62:0d:b6:
e9:99:a9:9e:eb:4c:27:4d:1d:30:9d:8e:f8:bc:e8:
4f:35:5c:73:f2:a6:de:fd:01:64:ff:36:23:05:cb:
e4:f4:2f:4e:82:60:1e:ae:2d:24:4d:cd:72:74:db:
e1:f0:1e:87:36:e3:4a:26:8f:a3:c2:25:f6:a1:be:
84:d5:4c:84:06:23:78:50:0c:ca:fa:39:8c:71:3c:
63:12:54:2a:80:d5:b3:ad:b1:a3:ef:22:6f:cb:d4:
c5:75:ac:bd:92:99:d7:8e:e1:f6:e1:0e:bc:e7:85:
cb:60:84:ba:ee:87:a9:25:09:d0:86:cc:76:41:be:
b6:c5:5a:2b:02:35:09:c0:e0:ba:2f:c1:ed:cf:27:
7d:54:65:b8:36:88:00:0f:3e:90:0d:94:a6:a6:f5:
57:61:90:f1:8f:b5:2b:a3:dd:bf:0a:ce:ed:14:6b:
11:1a:cc:75:07:5f:9e:1e:9c:a4:79:2a:da:2b:b0:
20:59:ac:d7:95:82:10:57:13:91:b5:ca:f3:47:97:
22:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:A0:FB:CC:B6:1B:F5:A7:91:73:9E:D5:DC:63:82:B9:27:1F:1A:9C
X509v3 Authority Key Identifier:
keyid:86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/pKD7zLYb9aeRc57V3GOCuScfGpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.169.64.0/18
178.22.152.0/21
194.117.208.0/20
194.153.214.0/24
195.46.192.0/19
212.37.192.0/19
213.139.96.0/19
IPv6:
2001:4b90::/32
2a02:d50::/32
Signature Algorithm: sha256WithRSAEncryption
ab:47:c4:ed:54:e6:4e:0f:8c:36:e6:21:89:99:6a:a9:58:62:
b4:31:07:cd:ce:c9:c1:fb:ea:15:28:4a:5f:f5:ce:df:54:04:
6d:87:f4:c5:37:96:13:26:a4:39:e5:85:8c:fe:27:55:c0:bc:
e2:f6:78:10:72:69:0e:e8:b9:78:91:fd:b9:a0:99:0d:45:ec:
cd:1e:93:ad:61:00:d9:b0:b9:7b:95:aa:0d:5c:56:ad:8a:45:
8b:b9:b8:70:38:ce:ac:9d:ad:18:0e:5c:f1:f8:98:6e:37:2a:
8e:88:db:1f:41:a7:9d:c4:15:b5:cc:80:61:9d:82:b0:df:a3:
d8:9f:07:bc:27:13:cd:da:61:18:93:5f:00:8d:0d:28:57:eb:
b3:3e:e0:7b:d6:79:aa:9d:ca:67:5e:e8:94:70:1e:90:de:47:
83:5a:85:f3:cf:3e:3e:86:96:3c:6d:b1:de:50:18:2c:e6:67:
b0:d9:0c:8d:eb:05:7d:ab:5e:f7:64:17:ef:23:03:8a:1f:c6:
70:3e:28:db:cb:ba:36:da:21:55:97:4b:4c:32:11:2a:91:9e:
21:a2:d0:04:89:8f:65:aa:b5:1e:e7:f6:69:9a:d2:8b:bc:8b:
e0:68:81:1e:82:a8:03:25:e4:f2:ec:38:53:d6:b5:56:e5:91:
aa:fb:0a:aa
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYLuIXG1boXJAHiJ1K6wlpM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MjRmM2Y2NjFmMjRiZTVmZWY2NDFkYzcyMmU1Y2Y1YWM4
NzM4OWUwHhcNMjIwODMwMDk0MjI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGEwZmJjY2I2MWJmNWE3OTE3MzllZDVkYzYzODJiOTI3MWYxYTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTkbV2Rv2fQs2dtokTs+pQM75c9j
mCfgW3USoi81qpRPNEVeuOv7AWVhuSew30XDsBiX2kxEjzFiDbbpmame60wnTR0w
nY74vOhPNVxz8qbe/QFk/zYjBcvk9C9OgmAeri0kTc1ydNvh8B6HNuNKJo+jwiX2
ob6E1UyEBiN4UAzK+jmMcTxjElQqgNWzrbGj7yJvy9TFday9kpnXjuH24Q6854XL
YIS67oepJQnQhsx2Qb62xVorAjUJwOC6L8Htzyd9VGW4NogADz6QDZSmpvVXYZDx
j7Uro92/Cs7tFGsRGsx1B1+eHpykeSraK7AgWazXlYIQVxORtcrzR5ciawIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFKSg+8y2G/WnkXOe1dxjgrknHxqcMB8GA1UdIwQY
MBaAFIYk8/Zh8kvl/vZB3HIuXPWshzieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMt
MjVlNTM1YzhhNWI5LzEvcEtEN3pMWWI5YWVSYzU3VjNHT0N1U2NmR3B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMtMjVlNTM1YzhhNWI5
LzEvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQGU6lAAwQD
shaYAwQEwnXQAwQAwpnWAwQFwy7AAwQF1CXAAwQF1YtgMBQEAgACMA4DBQAgAUuQ
AwUAKgINUDANBgkqhkiG9w0BAQsFAAOCAQEAq0fE7VTmTg+MNuYhiZlqqVhitDEH
zc7JwfvqFShKX/XO31QEbYf0xTeWEyakOeWFjP4nVcC84vZ4EHJpDui5eJH9uaCZ
DUXszR6TrWEA2bC5e5WqDVxWrYpFi7m4cDjOrJ2tGA5c8fiYbjcqjojbH0GnncQV
tcyAYZ2CsN+j2J8HvCcTzdphGJNfAI0NKFfrsz7ge9Z5qp3KZ17olHAekN5Hg1qF
888+PoaWPG2x3lAYLOZnsNkMjesFfate92QX7yMDih/GcD4o28u6NtohVZdLTDIR
KpGeIaLQBImPZaq1Huf2aZrSi7yL4GiBHoKoAyXk8uw4U9a1VuWRqvsKqg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:41 2024 by rpki-client on console-fra.rpki-client.org