Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/IaejS5wH1fxKKpPCyKUmJ3LKML4.roa
File: IaejS5wH1fxKKpPCyKUmJ3LKML4.roa (raw, json)
Hash identifier: TCRe6Wfh0upm1rP6y2Uh9KD4i0OedX+j0c02XV6EvYU=
Subject key identifier: 21:A7:A3:4B:9C:07:D5:FC:4A:2A:93:C2:C8:A5:26:27:72:CA:30:BE
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F14BC0EBC04F2D9A0B52B9F25641E0FC
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/IaejS5wH1fxKKpPCyKUmJ3LKML4.roa
Signing time: Thu 08 Dec 2022 10:33:04 +0000
ROA not before: Thu 08 Dec 2022 10:33:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42891
IP address blocks: 109.188.0.0/16 maxlen: 24
212.14.160.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
91.193.212.0/22 maxlen: 22
193.201.228.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
178.23.144.0/21 maxlen: 24
212.44.64.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
109.124.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:4b:c0:eb:c0:4f:2d:9a:0b:52:b9:f2:56:41:e0:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 10:33:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21a7a34b9c07d5fc4a2a93c2c8a5262772ca30be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:48:a5:b6:e0:a8:34:01:4b:64:7d:2e:4b:0b:
38:89:8f:7d:5b:87:93:00:be:8d:c3:31:f1:32:16:
1c:88:c7:13:7c:0c:eb:46:96:79:60:e3:97:7f:5c:
d1:81:8f:37:6a:30:3f:8b:da:7e:d0:f3:4d:0a:5f:
59:0e:4e:60:5d:57:6e:3c:44:f0:68:52:50:69:21:
c2:65:b0:32:f2:e7:41:3b:83:3a:a3:ac:97:e1:f1:
38:0f:74:02:f9:f4:39:cf:ba:8d:51:c0:b2:80:78:
94:8e:9f:28:0a:ca:95:af:cd:fd:f3:26:6c:e5:e8:
6f:23:dd:28:65:f9:2d:ed:ef:f0:77:ce:86:0a:39:
02:4c:43:96:1f:e7:f6:cb:69:e0:f4:fa:c8:b3:6b:
2b:c5:6a:8c:0c:ff:0e:ce:2a:8e:a2:18:ad:ce:0d:
6c:4f:b9:a0:98:7f:7f:2f:9e:ee:32:db:a2:13:21:
59:c5:46:cb:1b:d5:38:38:18:b8:7e:41:fd:14:1b:
9c:46:f7:67:3e:cf:c2:d3:df:ab:5a:35:30:dc:85:
07:e6:a4:fa:d5:bc:78:09:cc:22:80:44:3f:ea:2d:
dd:32:d3:87:4c:a4:88:ed:94:cb:36:fa:d6:87:9e:
1f:be:d6:04:3c:ff:7e:b7:91:34:18:15:de:26:e3:
10:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:A7:A3:4B:9C:07:D5:FC:4A:2A:93:C2:C8:A5:26:27:72:CA:30:BE
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/IaejS5wH1fxKKpPCyKUmJ3LKML4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.212.0/22
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
ab:91:2d:16:7f:e6:76:ed:b0:5b:ef:64:59:73:d4:25:eb:4c:
44:a9:6c:c4:28:37:42:09:8d:32:63:01:c0:5d:4d:ef:94:02:
a0:38:be:32:ba:c0:1e:dd:47:b2:63:f9:42:9e:d7:5c:f2:4a:
fa:39:c5:2c:05:e1:58:35:fc:e1:33:e4:d3:78:3f:ea:07:de:
8c:c9:40:f7:e3:6b:38:07:4b:f3:28:02:e9:84:e0:62:f5:8d:
3d:7d:8e:10:f3:f6:22:32:32:d8:14:81:1e:a9:b9:ff:a5:3a:
c3:26:2c:31:ae:5c:da:88:8c:31:7e:b3:e3:3b:32:96:6e:b4:
ed:2e:ca:03:be:67:65:0b:6d:9d:1b:97:2b:77:25:bd:fe:f7:
7c:6a:21:82:85:1c:45:dd:24:f6:a1:0f:67:c8:b9:de:fd:85:
f5:cd:49:59:59:cf:0c:9d:28:cf:52:74:92:85:0e:93:c6:5a:
8e:93:1b:c8:a5:e5:bc:8e:b0:68:f0:f5:db:23:b0:70:c9:d5:
31:a2:48:0a:3a:27:8c:0f:6e:a4:4b:5d:31:cd:8e:0d:3b:84:
d5:41:ae:24:c9:14:d3:96:46:01:3f:2f:4e:68:84:df:14:c7:
1b:77:ca:6e:ce:18:a1:27:93:30:d0:c9:ee:85:63:0d:2e:b7:
f0:32:98:bd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYTxS8DrwE8tmgtSufJWQeD8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTAzMzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWE3YTM0YjljMDdkNWZjNGEyYTkzYzJjOGE1MjYyNzcyY2EzMGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUiltuCoNAFLZH0uSws4iY99W4eT
AL6NwzHxMhYciMcTfAzrRpZ5YOOXf1zRgY83ajA/i9p+0PNNCl9ZDk5gXVduPETw
aFJQaSHCZbAy8udBO4M6o6yX4fE4D3QC+fQ5z7qNUcCygHiUjp8oCsqVr8398yZs
5ehvI90oZfkt7e/wd86GCjkCTEOWH+f2y2ng9PrIs2srxWqMDP8OziqOohitzg1s
T7mgmH9/L57uMtuiEyFZxUbLG9U4OBi4fkH9FBucRvdnPs/C09+rWjUw3IUH5qT6
1bx4CcwigEQ/6i3dMtOHTKSI7ZTLNvrWh54fvtYEPP9+t5E0GBXeJuMQGQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFCGno0ucB9X8SiqTwsilJidyyjC+MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvSWFlalM1d0gxZnhLS3BQQ3lLVW1KM0xLTUw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAJb
wdQDBAZtfEADAwBtvAMEBoDMQAMEA7IXkAMEArkDIAMEArnSjAMEA7xeqAMDALyi
AwQCwcnkAwQFwwWAAwQFwxBgAwQBw050AwQAw5VvAwQFw+ZAAwQF1A6gAwQF1CxA
AwQF1EVgAwQF1HegAwQF1ZqgAwQF1aggAwQG1fNAAwQE2XNQMA0GCSqGSIb3DQEB
CwUAA4IBAQCrkS0Wf+Z27bBb72RZc9Ql60xEqWzEKDdCCY0yYwHAXU3vlAKgOL4y
usAe3UeyY/lCntdc8kr6OcUsBeFYNfzhM+TTeD/qB96MyUD342s4B0vzKALphOBi
9Y09fY4Q8/YiMjLYFIEeqbn/pTrDJiwxrlzaiIwxfrPjOzKWbrTtLsoDvmdlC22d
G5crdyW9/vd8aiGChRxF3ST2oQ9nyLne/YX1zUlZWc8MnSjPUnSShQ6TxlqOkxvI
peW8jrBo8PXbI7BwydUxokgKOieMD26kS10xzY4NO4TVQa4kyRTTlkYBPy9OaITf
FMcbd8puzhihJ5Mw0MnuhWMNLrfwMpi9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:25 2024 by rpki-client on console-fra.rpki-client.org