Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/9SqCvybY1PM6NhQXZrdadh-pSN8.roa
File: 9SqCvybY1PM6NhQXZrdadh-pSN8.roa (raw, json)
Hash identifier: oK3oDqA5G8RYUSn0cDLrnSwOU2cD/EHbGmuuTLmeLqo=
Subject key identifier: F5:2A:82:BF:26:D8:D4:F3:3A:36:14:17:66:B7:5A:76:1F:A9:48:DF
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0184C69ABDB964B945CE43697A6EECF74C8D
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/9SqCvybY1PM6NhQXZrdadh-pSN8.roa
Signing time: Wed 30 Nov 2022 03:35:40 +0000
ROA not before: Wed 30 Nov 2022 03:35:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 162.218.90.0/24 maxlen: 24
162.218.95.0/24 maxlen: 24
212.60.15.0/24 maxlen: 24
185.205.205.0/24 maxlen: 24
185.253.122.0/24 maxlen: 24
5.182.192.0/24 maxlen: 24
31.132.52.0/24 maxlen: 24
185.187.212.0/24 maxlen: 24
45.67.140.0/24 maxlen: 24
63.246.150.0/24 maxlen: 24
92.249.31.0/24 maxlen: 24
192.145.71.0/24 maxlen: 24
147.78.206.0/24 maxlen: 24
147.78.205.0/24 maxlen: 24
185.230.122.0/24 maxlen: 24
94.154.177.0/24 maxlen: 24
217.197.169.0/24 maxlen: 24
94.154.182.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c6:9a:bd:b9:64:b9:45:ce:43:69:7a:6e:ec:f7:4c:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Nov 30 03:35:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f52a82bf26d8d4f33a36141766b75a761fa948df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:25:99:72:0f:bd:c3:7a:4d:df:e6:59:28:15:
e5:57:50:74:55:0c:65:78:1b:3b:3e:b5:d9:7f:5a:
c0:0d:01:47:80:3a:60:c5:89:b5:c8:7a:75:86:bb:
d7:b7:fb:0c:fe:e4:52:27:cf:e2:a4:09:11:f3:e4:
2e:de:da:0a:be:a0:80:a8:22:0e:f2:8c:f7:00:8b:
7a:2f:aa:43:d4:77:91:b5:0c:99:b1:95:7d:63:94:
9f:88:be:1c:d9:09:a8:a3:15:18:e2:77:df:c5:b5:
07:6a:58:b0:1c:74:9e:7e:6c:72:93:40:72:1d:03:
f6:35:d2:d5:d9:df:f2:6e:52:75:37:be:0b:48:0e:
97:1e:c9:e2:43:2e:ab:df:db:87:7e:79:2d:22:5d:
68:40:13:53:5d:0d:31:f1:a6:55:84:61:2d:f8:62:
11:53:5e:ef:01:8d:4f:22:66:8a:8b:e8:af:24:df:
d6:b6:e1:86:7c:6c:71:b0:56:e6:d1:3c:d2:9d:04:
1d:60:62:a7:60:6a:8b:b5:03:06:98:88:11:ee:82:
96:5d:67:9c:93:54:fc:39:e8:f2:66:83:d2:44:1b:
bc:79:12:df:1c:bf:f4:5f:7b:55:3c:e6:76:72:87:
6a:53:be:b1:fa:68:0b:74:72:18:d7:b1:b6:5c:54:
bb:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:2A:82:BF:26:D8:D4:F3:3A:36:14:17:66:B7:5A:76:1F:A9:48:DF
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/9SqCvybY1PM6NhQXZrdadh-pSN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.192.0/24
31.132.52.0/24
45.67.140.0/24
63.246.150.0/24
92.249.31.0/24
94.154.177.0/24
94.154.182.0/24
147.78.205.0-147.78.206.255
162.218.90.0/24
162.218.95.0/24
185.187.212.0/24
185.205.205.0/24
185.230.122.0/24
185.253.122.0/24
192.145.71.0/24
212.60.15.0/24
217.197.169.0/24
Signature Algorithm: sha256WithRSAEncryption
59:b7:8a:a9:c5:4e:17:7a:10:6a:a7:e1:21:0f:45:e2:08:f1:
e3:71:77:55:e7:c7:c7:5e:fc:76:09:da:2e:9a:e5:39:9f:25:
29:d2:a5:f4:fa:b5:38:c9:da:6a:77:3a:c7:e4:f4:c7:93:e6:
99:3d:17:42:45:f3:5f:f3:cf:13:49:7c:ad:f5:90:52:b5:81:
42:85:33:5b:b2:dc:6e:8f:bf:8f:37:6e:c1:a7:45:ab:e0:5b:
8b:7b:eb:59:9b:3b:26:c4:2c:53:da:a4:87:b1:94:a6:22:07:
85:92:a7:52:fa:f0:72:89:1b:b4:30:3d:3a:6b:e2:0b:0d:e9:
92:38:c4:83:7c:f5:ab:38:7b:ad:74:34:eb:73:eb:8c:8c:e9:
aa:a3:66:f4:8e:89:a4:f7:a9:be:5d:d4:c3:ca:4a:26:75:55:
7d:30:3e:ae:28:3e:e3:07:17:a8:25:08:c1:64:2e:fd:e9:e0:
ab:5c:6e:0a:4c:af:60:c1:6a:2f:5e:e1:de:23:11:4c:00:8f:
a7:7a:dd:2f:88:d3:fe:22:58:81:fa:0d:34:a1:e8:73:0c:df:
db:f7:ea:a6:0e:b5:4c:9d:5d:dc:f6:bb:8c:e1:a2:5e:d5:f0:
3b:82:46:1d:ce:91:e2:56:1f:4b:7c:81:64:fb:bd:73:8e:22:
76:92:89:82
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYTGmr25ZLlFzkNpem7s90yNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjIxMTMwMDMzNTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTJhODJiZjI2ZDhkNGYzM2EzNjE0MTc2NmI3NWE3NjFmYTk0OGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyWZcg+9w3pN3+ZZKBXlV1B0VQxl
eBs7PrXZf1rADQFHgDpgxYm1yHp1hrvXt/sM/uRSJ8/ipAkR8+Qu3toKvqCAqCIO
8oz3AIt6L6pD1HeRtQyZsZV9Y5SfiL4c2QmooxUY4nffxbUHaliwHHSefmxyk0By
HQP2NdLV2d/yblJ1N74LSA6XHsniQy6r39uHfnktIl1oQBNTXQ0x8aZVhGEt+GIR
U17vAY1PImaKi+ivJN/WtuGGfGxxsFbm0TzSnQQdYGKnYGqLtQMGmIgR7oKWXWec
k1T8OejyZoPSRBu8eRLfHL/0X3tVPOZ2codqU76x+mgLdHIY17G2XFS72QIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFPUqgr8m2NTzOjYUF2a3WnYfqUjfMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvOVNxQ3Z5YlkxUE02TmhRWFpyZGFkaC1wU044LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAAW2wAME
AB+ENAMEAC1DjAMEAD/2lgMEAFz5HwMEAF6asQMEAF6atjAMAwQAk07NAwQAk07O
AwQAotpaAwQAotpfAwQAubvUAwQAuc3NAwQAueZ6AwQAuf16AwQAwJFHAwQA1DwP
AwQA2cWpMA0GCSqGSIb3DQEBCwUAA4IBAQBZt4qpxU4XehBqp+EhD0XiCPHjcXdV
58fHXvx2CdoumuU5nyUp0qX0+rU4ydpqdzrH5PTHk+aZPRdCRfNf888TSXyt9ZBS
tYFChTNbstxuj7+PN27Bp0Wr4FuLe+tZmzsmxCxT2qSHsZSmIgeFkqdS+vByiRu0
MD06a+ILDemSOMSDfPWrOHutdDTrc+uMjOmqo2b0jomk96m+XdTDykomdVV9MD6u
KD7jBxeoJQjBZC796eCrXG4KTK9gwWovXuHeIxFMAI+net0viNP+IliB+g00oehz
DN/b9+qmDrVMnV3c9ruM4aJe1fA7gkYdzpHiVh9LfIFk+71zjiJ2komC
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:58 2023 by rpki-client on console-fra.rpki-client.org