Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Iph7lkZbdpcochedSJw-i3iRdgo.roa
File: Iph7lkZbdpcochedSJw-i3iRdgo.roa (raw, json)
Hash identifier: HkIeEGWNs5LKmGlSNC0sCSycQaAtDXk2ctVgjOqtgtg=
Subject key identifier: 22:98:7B:96:46:5B:76:97:28:72:17:9D:48:9C:3E:8B:78:91:76:0A
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 08A14005
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Iph7lkZbdpcochedSJw-i3iRdgo.roa
Signing time: Sat 01 Jan 2022 11:04:10 +0000
ROA not before: Sat 01 Jan 2022 11:04:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13213
IP address blocks: 162.218.89.0/24 maxlen: 24
162.218.88.0/24 maxlen: 24
162.218.91.0/24 maxlen: 24
162.218.94.0/24 maxlen: 24
162.218.93.0/24 maxlen: 24
162.218.92.0/24 maxlen: 24
212.60.14.0/24 maxlen: 24
185.187.213.0/24 maxlen: 24
185.187.215.0/24 maxlen: 24
185.187.214.0/24 maxlen: 24
79.98.182.0/24 maxlen: 24
78.31.206.0/24 maxlen: 24
78.31.207.0/24 maxlen: 24
185.171.126.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
185.230.123.0/24 maxlen: 24
185.230.121.0/24 maxlen: 24
185.230.120.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
185.208.155.0/24 maxlen: 24
185.208.154.0/24 maxlen: 24
45.67.146.0/24 maxlen: 24
185.205.206.0/24 maxlen: 24
185.52.137.0/24 maxlen: 24
185.52.136.0/24 maxlen: 24
185.52.139.0/24 maxlen: 24
185.52.138.0/24 maxlen: 24
185.205.207.0/24 maxlen: 24
185.161.191.0/24 maxlen: 24
185.201.40.0/24 maxlen: 24
5.182.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144785413 (0x8a14005)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 1 11:04:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22987b96465b76972872179d489c3e8b7891760a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:53:5e:6e:3e:c0:b1:d4:38:5d:84:5a:7a:2a:
8b:d1:55:9d:0f:d7:5a:63:09:ce:28:41:36:a3:66:
0e:ee:e5:e2:2b:02:46:74:4d:30:d0:f3:f9:c1:e8:
d3:7f:ed:5e:96:4c:74:53:9a:4a:fc:83:ac:ab:ea:
a2:63:90:47:cb:ac:5b:86:eb:16:2e:0d:5e:a8:51:
d1:f8:39:c1:62:c2:cd:e5:6c:ec:ca:68:53:85:d0:
bd:5b:cc:55:43:e8:fc:88:52:4c:20:15:d5:ef:46:
19:ad:2b:9b:68:b4:d7:a7:4a:d9:07:da:4e:bf:b6:
12:e2:33:f8:91:44:35:b8:fb:85:c5:b7:f2:47:50:
60:a2:c8:e7:b9:1e:d1:b2:a8:27:0c:88:09:d5:92:
28:0a:86:98:4e:a4:1c:ed:16:58:22:70:d8:b3:1e:
50:5c:de:9d:84:10:bd:fe:4c:60:b6:43:df:87:c2:
d1:b5:88:9e:8b:c4:7c:91:38:ef:71:ce:e2:a3:a5:
67:54:5c:8d:6c:1c:bb:93:8f:8f:10:fb:95:2f:d6:
1f:de:ec:1c:22:2c:12:e5:0e:95:24:c5:8c:d9:69:
9d:35:19:df:00:1f:15:b0:64:47:d4:3e:6f:19:71:
9f:64:3b:a2:fd:d1:ab:46:a5:8f:e7:bc:3d:b3:84:
11:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:98:7B:96:46:5B:76:97:28:72:17:9D:48:9C:3E:8B:78:91:76:0A
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Iph7lkZbdpcochedSJw-i3iRdgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.184.0/24
45.67.146.0/24
78.31.206.0/23
79.98.182.0/24
162.218.88.0/23
162.218.91.0-162.218.94.255
185.52.136.0/22
185.161.191.0/24
185.171.126.0/24
185.187.213.0-185.187.215.255
185.201.40.0/24
185.205.206.0/23
185.208.152.0/22
185.230.120.0/23
185.230.123.0/24
212.60.14.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:8d:5b:a8:f5:54:2e:bc:da:c6:6c:54:6b:55:d3:39:94:2a:
6d:a4:15:90:62:f2:96:79:c9:f8:06:a2:bc:be:b1:d0:48:57:
39:0e:f6:49:e3:25:ae:d0:0a:18:15:5b:0f:80:7f:68:41:89:
52:28:f3:d1:a1:47:ea:87:d9:a5:ff:e5:5e:a0:a3:27:c9:61:
c0:3c:4c:58:de:d9:1b:3c:5b:9d:71:76:0f:32:a6:b5:61:6e:
f5:90:57:ec:2e:25:8d:88:09:5f:e6:96:4e:1c:b0:51:44:f6:
9d:e7:d9:8f:6f:b1:73:b5:bf:0d:9f:a7:ff:09:d2:9c:7f:ac:
dc:d9:9a:81:1f:10:63:dc:04:45:69:53:d8:2b:9a:20:63:23:
12:c4:11:fc:97:6e:b3:ff:3e:18:27:3a:bf:35:bb:6a:26:55:
a5:3e:51:86:d4:c4:df:32:e9:ec:b3:83:8d:ae:9a:ad:e7:21:
82:97:2d:dc:da:37:8b:ff:77:63:0c:b9:17:e3:0e:bf:4a:c1:
1c:c0:d1:4e:28:b4:11:48:2d:21:6a:ca:d6:34:77:2f:dc:7c:
cd:7a:9d:8c:17:f8:99:6d:fb:5f:53:ff:b5:fd:eb:46:d8:ce:
a1:79:a7:70:d1:20:1e:af:ec:74:b6:28:a1:38:35:9b:ed:d9:
89:03:6a:38
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgIECKFABTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MmI3OGY2NjgyZmMzOWM1NWI0MWQ0OGY4MGI4ODM4ZDVkMmRiZjA3MB4XDTIyMDEw
MTExMDQxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjI5ODdiOTY0NjVi
NzY5NzI4NzIxNzlkNDg5YzNlOGI3ODkxNzYwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKtTXm4+wLHUOF2EWnoqi9FVnQ/XWmMJzihBNqNmDu7l4isC
RnRNMNDz+cHo03/tXpZMdFOaSvyDrKvqomOQR8usW4brFi4NXqhR0fg5wWLCzeVs
7MpoU4XQvVvMVUPo/IhSTCAV1e9GGa0rm2i016dK2QfaTr+2EuIz+JFENbj7hcW3
8kdQYKLI57ke0bKoJwyICdWSKAqGmE6kHO0WWCJw2LMeUFzenYQQvf5MYLZD34fC
0bWInovEfJE473HO4qOlZ1RcjWwcu5OPjxD7lS/WH97sHCIsEuUOlSTFjNlpnTUZ
3wAfFbBkR9Q+bxlxn2Q7ov3Rq0alj+e8PbOEEYUCAwEAAaOCAnQwggJwMB0GA1Ud
DgQWBBQimHuWRlt2lyhyF51InD6LeJF2CjAfBgNVHSMEGDAWgBRyt49mgvw5xVtB
1I+AuIONXS2/BzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NyZVBab0w4T2NWYlFkU1BnTGlEalYwdHZ3Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvM2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8x
L0lwaDdsa1piZHBjb2NoZWRTSnctaTNpUmRnby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
M2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8xL2NyZVBab0w4T2NW
YlFkU1BnTGlEalYwdHZ3Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
iQYIKwYBBQUHAQcBAf8EejB4MHYEAgABMHADBAAFtrgDBAAtQ5IDBAFOH84DBABP
YrYDBAGi2lgwDAMEAKLaWwMEAKLaXgMEArk0iAMEALmhvwMEALmrfjAMAwQAubvV
AwQDubvQAwQAuckoAwQBuc3OAwQCudCYAwQBueZ4AwQAueZ7AwQA1DwOMA0GCSqG
SIb3DQEBCwUAA4IBAQAKjVuo9VQuvNrGbFRrVdM5lCptpBWQYvKWecn4BqK8vrHQ
SFc5DvZJ4yWu0AoYFVsPgH9oQYlSKPPRoUfqh9ml/+VeoKMnyWHAPExY3tkbPFud
cXYPMqa1YW71kFfsLiWNiAlf5pZOHLBRRPad59mPb7Fztb8Nn6f/CdKcf6zc2ZqB
HxBj3ARFaVPYK5ogYyMSxBH8l26z/z4YJzq/NbtqJlWlPlGG1MTfMunss4ONrpqt
5yGCly3c2jeL/3djDLkX4w6/SsEcwNFOKLQRSC0hasrWNHcv3HzNep2MF/iZbftf
U/+1/etG2M6headw0SAer+x0tiihODWb7dmJA2o4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:58 2023 by rpki-client on console-fra.rpki-client.org