Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/wH2OcKbHuHeRv5e2tBOy6Sfm3mc.roa
File: wH2OcKbHuHeRv5e2tBOy6Sfm3mc.roa (raw, json)
Hash identifier: rTnLV4rBM4RCP+8tTZ5/4DsAn5Tx569Iej4QFaw3jzI=
Subject key identifier: C0:7D:8E:70:A6:C7:B8:77:91:BF:97:B6:B4:13:B2:E9:27:E6:DE:67
Certificate issuer: /CN=9a526a73ce8f9f62c14a11a2ea913ec273d58c46
Certificate serial: 07FB84E2
Authority key identifier: 9A:52:6A:73:CE:8F:9F:62:C1:4A:11:A2:EA:91:3E:C2:73:D5:8C:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mlJqc86Pn2LBShGi6pE-wnPVjEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/wH2OcKbHuHeRv5e2tBOy6Sfm3mc.roa
Signing time: Sat 01 Jan 2022 16:01:34 +0000
ROA not before: Sat 01 Jan 2022 16:01:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35237
IP address blocks: 185.157.96.0/23 maxlen: 24
84.252.144.0/23 maxlen: 24
185.157.99.0/24 maxlen: 24
84.252.147.0/24 maxlen: 24
84.252.146.0/24 maxlen: 24
91.217.194.0/24 maxlen: 24
194.54.15.0/24 maxlen: 24
194.54.14.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133924066 (0x7fb84e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a526a73ce8f9f62c14a11a2ea913ec273d58c46
Validity
Not Before: Jan 1 16:01:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c07d8e70a6c7b87791bf97b6b413b2e927e6de67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f9:fe:17:23:78:52:63:11:82:1e:52:a5:4b:
a7:eb:3c:99:94:b4:0f:98:21:d9:4d:33:ec:5a:2f:
47:14:ca:87:56:a7:ae:ec:75:d0:1b:23:0b:6b:a0:
de:61:1b:82:d9:0a:fc:b1:4a:ea:78:dd:a8:74:4c:
18:ae:d0:a2:7c:96:5c:1f:0f:90:3e:24:2a:1d:64:
35:a2:36:32:8c:47:02:12:df:f4:1a:5e:fa:05:3e:
2b:b9:ee:f6:c3:9b:59:94:a4:37:40:ea:e3:de:f7:
49:bc:c6:41:91:9f:15:dd:37:bc:8b:d4:7f:d8:0c:
e1:f2:55:ab:b0:5d:31:90:f3:4b:6a:38:47:46:da:
f6:1e:22:fb:4f:26:75:e3:22:8c:7c:c9:af:0f:d5:
a6:c7:12:47:28:87:4f:6e:9e:e1:f4:5e:9b:c6:4a:
50:ca:6d:c6:39:a2:b8:ca:4d:e0:ae:ae:3d:6f:09:
d8:8e:03:ef:4d:57:75:f2:b6:f6:f7:c2:51:34:09:
f6:75:6f:6c:25:f0:e7:c6:07:3d:d5:39:06:38:3c:
45:de:2a:56:f6:f5:8d:3c:03:e3:88:41:c7:53:81:
77:ec:83:cf:0a:e9:57:20:8e:0e:8e:59:08:1a:10:
d2:64:0b:70:99:3c:f2:61:2f:57:b4:aa:1d:9a:6c:
38:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:7D:8E:70:A6:C7:B8:77:91:BF:97:B6:B4:13:B2:E9:27:E6:DE:67
X509v3 Authority Key Identifier:
keyid:9A:52:6A:73:CE:8F:9F:62:C1:4A:11:A2:EA:91:3E:C2:73:D5:8C:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlJqc86Pn2LBShGi6pE-wnPVjEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/wH2OcKbHuHeRv5e2tBOy6Sfm3mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/mlJqc86Pn2LBShGi6pE-wnPVjEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.252.144.0/22
91.217.194.0/24
185.157.96.0/23
185.157.99.0/24
194.54.14.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:95:60:c2:dd:e9:5e:26:1c:d4:ac:ab:03:2f:6c:3d:d7:cc:
35:75:4e:9e:5a:f6:d9:ee:7e:2d:e0:d2:a3:9b:b9:d5:31:46:
33:30:ff:b0:f5:5a:ec:75:5f:18:51:91:43:a8:d6:43:3a:1f:
c8:85:22:1d:49:d7:99:1b:ae:bb:91:df:1b:6c:6b:21:fc:79:
d1:17:33:24:16:95:33:ea:3a:a6:f1:64:38:fa:7a:0d:5c:dd:
fa:e2:7f:3b:ae:dd:28:20:80:24:29:16:2a:4a:32:7d:c1:08:
68:a1:88:4c:d0:12:dd:98:29:35:d1:65:f4:00:e6:ab:56:8b:
bf:98:35:64:32:56:8c:3e:a7:b5:a4:bc:85:ed:93:64:be:1f:
32:f7:36:6d:35:bd:a8:e1:48:17:34:bd:3f:dc:c6:68:7d:54:
51:56:69:39:9d:a2:15:04:1f:83:b5:6c:7e:a2:04:45:29:44:
4d:d5:19:99:61:d0:1d:fe:70:4b:6d:42:57:f4:18:59:6c:30:
9a:5e:f9:75:3e:50:11:9e:9b:3f:cb:bc:43:53:4d:33:23:77:
0e:e9:1f:b0:4c:34:e1:13:d6:9b:31:a1:54:0e:7b:b2:9c:59:
0d:20:74:58:05:6b:6a:c3:ee:4b:c7:a7:2f:f3:47:87:c7:97:
63:da:c7:15
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEB/uE4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTUyNmE3M2NlOGY5ZjYyYzE0YTExYTJlYTkxM2VjMjczZDU4YzQ2MB4XDTIyMDEw
MTE2MDEzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzA3ZDhlNzBhNmM3
Yjg3NzkxYmY5N2I2YjQxM2IyZTkyN2U2ZGU2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALj5/hcjeFJjEYIeUqVLp+s8mZS0D5gh2U0z7FovRxTKh1an
rux10BsjC2ug3mEbgtkK/LFK6njdqHRMGK7QonyWXB8PkD4kKh1kNaI2MoxHAhLf
9Bpe+gU+K7nu9sObWZSkN0Dq4973SbzGQZGfFd03vIvUf9gM4fJVq7BdMZDzS2o4
R0ba9h4i+08mdeMijHzJrw/VpscSRyiHT26e4fRem8ZKUMptxjmiuMpN4K6uPW8J
2I4D701XdfK29vfCUTQJ9nVvbCXw58YHPdU5Bjg8Rd4qVvb1jTwD44hBx1OBd+yD
zwrpVyCODo5ZCBoQ0mQLcJk88mEvV7SqHZpsOGkCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTAfY5wpse4d5G/l7a0E7LpJ+beZzAfBgNVHSMEGDAWgBSaUmpzzo+fYsFK
EaLqkT7Cc9WMRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21sSnFjODZQbjJMQlNoR2k2cEUtd25QVmpFWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvNmZjZGNhLWQxMjEtNDM5MS05Y2ZjLTdkMTZiOTBkYmU3Mi8x
L3dIMk9jS2JIdUhlUnY1ZTJ0Qk95NlNmbTNtYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
NmZjZGNhLWQxMjEtNDM5MS05Y2ZjLTdkMTZiOTBkYmU3Mi8xL21sSnFjODZQbjJM
QlNoR2k2cEUtd25QVmpFWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAlT8kAMEAFvZwgMEAbmdYAMEALmd
YwMEAcI2DjANBgkqhkiG9w0BAQsFAAOCAQEAPJVgwt3pXiYc1KyrAy9sPdfMNXVO
nlr22e5+LeDSo5u51TFGMzD/sPVa7HVfGFGRQ6jWQzofyIUiHUnXmRuuu5HfG2xr
Ifx50RczJBaVM+o6pvFkOPp6DVzd+uJ/O67dKCCAJCkWKkoyfcEIaKGITNAS3Zgp
NdFl9ADmq1aLv5g1ZDJWjD6ntaS8he2TZL4fMvc2bTW9qOFIFzS9P9zGaH1UUVZp
OZ2iFQQfg7VsfqIERSlETdUZmWHQHf5wS21CV/QYWWwwml75dT5QEZ6bP8u8Q1NN
MyN3DukfsEw04RPWmzGhVA57spxZDSB0WAVrasPuS8enL/NHh8eXY9rHFQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:01 2023 by rpki-client on console-fra.rpki-client.org