Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/xK9k1VvPck_F10WFdjCzOCi3RJU.roa
File: xK9k1VvPck_F10WFdjCzOCi3RJU.roa (raw, json)
Hash identifier: M9jp2+EYhOxXKWL7lxHtZDIxbV06a0kTlw2cO15e1Rs=
Subject key identifier: C4:AF:64:D5:5B:CF:72:4F:C5:D7:45:85:76:30:B3:38:28:B7:44:95
Certificate issuer: /CN=9a526a73ce8f9f62c14a11a2ea913ec273d58c46
Certificate serial: 092CF8AD
Authority key identifier: 9A:52:6A:73:CE:8F:9F:62:C1:4A:11:A2:EA:91:3E:C2:73:D5:8C:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mlJqc86Pn2LBShGi6pE-wnPVjEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/xK9k1VvPck_F10WFdjCzOCi3RJU.roa
Signing time: Mon 16 May 2022 12:21:29 +0000
ROA not before: Mon 16 May 2022 12:21:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35237
IP address blocks: 185.157.96.0/23 maxlen: 24
84.252.144.0/23 maxlen: 24
185.157.99.0/24 maxlen: 24
84.252.147.0/24 maxlen: 24
84.252.146.0/24 maxlen: 24
91.217.194.0/24 maxlen: 24
194.54.15.0/24 maxlen: 24
194.54.14.0/24 maxlen: 24
195.43.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153942189 (0x92cf8ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a526a73ce8f9f62c14a11a2ea913ec273d58c46
Validity
Not Before: May 16 12:21:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4af64d55bcf724fc5d745857630b33828b74495
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a0:64:e2:80:86:b5:c0:39:88:c3:f2:74:04:
fb:0d:77:11:02:16:2b:14:00:2b:1d:a0:3b:22:93:
8f:c6:47:0b:0a:36:ee:87:97:88:3a:0f:d4:5b:97:
a4:97:c1:a6:49:6a:5d:d7:af:1d:95:26:54:2a:18:
4a:4b:6d:15:53:13:b1:b8:28:62:97:d2:20:b0:16:
a6:83:77:53:b3:00:2f:ac:b9:8d:a1:43:29:4d:0e:
b7:51:f6:d0:15:30:07:5a:4e:23:30:b2:92:de:f4:
cc:09:a7:86:3d:ee:52:f0:04:6c:58:07:44:5c:d6:
bf:0c:03:a7:b8:69:19:30:5b:cd:26:62:5f:76:be:
b4:c1:2f:cd:36:70:ec:3e:6e:a0:f1:a0:f9:bb:7b:
35:06:f8:2f:ae:a8:b4:60:e9:83:c3:26:13:2b:cb:
ed:d3:e0:ae:93:30:ae:be:46:6c:d3:77:ac:bc:de:
3c:86:00:cf:bf:b5:bc:17:75:bf:60:40:cb:71:d3:
66:2a:e0:28:1d:33:ef:fa:c7:d1:6f:e9:a2:32:d2:
b4:13:f8:48:c0:9e:a6:9d:42:c3:79:b7:c9:72:57:
82:23:e8:b8:f3:35:85:9c:6f:34:b8:13:a3:63:58:
97:8a:cd:8f:4d:3e:89:90:08:4d:3d:a6:f3:70:70:
e6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:AF:64:D5:5B:CF:72:4F:C5:D7:45:85:76:30:B3:38:28:B7:44:95
X509v3 Authority Key Identifier:
keyid:9A:52:6A:73:CE:8F:9F:62:C1:4A:11:A2:EA:91:3E:C2:73:D5:8C:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlJqc86Pn2LBShGi6pE-wnPVjEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/xK9k1VvPck_F10WFdjCzOCi3RJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/mlJqc86Pn2LBShGi6pE-wnPVjEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.252.144.0/22
91.217.194.0/24
185.157.96.0/23
185.157.99.0/24
194.54.14.0/23
195.43.144.0/24
Signature Algorithm: sha256WithRSAEncryption
21:ec:19:c5:b8:d2:d9:fb:66:bd:d8:74:ef:53:6b:e5:26:1c:
09:ff:5d:5b:20:8e:1d:f3:69:f6:a3:e8:8d:6d:01:8e:18:ed:
2e:cd:86:bc:37:a3:66:5e:69:66:bd:39:9b:a4:3b:1a:89:8c:
e6:c3:d8:5a:23:f6:57:79:30:27:64:10:f2:1d:8e:03:df:dc:
fd:72:dc:08:56:38:56:d6:82:00:b0:e5:86:8a:77:9c:db:7b:
1f:7e:66:53:f1:47:3d:39:49:d9:83:8e:08:46:c1:24:48:d2:
61:48:f6:a8:b1:fb:4f:28:a0:61:da:87:63:61:1c:b8:b0:27:
fd:84:37:52:7d:b0:19:ab:76:d6:a1:55:1e:8b:bf:7b:64:61:
49:ba:6f:55:77:0f:eb:d2:69:b5:ef:12:04:94:ab:82:57:8d:
8a:13:ee:6a:97:f5:bf:31:52:3b:c9:7e:ba:2d:f5:d8:bf:12:
08:93:af:6f:a0:7f:09:6c:bf:81:46:08:11:eb:f3:26:03:c4:
22:a4:d1:3d:bd:77:3e:98:3d:a1:82:70:64:71:79:45:a0:26:
96:e3:cc:fd:7c:40:03:3f:88:40:c3:85:e9:c2:04:ad:0e:97:
1c:79:23:45:ea:a9:23:44:70:7c:20:0e:ac:35:54:a1:65:e3:
be:b4:e5:6b
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIECSz4rTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTUyNmE3M2NlOGY5ZjYyYzE0YTExYTJlYTkxM2VjMjczZDU4YzQ2MB4XDTIyMDUx
NjEyMjEyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzRhZjY0ZDU1YmNm
NzI0ZmM1ZDc0NTg1NzYzMGIzMzgyOGI3NDQ5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAImgZOKAhrXAOYjD8nQE+w13EQIWKxQAKx2gOyKTj8ZHCwo2
7oeXiDoP1FuXpJfBpklqXdevHZUmVCoYSkttFVMTsbgoYpfSILAWpoN3U7MAL6y5
jaFDKU0Ot1H20BUwB1pOIzCykt70zAmnhj3uUvAEbFgHRFzWvwwDp7hpGTBbzSZi
X3a+tMEvzTZw7D5uoPGg+bt7NQb4L66otGDpg8MmEyvL7dPgrpMwrr5GbNN3rLze
PIYAz7+1vBd1v2BAy3HTZirgKB0z7/rH0W/pojLStBP4SMCepp1Cw3m3yXJXgiPo
uPM1hZxvNLgTo2NYl4rNj00+iZAITT2m83Bw5jMCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBTEr2TVW89yT8XXRYV2MLM4KLdElTAfBgNVHSMEGDAWgBSaUmpzzo+fYsFK
EaLqkT7Cc9WMRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21sSnFjODZQbjJMQlNoR2k2cEUtd25QVmpFWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvNmZjZGNhLWQxMjEtNDM5MS05Y2ZjLTdkMTZiOTBkYmU3Mi8x
L3hLOWsxVnZQY2tfRjEwV0ZkakN6T0NpM1JKVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
NmZjZGNhLWQxMjEtNDM5MS05Y2ZjLTdkMTZiOTBkYmU3Mi8xL21sSnFjODZQbjJM
QlNoR2k2cEUtd25QVmpFWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAlT8kAMEAFvZwgMEAbmdYAMEALmd
YwMEAcI2DgMEAMMrkDANBgkqhkiG9w0BAQsFAAOCAQEAIewZxbjS2ftmvdh071Nr
5SYcCf9dWyCOHfNp9qPojW0BjhjtLs2GvDejZl5pZr05m6Q7GomM5sPYWiP2V3kw
J2QQ8h2OA9/c/XLcCFY4VtaCALDlhop3nNt7H35mU/FHPTlJ2YOOCEbBJEjSYUj2
qLH7TyigYdqHY2EcuLAn/YQ3Un2wGat21qFVHou/e2RhSbpvVXcP69Jpte8SBJSr
gleNihPuapf1vzFSO8l+ui312L8SCJOvb6B/CWy/gUYIEevzJgPEIqTRPb13Ppg9
oYJwZHF5RaAmluPM/XxAAz+IQMOF6cIErQ6XHHkjReqpI0RwfCAOrDVUoWXjvrTl
aw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:51 2023 by rpki-client on console-ams.rpki-client.org