Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/dKL9v2xpcfRpFA1ITlDChuFm4SI.roa
File: dKL9v2xpcfRpFA1ITlDChuFm4SI.roa (raw, json)
Hash identifier: xGUeocpVdxRT6glCo1jTbQJiC2L8APxE0kTT+VapA0k=
Subject key identifier: 74:A2:FD:BF:6C:69:71:F4:69:14:0D:48:4E:50:C2:86:E1:66:E1:22
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 19C4C191
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/dKL9v2xpcfRpFA1ITlDChuFm4SI.roa
Signing time: Sun 17 Apr 2022 22:23:18 +0000
ROA not before: Sun 17 Apr 2022 22:23:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 91.189.184.0/24 maxlen: 24
77.83.158.0/24 maxlen: 32
91.189.185.0/24 maxlen: 24
77.83.156.0/24 maxlen: 32
85.209.253.0/24 maxlen: 24
77.243.95.0/24 maxlen: 32
77.243.93.0/24 maxlen: 32
193.16.9.0/24 maxlen: 32
185.117.20.0/23 maxlen: 32
5.253.138.0/24 maxlen: 32
194.36.101.0/24 maxlen: 24
185.238.241.0/24 maxlen: 24
147.78.221.0/24 maxlen: 32
185.238.240.0/24 maxlen: 24
185.141.205.0/24 maxlen: 24
185.214.70.0/24 maxlen: 24
45.153.168.0/24 maxlen: 32
213.232.107.0/24 maxlen: 32
45.151.172.0/23 maxlen: 32
185.166.237.0/24 maxlen: 24
185.211.49.0/24 maxlen: 32
45.14.44.0/24 maxlen: 32
45.14.45.0/24 maxlen: 32
185.207.178.0/24 maxlen: 24
79.174.23.0/24 maxlen: 32
79.174.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 432325009 (0x19c4c191)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 17 22:23:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=74a2fdbf6c6971f469140d484e50c286e166e122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:90:82:51:82:36:6a:1f:a3:3f:f7:51:73:93:
df:a2:be:33:fd:0c:4a:62:21:01:1a:54:ac:21:d1:
18:18:eb:83:f3:5b:a6:1c:25:00:31:14:3e:9c:88:
48:7c:91:cb:b7:d2:62:14:83:a5:f7:ff:18:25:f3:
45:15:4d:42:95:50:a0:36:c9:d3:cf:6e:a1:27:06:
bb:e2:40:49:2b:d1:41:23:22:99:63:2f:e0:93:21:
1b:b9:d9:c0:d9:32:b4:aa:2a:8d:56:6e:f0:48:bc:
22:aa:48:55:0f:43:8f:00:e3:70:f6:7c:12:4b:b6:
5e:bf:1b:6b:a5:45:b7:81:63:0d:98:1c:03:fd:7c:
43:4d:de:f8:42:70:90:2c:d0:3c:d9:12:cb:1f:65:
21:82:11:33:09:da:f1:85:64:75:70:fd:e9:98:d5:
6f:b0:e3:a4:0f:72:ac:86:e5:e5:a4:0e:62:12:93:
1c:35:d7:9a:f5:97:ec:1d:46:16:46:f8:2a:1d:34:
48:1e:63:d4:a4:9f:25:f7:f9:61:69:da:26:79:0c:
83:0e:45:8b:d8:91:83:cc:4b:5b:ab:d4:5b:0d:ab:
d1:6a:92:61:9f:61:13:28:5a:40:9a:71:f3:87:bb:
92:42:ef:f6:40:b2:71:58:3e:5a:46:e0:06:7a:dc:
df:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:A2:FD:BF:6C:69:71:F4:69:14:0D:48:4E:50:C2:86:E1:66:E1:22
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/dKL9v2xpcfRpFA1ITlDChuFm4SI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.138.0/24
45.14.44.0/23
45.151.172.0/23
45.153.168.0/24
77.83.156.0/24
77.83.158.0/24
77.243.93.0/24
77.243.95.0/24
79.174.21.0/24
79.174.23.0/24
85.209.253.0/24
91.189.184.0/23
147.78.221.0/24
185.117.20.0/23
185.141.205.0/24
185.166.237.0/24
185.207.178.0/24
185.211.49.0/24
185.214.70.0/24
185.238.240.0/23
193.16.9.0/24
194.36.101.0/24
213.232.107.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:f7:fb:7b:24:49:b9:f5:0f:00:a7:55:e4:03:34:cb:aa:5a:
92:7a:88:8f:10:ee:ea:a7:40:3b:76:af:bc:38:49:86:89:8b:
73:c0:93:4f:c5:d9:f2:e1:bd:6b:2a:36:0c:21:3d:f3:5a:57:
44:72:b6:64:88:fe:b5:19:07:7b:ae:cc:20:90:02:3c:3f:d1:
42:0b:57:12:20:ed:84:8c:b8:92:16:42:e4:23:d9:39:f8:3c:
4d:2d:74:7b:15:49:3b:af:8d:2b:6b:7e:b9:ff:db:30:17:02:
52:65:6f:8c:e3:6e:bd:d5:e9:58:f0:a2:78:61:34:4a:54:bf:
93:c6:f7:7f:48:94:a1:94:49:ca:11:09:e2:11:d7:0a:64:67:
8d:93:30:be:d3:f4:d5:bb:a5:38:7d:9c:82:51:5e:4d:74:ed:
be:73:96:09:6b:c8:75:98:8f:fa:9d:97:3d:45:84:2a:df:e9:
b4:52:20:30:6f:d9:3f:98:4f:3b:9e:21:05:8e:a3:a9:d4:6c:
64:21:a2:21:29:d5:b8:c3:79:42:b9:4b:fc:5d:30:83:47:23:
fd:79:c7:a3:df:69:9d:2c:03:f9:1d:bb:c9:9a:b6:6e:46:2f:
3c:49:b7:da:60:67:24:30:be:1a:ff:7f:0b:aa:e2:68:14:c8:
96:9e:48:38
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIEGcTBkTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQx
NzIyMjMxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzRhMmZkYmY2YzY5
NzFmNDY5MTQwZDQ4NGU1MGMyODZlMTY2ZTEyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANSQglGCNmofoz/3UXOT36K+M/0MSmIhARpUrCHRGBjrg/Nb
phwlADEUPpyISHyRy7fSYhSDpff/GCXzRRVNQpVQoDbJ089uoScGu+JASSvRQSMi
mWMv4JMhG7nZwNkytKoqjVZu8Ei8IqpIVQ9DjwDjcPZ8Eku2Xr8ba6VFt4FjDZgc
A/18Q03e+EJwkCzQPNkSyx9lIYIRMwna8YVkdXD96ZjVb7DjpA9yrIbl5aQOYhKT
HDXXmvWX7B1GFkb4Kh00SB5j1KSfJff5YWnaJnkMgw5Fi9iRg8xLW6vUWw2r0WqS
YZ9hEyhaQJpx84e7kkLv9kCycVg+WkbgBnrc36MCAwEAAaOCApIwggKOMB0GA1Ud
DgQWBBR0ov2/bGlx9GkUDUhOUMKG4WbhIjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L2RLTDl2MnhwY2ZScEZBMUlUbERDaHVGbTRTSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
pwYIKwYBBQUHAQcBAf8EgZcwgZQwgZEEAgABMIGKAwQABf2KAwQBLQ4sAwQBLZes
AwQALZmoAwQATVOcAwQATVOeAwQATfNdAwQATfNfAwQAT64VAwQAT64XAwQAVdH9
AwQBW724AwQAk07dAwQBuXUUAwQAuY3NAwQAuabtAwQAuc+yAwQAudMxAwQAudZG
AwQBue7wAwQAwRAJAwQAwiRlAwQA1ehrMA0GCSqGSIb3DQEBCwUAA4IBAQCz9/t7
JEm59Q8Ap1XkAzTLqlqSeoiPEO7qp0A7dq+8OEmGiYtzwJNPxdny4b1rKjYMIT3z
WldEcrZkiP61GQd7rswgkAI8P9FCC1cSIO2EjLiSFkLkI9k5+DxNLXR7FUk7r40r
a365/9swFwJSZW+M42691elY8KJ4YTRKVL+Txvd/SJShlEnKEQniEdcKZGeNkzC+
0/TVu6U4fZyCUV5NdO2+c5YJa8h1mI/6nZc9RYQq3+m0UiAwb9k/mE87niEFjqOp
1GxkIaIhKdW4w3lCuUv8XTCDRyP9ecej32mdLAP5HbvJmrZuRi88SbfaYGckML4a
/38LquJoFMiWnkg4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org