Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/Ai0gZuzskiK7ceWgyurIB6-RNBY.roa
File: Ai0gZuzskiK7ceWgyurIB6-RNBY.roa (raw, json)
Hash identifier: M/4ZdgtuQLVXVqGSQepjUxmIqcuCvHfCwZUXv/Pvkp8=
Subject key identifier: 02:2D:20:66:EC:EC:92:22:BB:71:E5:A0:CA:EA:C8:07:AF:91:34:16
Certificate issuer: /CN=5833294a1cdc1358afc439c0a72733b065a86f8b
Certificate serial: 01855300886597674E503FBAA8E26C3DE698
Authority key identifier: 58:33:29:4A:1C:DC:13:58:AF:C4:39:C0:A7:27:33:B0:65:A8:6F:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WDMpShzcE1ivxDnApyczsGWob4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/Ai0gZuzskiK7ceWgyurIB6-RNBY.roa
Signing time: Tue 27 Dec 2022 09:53:41 +0000
ROA not before: Tue 27 Dec 2022 09:53:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49352
IP address blocks: 213.189.195.0/24 maxlen: 24
213.189.199.0/24 maxlen: 24
188.93.213.0/24 maxlen: 24
188.93.208.0/23 maxlen: 23
188.93.215.0/24 maxlen: 24
188.93.214.0/24 maxlen: 24
178.21.14.0/23 maxlen: 23
178.21.13.0/24 maxlen: 24
178.21.12.0/22 maxlen: 22
178.21.12.0/24 maxlen: 24
185.38.16.0/24 maxlen: 24
185.38.17.0/24 maxlen: 24
185.38.18.0/24 maxlen: 24
185.38.19.0/24 maxlen: 24
194.67.64.0/24 maxlen: 24
194.67.75.0/24 maxlen: 24
194.67.76.0/23 maxlen: 23
176.99.4.0/24 maxlen: 24
176.99.9.0/24 maxlen: 24
176.99.5.0/24 maxlen: 24
176.99.7.0/24 maxlen: 24
176.99.8.0/24 maxlen: 24
176.99.6.0/24 maxlen: 24
176.99.5.190/32 maxlen: 32
188.93.209.127/32 maxlen: 32
194.67.106.0/24 maxlen: 24
188.93.208.172/32 maxlen: 32
178.21.9.0/24 maxlen: 24
62.113.93.0/24 maxlen: 24
2a02:f20::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:53:00:88:65:97:67:4e:50:3f:ba:a8:e2:6c:3d:e6:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5833294a1cdc1358afc439c0a72733b065a86f8b
Validity
Not Before: Dec 27 09:53:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=022d2066ecec9222bb71e5a0caeac807af913416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c5:29:fb:a1:12:de:ba:96:f0:47:32:ee:a4:
7b:ee:30:be:76:09:0a:53:30:15:55:13:9d:1f:71:
e1:cd:7e:47:94:92:ad:52:4c:be:16:65:1c:8f:1f:
01:d4:c6:d9:11:45:b8:fa:a9:dd:94:c4:fe:13:0f:
2e:71:86:dc:8f:76:71:5b:b7:fa:54:bd:f6:04:8a:
54:28:e4:79:d9:82:7c:cb:84:1a:0a:f7:ca:61:6f:
f4:a4:8d:1e:08:90:c8:28:4a:b2:fa:cc:fc:b1:e0:
05:4b:a9:6a:74:38:65:dc:e8:e3:fb:17:eb:f8:57:
63:2b:73:ab:9a:7b:00:6f:a7:59:b5:59:7b:39:92:
74:2f:73:97:18:0d:be:10:bb:17:42:17:bb:15:62:
75:20:b4:eb:6d:a4:c2:6f:c3:1f:b4:36:f5:a1:82:
f7:76:12:c8:4e:18:84:2d:ca:0b:3d:57:49:5d:50:
f8:44:c2:ab:39:a4:23:6c:1e:72:06:78:41:8c:55:
5d:ce:0e:76:46:f4:e2:3a:cf:7b:3a:b5:e6:2c:8b:
22:88:95:c9:91:21:c7:b4:4b:d5:f6:83:4d:77:90:
1d:04:1b:a6:c3:2b:ef:b9:1a:ef:2d:48:22:bb:0e:
3d:40:44:dd:50:86:5a:53:6d:7d:a6:a7:8d:d9:71:
9c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:2D:20:66:EC:EC:92:22:BB:71:E5:A0:CA:EA:C8:07:AF:91:34:16
X509v3 Authority Key Identifier:
keyid:58:33:29:4A:1C:DC:13:58:AF:C4:39:C0:A7:27:33:B0:65:A8:6F:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WDMpShzcE1ivxDnApyczsGWob4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/Ai0gZuzskiK7ceWgyurIB6-RNBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/WDMpShzcE1ivxDnApyczsGWob4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.113.93.0/24
176.99.4.0-176.99.9.255
178.21.9.0/24
178.21.12.0/22
185.38.16.0/22
188.93.208.0/23
188.93.213.0-188.93.215.255
194.67.64.0/24
194.67.75.0-194.67.77.255
194.67.106.0/24
213.189.195.0/24
213.189.199.0/24
IPv6:
2a02:f20::/32
Signature Algorithm: sha256WithRSAEncryption
e8:82:23:83:9d:66:78:63:c8:0b:c0:dc:bd:ad:f4:d6:f7:bf:
97:6c:70:d7:16:d4:15:19:d7:5f:6a:3e:a8:34:8f:2a:59:9d:
ed:0a:30:36:dc:5c:ae:b0:bd:60:da:9f:2a:68:7f:64:67:7c:
ec:3c:42:4d:49:ae:a1:b2:7b:7e:a7:26:36:9c:82:d0:80:57:
c9:32:5c:00:ec:86:bf:ea:a3:b5:ab:64:c6:d9:36:81:e7:35:
67:6b:40:fd:97:bc:f3:4c:27:ba:0b:5b:7a:af:65:52:1b:32:
73:09:59:4a:a3:fc:46:bb:b0:2e:28:7b:da:cf:15:6f:51:14:
b8:12:d4:14:a8:ac:0f:45:47:d8:4a:a7:a5:b9:bc:eb:92:a9:
ca:71:8b:e9:25:7f:c4:31:1b:7e:b9:4a:c5:97:7a:4b:bb:f4:
b4:40:22:0d:7f:d4:c0:0a:24:1d:1d:90:68:a3:8c:cc:f5:11:
76:9f:15:3f:ab:bf:8c:d6:16:96:dd:9a:32:b0:aa:ff:79:45:
9e:d2:f6:b8:b8:83:cb:b3:c9:fc:79:62:bd:0c:2a:a2:60:9c:
68:32:9f:60:ff:2d:7e:c3:a1:ac:b1:25:8a:84:d8:48:73:f3:
0b:53:d5:fc:73:d3:36:5d:bb:6a:15:c2:8c:95:56:a6:c3:8b:
da:c6:2f:dd
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAYVTAIhll2dOUD+6qOJsPeaYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MzMyOTRhMWNkYzEzNThhZmM0MzljMGE3MjczM2IwNjVh
ODZmOGIwHhcNMjIxMjI3MDk1MzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjJkMjA2NmVjZWM5MjIyYmI3MWU1YTBjYWVhYzgwN2FmOTEzNDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucUp+6ES3rqW8Ecy7qR77jC+dgkK
UzAVVROdH3HhzX5HlJKtUky+FmUcjx8B1MbZEUW4+qndlMT+Ew8ucYbcj3ZxW7f6
VL32BIpUKOR52YJ8y4QaCvfKYW/0pI0eCJDIKEqy+sz8seAFS6lqdDhl3Ojj+xfr
+FdjK3OrmnsAb6dZtVl7OZJ0L3OXGA2+ELsXQhe7FWJ1ILTrbaTCb8MftDb1oYL3
dhLIThiELcoLPVdJXVD4RMKrOaQjbB5yBnhBjFVdzg52RvTiOs97OrXmLIsiiJXJ
kSHHtEvV9oNNd5AdBBumwyvvuRrvLUgiuw49QETdUIZaU219pqeN2XGcaQIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFAItIGbs7JIiu3HloMrqyAevkTQWMB8GA1UdIwQY
MBaAFFgzKUoc3BNYr8Q5wKcnM7BlqG+LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0RNcFNoemNFMWl2eERuQXB5Y3pzR1dvYjRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80YjQxOWMtY2Y4Zi00YzlhLTk0ZDct
YmI0YjY1YjZhMGQxLzEvQWkwZ1p1enNraUs3Y2VXZ3l1cklCNi1STkJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80YjQxOWMtY2Y4Zi00YzlhLTk0ZDctYmI0YjY1YjZhMGQx
LzEvV0RNcFNoemNFMWl2eERuQXB5Y3pzR1dvYjRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYAMEAD5xXTAM
AwQCsGMEAwQBsGMIAwQAshUJAwQCshUMAwQCuSYQAwQBvF3QMAwDBAC8XdUDBAO8
XdADBADCQ0AwDAMEAMJDSwMEAcJDTAMEAMJDagMEANW9wwMEANW9xzANBAIAAjAH
AwUAKgIPIDANBgkqhkiG9w0BAQsFAAOCAQEA6IIjg51meGPIC8Dcva301ve/l2xw
1xbUFRnXX2o+qDSPKlmd7QowNtxcrrC9YNqfKmh/ZGd87DxCTUmuobJ7fqcmNpyC
0IBXyTJcAOyGv+qjtatkxtk2gec1Z2tA/Ze880wnugtbeq9lUhsycwlZSqP8Rruw
Lih72s8Vb1EUuBLUFKisD0VH2Eqnpbm865KpynGL6SV/xDEbfrlKxZd6S7v0tEAi
DX/UwAokHR2QaKOMzPURdp8VP6u/jNYWlt2aMrCq/3lFntL2uLiDy7PJ/HlivQwq
omCcaDKfYP8tfsOhrLElioTYSHPzC1PV/HPTNl27ahXCjJVWpsOL2sYv3Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:46 2024 by rpki-client on console-fra.rpki-client.org