Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/pOpPb98__jOX-iwx9sNGmhx76gc.roa
File: pOpPb98__jOX-iwx9sNGmhx76gc.roa (raw, json)
Hash identifier: jG9W6dq1y1ZPWB+qd1uxfmpSE6Pyx86pGYJvi7LDNWk=
Subject key identifier: A4:EA:4F:6F:DF:3F:FE:33:97:FA:2C:31:F6:C3:46:9A:1C:7B:EA:07
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 04FCD7EA
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/pOpPb98__jOX-iwx9sNGmhx76gc.roa
Signing time: Wed 18 May 2022 12:57:44 +0000
ROA not before: Wed 18 May 2022 12:57:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203020
IP address blocks: 5.183.94.0/24 maxlen: 24
185.244.8.0/23 maxlen: 23
185.244.11.0/24 maxlen: 24
45.82.223.0/24 maxlen: 24
193.42.226.0/23 maxlen: 23
194.116.250.0/23 maxlen: 23
193.42.224.0/23 maxlen: 23
194.116.248.0/23 maxlen: 23
2.58.12.0/23 maxlen: 23
194.5.226.0/23 maxlen: 24
194.5.224.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83679210 (0x4fcd7ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: May 18 12:57:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a4ea4f6fdf3ffe3397fa2c31f6c3469a1c7bea07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:8a:e4:ad:63:94:54:a6:dd:1c:58:7b:20:44:
59:8e:4e:54:00:fe:1b:d7:28:fa:8a:e7:6c:df:67:
9c:75:10:3f:70:98:3e:2e:2b:21:bd:7f:9e:72:6c:
9b:0e:68:98:62:07:fe:93:88:d6:98:b4:43:74:6a:
0a:e2:07:0e:7e:09:9a:e3:a6:f0:57:17:45:58:5a:
85:52:76:d2:dd:19:8d:98:fd:79:15:f7:94:38:38:
62:0b:15:00:31:69:91:c6:fd:ac:b7:ab:01:ea:4a:
18:40:db:a7:57:64:5c:50:d7:90:01:01:b0:9b:b2:
1b:fe:05:7c:11:d0:2b:1b:40:83:69:00:c0:e9:91:
41:8c:49:91:fe:4c:e5:8e:73:a6:31:75:49:71:12:
d1:35:3b:da:f3:f1:23:04:1f:f7:b5:55:19:2a:ae:
60:47:2f:3c:3a:0e:6c:ad:92:c2:f1:ba:66:f8:4d:
0f:4a:90:7d:8d:f6:60:e4:5b:3b:1e:79:72:de:2a:
b7:4b:80:64:97:7a:51:70:a8:ca:80:4d:c2:38:9a:
00:61:d9:fe:fa:fc:0c:4b:90:00:60:a4:c4:d5:ae:
4e:a0:f2:6f:d9:c5:a7:c1:e1:30:fe:47:f0:be:f3:
ed:ab:70:68:cc:75:96:3f:1b:e5:55:f5:57:f3:d9:
84:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:EA:4F:6F:DF:3F:FE:33:97:FA:2C:31:F6:C3:46:9A:1C:7B:EA:07
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/pOpPb98__jOX-iwx9sNGmhx76gc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.12.0/23
5.183.94.0/24
45.82.223.0/24
185.244.8.0/23
185.244.11.0/24
193.42.224.0/22
194.5.224.0/22
194.116.248.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:f3:ba:4c:bc:56:d3:1f:f9:3c:14:f4:3f:72:05:c5:ab:68:
04:7a:52:89:5a:8c:72:0a:d6:80:4e:9c:28:1b:66:30:d9:65:
3c:6a:46:d1:7d:ee:4a:78:62:b6:50:21:d4:0a:66:bf:68:f4:
7d:b5:af:a0:ef:82:b2:9a:d7:b6:ae:4c:f0:25:0f:ee:f1:89:
5b:b5:54:0e:35:3c:24:1c:1c:40:c8:75:e9:1b:56:c2:b8:ad:
7c:dc:5e:c4:ef:dd:7f:82:74:b5:fa:46:3b:2f:3e:8d:7d:dc:
c9:43:b6:36:8b:58:bc:be:c6:74:64:d5:8b:85:5f:d0:1d:c6:
16:24:8c:fd:21:16:11:45:67:ac:20:70:6c:5b:dd:7f:f0:89:
d7:e3:71:5b:1c:01:25:27:9b:04:2f:3b:b2:a8:f7:94:89:7e:
4e:be:38:47:42:ee:35:cb:72:c2:52:50:b4:8e:43:77:34:2e:
82:cd:87:71:92:f5:d0:7e:e6:69:10:bb:a6:4c:f3:5d:f9:c7:
11:e1:0c:22:7a:91:e2:04:a1:75:55:b1:c5:5b:49:25:46:6a:
db:03:6f:2a:0f:8a:e7:b3:6f:ea:28:bc:14:c7:de:63:3e:db:
3a:5e:66:d9:d7:df:d2:c5:36:3b:f2:5a:43:f0:11:5d:a5:d2:
88:48:c8:37
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEBPzX6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MmQwYzQ5YTBlOTdlMGQ1ZjNjZWQzYjdiNmI5ZjcyY2EwY2I1M2Q2MB4XDTIyMDUx
ODEyNTc0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTRlYTRmNmZkZjNm
ZmUzMzk3ZmEyYzMxZjZjMzQ2OWExYzdiZWEwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIeK5K1jlFSm3RxYeyBEWY5OVAD+G9co+ornbN9nnHUQP3CY
Pi4rIb1/nnJsmw5omGIH/pOI1pi0Q3RqCuIHDn4JmuOm8FcXRVhahVJ20t0ZjZj9
eRX3lDg4YgsVADFpkcb9rLerAepKGEDbp1dkXFDXkAEBsJuyG/4FfBHQKxtAg2kA
wOmRQYxJkf5M5Y5zpjF1SXES0TU72vPxIwQf97VVGSquYEcvPDoObK2SwvG6ZvhN
D0qQfY32YORbOx55ct4qt0uAZJd6UXCoyoBNwjiaAGHZ/vr8DEuQAGCkxNWuTqDy
b9nFp8HhMP5H8L7z7atwaMx1lj8b5VX1V/PZhBECAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBSk6k9v3z/+M5f6LDH2w0aaHHvqBzAfBgNVHSMEGDAWgBTi0MSaDpfg1fPO
07e2ufcsoMtT1jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzR0REVtZzZYNE5Yenp0TzN0cm4zTEtETFU5WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvOWYwZjdhLTExZWItNDM4My1iYzZhLTQ2OTBhMDA3MTQxZi8x
L3BPcFBiOThfX2pPWC1pd3g5c05HbWh4NzZnYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
OWYwZjdhLTExZWItNDM4My1iYzZhLTQ2OTBhMDA3MTQxZi8xLzR0REVtZzZYNE5Y
enp0TzN0cm4zTEtETFU5WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAQI6DAMEAAW3XgMEAC1S3wMEAbn0
CAMEALn0CwMEAsEq4AMEAsIF4AMEAsJ0+DANBgkqhkiG9w0BAQsFAAOCAQEAn/O6
TLxW0x/5PBT0P3IFxatoBHpSiVqMcgrWgE6cKBtmMNllPGpG0X3uSnhitlAh1Apm
v2j0fbWvoO+CsprXtq5M8CUP7vGJW7VUDjU8JBwcQMh16RtWwritfNxexO/df4J0
tfpGOy8+jX3cyUO2NotYvL7GdGTVi4Vf0B3GFiSM/SEWEUVnrCBwbFvdf/CJ1+Nx
WxwBJSebBC87sqj3lIl+Tr44R0LuNctywlJQtI5DdzQugs2HcZL10H7maRC7pkzz
XfnHEeEMInqR4gShdVWxxVtJJUZq2wNvKg+K57Nv6ii8FMfeYz7bOl5m2dff0sU2
O/JaQ/ARXaXSiEjINw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:19 2023 by rpki-client on console-fra.rpki-client.org