Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/q9KaIoLmIAen-A8XBZgZjxSqcyE.roa
File: q9KaIoLmIAen-A8XBZgZjxSqcyE.roa (raw, json)
Hash identifier: 2o6jDNmProfb9RvmLSUvSnk+gHVY5CfQIVE7ucrq1vs=
Subject key identifier: AB:D2:9A:22:82:E6:20:07:A7:F8:0F:17:05:98:19:8F:14:AA:73:21
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 0475F083
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/q9KaIoLmIAen-A8XBZgZjxSqcyE.roa
Signing time: Tue 22 Mar 2022 21:35:29 +0000
ROA not before: Tue 22 Mar 2022 21:35:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50495
IP address blocks: 91.223.99.0/24 maxlen: 24
91.223.102.0/24 maxlen: 24
195.234.99.0/24 maxlen: 24
91.223.126.0/24 maxlen: 24
194.39.32.0/22 maxlen: 22
83.136.221.0/24 maxlen: 24
91.223.163.0/24 maxlen: 24
91.239.64.0/24 maxlen: 24
77.83.232.0/22 maxlen: 22
2a06:ef40::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74838147 (0x475f083)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Mar 22 21:35:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=abd29a2282e62007a7f80f170598198f14aa7321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:52:db:8c:a2:93:d8:47:27:b3:52:ab:a4:1a:
42:00:13:73:2d:c4:64:4a:01:c7:3d:b7:14:ec:ce:
78:2b:01:62:da:cc:bc:c2:29:26:85:ba:92:1a:bc:
ca:7d:ae:30:78:52:3d:b3:ce:2e:94:62:44:6a:2d:
ec:1e:6e:4d:de:30:dc:05:4a:74:0e:6c:90:c7:66:
09:b1:72:53:6c:0b:b3:e4:ab:29:e0:e7:37:7f:47:
a7:94:30:38:6b:46:63:d8:10:11:ef:b4:44:06:c8:
1e:42:81:20:60:be:e1:15:2e:ac:d5:25:4a:96:8a:
bf:7d:6f:1e:e9:ba:a0:fd:2d:6b:67:c8:2f:82:41:
e4:d9:70:43:47:56:e1:c5:72:8f:0d:f2:de:8c:23:
c9:66:f3:03:99:48:cd:54:be:fe:73:6e:65:87:d9:
f2:18:08:a2:5e:79:85:fc:c6:8b:18:3f:a4:8e:8d:
1b:6a:1c:98:41:61:d4:d5:7c:59:05:f4:45:0b:d1:
fc:df:7f:42:e7:c4:8c:18:2e:50:b7:14:9b:d4:46:
79:51:6c:97:2a:c0:d3:5a:4d:70:91:0e:de:e6:9e:
56:87:2b:5e:91:c7:ca:55:9e:b0:31:3f:27:aa:bc:
db:f8:2e:96:8b:87:d9:d2:e1:b9:8f:1f:c1:48:eb:
e1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:D2:9A:22:82:E6:20:07:A7:F8:0F:17:05:98:19:8F:14:AA:73:21
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/q9KaIoLmIAen-A8XBZgZjxSqcyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.232.0/22
83.136.221.0/24
91.223.99.0/24
91.223.102.0/24
91.223.126.0/24
91.223.163.0/24
91.239.64.0/24
194.39.32.0/22
195.234.99.0/24
IPv6:
2a06:ef40::/32
Signature Algorithm: sha256WithRSAEncryption
8c:f1:c9:31:48:a7:92:46:ff:b2:c4:61:e1:b9:87:b0:e8:8a:
f6:59:f2:21:dd:85:a7:fa:2f:c2:29:6e:f3:31:a5:93:62:2d:
ad:fc:e0:2b:10:86:5e:8e:8b:50:33:6d:a8:12:9d:7d:6a:c3:
8e:b7:30:b4:ba:40:0b:e0:c0:bf:f5:ee:7d:73:85:d9:93:d2:
a9:6f:ec:36:c4:e0:85:8a:0b:c1:fc:3e:2d:1f:45:b5:5a:da:
35:03:32:4f:7f:89:54:29:8c:84:f7:d6:12:e1:b6:b0:a4:7b:
68:e2:75:72:bf:f7:d9:b9:02:6f:38:d9:b5:7c:67:a8:fe:d8:
a1:66:eb:ab:2e:52:94:f7:ae:1f:75:f5:19:25:8b:d9:31:2a:
f9:dc:9a:b5:80:bc:67:f7:df:31:ba:9b:88:a5:11:8e:e1:7a:
35:c7:a3:9e:89:0a:f5:d1:7e:70:13:6b:bc:0d:f3:d7:2a:30:
56:14:14:96:cd:5f:42:b4:cb:6a:71:d3:b9:31:7a:40:d1:6b:
e2:da:fb:05:58:e2:2f:5f:ee:27:5f:71:a4:11:8a:5b:48:1a:
ba:20:c3:16:f4:be:8c:2b:63:4d:f9:48:3c:5f:b3:c3:aa:d3:
26:7c:92:5b:f1:e6:13:c7:b5:ca:e2:bd:7b:c4:1a:1a:18:92:
ce:18:fc:c6
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEBHXwgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MmQwYzQ5YTBlOTdlMGQ1ZjNjZWQzYjdiNmI5ZjcyY2EwY2I1M2Q2MB4XDTIyMDMy
MjIxMzUyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWJkMjlhMjI4MmU2
MjAwN2E3ZjgwZjE3MDU5ODE5OGYxNGFhNzMyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI5S24yik9hHJ7NSq6QaQgATcy3EZEoBxz23FOzOeCsBYtrM
vMIpJoW6khq8yn2uMHhSPbPOLpRiRGot7B5uTd4w3AVKdA5skMdmCbFyU2wLs+Sr
KeDnN39Hp5QwOGtGY9gQEe+0RAbIHkKBIGC+4RUurNUlSpaKv31vHum6oP0ta2fI
L4JB5NlwQ0dW4cVyjw3y3owjyWbzA5lIzVS+/nNuZYfZ8hgIol55hfzGixg/pI6N
G2ocmEFh1NV8WQX0RQvR/N9/QufEjBguULcUm9RGeVFslyrA01pNcJEO3uaeVocr
XpHHylWesDE/J6q82/gulouH2dLhuY8fwUjr4W8CAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBSr0poiguYgB6f4DxcFmBmPFKpzITAfBgNVHSMEGDAWgBTi0MSaDpfg1fPO
07e2ufcsoMtT1jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzR0REVtZzZYNE5Yenp0TzN0cm4zTEtETFU5WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvOWYwZjdhLTExZWItNDM4My1iYzZhLTQ2OTBhMDA3MTQxZi8x
L3E5S2FJb0xtSUFlbi1BOFhCWmdaanhTcWN5RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
OWYwZjdhLTExZWItNDM4My1iYzZhLTQ2OTBhMDA3MTQxZi8xLzR0REVtZzZYNE5Y
enp0TzN0cm4zTEtETFU5WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEAk1T6AMEAFOI3QMEAFvfYwMEAFvf
ZgMEAFvffgMEAFvfowMEAFvvQAMEAsInIAMEAMPqYzANBAIAAjAHAwUAKgbvQDAN
BgkqhkiG9w0BAQsFAAOCAQEAjPHJMUinkkb/ssRh4bmHsOiK9lnyId2Fp/ovwilu
8zGlk2ItrfzgKxCGXo6LUDNtqBKdfWrDjrcwtLpAC+DAv/XufXOF2ZPSqW/sNsTg
hYoLwfw+LR9FtVraNQMyT3+JVCmMhPfWEuG2sKR7aOJ1cr/32bkCbzjZtXxnqP7Y
oWbrqy5SlPeuH3X1GSWL2TEq+dyatYC8Z/ffMbqbiKURjuF6NcejnokK9dF+cBNr
vA3z1yowVhQUls1fQrTLanHTuTF6QNFr4tr7BVjiL1/uJ19xpBGKW0gauiDDFvS+
jCtjTflIPF+zw6rTJnySW/HmE8e1yuK9e8QaGhiSzhj8xg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:19 2023 by rpki-client on console-fra.rpki-client.org