Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/bac0b9-c99f-49bb-905b-c0307b0f62dc/1/DAAdup094PF3X53OEod85u2RCMo.roa
File: DAAdup094PF3X53OEod85u2RCMo.roa (raw, json)
Hash identifier: i+0EeiNIdq3UZ1orE54/6Oj7WazKxM4t5FdyeqIstfQ=
Subject key identifier: 0C:00:1D:BA:9D:3D:E0:F1:77:5F:9D:CE:12:87:7C:E6:ED:91:08:CA
Certificate issuer: /CN=b146010283a8202eeaa3fef32534e3e97e04079e
Certificate serial: 01823A38E44FEE85F9F8463B1304FB90893D
Authority key identifier: B1:46:01:02:83:A8:20:2E:EA:A3:FE:F3:25:34:E3:E9:7E:04:07:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUYBAoOoIC7qo_7zJTTj6X4EB54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/bac0b9-c99f-49bb-905b-c0307b0f62dc/1/DAAdup094PF3X53OEod85u2RCMo.roa
Signing time: Tue 26 Jul 2022 11:16:23 +0000
ROA not before: Tue 26 Jul 2022 11:16:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41811
IP address blocks: 109.232.56.0/21 maxlen: 21
137.221.184.0/21 maxlen: 21
88.151.216.0/21 maxlen: 21
46.255.112.0/21 maxlen: 21
137.221.128.0/19 maxlen: 19
88.202.168.0/21 maxlen: 21
37.205.56.0/21 maxlen: 21
137.221.160.0/21 maxlen: 21
137.221.168.0/22 maxlen: 22
185.30.24.0/22 maxlen: 22
2a01:a200::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3a:38:e4:4f:ee:85:f9:f8:46:3b:13:04:fb:90:89:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b146010283a8202eeaa3fef32534e3e97e04079e
Validity
Not Before: Jul 26 11:16:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c001dba9d3de0f1775f9dce12877ce6ed9108ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:be:dc:f1:21:6b:cf:29:f4:35:53:d2:cd:fd:
57:21:82:a6:20:48:b7:f6:77:72:1f:40:5f:fe:9f:
c4:39:91:92:a3:2b:3e:52:70:20:bf:ea:f0:31:5d:
e4:81:84:f2:6d:56:31:86:71:38:76:b0:14:a7:7c:
c3:eb:6e:2f:f5:6a:db:b3:58:ff:01:a9:6f:7c:d2:
38:71:c8:8a:86:92:d8:bb:5e:f5:71:98:46:6b:c3:
f7:4c:4c:af:79:69:b3:96:9c:c0:e6:45:08:5d:1a:
2a:3a:54:a6:fb:2c:0a:6c:c2:cd:72:7d:3b:fc:c0:
ce:fc:10:ee:d3:fd:48:85:7a:75:a3:1a:2b:ab:11:
46:9c:c8:aa:3a:61:42:0e:8a:92:a8:bd:96:2c:97:
9d:2c:54:ce:5e:ac:48:b7:63:6b:ac:1c:40:ff:91:
36:c6:e6:62:4d:40:44:22:64:2f:6e:fa:f7:3a:ff:
35:77:1c:27:07:06:07:d6:7e:83:07:66:ec:b5:de:
f9:43:b8:2e:22:33:c4:ea:48:da:8d:5b:b1:25:c6:
8d:b7:38:7e:bc:9a:0f:09:05:e5:a0:1a:6c:80:08:
6e:2f:c5:0b:77:c7:b3:4f:98:5e:12:e5:95:52:f5:
44:d3:42:99:9f:d0:62:a1:71:dc:9f:62:6a:f8:96:
54:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:00:1D:BA:9D:3D:E0:F1:77:5F:9D:CE:12:87:7C:E6:ED:91:08:CA
X509v3 Authority Key Identifier:
keyid:B1:46:01:02:83:A8:20:2E:EA:A3:FE:F3:25:34:E3:E9:7E:04:07:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUYBAoOoIC7qo_7zJTTj6X4EB54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/bac0b9-c99f-49bb-905b-c0307b0f62dc/1/DAAdup094PF3X53OEod85u2RCMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/bac0b9-c99f-49bb-905b-c0307b0f62dc/1/sUYBAoOoIC7qo_7zJTTj6X4EB54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.205.56.0/21
46.255.112.0/21
88.151.216.0/21
88.202.168.0/21
109.232.56.0/21
137.221.128.0-137.221.171.255
137.221.184.0/21
185.30.24.0/22
IPv6:
2a01:a200::/32
Signature Algorithm: sha256WithRSAEncryption
4a:87:23:13:ee:c5:1d:6d:34:6c:27:3d:9f:74:dd:c8:35:a3:
1d:4c:ee:34:cd:b8:6f:36:29:e7:58:ca:12:15:72:d9:1d:2e:
11:e1:15:1c:bb:05:e4:a6:6d:dc:d9:26:35:33:f0:67:07:55:
85:be:e3:9c:d2:86:ae:67:9b:21:34:be:de:77:5d:34:f5:20:
f4:68:44:64:7f:ca:14:72:98:d8:80:a0:66:bc:bd:5b:9c:f9:
b8:40:d6:a6:13:54:05:28:c6:ac:89:d5:88:54:aa:35:5b:c8:
32:9e:63:1c:a0:01:41:57:9d:f1:1d:6b:26:ba:77:19:2e:48:
68:e4:81:c7:63:b4:ed:36:e6:d4:09:71:5d:6e:92:6e:6e:6b:
28:e3:90:7c:4d:20:c1:d0:9c:6e:2c:2b:0e:4e:78:15:11:74:
4f:dc:b9:5b:f5:a5:0e:c2:07:0f:6b:62:95:6a:a4:c0:95:34:
c8:db:c8:f4:a2:af:34:f1:63:af:93:28:f8:7d:c1:e1:db:97:
a3:a8:d2:c8:85:7c:50:e2:64:74:a2:40:46:af:e6:de:fb:af:
ad:ef:81:47:d2:09:d5:73:47:52:07:e6:5f:ed:87:16:74:66:
3a:88:a2:10:28:9f:8c:7f:7a:16:a9:b1:2f:e8:e8:75:c2:80:
3d:25:8d:39
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYI6OORP7oX5+EY7EwT7kIk9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNDYwMTAyODNhODIwMmVlYWEzZmVmMzI1MzRlM2U5N2Uw
NDA3OWUwHhcNMjIwNzI2MTExNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzAwMWRiYTlkM2RlMGYxNzc1ZjlkY2UxMjg3N2NlNmVkOTEwOGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqL7c8SFrzyn0NVPSzf1XIYKmIEi3
9ndyH0Bf/p/EOZGSoys+UnAgv+rwMV3kgYTybVYxhnE4drAUp3zD624v9Wrbs1j/
AalvfNI4cciKhpLYu171cZhGa8P3TEyveWmzlpzA5kUIXRoqOlSm+ywKbMLNcn07
/MDO/BDu0/1IhXp1oxorqxFGnMiqOmFCDoqSqL2WLJedLFTOXqxIt2NrrBxA/5E2
xuZiTUBEImQvbvr3Ov81dxwnBwYH1n6DB2bstd75Q7guIjPE6kjajVuxJcaNtzh+
vJoPCQXloBpsgAhuL8ULd8ezT5heEuWVUvVE00KZn9BioXHcn2Jq+JZUHQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFAwAHbqdPeDxd1+dzhKHfObtkQjKMB8GA1UdIwQY
MBaAFLFGAQKDqCAu6qP+8yU04+l+BAeeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VZQkFvT29JQzdxb183ekpUVGo2WDRFQjU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iYWMwYjktYzk5Zi00OWJiLTkwNWIt
YzAzMDdiMGY2MmRjLzEvREFBZHVwMDk0UEYzWDUzT0VvZDg1dTJSQ01vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iYWMwYjktYzk5Zi00OWJiLTkwNWItYzAzMDdiMGY2MmRj
LzEvc1VZQkFvT29JQzdxb183ekpUVGo2WDRFQjU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQDJc04AwQD
Lv9wAwQDWJfYAwQDWMqoAwQDbeg4MAwDBAeJ3YADBAKJ3agDBAOJ3bgDBAK5Hhgw
DQQCAAIwBwMFACoBogAwDQYJKoZIhvcNAQELBQADggEBAEqHIxPuxR1tNGwnPZ90
3cg1ox1M7jTNuG82KedYyhIVctkdLhHhFRy7BeSmbdzZJjUz8GcHVYW+45zShq5n
myE0vt53XTT1IPRoRGR/yhRymNiAoGa8vVuc+bhA1qYTVAUoxqyJ1YhUqjVbyDKe
YxygAUFXnfEdaya6dxkuSGjkgcdjtO025tQJcV1ukm5uayjjkHxNIMHQnG4sKw5O
eBURdE/cuVv1pQ7CBw9rYpVqpMCVNMjbyPSirzTxY6+TKPh9weHbl6Oo0siFfFDi
ZHSiQEav5t77r63vgUfSCdVzR1IH5l/thxZ0ZjqIohAon4x/ehapsS/o6HXCgD0l
jTk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:56 2024 by rpki-client on console-fra.rpki-client.org