Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/9qNtRsPt17hxk1h4QC_ONFv006Q.roa
File: 9qNtRsPt17hxk1h4QC_ONFv006Q.roa (raw, json)
Hash identifier: 3khekX+g5Aa3Tt6h54Rxtnf5qFv7pIqu4ScDB7sUJcs=
Subject key identifier: F6:A3:6D:46:C3:ED:D7:B8:71:93:58:78:40:2F:CE:34:5B:F4:D3:A4
Certificate issuer: /CN=86d542323c0e3051c9c7bb8ed1d1e8acfd3db834
Certificate serial: 01851A331B8F88157798A0BDC9958D2FC6D5
Authority key identifier: 86:D5:42:32:3C:0E:30:51:C9:C7:BB:8E:D1:D1:E8:AC:FD:3D:B8:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htVCMjwOMFHJx7uO0dHorP09uDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/9qNtRsPt17hxk1h4QC_ONFv006Q.roa
Signing time: Fri 16 Dec 2022 09:10:35 +0000
ROA not before: Fri 16 Dec 2022 09:10:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29695
IP address blocks: 178.16.64.0/20 maxlen: 20
185.65.152.0/22 maxlen: 22
185.10.28.0/22 maxlen: 22
77.222.192.0/19 maxlen: 19
141.0.224.0/19 maxlen: 19
77.110.192.0/18 maxlen: 18
194.182.224.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1a:33:1b:8f:88:15:77:98:a0:bd:c9:95:8d:2f:c6:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d542323c0e3051c9c7bb8ed1d1e8acfd3db834
Validity
Not Before: Dec 16 09:10:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f6a36d46c3edd7b871935878402fce345bf4d3a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:41:ac:74:b1:8b:2e:a9:c3:ef:37:cd:bf:c2:
43:42:99:0f:d5:e6:20:84:d5:83:3d:65:eb:9c:e0:
69:49:45:65:c8:21:6d:45:59:56:94:58:2d:5c:30:
eb:a9:db:39:23:b6:a3:23:0f:e3:cb:6c:c4:09:c3:
d4:39:7c:72:7c:10:94:26:c5:91:14:89:90:cf:e2:
c0:01:ce:44:b3:15:9e:c5:a2:bc:aa:d8:33:92:af:
08:bd:9c:66:46:66:05:81:16:da:f6:a4:b0:33:ea:
1d:48:71:81:4a:fd:e2:e3:71:f6:db:eb:30:b2:73:
6f:45:f2:3f:b8:d9:50:47:9c:e7:c6:5c:00:e0:59:
92:70:cd:a1:41:1f:e8:55:63:41:7e:cd:98:86:98:
0d:07:cc:7e:d2:fb:49:da:06:bf:73:71:d5:96:7c:
2b:5d:9c:e6:f1:4f:62:82:5d:b0:fd:28:61:82:a8:
75:ce:5a:e9:66:fd:97:d3:c3:20:ae:36:94:80:d1:
a9:95:a5:77:0f:22:ab:6a:ff:c7:6c:31:c7:05:e1:
1e:2d:5c:78:07:c6:a2:95:8f:32:45:d4:03:42:c7:
21:70:a0:ae:74:5b:8a:d5:c9:66:41:34:99:be:f8:
88:ce:20:c3:3a:98:f3:ae:00:e5:72:76:4b:f1:d0:
52:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:A3:6D:46:C3:ED:D7:B8:71:93:58:78:40:2F:CE:34:5B:F4:D3:A4
X509v3 Authority Key Identifier:
keyid:86:D5:42:32:3C:0E:30:51:C9:C7:BB:8E:D1:D1:E8:AC:FD:3D:B8:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htVCMjwOMFHJx7uO0dHorP09uDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/9qNtRsPt17hxk1h4QC_ONFv006Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/htVCMjwOMFHJx7uO0dHorP09uDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.110.192.0/18
77.222.192.0/19
141.0.224.0/19
178.16.64.0/20
185.10.28.0/22
185.65.152.0/22
194.182.224.0/21
Signature Algorithm: sha256WithRSAEncryption
a1:3a:15:19:7f:cb:ce:7b:6b:ed:71:71:8f:7b:4b:a9:d9:b0:
a1:84:b2:0e:e5:62:ae:79:09:dd:9f:5f:86:6b:61:6e:cc:78:
b9:19:39:a9:90:00:53:83:49:f8:36:25:f0:8a:c2:7b:2d:4c:
3b:5e:f7:8e:fd:74:0c:eb:8c:da:db:01:dc:77:59:c8:f0:2a:
4b:79:2f:31:fc:35:eb:0c:8b:3d:0b:4f:bc:51:bc:68:09:b3:
b3:64:81:de:61:41:26:e2:65:b0:7d:a0:ae:2e:fc:64:47:0e:
dc:4e:00:52:59:76:6f:2e:2e:c6:7b:9f:5b:f8:8f:4e:4b:94:
4d:53:db:e1:85:f9:55:19:8f:e9:d6:72:b2:16:fc:ac:17:a6:
15:ca:77:6f:cd:9d:06:ec:a5:64:6a:26:00:2a:b0:eb:85:15:
11:f8:a4:4f:a4:0a:bb:e8:98:af:19:44:7f:b8:6c:ce:5b:51:
05:5c:cf:07:7a:88:9a:8a:07:1e:b9:6b:26:af:34:32:cc:5b:
b5:13:60:d0:35:bc:bf:00:fc:1a:5c:38:ae:20:d9:30:49:b9:
b0:db:5e:f1:18:60:8b:e7:af:9b:31:4d:e6:37:05:cd:73:81:
90:39:c6:61:35:ce:32:fd:dd:54:89:de:ef:65:bf:ea:d1:9f:
17:b7:d5:8b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYUaMxuPiBV3mKC9yZWNL8bVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDU0MjMyM2MwZTMwNTFjOWM3YmI4ZWQxZDFlOGFjZmQz
ZGI4MzQwHhcNMjIxMjE2MDkxMDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmEzNmQ0NmMzZWRkN2I4NzE5MzU4Nzg0MDJmY2UzNDViZjRkM2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kGsdLGLLqnD7zfNv8JDQpkP1eYg
hNWDPWXrnOBpSUVlyCFtRVlWlFgtXDDrqds5I7ajIw/jy2zECcPUOXxyfBCUJsWR
FImQz+LAAc5EsxWexaK8qtgzkq8IvZxmRmYFgRba9qSwM+odSHGBSv3i43H22+sw
snNvRfI/uNlQR5znxlwA4FmScM2hQR/oVWNBfs2YhpgNB8x+0vtJ2ga/c3HVlnwr
XZzm8U9igl2w/Shhgqh1zlrpZv2X08MgrjaUgNGplaV3DyKrav/HbDHHBeEeLVx4
B8ailY8yRdQDQschcKCudFuK1clmQTSZvviIziDDOpjzrgDlcnZL8dBSSwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPajbUbD7de4cZNYeEAvzjRb9NOkMB8GA1UdIwQY
MBaAFIbVQjI8DjBRyce7jtHR6Kz9Pbg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRWQ01qd09NRkhKeDd1TzBkSG9yUDA5dURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hN2M3YzEtZmM0Mi00M2EzLTlhZDgt
NzBkYWQ1MWU3M2ZiLzEvOXFOdFJzUHQxN2h4azFoNFFDX09ORnYwMDZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hN2M3YzEtZmM0Mi00M2EzLTlhZDgtNzBkYWQ1MWU3M2Zi
LzEvaHRWQ01qd09NRkhKeDd1TzBkSG9yUDA5dURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQGTW7AAwQF
Td7AAwQFjQDgAwQEshBAAwQCuQocAwQCuUGYAwQDwrbgMA0GCSqGSIb3DQEBCwUA
A4IBAQChOhUZf8vOe2vtcXGPe0up2bChhLIO5WKueQndn1+Ga2FuzHi5GTmpkABT
g0n4NiXwisJ7LUw7XveO/XQM64za2wHcd1nI8CpLeS8x/DXrDIs9C0+8UbxoCbOz
ZIHeYUEm4mWwfaCuLvxkRw7cTgBSWXZvLi7Ge59b+I9OS5RNU9vhhflVGY/p1nKy
FvysF6YVyndvzZ0G7KVkaiYAKrDrhRUR+KRPpAq76JivGUR/uGzOW1EFXM8Heoia
igceuWsmrzQyzFu1E2DQNby/APwaXDiuINkwSbmw217xGGCL56+bMU3mNwXNc4GQ
OcZhNc4y/d1Uid7vZb/q0Z8Xt9WL
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:22 2023 by rpki-client on console-ams.rpki-client.org