Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/i0ZikYDU-coiQ4E4kSRqulNwStY.roa
File: i0ZikYDU-coiQ4E4kSRqulNwStY.roa (raw, json)
Hash identifier: eqNqVY8GTjeAaAh8YKOMpRHzXUvU54rg41LicIAQZ7k=
Subject key identifier: 8B:46:62:91:80:D4:F9:CA:22:43:81:38:91:24:6A:BA:53:70:4A:D6
Certificate issuer: /CN=206f1c32bc0a9006081d552fede67d6842921ec3
Certificate serial: 0E1C674F
Authority key identifier: 20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/i0ZikYDU-coiQ4E4kSRqulNwStY.roa
Signing time: Sat 01 Jan 2022 14:07:32 +0000
ROA not before: Sat 01 Jan 2022 14:07:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60945
IP address blocks: 83.97.16.0/22 maxlen: 24
193.35.56.0/22 maxlen: 24
195.191.218.0/23 maxlen: 24
193.105.188.0/24 maxlen: 24
185.17.196.0/22 maxlen: 24
195.74.52.0/22 maxlen: 24
2a03:ee40::/32 maxlen: 32
2a07:240::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 236742479 (0xe1c674f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f1c32bc0a9006081d552fede67d6842921ec3
Validity
Not Before: Jan 1 14:07:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b46629180d4f9ca2243813891246aba53704ad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:96:1a:f7:71:f3:d6:fc:27:1d:51:04:93:76:
66:c4:26:6a:12:c9:d4:1a:f0:2d:ba:d0:b9:cc:2d:
ee:94:90:95:e3:bb:bb:aa:81:21:55:39:f8:16:44:
a4:52:5b:59:ed:1b:4e:59:c0:0d:10:75:66:bc:5a:
b6:7f:46:e5:34:fa:8e:05:38:07:98:25:91:02:99:
c5:5c:fb:9b:c7:89:bc:b6:54:cb:9e:c4:04:63:7b:
70:63:2f:1c:91:95:bd:18:3d:59:ad:be:63:9e:89:
64:69:dd:3d:16:fa:58:58:5f:3f:89:ed:f8:ee:f8:
1f:12:5d:ee:63:2f:9f:95:17:65:78:0d:f7:cc:1e:
e0:08:70:d9:7b:5d:0c:dd:c7:27:41:c8:fe:e2:73:
cd:0e:7b:06:d0:6d:39:a5:f9:87:7b:e2:19:b5:b9:
3d:a7:50:67:90:e7:72:a7:da:54:58:f1:82:6a:49:
3d:f9:94:10:b5:bd:61:40:11:8b:8d:45:a2:c7:36:
f5:c6:0d:44:88:65:ec:d7:b0:1b:f6:db:c2:a2:c4:
6d:d1:ea:e7:f6:42:6e:fb:48:28:8e:4b:00:b4:9b:
ec:04:b3:09:43:58:1e:2a:e0:cf:cd:25:96:73:36:
12:4e:b4:7a:5c:a3:f3:6c:7b:29:e2:2b:ee:43:9d:
f9:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:46:62:91:80:D4:F9:CA:22:43:81:38:91:24:6A:BA:53:70:4A:D6
X509v3 Authority Key Identifier:
keyid:20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/i0ZikYDU-coiQ4E4kSRqulNwStY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.16.0/22
185.17.196.0/22
193.35.56.0/22
193.105.188.0/24
195.74.52.0/22
195.191.218.0/23
IPv6:
2a03:ee40::/32
2a07:240::/29
Signature Algorithm: sha256WithRSAEncryption
b8:b3:fe:47:52:2d:0a:b4:48:e8:8a:80:cd:07:69:cc:9f:88:
6c:22:59:06:74:20:ae:68:de:0c:6d:af:fd:dd:39:de:53:0e:
c5:94:ed:61:e1:15:6e:66:1d:f4:64:0d:79:11:65:6e:9b:a8:
96:23:90:2c:4e:28:3c:59:56:5d:a1:e7:13:60:41:71:11:87:
af:f2:48:ca:99:a7:72:e2:55:56:4c:be:59:c9:72:2d:2e:50:
89:3e:cc:2e:b4:6b:94:e7:ed:27:ea:27:fe:f0:ac:02:a5:ca:
9e:9a:19:34:44:97:9a:32:89:ce:97:3d:99:0f:ce:4a:27:ab:
a0:52:a5:d9:f8:22:99:65:45:d7:b7:78:14:a6:0b:c5:b2:90:
fb:a0:d9:45:3d:b9:22:8b:35:70:5a:22:c9:ab:51:46:3a:c8:
57:1b:bf:67:13:d2:46:64:cc:54:ee:30:1e:89:3a:34:19:f1:
53:da:1d:70:20:49:cf:ac:54:67:ca:db:e0:17:62:c3:7f:02:
c4:cd:0a:30:e1:45:fa:73:06:48:1d:88:d5:6f:7e:a1:60:99:
2d:b7:fc:6d:eb:20:d1:71:2d:48:f8:2a:64:dc:f9:31:1c:67:
b3:ad:30:f3:18:e1:70:26:5a:31:54:1a:a3:fe:76:71:23:68:
9a:39:55:3d
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIEDhxnTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MDZmMWMzMmJjMGE5MDA2MDgxZDU1MmZlZGU2N2Q2ODQyOTIxZWMzMB4XDTIyMDEw
MTE0MDczMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGI0NjYyOTE4MGQ0
ZjljYTIyNDM4MTM4OTEyNDZhYmE1MzcwNGFkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKuWGvdx89b8Jx1RBJN2ZsQmahLJ1BrwLbrQucwt7pSQleO7
u6qBIVU5+BZEpFJbWe0bTlnADRB1Zrxatn9G5TT6jgU4B5glkQKZxVz7m8eJvLZU
y57EBGN7cGMvHJGVvRg9Wa2+Y56JZGndPRb6WFhfP4nt+O74HxJd7mMvn5UXZXgN
98we4Ahw2XtdDN3HJ0HI/uJzzQ57BtBtOaX5h3viGbW5PadQZ5DncqfaVFjxgmpJ
PfmUELW9YUARi41Fosc29cYNRIhl7NewG/bbwqLEbdHq5/ZCbvtIKI5LALSb7ASz
CUNYHirgz80llnM2Ek60elyj82x7KeIr7kOd+bECAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBSLRmKRgNT5yiJDgTiRJGq6U3BK1jAfBgNVHSMEGDAWgBQgbxwyvAqQBggd
VS/t5n1oQpIewzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lHOGNNcndLa0FZSUhWVXY3ZVo5YUVLU0hzTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvYTkxODg0LTZmNTgtNGRkZC04OTMyLWJiYTg2MGIyNmMwMi8x
L2kwWmlrWURVLWNvaVE0RTRrU1JxdWxOd1N0WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
YTkxODg0LTZmNTgtNGRkZC04OTMyLWJiYTg2MGIyNmMwMi8xL0lHOGNNcndLa0FZ
SUhWVXY3ZVo5YUVLU0hzTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwKgQCAAEwJAMEAlNhEAMEArkRxAMEAsEjOAMEAMFp
vAMEAsNKNAMEAcO/2jAUBAIAAjAOAwUAKgPuQAMFAyoHAkAwDQYJKoZIhvcNAQEL
BQADggEBALiz/kdSLQq0SOiKgM0HacyfiGwiWQZ0IK5o3gxtr/3dOd5TDsWU7WHh
FW5mHfRkDXkRZW6bqJYjkCxOKDxZVl2h5xNgQXERh6/ySMqZp3LiVVZMvlnJci0u
UIk+zC60a5Tn7SfqJ/7wrAKlyp6aGTREl5oyic6XPZkPzkonq6BSpdn4IpllRde3
eBSmC8WykPug2UU9uSKLNXBaIsmrUUY6yFcbv2cT0kZkzFTuMB6JOjQZ8VPaHXAg
Sc+sVGfK2+AXYsN/AsTNCjDhRfpzBkgdiNVvfqFgmS23/G3rINFxLUj4KmTc+TEc
Z7OtMPMY4XAmWjFUGqP+dnEjaJo5VT0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:06 2024 by rpki-client on console-ams.rpki-client.org