Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/2KLi74v2mPoUY6Qih4p7l03fhOo.roa
File: 2KLi74v2mPoUY6Qih4p7l03fhOo.roa (raw, json)
Hash identifier: nXO68qzNre0Iisd/ffeKi1br4fRMMp9fEUQi6H/uZag=
Subject key identifier: D8:A2:E2:EF:8B:F6:98:FA:14:63:A4:22:87:8A:7B:97:4D:DF:84:EA
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 426B0070
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/2KLi74v2mPoUY6Qih4p7l03fhOo.roa
Signing time: Sat 01 Jan 2022 14:03:11 +0000
ROA not before: Sat 01 Jan 2022 14:03:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42649
IP address blocks: 193.234.83.0/24 maxlen: 24
193.234.86.0/24 maxlen: 24
193.180.121.0/24 maxlen: 24
193.235.73.0/24 maxlen: 24
193.183.239.0/24 maxlen: 24
194.68.159.0/24 maxlen: 24
193.234.255.0/24 maxlen: 24
192.71.184.0/24 maxlen: 24
192.165.198.0/24 maxlen: 24
193.180.20.0/24 maxlen: 24
193.235.193.0/24 maxlen: 24
194.68.160.0/24 maxlen: 24
192.165.127.0/24 maxlen: 24
192.165.138.0/23 maxlen: 24
193.235.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1114308720 (0x426b0070)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8a2e2ef8bf698fa1463a422878a7b974ddf84ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6b:ca:f5:8f:c1:cb:4b:89:67:3b:2c:36:90:
48:77:8e:51:bd:da:5e:1b:2d:71:c1:ee:09:9d:07:
40:cb:0d:7e:ba:24:f3:b0:71:bb:d6:75:a5:ce:a1:
e9:5b:7c:d1:0d:7d:f0:ca:97:51:65:f4:be:36:7e:
cf:96:67:23:aa:a2:0d:51:35:e1:d6:8d:28:09:82:
43:55:63:ec:9b:69:c3:06:94:da:c6:e7:de:eb:f9:
2c:5c:32:51:da:cf:5d:f9:66:06:2f:81:12:c3:ca:
54:e2:e7:76:07:46:d0:8b:b6:ed:73:00:7d:d9:ff:
cd:f5:9b:2f:54:20:78:25:6b:de:e5:ec:b7:e9:ce:
e8:28:8e:49:66:ae:db:75:d2:4c:78:45:e6:d1:49:
fa:4e:13:be:5e:fe:02:96:b8:d9:28:64:22:76:d5:
9c:4d:33:cc:e2:07:ad:0b:5e:1f:30:68:53:91:c3:
dc:7f:df:d1:54:4b:34:66:d3:15:5b:82:8e:27:4f:
cc:c0:f2:7c:b1:36:77:07:15:29:b7:64:0f:f1:34:
00:21:8b:97:47:6d:6c:46:65:24:d5:0d:3d:a0:f5:
e5:db:0e:e9:a1:13:dc:0d:78:53:48:b8:9b:a7:70:
f4:15:97:df:c0:99:41:70:f1:e2:d6:84:98:69:7c:
35:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A2:E2:EF:8B:F6:98:FA:14:63:A4:22:87:8A:7B:97:4D:DF:84:EA
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/2KLi74v2mPoUY6Qih4p7l03fhOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.184.0/24
192.165.127.0/24
192.165.138.0/23
192.165.198.0/24
193.180.20.0/24
193.180.121.0/24
193.183.239.0/24
193.234.83.0/24
193.234.86.0/24
193.234.255.0/24
193.235.73.0/24
193.235.130.0/24
193.235.193.0/24
194.68.159.0-194.68.160.255
Signature Algorithm: sha256WithRSAEncryption
b3:c5:2f:eb:ec:02:42:90:f2:15:25:d8:ad:ee:9d:f7:63:1c:
c4:06:47:3b:e3:e3:17:0f:2e:1f:9a:8a:41:75:0c:ba:5d:8b:
7b:18:a5:4c:ab:74:22:fb:f3:f2:1d:69:23:9b:5f:80:22:c3:
1a:6c:39:ce:10:2d:40:ce:ac:0c:2e:c4:ef:6d:be:94:d5:46:
b7:fe:32:80:36:da:ae:8e:04:95:98:6a:32:a2:41:0f:95:6c:
0c:3c:5c:ef:ea:4d:53:68:4d:03:69:45:34:76:1e:9d:7c:55:
9b:c4:8d:08:bc:6b:11:35:bc:03:9c:a5:23:ca:a7:6a:62:41:
c9:f9:5c:ed:b3:53:8b:9c:ed:e9:1f:ac:52:1e:ca:75:68:ab:
6c:a4:88:74:ef:ee:c2:b0:49:95:ff:53:60:09:45:13:8c:30:
f5:ef:a5:fd:35:bc:2b:a3:a9:df:b3:00:a0:18:98:6f:cc:d1:
ee:98:7d:b7:5d:16:3c:dd:05:7b:76:00:27:07:f2:3b:26:77:
b3:03:b7:4e:a1:39:e7:c7:5b:68:8e:7a:ec:14:ea:84:d8:58:
5b:86:5a:b7:da:ac:13:1f:ef:b5:e8:d2:97:68:bc:98:fd:e5:
d2:91:56:4d:7b:31:34:6c:7d:85:2b:92:f1:3f:cd:61:f0:1e:
75:9d:4e:21
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIEQmsAcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDhhMmUyZWY4YmY2
OThmYTE0NjNhNDIyODc4YTdiOTc0ZGRmODRlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhryvWPwctLiWc7LDaQSHeOUb3aXhstccHuCZ0HQMsNfrok
87Bxu9Z1pc6h6Vt80Q198MqXUWX0vjZ+z5ZnI6qiDVE14daNKAmCQ1Vj7JtpwwaU
2sbn3uv5LFwyUdrPXflmBi+BEsPKVOLndgdG0Iu27XMAfdn/zfWbL1QgeCVr3uXs
t+nO6CiOSWau23XSTHhF5tFJ+k4Tvl7+Apa42ShkInbVnE0zzOIHrQteHzBoU5HD
3H/f0VRLNGbTFVuCjidPzMDyfLE2dwcVKbdkD/E0ACGLl0dtbEZlJNUNPaD15dsO
6aET3A14U0i4m6dw9BWX38CZQXDx4taEmGl8NccCAwEAAaOCAl8wggJbMB0GA1Ud
DgQWBBTYouLvi/aY+hRjpCKHinuXTd+E6jAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
LzJLTGk3NHYybVBvVVk2UWloNHA3bDAzZmhPby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB1
BggrBgEFBQcBBwEB/wRmMGQwYgQCAAEwXAMEAMBHuAMEAMClfwMEAcCligMEAMCl
xgMEAMG0FAMEAMG0eQMEAMG37wMEAMHqUwMEAMHqVgMEAMHq/wMEAMHrSQMEAMHr
ggMEAMHrwTAMAwQAwkSfAwQAwkSgMA0GCSqGSIb3DQEBCwUAA4IBAQCzxS/r7AJC
kPIVJdit7p33YxzEBkc74+MXDy4fmopBdQy6XYt7GKVMq3Qi+/PyHWkjm1+AIsMa
bDnOEC1AzqwMLsTvbb6U1Ua3/jKANtqujgSVmGoyokEPlWwMPFzv6k1TaE0DaUU0
dh6dfFWbxI0IvGsRNbwDnKUjyqdqYkHJ+Vzts1OLnO3pH6xSHsp1aKtspIh07+7C
sEmV/1NgCUUTjDD176X9Nbwro6nfswCgGJhvzNHumH23XRY83QV7dgAnB/I7Jnez
A7dOoTnnx1tojnrsFOqE2Fhbhlq32qwTH++16NKXaLyY/eXSkVZNezE0bH2FK5Lx
P81h8B51nU4h
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org