Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/99FDApjUk_YICm1AzwV4gMdsEtA.roa
File: 99FDApjUk_YICm1AzwV4gMdsEtA.roa (raw, json)
Hash identifier: 5rHj6PQRZ9X4V7BtIoQt5yJYreQUwwrwRgKOiRF2z8Q=
Subject key identifier: F7:D1:43:02:98:D4:93:F6:08:0A:6D:40:CF:05:78:80:C7:6C:12:D0
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 445B39F7
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/99FDApjUk_YICm1AzwV4gMdsEtA.roa
Signing time: Tue 28 Jun 2022 09:22:13 +0000
ROA not before: Tue 28 Jun 2022 09:22:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197942
IP address blocks: 193.234.81.0/24 maxlen: 24
194.103.18.0/24 maxlen: 24
193.180.160.0/23 maxlen: 23
192.36.180.0/24 maxlen: 24
194.71.64.0/22 maxlen: 22
194.71.68.0/22 maxlen: 22
194.14.218.0/24 maxlen: 24
194.71.72.0/21 maxlen: 21
194.71.81.0/24 maxlen: 24
194.71.80.0/24 maxlen: 24
194.71.82.0/24 maxlen: 24
193.183.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1146829303 (0x445b39f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jun 28 09:22:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f7d1430298d493f6080a6d40cf057880c76c12d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:06:84:62:86:82:cf:42:51:9f:c0:c1:53:b4:
ee:62:c9:d1:54:60:d7:a0:75:ed:52:6c:aa:72:3e:
e5:ea:5d:0b:5a:bc:ff:16:0e:85:48:2a:a4:df:09:
cb:d3:70:d3:81:04:59:cd:33:62:16:42:17:d3:4f:
d5:e8:0d:3c:97:20:2b:d3:05:e8:81:d5:68:95:7c:
70:1e:1d:f6:2f:d4:dd:37:f9:6f:09:4e:60:0a:27:
82:f5:ca:ca:67:b8:1e:e4:8a:23:ad:7d:56:a7:dc:
e9:f7:70:d1:41:1a:20:3d:8f:33:e4:3e:fc:74:9b:
16:6d:b7:eb:71:86:c9:f3:48:de:98:dd:75:04:18:
d6:86:bd:8f:b8:4d:0b:f4:8f:23:4c:ed:ac:e0:9e:
60:2f:d5:0d:5d:8a:80:05:8b:ec:b9:bf:5d:e7:b1:
a2:3d:27:33:dd:c6:3a:06:c6:b8:97:4b:a3:02:79:
d5:f6:9b:4f:41:25:2c:e3:d8:ee:74:be:48:55:45:
8e:30:ca:7d:7c:e1:df:65:f3:93:ad:da:f1:f2:48:
45:b7:c3:39:93:6d:07:f1:a3:a5:2f:c2:c0:f5:c9:
df:5e:8c:06:ff:76:b2:c7:46:f8:af:35:99:d6:fa:
41:ff:ee:99:b5:c3:58:8d:29:9c:cc:7b:c2:f4:2d:
5b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:D1:43:02:98:D4:93:F6:08:0A:6D:40:CF:05:78:80:C7:6C:12:D0
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/99FDApjUk_YICm1AzwV4gMdsEtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.180.0/24
193.180.160.0/23
193.183.188.0/24
193.234.81.0/24
194.14.218.0/24
194.71.64.0-194.71.82.255
194.103.18.0/24
Signature Algorithm: sha256WithRSAEncryption
30:9e:3c:67:0c:67:ef:8f:e1:b6:8f:d5:63:7f:ee:a2:2e:52:
c4:28:ee:9a:b9:3b:40:b8:b4:ab:67:e3:25:01:dc:36:06:9c:
de:63:14:8f:ec:e7:bc:db:90:f3:cc:d3:87:e8:00:30:69:25:
0f:48:00:1a:03:3e:01:0b:5f:e9:5c:49:07:25:99:17:75:b1:
5e:cd:7e:31:07:8c:a4:cf:88:f1:39:28:fb:8c:3d:1a:fe:b3:
41:40:4e:94:56:e2:bd:b6:5b:9a:41:54:ce:b3:4d:72:60:70:
b7:1e:ab:1c:12:f6:b2:5b:e2:84:d8:b1:1a:de:0b:72:a3:e5:
79:ed:8b:26:14:f0:81:04:28:c2:1f:96:56:fa:0b:e3:f7:0e:
15:7c:53:dc:ed:05:64:5c:d6:8e:dd:49:33:8d:ba:f4:59:36:
a0:c0:ba:5e:e4:ab:fb:88:28:7c:fc:1a:01:87:98:c0:59:c1:
2c:94:08:1b:c9:88:9c:1f:72:a7:33:09:a7:73:85:41:2f:7a:
a5:4f:b9:6e:b8:81:1d:dc:e1:11:4f:6b:17:c3:a5:f2:22:af:
d8:c7:b4:01:67:b2:35:7f:d0:a0:70:f2:49:61:80:f4:8f:96:
6c:76:af:6c:c9:ae:0f:65:05:2c:98:79:38:8d:7b:e5:9e:d6:
93:5e:4a:79
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIERFs59zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDYy
ODA5MjIxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjdkMTQzMDI5OGQ0
OTNmNjA4MGE2ZDQwY2YwNTc4ODBjNzZjMTJkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPIGhGKGgs9CUZ/AwVO07mLJ0VRg16B17VJsqnI+5epdC1q8
/xYOhUgqpN8Jy9Nw04EEWc0zYhZCF9NP1egNPJcgK9MF6IHVaJV8cB4d9i/U3Tf5
bwlOYAongvXKyme4HuSKI619Vqfc6fdw0UEaID2PM+Q+/HSbFm2363GGyfNI3pjd
dQQY1oa9j7hNC/SPI0ztrOCeYC/VDV2KgAWL7Lm/Xeexoj0nM93GOgbGuJdLowJ5
1fabT0ElLOPY7nS+SFVFjjDKfXzh32Xzk63a8fJIRbfDOZNtB/GjpS/CwPXJ316M
Bv92ssdG+K81mdb6Qf/umbXDWI0pnMx7wvQtWwUCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBT30UMCmNST9ggKbUDPBXiAx2wS0DAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
Lzk5RkRBcGpVa19ZSUNtMUF6d1Y0Z01kc0V0QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMgMEAMAktAMEAcG0oAMEAMG3vAMEAMHq
UQMEAMIO2jAMAwQGwkdAAwQAwkdSAwQAwmcSMA0GCSqGSIb3DQEBCwUAA4IBAQAw
njxnDGfvj+G2j9Vjf+6iLlLEKO6auTtAuLSrZ+MlAdw2BpzeYxSP7Oe825DzzNOH
6AAwaSUPSAAaAz4BC1/pXEkHJZkXdbFezX4xB4ykz4jxOSj7jD0a/rNBQE6UVuK9
tluaQVTOs01yYHC3HqscEvayW+KE2LEa3gtyo+V57YsmFPCBBCjCH5ZW+gvj9w4V
fFPc7QVkXNaO3Ukzjbr0WTagwLpe5Kv7iCh8/BoBh5jAWcEslAgbyYicH3KnMwmn
c4VBL3qlT7luuIEd3OERT2sXw6XyIq/Yx7QBZ7I1f9CgcPJJYYD0j5Zsdq9sya4P
ZQUsmHk4jXvlntaTXkp5
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:38 2023 by rpki-client on console-ams.rpki-client.org