Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/aaDESG4kqo62HAPcp9XTMCalg4s.roa
File: aaDESG4kqo62HAPcp9XTMCalg4s.roa (raw, json)
Hash identifier: tT6ueMd1LFqQKxRDaxhdsanEGdz10GqWlQuCblaJB1o=
Subject key identifier: 69:A0:C4:48:6E:24:AA:8E:B6:1C:03:DC:A7:D5:D3:30:26:A5:83:8B
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01850AEA1F4257FF996356D5CA1DE2D02EFD
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/aaDESG4kqo62HAPcp9XTMCalg4s.roa
Signing time: Tue 13 Dec 2022 09:56:33 +0000
ROA not before: Tue 13 Dec 2022 09:56:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3301
IP address blocks: 194.14.155.0/24 maxlen: 24
194.68.127.0/24 maxlen: 24
194.14.156.0/24 maxlen: 24
194.14.154.0/24 maxlen: 24
194.103.240.0/20 maxlen: 20
192.165.229.0/24 maxlen: 24
193.182.190.0/24 maxlen: 24
194.68.72.0/22 maxlen: 22
194.68.76.0/23 maxlen: 23
194.68.79.0/24 maxlen: 24
194.132.95.0/24 maxlen: 24
192.36.96.0/24 maxlen: 24
194.14.245.0/24 maxlen: 24
193.180.7.0/24 maxlen: 24
192.121.40.0/24 maxlen: 24
192.121.50.0/23 maxlen: 23
192.121.52.0/24 maxlen: 24
192.176.124.0/24 maxlen: 24
194.132.188.0/23 maxlen: 23
194.132.190.0/23 maxlen: 23
193.183.230.0/23 maxlen: 23
193.183.228.0/23 maxlen: 23
192.165.95.0/24 maxlen: 24
193.183.236.0/23 maxlen: 23
192.165.12.0/24 maxlen: 24
192.165.31.0/24 maxlen: 24
192.121.115.0/24 maxlen: 24
192.165.173.0/24 maxlen: 24
192.121.229.0/24 maxlen: 24
192.165.180.0/24 maxlen: 24
193.182.152.0/23 maxlen: 23
193.182.152.0/24 maxlen: 24
193.182.153.0/24 maxlen: 24
193.180.176.0/24 maxlen: 24
193.180.175.0/24 maxlen: 24
193.182.107.0/24 maxlen: 24
193.182.126.0/24 maxlen: 24
193.234.185.0/24 maxlen: 24
193.234.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0a:ea:1f:42:57:ff:99:63:56:d5:ca:1d:e2:d0:2e:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Dec 13 09:56:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69a0c4486e24aa8eb61c03dca7d5d33026a5838b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:8f:33:8b:98:f6:dc:01:fb:47:8d:b2:1a:50:
06:77:7e:a2:0f:5b:93:95:78:43:45:88:ae:28:9e:
ba:5e:7c:5d:ec:85:5f:5c:7c:9b:3c:72:92:49:0f:
77:2f:96:4c:4e:68:da:55:dc:0c:5a:2d:39:6a:e4:
f1:21:11:29:d0:dd:10:34:1e:db:99:3d:b3:33:92:
b4:bf:70:60:3c:06:05:0f:55:3b:ed:98:25:d9:95:
86:43:fd:11:00:40:e8:4a:9d:2e:24:40:89:f2:f1:
02:31:16:a0:ab:59:fd:85:74:14:6d:9b:df:5d:e1:
81:ed:e4:73:1f:f8:bb:19:49:0f:f1:d7:3d:74:93:
6c:43:a7:73:22:a0:27:cc:51:b0:1d:5d:7d:cc:dd:
3c:08:a0:9c:f2:37:0d:98:f8:f8:06:cf:bd:e8:56:
95:56:ec:c8:68:a9:53:5a:9b:2b:a9:a1:99:b5:d8:
44:9b:a4:ec:54:0d:af:81:4d:f6:3d:1c:9b:54:8b:
10:44:73:a9:4b:75:a2:f4:63:f0:6a:c2:c3:22:bc:
f0:07:80:81:df:c9:13:35:04:76:9e:b9:2a:47:54:
ad:1e:37:83:83:b2:41:5a:65:10:28:03:c6:b8:2e:
e6:3b:9b:e5:3a:c1:85:a8:57:18:b6:c4:1f:e9:ab:
4e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A0:C4:48:6E:24:AA:8E:B6:1C:03:DC:A7:D5:D3:30:26:A5:83:8B
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/aaDESG4kqo62HAPcp9XTMCalg4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.96.0/24
192.121.40.0/24
192.121.50.0-192.121.52.255
192.121.115.0/24
192.121.229.0/24
192.165.12.0/24
192.165.31.0/24
192.165.95.0/24
192.165.173.0/24
192.165.180.0/24
192.165.229.0/24
192.176.124.0/24
193.180.7.0/24
193.180.175.0-193.180.176.255
193.182.107.0/24
193.182.126.0/24
193.182.152.0/23
193.182.190.0/24
193.183.228.0/22
193.183.236.0/23
193.234.184.0/23
194.14.154.0-194.14.156.255
194.14.245.0/24
194.68.72.0-194.68.77.255
194.68.79.0/24
194.68.127.0/24
194.103.240.0/20
194.132.95.0/24
194.132.188.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:f9:5e:7e:d6:87:b5:a5:dc:0e:28:b8:d1:97:fb:cd:8e:bc:
22:8f:cd:63:15:a0:95:80:b1:5b:1d:cc:c2:2a:63:ff:cd:59:
d7:b2:87:34:50:f8:e7:63:6b:af:66:44:16:da:cc:55:bd:d5:
54:2b:f5:ba:51:8b:69:77:47:99:e7:82:f0:23:75:46:96:96:
bc:ec:cc:0c:eb:cd:eb:18:5f:4e:d3:e1:43:8b:22:fe:45:d2:
46:ff:ca:a9:77:47:24:82:92:9b:4d:21:4b:c6:b5:88:ec:48:
96:8f:23:5d:96:78:db:19:b1:39:5b:4f:af:f3:50:c4:52:22:
f1:9a:dc:ce:81:c5:00:18:83:b8:7b:8c:a8:0a:3b:41:34:b3:
ac:cd:8e:59:f4:ef:47:6d:7c:cf:eb:07:63:7f:81:1a:14:6e:
b8:df:de:d8:29:43:a1:9a:76:81:f9:c4:74:2e:31:5c:65:d0:
98:76:0a:8f:c1:c8:03:5e:fc:60:b7:99:21:be:ae:23:45:1b:
cb:2f:52:fa:a2:ad:ca:cb:bb:a4:5f:c1:7d:ea:9d:76:25:73:
e7:aa:fb:f6:08:a4:aa:dd:94:96:c9:07:a3:5a:2d:17:00:a6:
69:d3:ea:e0:56:05:4a:2e:f2:1b:f2:d6:66:d5:bf:eb:1e:d6:
02:14:45:ed
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAYUK6h9CV/+ZY1bVyh3i0C79MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjIxMjEzMDk1NjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWEwYzQ0ODZlMjRhYThlYjYxYzAzZGNhN2Q1ZDMzMDI2YTU4MzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0o8zi5j23AH7R42yGlAGd36iD1uT
lXhDRYiuKJ66Xnxd7IVfXHybPHKSSQ93L5ZMTmjaVdwMWi05auTxIREp0N0QNB7b
mT2zM5K0v3BgPAYFD1U77Zgl2ZWGQ/0RAEDoSp0uJECJ8vECMRagq1n9hXQUbZvf
XeGB7eRzH/i7GUkP8dc9dJNsQ6dzIqAnzFGwHV19zN08CKCc8jcNmPj4Bs+96FaV
VuzIaKlTWpsrqaGZtdhEm6TsVA2vgU32PRybVIsQRHOpS3Wi9GPwasLDIrzwB4CB
38kTNQR2nrkqR1StHjeDg7JBWmUQKAPGuC7mO5vlOsGFqFcYtsQf6atOvQIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFGmgxEhuJKqOthwD3KfV0zAmpYOLMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvYWFERVNHNGtxbzYySEFQY3A5WFRNQ2FsZzRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DCB1QQCAAEwgc4DBADA
JGADBADAeSgwDAMEAcB5MgMEAMB5NAMEAMB5cwMEAMB55QMEAMClDAMEAMClHwME
AMClXwMEAMClrQMEAMCltAMEAMCl5QMEAMCwfAMEAMG0BzAMAwQAwbSvAwQAwbSw
AwQAwbZrAwQAwbZ+AwQBwbaYAwQAwba+AwQCwbfkAwQBwbfsAwQBweq4MAwDBAHC
DpoDBADCDpwDBADCDvUwDAMEA8JESAMEAcJETAMEAMJETwMEAMJEfwMEBMJn8AME
AMKEXwMEAsKEvDANBgkqhkiG9w0BAQsFAAOCAQEAPvleftaHtaXcDii40Zf7zY68
Io/NYxWglYCxWx3Mwipj/81Z17KHNFD452Nrr2ZEFtrMVb3VVCv1ulGLaXdHmeeC
8CN1RpaWvOzMDOvN6xhfTtPhQ4si/kXSRv/KqXdHJIKSm00hS8a1iOxIlo8jXZZ4
2xmxOVtPr/NQxFIi8ZrczoHFABiDuHuMqAo7QTSzrM2OWfTvR218z+sHY3+BGhRu
uN/e2ClDoZp2gfnEdC4xXGXQmHYKj8HIA178YLeZIb6uI0Ubyy9S+qKtysu7pF/B
feqddiVz56r79gikqt2UlskHo1otFwCmadPq4FYFSi7yG/LWZtW/6x7WAhRF7Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org