Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/t_3dLgjKb5JuiwNLXP1fByKyJTA.roa
File: t_3dLgjKb5JuiwNLXP1fByKyJTA.roa (raw, json)
Hash identifier: bhmAWk1NxqotXcw4SRr7lpRYfpmzrdPcqnTAcsGtHyM=
Subject key identifier: B7:FD:DD:2E:08:CA:6F:92:6E:8B:03:4B:5C:FD:5F:07:22:B2:25:30
Certificate issuer: /CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Certificate serial: 09429FAD
Authority key identifier: E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/t_3dLgjKb5JuiwNLXP1fByKyJTA.roa
Signing time: Sat 01 Jan 2022 03:55:32 +0000
ROA not before: Sat 01 Jan 2022 03:55:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8400
IP address blocks: 178.220.0.0/15 maxlen: 15
109.92.0.0/15 maxlen: 15
178.223.128.0/18 maxlen: 18
93.87.38.0/24 maxlen: 24
77.46.128.0/17 maxlen: 17
79.101.0.0/16 maxlen: 16
212.200.0.0/21 maxlen: 21
93.87.39.0/24 maxlen: 24
212.200.0.0/17 maxlen: 17
93.87.50.0/24 maxlen: 24
212.200.0.0/16 maxlen: 16
212.200.8.0/22 maxlen: 22
195.178.32.0/19 maxlen: 19
212.200.12.0/23 maxlen: 23
178.222.0.0/16 maxlen: 16
178.223.192.0/19 maxlen: 19
212.200.50.0/24 maxlen: 24
212.200.45.0/24 maxlen: 24
185.190.152.0/22 maxlen: 22
212.200.192.0/19 maxlen: 19
91.150.64.0/18 maxlen: 18
79.101.21.0/24 maxlen: 24
212.200.123.0/24 maxlen: 24
212.200.132.0/24 maxlen: 24
212.200.128.0/17 maxlen: 17
212.200.128.0/18 maxlen: 18
93.86.0.0/15 maxlen: 15
178.223.0.0/17 maxlen: 17
212.200.224.0/24 maxlen: 24
212.200.226.0/23 maxlen: 23
91.150.91.0/24 maxlen: 24
212.200.225.0/24 maxlen: 24
212.200.232.0/21 maxlen: 21
212.200.228.0/22 maxlen: 22
212.200.240.0/20 maxlen: 20
2a00:e90::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155361197 (0x9429fad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Validity
Not Before: Jan 1 03:55:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7fddd2e08ca6f926e8b034b5cfd5f0722b22530
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c5:3c:5d:7f:37:04:29:6b:ed:67:2e:ed:ba:
4a:ee:b4:2d:6d:61:04:e6:4a:c7:e5:42:76:c6:1e:
d4:fd:8a:57:9b:bb:c8:2e:99:ef:34:7d:8f:bf:03:
f1:70:e6:e7:67:89:90:fb:87:c7:96:6f:cf:6d:53:
82:56:c4:5b:c9:17:df:0c:a4:f4:56:5e:09:9a:dd:
39:9e:5f:16:0f:ed:b7:c4:f4:a7:09:86:3a:98:c8:
d4:96:dd:78:6b:55:b0:35:4f:81:7d:8f:e6:9a:c1:
35:d8:7b:e4:28:8d:b9:c9:14:6f:91:67:63:8a:0b:
dc:8d:e3:a6:7c:f1:60:6b:3a:9d:f0:81:dd:b9:23:
d3:dd:74:69:42:0b:9b:d0:92:86:40:f1:9f:b6:4b:
b3:8c:82:c3:a8:7a:b0:a7:0f:20:46:82:bc:84:c8:
c5:69:01:bb:46:76:a3:33:7b:0f:be:c9:57:91:0b:
68:86:be:e5:32:84:1f:d1:ca:70:48:ad:2c:0c:2f:
e2:84:a9:68:2a:09:e7:2b:12:c4:d3:fc:7f:46:a0:
2f:91:3f:c4:3d:1a:98:8a:a4:1f:01:05:91:d1:c7:
2c:60:a1:bf:28:74:20:12:2b:cc:f9:4b:a3:82:fc:
f3:c8:f2:48:16:ad:65:f4:d6:04:ff:b0:c7:c8:f7:
95:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:FD:DD:2E:08:CA:6F:92:6E:8B:03:4B:5C:FD:5F:07:22:B2:25:30
X509v3 Authority Key Identifier:
keyid:E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/t_3dLgjKb5JuiwNLXP1fByKyJTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.46.128.0/17
79.101.0.0/16
91.150.64.0/18
93.86.0.0/15
109.92.0.0/15
178.220.0.0-178.223.223.255
185.190.152.0/22
195.178.32.0/19
212.200.0.0/16
IPv6:
2a00:e90::/32
Signature Algorithm: sha256WithRSAEncryption
6a:1a:a4:5a:8c:56:13:28:91:1f:57:12:e1:e9:f8:b8:15:5e:
58:41:fc:b8:70:d2:88:29:33:6b:e1:5b:fa:44:bc:99:fc:aa:
4c:42:97:13:d6:e3:86:7d:74:71:69:da:cd:e4:78:6b:dc:7f:
e0:be:90:70:54:c9:e0:39:bf:9e:90:5c:26:8e:31:0e:73:06:
d0:6d:f3:54:05:e9:e6:94:db:46:c2:f9:ec:cc:88:02:70:7c:
e9:96:07:88:4f:52:2b:c7:bc:36:37:cc:b1:7e:63:8c:43:06:
8e:40:83:29:d9:ae:d0:42:f3:c9:68:72:00:f5:7a:a9:7a:1a:
33:c4:96:aa:31:22:bb:8e:6a:73:d6:3e:1b:91:25:d5:3a:00:
80:6d:df:d0:ac:f6:7b:d0:86:4a:da:19:80:29:88:fe:1a:5f:
e4:ce:6d:2f:d6:4d:61:81:b5:87:69:83:bb:03:46:b4:ed:5f:
94:68:59:97:02:29:6e:75:67:d7:86:c2:ed:04:6f:a4:ba:7d:
25:2b:18:eb:2d:8c:db:06:cc:99:2b:36:4c:47:aa:50:e2:aa:
7a:40:0f:af:b2:aa:18:3a:74:ec:77:81:d5:34:a3:4c:39:a6:
67:ef:19:3d:e0:06:2f:08:3f:53:41:f5:70:65:98:7a:55:84:
82:72:08:83
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIECUKfrTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OWIxMzIwZmJjMjRkNmY0MzY2Y2I2NGZjZjVlZDJkN2IxYjZiZGY3MB4XDTIyMDEw
MTAzNTUzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjdmZGRkMmUwOGNh
NmY5MjZlOGIwMzRiNWNmZDVmMDcyMmIyMjUzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbFPF1/NwQpa+1nLu26Su60LW1hBOZKx+VCdsYe1P2KV5u7
yC6Z7zR9j78D8XDm52eJkPuHx5Zvz21TglbEW8kX3wyk9FZeCZrdOZ5fFg/tt8T0
pwmGOpjI1JbdeGtVsDVPgX2P5prBNdh75CiNuckUb5FnY4oL3I3jpnzxYGs6nfCB
3bkj0910aUILm9CShkDxn7ZLs4yCw6h6sKcPIEaCvITIxWkBu0Z2ozN7D77JV5EL
aIa+5TKEH9HKcEitLAwv4oSpaCoJ5ysSxNP8f0agL5E/xD0amIqkHwEFkdHHLGCh
vyh0IBIrzPlLo4L888jySBatZfTWBP+wx8j3lR8CAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBS3/d0uCMpvkm6LA0tc/V8HIrIlMDAfBgNVHSMEGDAWgBTpsTIPvCTW9DZs
tk/PXtLXsba99zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZiRXlEN3drMXZRMmJMWlB6MTdTMTdHMnZmYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvZGYxY2I1LTVmNDgtNDZhMC1hNzZlLWQzZTI4MDBiZDY0MC8x
L3RfM2RMZ2pLYjVKdWl3TkxYUDFmQnlLeUpUQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
ZGYxY2I1LTVmNDgtNDZhMC1hNzZlLWQzZTI4MDBiZDY0MC8xLzZiRXlEN3drMXZR
MmJMWlB6MTdTMTdHMnZmYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwPwQCAAEwOQMEB00ugAMDAE9lAwQGW5ZAAwMBXVYD
AwFtXDALAwMCstwDBAWy38ADBAK5vpgDBAXDsiADAwDUyDANBAIAAjAHAwUAKgAO
kDANBgkqhkiG9w0BAQsFAAOCAQEAahqkWoxWEyiRH1cS4en4uBVeWEH8uHDSiCkz
a+Fb+kS8mfyqTEKXE9bjhn10cWnazeR4a9x/4L6QcFTJ4Dm/npBcJo4xDnMG0G3z
VAXp5pTbRsL57MyIAnB86ZYHiE9SK8e8NjfMsX5jjEMGjkCDKdmu0ELzyWhyAPV6
qXoaM8SWqjEiu45qc9Y+G5El1ToAgG3f0Kz2e9CGStoZgCmI/hpf5M5tL9ZNYYG1
h2mDuwNGtO1flGhZlwIpbnVn14bC7QRvpLp9JSsY6y2M2wbMmSs2TEeqUOKqekAP
r7KqGDp07HeB1TSjTDmmZ+8ZPeAGLwg/U0H1cGWYelWEgnIIgw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:02 2024 by rpki-client on console-ams.rpki-client.org