Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/v9K0eDogDAVlpkcPsMpB-f3iXm8.roa
File: v9K0eDogDAVlpkcPsMpB-f3iXm8.roa (raw, json)
Hash identifier: XQWqwWhFNlwjIRheHmp9saPyzmu8opmuLBE1eI0EChs=
Subject key identifier: BF:D2:B4:78:3A:20:0C:05:65:A6:47:0F:B0:CA:41:F9:FD:E2:5E:6F
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 05DE5770
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/v9K0eDogDAVlpkcPsMpB-f3iXm8.roa
Signing time: Thu 10 Feb 2022 13:08:53 +0000
ROA not before: Thu 10 Feb 2022 13:08:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25211
IP address blocks: 94.26.79.0/24 maxlen: 24
91.92.33.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
78.159.128.0/24 maxlen: 24
91.92.35.0/24 maxlen: 24
78.159.129.0/24 maxlen: 24
91.92.40.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
78.159.137.0/24 maxlen: 24
78.159.138.0/24 maxlen: 24
91.92.44.0/24 maxlen: 24
91.92.41.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
78.159.136.0/24 maxlen: 24
78.159.139.0/24 maxlen: 24
91.92.46.0/24 maxlen: 24
93.152.213.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
91.92.47.0/24 maxlen: 24
91.92.45.0/24 maxlen: 24
91.92.50.0/24 maxlen: 24
91.92.51.0/24 maxlen: 24
93.152.212.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
94.26.28.0/24 maxlen: 24
94.26.29.0/24 maxlen: 24
185.96.253.0/24 maxlen: 24
185.96.252.0/24 maxlen: 24
185.96.255.0/24 maxlen: 24
94.26.76.0/24 maxlen: 24
94.26.78.0/24 maxlen: 24
94.26.77.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
91.92.53.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
91.92.52.0/24 maxlen: 24
78.159.152.0/22 maxlen: 22
78.159.149.0/24 maxlen: 24
78.159.150.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
78.159.158.0/24 maxlen: 24
93.152.225.0/24 maxlen: 24
78.159.156.0/24 maxlen: 24
93.152.224.0/24 maxlen: 24
78.159.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98457456 (0x5de5770)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Feb 10 13:08:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bfd2b4783a200c0565a6470fb0ca41f9fde25e6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:03:bc:60:a6:10:76:b6:67:34:99:30:7b:40:
b6:3c:04:b1:e6:54:29:78:f4:70:aa:f9:ef:58:01:
d8:03:11:83:f3:74:bf:c2:5b:7f:f0:be:2c:10:74:
a4:9e:aa:f6:18:2b:86:4e:7f:cd:d9:02:87:e6:ec:
51:04:b8:fd:ca:86:d6:cf:db:11:61:8d:8c:b6:45:
e7:77:43:74:a7:1b:79:78:1d:8d:c4:c7:6d:b7:82:
5b:ca:8d:f0:d8:e7:c9:c3:49:3d:d9:78:dd:ff:47:
09:f9:34:ad:99:f1:c1:57:00:2e:25:d0:54:2f:c5:
fb:f9:eb:5b:50:ee:08:75:35:8c:b0:fb:f5:55:03:
f4:a4:39:5b:57:91:07:30:1e:9c:00:98:aa:7a:7f:
87:1e:d6:3b:af:13:df:c0:84:c0:8a:c7:63:91:cf:
bf:d0:8e:93:03:14:ba:56:7b:c3:d1:ee:e5:df:88:
da:4e:e0:0b:36:fe:21:54:31:60:fa:80:e6:69:84:
a3:9d:2e:30:5b:45:77:25:c5:ca:08:ab:26:97:cb:
02:f1:59:59:97:66:cd:ab:c1:a2:2e:09:4c:fb:13:
73:71:4b:d5:7e:f2:06:4d:3b:db:5f:1f:ae:30:ac:
44:55:67:f9:f6:d8:29:62:8e:18:9c:83:31:f4:5a:
48:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:D2:B4:78:3A:20:0C:05:65:A6:47:0F:B0:CA:41:F9:FD:E2:5E:6F
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/v9K0eDogDAVlpkcPsMpB-f3iXm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.128.0/23
78.159.131.0/24
78.159.136.0/22
78.159.149.0-78.159.150.255
78.159.152.0-78.159.158.255
91.92.33.0/24
91.92.35.0/24
91.92.40.0/21
91.92.49.0-91.92.53.255
93.152.209.0/24
93.152.212.0-93.152.216.255
93.152.220.0/23
93.152.224.0/23
94.26.28.0/23
94.26.76.0/22
185.96.252.0/23
185.96.255.0/24
Signature Algorithm: sha256WithRSAEncryption
99:6b:1b:d6:05:4a:41:bb:29:06:b8:c9:34:56:f1:87:48:45:
78:c3:26:0b:22:26:c1:8f:b1:69:e3:99:8e:c9:d2:6b:26:4a:
22:fb:a4:3f:f6:22:8e:1b:13:44:af:1f:17:57:a1:ad:dc:72:
71:c3:37:b0:a3:34:cb:d1:08:c6:f6:93:ee:df:14:9c:c7:90:
13:d3:6b:1b:24:48:b8:eb:8d:45:49:e1:2f:01:43:72:d4:66:
c9:f0:6b:da:a9:9f:f6:7b:0d:4b:59:2d:b0:53:ab:d9:85:bc:
28:7d:28:1c:f1:2a:f4:a1:13:0e:ee:13:d0:16:82:1c:62:2c:
3d:6f:f2:18:18:74:5d:ae:49:46:b6:76:b3:7f:30:b4:e4:4c:
fb:fb:f8:9d:eb:4f:a8:51:29:04:98:22:cf:31:71:a2:49:1f:
a4:12:c8:1f:c9:d6:2c:1c:55:2a:4e:58:03:de:2e:07:69:ed:
9f:db:a4:f9:e4:12:14:f6:c1:b8:6a:86:b7:fb:08:46:3d:b8:
b9:68:3e:43:80:c3:d1:b2:d3:ba:bb:d4:43:a9:a3:6f:08:2e:
c0:4d:89:c1:7f:da:f8:fa:d2:e1:d0:ca:74:49:67:5d:2a:1b:
23:06:e1:04:5c:ac:7b:f6:77:b8:bf:58:07:dc:bc:25:7d:b6:
e0:f7:e1:78
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgIEBd5XcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDFjYWE2OTM1OGY4Yzk4ZjdhNzE5ZjI1OTdkNWRhZGRiZDAwMThjMB4XDTIyMDIx
MDEzMDg1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmZkMmI0NzgzYTIw
MGMwNTY1YTY0NzBmYjBjYTQxZjlmZGUyNWU2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALkDvGCmEHa2ZzSZMHtAtjwEseZUKXj0cKr571gB2AMRg/N0
v8Jbf/C+LBB0pJ6q9hgrhk5/zdkCh+bsUQS4/cqG1s/bEWGNjLZF53dDdKcbeXgd
jcTHbbeCW8qN8NjnycNJPdl43f9HCfk0rZnxwVcALiXQVC/F+/nrW1DuCHU1jLD7
9VUD9KQ5W1eRBzAenACYqnp/hx7WO68T38CEwIrHY5HPv9COkwMUulZ7w9Hu5d+I
2k7gCzb+IVQxYPqA5mmEo50uMFtFdyXFygirJpfLAvFZWZdmzavBoi4JTPsTc3FL
1X7yBk07218frjCsRFVn+fbYKWKOGJyDMfRaSIECAwEAAaOCAo4wggKKMB0GA1Ud
DgQWBBS/0rR4OiAMBWWmRw+wykH5/eJebzAfBgNVHSMEGDAWgBQtHKppNY+MmPen
GfJZfV2t29ABjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8x
L3Y5SzBlRG9nREFWbHBrY1BzTXBCLWYzaVhtOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8xL0xSeXFhVFdQakpq
M3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
owYIKwYBBQUHAQcBAf8EgZMwgZAwgY0EAgABMIGGAwQBTp+AAwQATp+DAwQCTp+I
MAwDBABOn5UDBABOn5YwDAMEA06fmAMEAE6fngMEAFtcIQMEAFtcIwMEA1tcKDAM
AwQAW1wxAwQBW1w0AwQAXZjRMAwDBAJdmNQDBABdmNgDBAFdmNwDBAFdmOADBAFe
GhwDBAJeGkwDBAG5YPwDBAC5YP8wDQYJKoZIhvcNAQELBQADggEBAJlrG9YFSkG7
KQa4yTRW8YdIRXjDJgsiJsGPsWnjmY7J0msmSiL7pD/2Io4bE0SvHxdXoa3ccnHD
N7CjNMvRCMb2k+7fFJzHkBPTaxskSLjrjUVJ4S8BQ3LUZsnwa9qpn/Z7DUtZLbBT
q9mFvCh9KBzxKvShEw7uE9AWghxiLD1v8hgYdF2uSUa2drN/MLTkTPv7+J3rT6hR
KQSYIs8xcaJJH6QSyB/J1iwcVSpOWAPeLgdp7Z/bpPnkEhT2wbhqhrf7CEY9uLlo
PkOAw9Gy07q71EOpo28ILsBNicF/2vj60uHQynRJZ10qGyMG4QRcrHv2d7i/WAfc
vCV9tuD34Xg=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:07 2023 by rpki-client on console-fra.rpki-client.org