Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/7bAim8IcqR9P7B_AE54y-IYjqHA.roa
File: 7bAim8IcqR9P7B_AE54y-IYjqHA.roa (raw, json)
Hash identifier: E8s9cN7IYdOF+pRDnhwR6TJxG8aRVYHnXmIEUp+CUrY=
Subject key identifier: ED:B0:22:9B:C2:1C:A9:1F:4F:EC:1F:C0:13:9E:32:F8:86:23:A8:70
Certificate issuer: /CN=89b332d57ce14fab1ebd746817dd701062c74a88
Certificate serial: 0EAF42F4
Authority key identifier: 89:B3:32:D5:7C:E1:4F:AB:1E:BD:74:68:17:DD:70:10:62:C7:4A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ibMy1XzhT6sevXRoF91wEGLHSog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/7bAim8IcqR9P7B_AE54y-IYjqHA.roa
Signing time: Tue 24 May 2022 12:55:15 +0000
ROA not before: Tue 24 May 2022 12:55:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34572
IP address blocks: 83.173.72.0/21 maxlen: 21
83.173.88.0/21 maxlen: 24
83.173.92.0/24 maxlen: 24
83.173.96.0/21 maxlen: 21
83.173.112.0/22 maxlen: 22
83.173.113.0/24 maxlen: 24
83.173.114.0/24 maxlen: 24
185.170.151.0/24 maxlen: 24
83.173.64.0/21 maxlen: 21
83.173.64.0/19 maxlen: 19
2a02:6100::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 246366964 (0xeaf42f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89b332d57ce14fab1ebd746817dd701062c74a88
Validity
Not Before: May 24 12:55:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=edb0229bc21ca91f4fec1fc0139e32f88623a870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:72:f5:5a:85:68:bc:79:29:80:2f:a9:99:82:
ea:6e:f6:d5:3c:d7:06:66:c7:d3:3a:d9:58:1e:9f:
3f:66:6c:fa:13:26:b9:62:1e:ea:b0:16:fe:fd:13:
b3:77:ad:a7:26:af:a6:f2:e2:b8:1a:41:d0:d5:f3:
f8:2c:ce:d9:65:7e:9e:f9:47:e6:59:74:01:cb:37:
fa:04:ae:28:8d:59:e3:2b:dd:99:9b:82:34:21:ae:
97:ae:6c:fc:93:c4:16:bc:32:ea:38:08:53:be:80:
92:4e:60:42:f0:e0:ab:6f:c7:61:61:91:37:f2:e0:
9a:50:27:9d:37:2c:01:95:64:29:41:26:f0:05:b3:
b3:c0:07:d1:ae:cb:d0:fa:25:bb:7b:e3:ab:81:5b:
f6:66:a4:2b:e1:0f:2b:df:bd:ff:9f:48:0d:cf:06:
4e:76:f0:52:96:07:cd:4e:82:90:2f:e6:ee:fc:41:
3a:1d:6f:c7:cc:16:6f:82:c8:e3:6b:e4:78:3b:fa:
8a:56:38:3a:f0:c7:2f:95:71:ff:aa:90:6d:e1:e4:
26:ee:15:20:8c:89:00:e9:cd:c3:8b:e0:ca:f0:d7:
03:61:f0:d0:1a:78:2e:8a:59:27:60:35:e1:16:40:
31:bc:a7:5c:e4:a4:52:a7:8f:1f:a7:46:eb:46:45:
84:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:B0:22:9B:C2:1C:A9:1F:4F:EC:1F:C0:13:9E:32:F8:86:23:A8:70
X509v3 Authority Key Identifier:
keyid:89:B3:32:D5:7C:E1:4F:AB:1E:BD:74:68:17:DD:70:10:62:C7:4A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibMy1XzhT6sevXRoF91wEGLHSog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/7bAim8IcqR9P7B_AE54y-IYjqHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/ibMy1XzhT6sevXRoF91wEGLHSog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.173.64.0-83.173.103.255
83.173.112.0/22
185.170.151.0/24
IPv6:
2a02:6100::/32
Signature Algorithm: sha256WithRSAEncryption
1e:c3:c3:f4:26:88:fe:d3:ff:70:97:1c:94:f5:ea:f1:1d:33:
8a:08:8b:68:b3:09:1b:b3:9a:d0:6e:f7:2c:e6:44:30:ae:e6:
be:85:d0:95:34:4b:24:bd:83:2d:84:cf:e4:2f:e5:f0:6a:20:
61:6d:22:32:e3:78:3a:a1:3d:36:51:8c:a2:45:ca:27:d0:e8:
0b:32:8f:88:01:53:90:7e:fd:49:82:b2:95:eb:2e:0d:02:e6:
9c:1e:6f:7a:a1:3a:c4:43:d5:3c:d7:0e:70:d6:6a:47:65:86:
30:3d:fb:af:20:ef:f2:6c:bd:b6:34:53:65:d4:f8:b3:ca:d5:
cd:5a:f6:8f:e1:c5:18:13:56:2a:42:8c:29:d6:21:73:35:d6:
d0:c4:2d:5b:4f:db:63:07:c6:d1:1b:fc:ff:8d:58:25:93:38:
6a:32:56:f1:29:64:e9:03:59:f6:0d:9e:bd:63:7d:28:4f:58:
fd:0e:fd:a0:6c:42:72:f1:d4:b0:7d:88:2d:dc:71:10:45:bf:
d9:f4:f8:a7:b2:44:97:49:01:66:9e:4b:d7:cf:e8:82:28:ef:
ea:2e:35:8b:7d:42:8f:a8:a0:b1:bb:32:dc:6e:46:d6:62:89:
8c:1a:86:fe:58:39:f6:da:a4:ec:03:2f:33:3c:99:e7:72:14:
ed:69:a2:40
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEDq9C9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OWIzMzJkNTdjZTE0ZmFiMWViZDc0NjgxN2RkNzAxMDYyYzc0YTg4MB4XDTIyMDUy
NDEyNTUxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWRiMDIyOWJjMjFj
YTkxZjRmZWMxZmMwMTM5ZTMyZjg4NjIzYTg3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJFy9VqFaLx5KYAvqZmC6m721TzXBmbH0zrZWB6fP2Zs+hMm
uWIe6rAW/v0Ts3etpyavpvLiuBpB0NXz+CzO2WV+nvlH5ll0Acs3+gSuKI1Z4yvd
mZuCNCGul65s/JPEFrwy6jgIU76Akk5gQvDgq2/HYWGRN/LgmlAnnTcsAZVkKUEm
8AWzs8AH0a7L0Polu3vjq4Fb9makK+EPK9+9/59IDc8GTnbwUpYHzU6CkC/m7vxB
Oh1vx8wWb4LI42vkeDv6ilY4OvDHL5Vx/6qQbeHkJu4VIIyJAOnNw4vgyvDXA2Hw
0Bp4LopZJ2A14RZAMbynXOSkUqePH6dG60ZFhI8CAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBTtsCKbwhypH0/sH8ATnjL4hiOocDAfBgNVHSMEGDAWgBSJszLVfOFPqx69
dGgX3XAQYsdKiDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2liTXkxWHpoVDZzZXZYUm9GOTF3RUdMSFNvZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvODE3MTlkLTQ2N2MtNGFmNy1hODI0LTQ2YTBkZjc3NGZlMS8x
LzdiQWltOEljcVI5UDdCX0FFNTR5LUlZanFIQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
ODE3MTlkLTQ2N2MtNGFmNy1hODI0LTQ2YTBkZjc3NGZlMS8xL2liTXkxWHpoVDZz
ZXZYUm9GOTF3RUdMSFNvZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGjAMAwQGU61AAwQDU61gAwQCU61wAwQA
uaqXMA0EAgACMAcDBQAqAmEAMA0GCSqGSIb3DQEBCwUAA4IBAQAew8P0Joj+0/9w
lxyU9erxHTOKCItoswkbs5rQbvcs5kQwrua+hdCVNEskvYMthM/kL+XwaiBhbSIy
43g6oT02UYyiRcon0OgLMo+IAVOQfv1JgrKV6y4NAuacHm96oTrEQ9U81w5w1mpH
ZYYwPfuvIO/ybL22NFNl1PizytXNWvaP4cUYE1YqQowp1iFzNdbQxC1bT9tjB8bR
G/z/jVglkzhqMlbxKWTpA1n2DZ69Y30oT1j9Dv2gbEJy8dSwfYgt3HEQRb/Z9Pin
skSXSQFmnkvXz+iCKO/qLjWLfUKPqKCxuzLcbkbWYomMGob+WDn22qTsAy8zPJnn
chTtaaJA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:41 2024 by rpki-client on console-ams.rpki-client.org