Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/ihdFvJSUBGP636_tYKGefPQCG70.roa
File: ihdFvJSUBGP636_tYKGefPQCG70.roa (raw, json)
Hash identifier: 5qtDrK9ecOPoNaBZBsxAFWzJdoolUBCN+5uXVyx5/ZU=
Subject key identifier: 8A:17:45:BC:94:94:04:63:FA:DF:AF:ED:60:A1:9E:7C:F4:02:1B:BD
Certificate issuer: /CN=07a6a589ee848a8052238191b98035e775122725
Certificate serial: 02E4A1
Authority key identifier: 07:A6:A5:89:EE:84:8A:80:52:23:81:91:B9:80:35:E7:75:12:27:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B6alie6EioBSI4GRuYA153USJyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/ihdFvJSUBGP636_tYKGefPQCG70.roa
Signing time: Mon 06 Jun 2022 09:15:20 +0000
ROA not before: Mon 06 Jun 2022 09:15:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210218
IP address blocks: 80.249.124.0/22 maxlen: 22
78.40.164.0/22 maxlen: 22
94.240.56.0/22 maxlen: 22
78.40.160.0/22 maxlen: 22
77.75.58.0/23 maxlen: 23
77.75.56.0/23 maxlen: 23
91.243.184.0/22 maxlen: 22
193.46.172.0/22 maxlen: 22
45.12.248.0/22 maxlen: 22
194.76.204.0/22 maxlen: 22
195.225.120.0/22 maxlen: 22
193.36.232.0/22 maxlen: 22
91.197.196.0/22 maxlen: 22
193.19.200.0/22 maxlen: 22
2.58.138.0/23 maxlen: 23
2.58.136.0/23 maxlen: 23
193.56.16.0/22 maxlen: 22
194.147.8.0/22 maxlen: 22
193.56.248.0/22 maxlen: 22
178.175.184.0/22 maxlen: 22
95.214.124.0/23 maxlen: 23
95.214.126.0/23 maxlen: 23
193.58.184.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 189601 (0x2e4a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07a6a589ee848a8052238191b98035e775122725
Validity
Not Before: Jun 6 09:15:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a1745bc94940463fadfafed60a19e7cf4021bbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9d:7f:30:3e:83:bd:d6:00:c1:1a:d1:0e:8e:
d2:10:11:e7:83:fa:da:b2:21:3a:e6:71:1c:c1:a8:
5d:3e:c1:f5:b5:a5:90:f1:b0:8b:a9:e4:12:8c:d1:
25:d6:49:ff:a1:95:ab:d4:31:e0:62:8a:86:2a:4e:
a3:df:0f:ec:33:0d:24:0e:ed:e6:f9:af:d6:6a:c0:
af:6e:f1:fa:c4:9f:0d:07:fc:f3:0b:8a:91:fc:cf:
47:9b:5d:97:7f:40:a4:cc:f2:1a:b9:18:8d:bf:63:
b5:fe:13:26:c3:ce:4d:60:5e:9e:25:64:54:64:e6:
94:98:33:be:da:f5:65:31:4c:83:9e:41:86:73:a5:
e4:8e:3b:7d:d5:e7:5f:a0:b4:3a:47:8f:fb:e3:d2:
91:98:72:31:fd:6c:95:fb:b0:f9:3f:46:e4:12:b5:
3b:45:d9:6c:60:bc:ae:a1:8e:92:b5:c6:8f:59:9a:
80:c4:6e:96:10:2a:fd:56:f2:37:ea:37:58:42:79:
b2:60:ee:41:c5:ab:c6:bb:2c:42:85:24:d7:9d:d3:
18:4c:a0:01:e1:2f:47:ab:a6:a3:41:72:f1:72:e0:
02:6a:61:49:62:c0:25:53:fd:89:8f:01:0f:01:9e:
af:28:85:6e:a0:ff:fa:43:86:12:1f:20:30:b6:f9:
ff:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:17:45:BC:94:94:04:63:FA:DF:AF:ED:60:A1:9E:7C:F4:02:1B:BD
X509v3 Authority Key Identifier:
keyid:07:A6:A5:89:EE:84:8A:80:52:23:81:91:B9:80:35:E7:75:12:27:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B6alie6EioBSI4GRuYA153USJyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/ihdFvJSUBGP636_tYKGefPQCG70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/B6alie6EioBSI4GRuYA153USJyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.136.0/22
45.12.248.0/22
77.75.56.0/22
78.40.160.0/21
80.249.124.0/22
91.197.196.0/22
91.243.184.0/22
94.240.56.0/22
95.214.124.0/22
178.175.184.0/22
193.19.200.0/22
193.36.232.0/22
193.46.172.0/22
193.56.16.0/22
193.56.248.0/22
193.58.184.0/22
194.76.204.0/22
194.147.8.0/22
195.225.120.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:12:7b:f9:0d:90:78:aa:2a:4c:23:a4:ce:d4:d1:5f:8e:98:
f3:66:a5:77:7a:12:31:07:07:2f:82:19:19:de:71:a5:3d:c6:
7d:5f:6a:88:ec:4a:ca:08:26:cd:db:b8:ce:43:a6:a8:fc:9c:
d9:e4:7c:43:8f:68:d6:93:23:4b:58:8c:b9:ff:e4:a9:7e:34:
2c:45:d6:9d:1b:38:bc:49:46:f2:e1:e5:22:20:4f:2c:7e:05:
a4:ff:f1:6f:41:b7:51:f0:5e:d7:8d:e0:da:bd:0c:86:16:b7:
e8:6f:2c:ea:7e:f1:6e:69:d4:e3:29:04:cf:76:93:a6:b5:0d:
9a:5e:82:56:01:b3:b9:37:d5:8a:28:b4:f2:47:78:7e:c2:af:
84:c5:ff:31:f8:86:a7:d7:84:c7:f4:8e:65:56:4b:4a:e7:61:
e3:f8:9f:4e:56:79:bb:2e:0d:02:92:dc:23:34:5d:ea:8f:1e:
fc:c9:b3:56:1c:cb:e9:52:9f:d7:00:ad:dc:bc:3f:43:11:0d:
b6:26:cd:ae:32:8f:32:e4:be:b8:e4:8a:a4:79:34:3a:bf:0a:
5a:6a:79:56:fe:75:e0:ab:39:c5:65:f1:2d:84:39:53:cc:a5:
d4:7c:1e:8e:2e:5b:b6:99:33:4c:6a:1b:47:14:26:13:2d:16:
45:b2:ef:14
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIDAuShMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDA3
YTZhNTg5ZWU4NDhhODA1MjIzODE5MWI5ODAzNWU3NzUxMjI3MjUwHhcNMjIwNjA2
MDkxNTIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4YTE3NDViYzk0OTQw
NDYzZmFkZmFmZWQ2MGExOWU3Y2Y0MDIxYmJkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApJ1/MD6DvdYAwRrRDo7SEBHng/rasiE65nEcwahdPsH1taWQ
8bCLqeQSjNEl1kn/oZWr1DHgYoqGKk6j3w/sMw0kDu3m+a/WasCvbvH6xJ8NB/zz
C4qR/M9Hm12Xf0CkzPIauRiNv2O1/hMmw85NYF6eJWRUZOaUmDO+2vVlMUyDnkGG
c6Xkjjt91edfoLQ6R4/749KRmHIx/WyV+7D5P0bkErU7RdlsYLyuoY6StcaPWZqA
xG6WECr9VvI36jdYQnmyYO5BxavGuyxChSTXndMYTKAB4S9Hq6ajQXLxcuACamFJ
YsAlU/2JjwEPAZ6vKIVuoP/6Q4YSHyAwtvn/WQIDAQABo4ICdjCCAnIwHQYDVR0O
BBYEFIoXRbyUlARj+t+v7WChnnz0Ahu9MB8GA1UdIwQYMBaAFAempYnuhIqAUiOB
kbmANed1EiclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
QjZhbGllNkVpb0JTSTRHUnVZQTE1M1VTSnlVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lNC83ZmFmNWUtNzQzNS00OWZlLWFjZDctMjBmYmM5MDY0OTRiLzEv
aWhkRnZKU1VCR1A2MzZfdFlLR2VmUFFDRzcwLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC83
ZmFmNWUtNzQzNS00OWZlLWFjZDctMjBmYmM5MDY0OTRiLzEvQjZhbGllNkVpb0JT
STRHUnVZQTE1M1VTSnlVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGL
BggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAgI6iAMEAi0M+AMEAk1LOAMEA04o
oAMEAlD5fAMEAlvFxAMEAlvzuAMEAl7wOAMEAl/WfAMEArKvuAMEAsETyAMEAsEk
6AMEAsEurAMEAsE4EAMEAsE4+AMEAsE6uAMEAsJMzAMEAsKTCAMEAsPheDANBgkq
hkiG9w0BAQsFAAOCAQEAjhJ7+Q2QeKoqTCOkztTRX46Y82ald3oSMQcHL4IZGd5x
pT3GfV9qiOxKyggmzdu4zkOmqPyc2eR8Q49o1pMjS1iMuf/kqX40LEXWnRs4vElG
8uHlIiBPLH4FpP/xb0G3UfBe143g2r0Mhha36G8s6n7xbmnU4ykEz3aTprUNml6C
VgGzuTfViii08kd4fsKvhMX/MfiGp9eEx/SOZVZLSudh4/ifTlZ5uy4NApLcIzRd
6o8e/MmzVhzL6VKf1wCt3Lw/QxENtibNrjKPMuS+uOSKpHk0Or8KWmp5Vv514Ks5
xWXxLYQ5U8yl1Hweji5btpkzTGobRxQmEy0WRbLvFA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:29 2023 by rpki-client on console-fra.rpki-client.org