Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/c6bcba-a996-4bb5-ba4a-a46153145cf8/1/L--z_dwiW3bwEvFuLGS-VABZvtY.roa
File: L--z_dwiW3bwEvFuLGS-VABZvtY.roa (raw, json)
Hash identifier: MY2Gr3TbkRS2dV1Sq8LwHjbrtkGya435jBiRTVZTFvY=
Subject key identifier: 2F:EF:B3:FD:DC:22:5B:76:F0:12:F1:6E:2C:64:BE:54:00:59:BE:D6
Certificate issuer: /CN=f2beed4df207c3609adfded80dddd9316f0a9b45
Certificate serial: 0184142BCEF8E261C1DED1EE59BAAE054A03
Authority key identifier: F2:BE:ED:4D:F2:07:C3:60:9A:DF:DE:D8:0D:DD:D9:31:6F:0A:9B:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8r7tTfIHw2Ca397YDd3ZMW8Km0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/c6bcba-a996-4bb5-ba4a-a46153145cf8/1/L--z_dwiW3bwEvFuLGS-VABZvtY.roa
Signing time: Wed 26 Oct 2022 12:02:06 +0000
ROA not before: Wed 26 Oct 2022 12:02:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202619
IP address blocks: 176.109.176.0/21 maxlen: 32
176.109.184.0/21 maxlen: 32
176.109.224.0/20 maxlen: 32
193.192.37.0/24 maxlen: 32
193.192.36.0/24 maxlen: 32
94.158.32.0/21 maxlen: 32
94.158.40.0/21 maxlen: 32
185.33.140.0/23 maxlen: 32
185.33.142.0/23 maxlen: 32
194.246.94.0/23 maxlen: 32
176.109.240.0/20 maxlen: 32
194.246.92.0/23 maxlen: 32
2a03:a9c0::/30 maxlen: 128
2a0d:ec4::/30 maxlen: 128
2a0d:ec0::/30 maxlen: 128
2a03:a9c4::/30 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:14:2b:ce:f8:e2:61:c1:de:d1:ee:59:ba:ae:05:4a:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2beed4df207c3609adfded80dddd9316f0a9b45
Validity
Not Before: Oct 26 12:02:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2fefb3fddc225b76f012f16e2c64be540059bed6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:39:50:c2:18:c7:8a:ea:a3:2a:99:a3:77:3b:
2b:dd:5c:ca:2c:9c:c8:db:f1:60:c3:53:57:b4:26:
56:5f:c8:6d:f1:99:78:1b:86:38:46:ea:b6:c0:aa:
06:4b:82:aa:6e:5e:f7:05:fa:a2:6d:18:03:b8:64:
43:ad:8e:5c:de:07:7d:6b:fb:01:c8:9b:f7:77:57:
59:12:46:6b:06:34:de:2c:a0:c8:f5:83:ba:f3:d1:
56:a5:93:90:4b:91:22:f5:a9:40:a1:37:e0:6e:95:
86:3d:74:04:d2:f3:e7:4c:e4:e1:fc:2f:1f:68:9d:
3c:e2:d4:5b:f3:5f:8b:6e:a7:1a:80:2b:3f:ec:7a:
fd:5c:f0:1b:b0:79:f3:22:f2:95:17:92:0e:52:bf:
7c:fc:bd:df:c5:64:f6:1d:ac:9a:57:36:1f:57:5b:
0b:6e:e8:9f:00:d5:6c:d3:41:0f:9c:4c:18:b2:93:
cc:6b:18:5e:ad:ed:c2:e9:fc:d2:1e:6f:2f:3e:95:
f3:ae:b3:9b:6f:a9:7a:72:82:8d:87:be:b9:3d:c5:
2e:58:f9:5c:a8:7a:e6:07:35:29:66:e3:9e:e7:aa:
4a:6b:3f:eb:bb:f3:66:19:c2:e9:05:4f:da:8e:d1:
fd:8e:f8:0e:04:f6:98:9a:a9:79:1c:7f:46:0d:3a:
17:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:EF:B3:FD:DC:22:5B:76:F0:12:F1:6E:2C:64:BE:54:00:59:BE:D6
X509v3 Authority Key Identifier:
keyid:F2:BE:ED:4D:F2:07:C3:60:9A:DF:DE:D8:0D:DD:D9:31:6F:0A:9B:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8r7tTfIHw2Ca397YDd3ZMW8Km0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/c6bcba-a996-4bb5-ba4a-a46153145cf8/1/L--z_dwiW3bwEvFuLGS-VABZvtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/c6bcba-a996-4bb5-ba4a-a46153145cf8/1/8r7tTfIHw2Ca397YDd3ZMW8Km0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.158.32.0/20
176.109.176.0/20
176.109.224.0/19
185.33.140.0/22
193.192.36.0/23
194.246.92.0/22
IPv6:
2a03:a9c0::/29
2a0d:ec0::/29
Signature Algorithm: sha256WithRSAEncryption
9c:d3:ab:6d:15:b8:0b:1d:8f:7e:3c:d3:82:59:88:db:e2:d4:
33:4d:43:65:63:61:a6:38:90:fc:fb:5a:3c:f7:f6:bb:36:41:
17:86:44:42:f2:d9:88:85:34:11:7f:bb:db:65:20:2b:7e:11:
b3:dc:a5:48:c6:76:d5:e0:a2:58:97:f4:f9:ae:4b:84:22:3d:
ea:d8:39:6f:21:a7:6c:b9:74:62:2d:08:11:66:a5:5b:69:28:
90:3b:d4:f3:16:6d:bc:5e:f0:27:29:bb:27:ab:72:73:f3:9d:
ed:9a:82:7e:78:9b:2a:37:93:c8:56:8e:6b:cf:8a:51:8f:c8:
ca:d5:11:6c:53:2e:b9:ce:9c:94:d2:38:ff:00:90:aa:65:37:
d2:f0:b1:cd:eb:bb:f1:86:16:68:9e:d5:fa:07:e9:0d:cf:3c:
48:55:b5:e5:77:4f:aa:53:f0:c4:e1:9a:7e:33:c5:d4:e2:ae:
8f:8e:b4:95:36:df:dc:66:0b:4b:b2:e4:a1:bf:30:da:cb:80:
aa:43:98:38:53:7d:c3:96:bd:dc:86:d2:ba:92:53:27:f6:ac:
7d:09:cc:25:38:7a:08:4b:d5:1f:ad:e9:8f:f9:ad:40:b2:70:
10:89:99:3d:c8:c4:41:96:f5:55:a5:ce:4b:dd:cf:c1:60:4d:
0b:64:6c:98
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYQUK8744mHB3tHuWbquBUoDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyYmVlZDRkZjIwN2MzNjA5YWRmZGVkODBkZGRkOTMxNmYw
YTliNDUwHhcNMjIxMDI2MTIwMjA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmVmYjNmZGRjMjI1Yjc2ZjAxMmYxNmUyYzY0YmU1NDAwNTliZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjlQwhjHiuqjKpmjdzsr3VzKLJzI
2/Fgw1NXtCZWX8ht8Zl4G4Y4Ruq2wKoGS4Kqbl73BfqibRgDuGRDrY5c3gd9a/sB
yJv3d1dZEkZrBjTeLKDI9YO689FWpZOQS5Ei9alAoTfgbpWGPXQE0vPnTOTh/C8f
aJ084tRb81+LbqcagCs/7Hr9XPAbsHnzIvKVF5IOUr98/L3fxWT2HayaVzYfV1sL
buifANVs00EPnEwYspPMaxhere3C6fzSHm8vPpXzrrObb6l6coKNh765PcUuWPlc
qHrmBzUpZuOe56pKaz/ru/NmGcLpBU/ajtH9jvgOBPaYmql5HH9GDToX3wIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFC/vs/3cIlt28BLxbixkvlQAWb7WMB8GA1UdIwQY
MBaAFPK+7U3yB8Ngmt/e2A3d2TFvCptFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHI3dFRmSUh3MkNhMzk3WURkM1pNVzhLbTBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jNmJjYmEtYTk5Ni00YmI1LWJhNGEt
YTQ2MTUzMTQ1Y2Y4LzEvTC0tel9kd2lXM2J3RXZGdUxHUy1WQUJadnRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jNmJjYmEtYTk5Ni00YmI1LWJhNGEtYTQ2MTUzMTQ1Y2Y4
LzEvOHI3dFRmSUh3MkNhMzk3WURkM1pNVzhLbTBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQEXp4gAwQE
sG2wAwQFsG3gAwQCuSGMAwQBwcAkAwQCwvZcMBQEAgACMA4DBQMqA6nAAwUDKg0O
wDANBgkqhkiG9w0BAQsFAAOCAQEAnNOrbRW4Cx2PfjzTglmI2+LUM01DZWNhpjiQ
/PtaPPf2uzZBF4ZEQvLZiIU0EX+722UgK34Rs9ylSMZ21eCiWJf0+a5LhCI96tg5
byGnbLl0Yi0IEWalW2kokDvU8xZtvF7wJym7J6tyc/Od7ZqCfnibKjeTyFaOa8+K
UY/IytURbFMuuc6clNI4/wCQqmU30vCxzeu78YYWaJ7V+gfpDc88SFW15XdPqlPw
xOGafjPF1OKuj460lTbf3GYLS7Lkob8w2suAqkOYOFN9w5a93IbSupJTJ/asfQnM
JTh6CEvVH63pj/mtQLJwEImZPcjEQZb1VaXOS93PwWBNC2RsmA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:34 2023 by rpki-client on console-ams.rpki-client.org