Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/8c2ae9-0a77-49eb-ad3a-ea150e7638ce/1/22ZOtpTDNt5N8so1cMjX5Ir6GVE.roa
File: 22ZOtpTDNt5N8so1cMjX5Ir6GVE.roa (raw, json)
Hash identifier: AW9neZMfSoKEbo7sq46ibfWsLCZAe2h4ZzkS/055oPE=
Subject key identifier: DB:66:4E:B6:94:C3:36:DE:4D:F2:CA:35:70:C8:D7:E4:8A:FA:19:51
Certificate issuer: /CN=5799b327dd6cda1ad37bc1c224a454b02dea2afc
Certificate serial: 018305011CDF9F4E3093171C19EED05E6B94
Authority key identifier: 57:99:B3:27:DD:6C:DA:1A:D3:7B:C1:C2:24:A4:54:B0:2D:EA:2A:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5mzJ91s2hrTe8HCJKRUsC3qKvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/8c2ae9-0a77-49eb-ad3a-ea150e7638ce/1/22ZOtpTDNt5N8so1cMjX5Ir6GVE.roa
Signing time: Sat 03 Sep 2022 20:18:22 +0000
ROA not before: Sat 03 Sep 2022 20:18:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14593
IP address blocks: 145.224.64.0/21 maxlen: 24
145.224.64.0/18 maxlen: 24
145.224.72.0/21 maxlen: 24
145.224.80.0/21 maxlen: 24
145.224.88.0/22 maxlen: 24
188.92.248.0/21 maxlen: 24
145.224.94.0/23 maxlen: 24
145.224.96.0/21 maxlen: 24
145.224.92.0/23 maxlen: 24
188.95.144.0/23 maxlen: 24
216.128.0.0/19 maxlen: 24
217.65.136.0/22 maxlen: 24
91.102.180.0/22 maxlen: 24
145.224.108.0/22 maxlen: 24
145.224.124.0/22 maxlen: 24
2a0d:3340::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:05:01:1c:df:9f:4e:30:93:17:1c:19:ee:d0:5e:6b:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5799b327dd6cda1ad37bc1c224a454b02dea2afc
Validity
Not Before: Sep 3 20:18:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db664eb694c336de4df2ca3570c8d7e48afa1951
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:19:f6:69:cd:59:32:8f:06:d6:16:66:f6:dc:
c9:bd:e5:02:ce:0c:26:c5:f1:25:9b:14:2f:07:74:
ba:dc:2f:b1:45:12:a3:1a:b0:1e:25:9f:0f:36:c7:
f9:a6:ad:2f:c6:57:62:34:ca:50:c8:b2:9d:00:f4:
e8:5e:d5:73:1d:1b:96:08:86:c1:d4:a3:b2:d1:47:
48:e0:61:ef:2c:f3:18:63:fc:f6:a7:b2:8d:cf:05:
93:85:e7:b7:bc:58:54:55:e2:8d:3c:11:70:61:a4:
4c:a8:32:9e:b8:a5:b3:00:b5:72:9c:cb:b4:33:06:
0e:89:f6:c4:ee:bd:70:0e:29:36:85:42:ba:16:1e:
4d:cf:31:f4:e0:c2:a6:04:86:32:10:c3:6e:9b:73:
74:d1:19:51:1c:7a:00:60:cb:c7:60:e7:ee:6d:eb:
e8:60:0a:33:c3:5c:ae:5b:78:a6:01:fa:77:f0:5d:
50:17:6f:9d:ec:dd:63:e4:88:29:3d:4a:d1:d9:dc:
e2:ba:ef:78:27:f6:61:3f:a9:1e:71:eb:8f:ad:d6:
8d:55:81:e6:d2:c4:47:5e:b9:f1:d8:2e:51:a6:3e:
7a:1e:4a:d8:e4:fd:47:b0:25:3f:99:b2:8a:77:a5:
64:38:c2:ec:b9:41:6e:00:4f:f9:86:d7:a3:e2:84:
13:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:66:4E:B6:94:C3:36:DE:4D:F2:CA:35:70:C8:D7:E4:8A:FA:19:51
X509v3 Authority Key Identifier:
keyid:57:99:B3:27:DD:6C:DA:1A:D3:7B:C1:C2:24:A4:54:B0:2D:EA:2A:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5mzJ91s2hrTe8HCJKRUsC3qKvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8c2ae9-0a77-49eb-ad3a-ea150e7638ce/1/22ZOtpTDNt5N8so1cMjX5Ir6GVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8c2ae9-0a77-49eb-ad3a-ea150e7638ce/1/V5mzJ91s2hrTe8HCJKRUsC3qKvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.180.0/22
145.224.64.0/18
188.92.248.0/21
188.95.144.0/23
216.128.0.0/19
217.65.136.0/22
IPv6:
2a0d:3340::/29
Signature Algorithm: sha256WithRSAEncryption
0a:f1:62:e6:56:49:d0:51:cd:a7:6b:b0:8a:8f:06:88:b6:a1:
ec:3c:73:9f:d0:22:44:9e:b3:18:74:17:e0:59:53:6b:e9:68:
64:77:cb:14:76:06:a2:8e:67:3f:0a:de:ec:ab:da:83:51:9d:
fa:33:21:aa:1c:e1:f1:98:50:20:ed:dd:6f:71:62:cc:de:59:
47:69:a9:c5:12:ca:a3:08:24:2b:b4:bc:60:20:4b:42:2a:1b:
70:49:fb:79:71:c4:8f:d7:4f:4d:dd:a8:18:be:6b:38:1b:84:
0e:57:d3:cd:42:1c:04:6e:37:0a:e7:5e:b1:f5:d0:1d:62:72:
5f:ce:7c:2f:36:8b:1c:40:43:a5:a7:3d:9c:90:c9:a9:74:3f:
70:ae:16:56:5c:53:ad:40:a5:ed:b4:25:ae:73:5d:ef:44:57:
dc:5d:b9:06:a7:d7:67:5b:aa:e6:87:9f:d9:c4:0c:8e:5d:6d:
b3:05:c2:bd:42:2e:8c:57:84:84:12:54:f9:0e:f1:f4:62:fc:
47:3c:5d:fa:fc:4e:fa:63:80:b5:9e:a8:b0:76:dd:5b:1f:cf:
7c:07:7f:91:a6:8c:3b:4b:c4:fa:52:ea:24:45:ec:8a:31:15:
20:0a:6a:e0:01:7d:59:ce:4d:c6:ba:85:c7:ca:88:fa:dd:f6:
1f:e8:b9:78
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYMFARzfn04wkxccGe7QXmuUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OTliMzI3ZGQ2Y2RhMWFkMzdiYzFjMjI0YTQ1NGIwMmRl
YTJhZmMwHhcNMjIwOTAzMjAxODIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjY2NGViNjk0YzMzNmRlNGRmMmNhMzU3MGM4ZDdlNDhhZmExOTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBn2ac1ZMo8G1hZm9tzJveUCzgwm
xfElmxQvB3S63C+xRRKjGrAeJZ8PNsf5pq0vxldiNMpQyLKdAPToXtVzHRuWCIbB
1KOy0UdI4GHvLPMYY/z2p7KNzwWThee3vFhUVeKNPBFwYaRMqDKeuKWzALVynMu0
MwYOifbE7r1wDik2hUK6Fh5NzzH04MKmBIYyEMNum3N00RlRHHoAYMvHYOfubevo
YAozw1yuW3imAfp38F1QF2+d7N1j5IgpPUrR2dziuu94J/ZhP6keceuPrdaNVYHm
0sRHXrnx2C5Rpj56HkrY5P1HsCU/mbKKd6VkOMLsuUFuAE/5htej4oQT9QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFNtmTraUwzbeTfLKNXDI1+SK+hlRMB8GA1UdIwQY
MBaAFFeZsyfdbNoa03vBwiSkVLAt6ir8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVteko5MXMyaHJUZThIQ0pLUlVzQzNxS3Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC84YzJhZTktMGE3Ny00OWViLWFkM2Et
ZWExNTBlNzYzOGNlLzEvMjJaT3RwVEROdDVOOHNvMWNNalg1SXI2R1ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC84YzJhZTktMGE3Ny00OWViLWFkM2EtZWExNTBlNzYzOGNl
LzEvVjVteko5MXMyaHJUZThIQ0pLUlVzQzNxS3Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCW2a0AwQG
keBAAwQDvFz4AwQBvF+QAwQF2IAAAwQC2UGIMA0EAgACMAcDBQMqDTNAMA0GCSqG
SIb3DQEBCwUAA4IBAQAK8WLmVknQUc2na7CKjwaItqHsPHOf0CJEnrMYdBfgWVNr
6Whkd8sUdgaijmc/Ct7sq9qDUZ36MyGqHOHxmFAg7d1vcWLM3llHaanFEsqjCCQr
tLxgIEtCKhtwSft5ccSP109N3agYvms4G4QOV9PNQhwEbjcK516x9dAdYnJfznwv
NoscQEOlpz2ckMmpdD9wrhZWXFOtQKXttCWuc13vRFfcXbkGp9dnW6rmh5/ZxAyO
XW2zBcK9Qi6MV4SEElT5DvH0YvxHPF36/E76Y4C1nqiwdt1bH898B3+Rpow7S8T6
UuokReyKMRUgCmrgAX1Zzk3GuoXHyoj63fYf6Ll4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:46 2024 by rpki-client on console-fra.rpki-client.org