Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/S6OjipDFaWVzisU8gD8b57AHJPI.roa
File: S6OjipDFaWVzisU8gD8b57AHJPI.roa (raw, json)
Hash identifier: Soeb3tnadPL6I5Wezi2In7EBBDbf0NVK/J8dw2+eeJ8=
Subject key identifier: 4B:A3:A3:8A:90:C5:69:65:73:8A:C5:3C:80:3F:1B:E7:B0:07:24:F2
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 018335457F1636534F3EEA7938A2D7DAE24A
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/S6OjipDFaWVzisU8gD8b57AHJPI.roa
Signing time: Tue 13 Sep 2022 05:14:50 +0000
ROA not before: Tue 13 Sep 2022 05:14:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203020
IP address blocks: 45.144.88.0/22 maxlen: 24
87.239.254.0/24 maxlen: 32
45.149.28.0/22 maxlen: 24
89.44.205.0/24 maxlen: 32
91.228.216.0/24 maxlen: 24
185.36.254.0/24 maxlen: 32
185.217.64.0/22 maxlen: 22
185.166.84.0/24 maxlen: 32
86.105.183.0/24 maxlen: 32
185.188.61.0/24 maxlen: 24
185.188.62.0/24 maxlen: 24
185.188.63.0/24 maxlen: 24
94.46.206.0/24 maxlen: 32
89.40.24.0/24 maxlen: 32
185.152.248.0/22 maxlen: 32
5.154.174.0/24 maxlen: 24
80.246.30.0/24 maxlen: 32
45.156.224.0/22 maxlen: 32
185.153.151.0/24 maxlen: 32
188.119.154.0/24 maxlen: 32
185.160.44.0/22 maxlen: 32
185.96.162.0/24 maxlen: 32
77.246.152.0/22 maxlen: 22
45.95.24.0/22 maxlen: 32
185.152.36.0/22 maxlen: 32
195.47.194.0/24 maxlen: 32
89.35.249.0/24 maxlen: 32
185.108.104.0/24 maxlen: 32
185.108.105.0/24 maxlen: 32
2a06:4a00::/29 maxlen: 32
2a05:28c0::/29 maxlen: 32
2a06:5700::/29 maxlen: 32
2a01:4740::/32 maxlen: 32
2a06:46c0::/29 maxlen: 32
2a06:5000::/29 maxlen: 32
2a05:f4c0::/29 maxlen: 29
2a06:3040::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:35:45:7f:16:36:53:4f:3e:ea:79:38:a2:d7:da:e2:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Sep 13 05:14:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ba3a38a90c56965738ac53c803f1be7b00724f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:18:c8:5f:7e:75:61:96:05:fa:39:d3:40:7c:
cd:00:8c:20:0f:cd:08:76:21:2d:9c:d6:7c:e9:31:
1a:c5:aa:a1:58:b1:90:e4:75:8a:1b:74:34:72:8c:
ae:1b:07:f1:90:6c:85:b7:1a:8a:ad:be:75:e1:50:
e9:ab:1d:da:0b:5d:dc:20:a9:9f:60:1b:18:06:c3:
4f:a1:e0:18:7b:3b:33:18:e0:8f:2c:c9:4f:ea:8e:
08:d5:3e:21:2f:30:4d:e2:db:40:b6:05:50:ba:f3:
9e:4e:4e:c3:30:4b:30:5b:81:37:62:55:c7:91:32:
53:ef:bd:79:de:f4:63:36:d7:a2:7f:b1:19:f8:91:
e3:67:f3:6c:e8:97:12:e3:70:e1:53:3f:0a:ea:26:
f2:7d:95:aa:1e:1a:38:a1:a9:84:b6:82:78:7f:d3:
da:5e:3f:92:3a:f0:8a:f7:10:ea:ae:cd:31:c2:65:
87:f1:9f:a6:d5:3c:74:c6:8a:ba:71:d7:fd:30:e8:
da:4c:07:c7:75:5b:55:0a:90:78:95:ee:70:7c:f7:
3c:f4:47:bb:07:eb:a4:28:3b:25:a5:12:fb:cd:58:
84:49:bf:b3:22:26:30:ec:c1:47:dc:1f:47:5e:ae:
f1:70:e6:62:53:01:16:74:b3:88:6f:ab:6a:39:eb:
91:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:A3:A3:8A:90:C5:69:65:73:8A:C5:3C:80:3F:1B:E7:B0:07:24:F2
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/S6OjipDFaWVzisU8gD8b57AHJPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.174.0/24
45.95.24.0/22
45.144.88.0/22
45.149.28.0/22
45.156.224.0/22
77.246.152.0/22
80.246.30.0/24
86.105.183.0/24
87.239.254.0/24
89.35.249.0/24
89.40.24.0/24
89.44.205.0/24
91.228.216.0/24
94.46.206.0/24
185.36.254.0/24
185.96.162.0/24
185.108.104.0/23
185.152.36.0/22
185.152.248.0/22
185.153.151.0/24
185.160.44.0/22
185.166.84.0/24
185.188.61.0-185.188.63.255
185.217.64.0/22
188.119.154.0/24
195.47.194.0/24
IPv6:
2a01:4740::/32
2a05:28c0::/29
2a05:f4c0::/29
2a06:3040::/29
2a06:46c0::/29
2a06:4a00::/29
2a06:5000::/29
2a06:5700::/29
Signature Algorithm: sha256WithRSAEncryption
9d:bc:70:f5:28:0a:62:76:c4:52:1e:0a:43:d2:19:c0:02:c8:
ee:2f:5c:c5:bf:16:7d:23:d3:37:a9:ed:1a:5e:1c:9f:62:05:
ca:4c:32:75:68:d2:0e:54:c5:31:0f:1f:fc:29:ed:32:ae:7d:
d2:d1:04:d9:8c:27:6f:cb:72:e7:ee:f2:5b:33:52:82:24:d0:
90:1e:b9:dc:a2:d5:75:0c:c7:78:c9:2a:fa:c5:12:8a:04:12:
86:bb:91:e1:82:0e:47:9e:ff:ee:fd:00:b7:2b:6c:11:ea:a4:
01:da:f4:cc:a6:a0:06:5f:ef:d0:94:b6:d3:96:26:78:bd:25:
ce:29:1e:40:77:fa:ff:42:d9:3a:3b:e6:0b:2e:4f:5c:02:4e:
78:b6:d7:f4:3a:5f:f6:34:0f:90:d2:fe:24:77:de:65:72:1d:
05:9d:11:a2:73:f2:69:ef:74:f6:29:16:ac:ab:01:2b:aa:1a:
32:8b:1c:25:c5:f5:bb:58:2d:16:f9:af:89:b1:e2:57:a3:4b:
c2:b6:f5:9f:04:37:24:ea:84:38:01:0f:e8:32:2b:e6:05:4b:
23:b1:69:70:2d:9d:29:9a:02:98:1d:2d:ac:3f:3d:68:ca:6a:
01:9c:41:50:db:99:38:13:c2:ce:53:c7:e7:9a:2d:73:9a:ea:
83:86:a6:0a
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAYM1RX8WNlNPPup5OKLX2uJKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjIwOTEzMDUxNDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmEzYTM4YTkwYzU2OTY1NzM4YWM1M2M4MDNmMWJlN2IwMDcyNGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhjIX351YZYF+jnTQHzNAIwgD80I
diEtnNZ86TEaxaqhWLGQ5HWKG3Q0coyuGwfxkGyFtxqKrb514VDpqx3aC13cIKmf
YBsYBsNPoeAYezszGOCPLMlP6o4I1T4hLzBN4ttAtgVQuvOeTk7DMEswW4E3YlXH
kTJT77153vRjNteif7EZ+JHjZ/Ns6JcS43DhUz8K6ibyfZWqHho4oamEtoJ4f9Pa
Xj+SOvCK9xDqrs0xwmWH8Z+m1Tx0xoq6cdf9MOjaTAfHdVtVCpB4le5wfPc89Ee7
B+ukKDslpRL7zViESb+zIiYw7MFH3B9HXq7xcOZiUwEWdLOIb6tqOeuRwQIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFEujo4qQxWllc4rFPIA/G+ewByTyMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvUzZPamlwREZhV1Z6aXNVOGdEOGI1N0FISlBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgasEAgABMIGkAwQA
BZquAwQCLV8YAwQCLZBYAwQCLZUcAwQCLZzgAwQCTfaYAwQAUPYeAwQAVmm3AwQA
V+/+AwQAWSP5AwQAWSgYAwQAWSzNAwQAW+TYAwQAXi7OAwQAuST+AwQAuWCiAwQB
uWxoAwQCuZgkAwQCuZj4AwQAuZmXAwQCuaAsAwQAuaZUMAwDBAC5vD0DBAa5vAAD
BAK52UADBAC8d5oDBADDL8IwPgQCAAIwOAMFACoBR0ADBQMqBSjAAwUDKgX0wAMF
AyoGMEADBQMqBkbAAwUDKgZKAAMFAyoGUAADBQMqBlcAMA0GCSqGSIb3DQEBCwUA
A4IBAQCdvHD1KApidsRSHgpD0hnAAsjuL1zFvxZ9I9M3qe0aXhyfYgXKTDJ1aNIO
VMUxDx/8Ke0yrn3S0QTZjCdvy3Ln7vJbM1KCJNCQHrncotV1DMd4ySr6xRKKBBKG
u5Hhgg5Hnv/u/QC3K2wR6qQB2vTMpqAGX+/QlLbTliZ4vSXOKR5Ad/r/Qtk6O+YL
Lk9cAk54ttf0Ol/2NA+Q0v4kd95lch0FnRGic/Jp73T2KRasqwErqhoyixwlxfW7
WC0W+a+JseJXo0vCtvWfBDck6oQ4AQ/oMivmBUsjsWlwLZ0pmgKYHS2sPz1oymoB
nEFQ25k4E8LOU8fnmi1zmuqDhqYK
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:28 2023 by rpki-client on console-fra.rpki-client.org