Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/2xTIXlqkQVgVPKDMHQySHi4_vbw.roa
File: 2xTIXlqkQVgVPKDMHQySHi4_vbw.roa (raw, json)
Hash identifier: 8y3nAx2Kp83sGciYR+XRORM248cEw9X80lqNhY3FpME=
Subject key identifier: DB:14:C8:5E:5A:A4:41:58:15:3C:A0:CC:1D:0C:92:1E:2E:3F:BD:BC
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 3731854C
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/2xTIXlqkQVgVPKDMHQySHi4_vbw.roa
Signing time: Wed 08 Jun 2022 07:31:03 +0000
ROA not before: Wed 08 Jun 2022 07:31:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6739
IP address blocks: 81.60.0.0/15 maxlen: 18
62.82.0.0/15 maxlen: 16
80.173.0.0/16 maxlen: 17
62.100.96.0/19 maxlen: 19
2.154.192.0/18 maxlen: 18
84.127.229.0/24 maxlen: 24
81.202.0.0/15 maxlen: 15
62.42.0.0/15 maxlen: 16
5.40.0.0/16 maxlen: 16
82.213.128.0/18 maxlen: 18
85.136.0.0/15 maxlen: 15
82.158.0.0/15 maxlen: 16
62.57.0.0/16 maxlen: 16
89.140.0.0/16 maxlen: 17
79.108.0.0/15 maxlen: 18
95.39.0.0/16 maxlen: 19
80.224.0.0/16 maxlen: 16
83.173.128.0/18 maxlen: 18
85.251.0.0/16 maxlen: 17
62.81.0.0/16 maxlen: 24
84.120.0.0/13 maxlen: 19
2.154.0.0/16 maxlen: 16
81.184.0.0/16 maxlen: 16
2.152.0.0/16 maxlen: 16
217.216.0.0/15 maxlen: 15
2.152.0.0/14 maxlen: 17
80.174.0.0/16 maxlen: 17
62.101.160.0/19 maxlen: 19
62.174.0.0/15 maxlen: 19
2a02:a800::/26 maxlen: 26
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 925992268 (0x3731854c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jun 8 07:31:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db14c85e5aa44158153ca0cc1d0c921e2e3fbdbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1a:1c:f0:1f:e3:d6:ff:ad:24:17:d7:73:39:
05:9a:70:88:87:7c:f6:1d:19:9d:e6:40:38:f2:68:
0d:1c:39:d5:af:6e:af:82:32:bf:8c:03:5d:a7:c0:
93:5e:21:d4:71:fc:7c:0c:ef:1c:e5:4e:ae:d7:1b:
ca:70:6f:b2:b6:6f:b5:ca:49:c3:99:a6:dd:46:a9:
da:82:5d:b6:4c:d9:b5:26:90:55:80:a4:22:72:48:
bf:1e:0d:39:3c:de:74:2d:5c:e8:30:eb:00:22:26:
dd:7b:d2:d2:bf:52:9d:98:1a:3b:17:95:65:85:b2:
9a:9d:99:4a:40:91:27:e7:c2:7f:75:4e:63:7a:0b:
3b:fd:0e:5a:d0:ef:ae:90:cc:ac:6e:cc:b1:d3:09:
d5:ca:fb:7b:75:1d:bc:b6:b1:92:69:ac:51:1b:b0:
b1:31:da:3f:32:7a:6f:df:45:80:50:ff:da:d9:41:
a5:35:cf:87:ec:04:6e:dc:3b:92:d7:e6:2f:de:96:
39:11:64:f1:69:62:2f:9d:60:cf:8e:ce:92:89:5b:
75:22:4b:5d:6b:ff:eb:4a:00:a6:c2:6b:cc:83:14:
aa:6d:37:25:6e:88:85:c5:09:17:d4:58:8f:05:65:
50:62:95:19:82:c2:45:52:72:a2:7f:a2:ac:b6:d0:
f2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:14:C8:5E:5A:A4:41:58:15:3C:A0:CC:1D:0C:92:1E:2E:3F:BD:BC
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/2xTIXlqkQVgVPKDMHQySHi4_vbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.152.0.0/14
5.40.0.0/16
62.42.0.0/15
62.57.0.0/16
62.81.0.0-62.83.255.255
62.100.96.0/19
62.101.160.0/19
62.174.0.0/15
79.108.0.0/15
80.173.0.0-80.174.255.255
80.224.0.0/16
81.60.0.0/15
81.184.0.0/16
81.202.0.0/15
82.158.0.0/15
82.213.128.0/18
83.173.128.0/18
84.120.0.0/13
85.136.0.0/15
85.251.0.0/16
89.140.0.0/16
95.39.0.0/16
217.216.0.0/15
IPv6:
2a02:a800::/26
Signature Algorithm: sha256WithRSAEncryption
96:66:bc:86:5e:bc:37:87:42:54:95:05:d2:48:78:a4:20:4c:
c5:c1:58:61:05:a5:47:8b:89:1c:2a:dd:74:79:c7:bf:cc:fc:
fe:af:ea:00:75:c5:c5:c7:86:eb:34:a2:17:c1:cf:4f:76:ec:
95:0d:73:d9:aa:2e:e5:d1:ff:12:b4:2d:59:90:52:1c:3d:32:
fd:7a:7c:85:12:a8:e6:ce:e2:45:f8:df:c7:31:cc:03:19:e6:
e8:25:8e:74:ed:e7:53:6c:60:f6:dd:7c:62:5a:97:9a:b7:b0:
e9:40:0b:e8:c3:23:7a:16:3b:a1:41:8c:d6:f5:c2:e1:44:1a:
cb:0b:95:11:5f:8e:31:5f:ae:b8:cd:0a:f7:33:53:9c:27:5c:
fc:0b:a4:84:08:89:a2:09:b0:7c:3e:da:bb:f2:61:e9:69:fa:
25:ad:80:bf:9d:d7:04:3d:b3:0d:75:7a:98:bb:b2:1a:7c:a4:
a4:1d:6c:10:06:6b:6e:89:88:27:8c:3b:8d:8f:91:2f:69:7e:
0d:0b:06:ab:a7:21:34:08:c9:b5:5f:51:5b:6e:d6:88:c2:bd:
87:07:f7:fa:59:5d:87:ed:c3:d3:d3:f6:8c:7a:a0:a2:cc:ed:
27:30:d7:a2:aa:6f:98:67:da:e4:c9:ad:d5:2d:de:4d:40:c3:
f1:89:22:ae
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIENzGFTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDM0ZjE2ODYxMDI4NzZjNjIxNmJjZWEyOGE1ZTUwMmVjMGQ3YjZiMB4XDTIyMDYw
ODA3MzEwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGIxNGM4NWU1YWE0
NDE1ODE1M2NhMGNjMWQwYzkyMWUyZTNmYmRiYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKEaHPAf49b/rSQX13M5BZpwiId89h0ZneZAOPJoDRw51a9u
r4Iyv4wDXafAk14h1HH8fAzvHOVOrtcbynBvsrZvtcpJw5mm3Uap2oJdtkzZtSaQ
VYCkInJIvx4NOTzedC1c6DDrACIm3XvS0r9SnZgaOxeVZYWymp2ZSkCRJ+fCf3VO
Y3oLO/0OWtDvrpDMrG7MsdMJ1cr7e3UdvLaxkmmsURuwsTHaPzJ6b99FgFD/2tlB
pTXPh+wEbtw7ktfmL96WORFk8WliL51gz47OkolbdSJLXWv/60oApsJrzIMUqm03
JW6IhcUJF9RYjwVlUGKVGYLCRVJyon+irLbQ8gsCAwEAAaOCApwwggKYMB0GA1Ud
DgQWBBTbFMheWqRBWBU8oMwdDJIeLj+9vDAfBgNVHSMEGDAWgBTUNPFoYQKHbGIW
vOoopeUC7A17azAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFEVHhhR0VDaDJ4aUZyenFLS1hsQXV3TmUycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvNzI2YmI0LTVkODctNDAyZC05MWNlLTU3MTJkOTVhZTYzOC8x
LzJ4VElYbHFrUVZnVlBLRE1IUXlTSGk0X3Zidy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
NzI2YmI0LTVkODctNDAyZC05MWNlLTU3MTJkOTVhZTYzOC8xLzFEVHhhR0VDaDJ4
aUZyenFLS1hsQXV3TmUycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
sQYIKwYBBQUHAQcBAf8EgaEwgZ4wgYwEAgABMIGFAwMCApgDAwAFKAMDAT4qAwMA
PjkwCgMDAD5RAwMCPlADBAU+ZGADBAU+ZaADAwE+rgMDAU9sMAoDAwBQrQMDAFCu
AwMAUOADAwFRPAMDAFG4AwMBUcoDAwFSngMEBlLVgAMEBlOtgAMDA1R4AwMBVYgD
AwBV+wMDAFmMAwMAXycDAwHZ2DANBAIAAjAHAwUGKgKoADANBgkqhkiG9w0BAQsF
AAOCAQEAlma8hl68N4dCVJUF0kh4pCBMxcFYYQWlR4uJHCrddHnHv8z8/q/qAHXF
xceG6zSiF8HPT3bslQ1z2aou5dH/ErQtWZBSHD0y/Xp8hRKo5s7iRfjfxzHMAxnm
6CWOdO3nU2xg9t18YlqXmrew6UAL6MMjehY7oUGM1vXC4UQaywuVEV+OMV+uuM0K
9zNTnCdc/AukhAiJogmwfD7au/Jh6Wn6Ja2Av53XBD2zDXV6mLuyGnykpB1sEAZr
bomIJ4w7jY+RL2l+DQsGq6chNAjJtV9RW27WiMK9hwf3+lldh+3D09P2jHqgoszt
JzDXoqpvmGfa5Mmt1S3eTUDD8Ykirg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:57 2023 by rpki-client on console-fra.rpki-client.org