Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/xweEq-Acu9ItNA1yyNYXUgQtClc.roa
File: xweEq-Acu9ItNA1yyNYXUgQtClc.roa (raw, json)
Hash identifier: ImcGkI7B8WQmkIPwhVC/xckPJ1Cv6hLx4RUYWJSkrRc=
Subject key identifier: C7:07:84:AB:E0:1C:BB:D2:2D:34:0D:72:C8:D6:17:52:04:2D:0A:57
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 3719C3D1
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/xweEq-Acu9ItNA1yyNYXUgQtClc.roa
Signing time: Wed 01 Jun 2022 09:43:11 +0000
ROA not before: Wed 01 Jun 2022 09:43:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6739
IP address blocks: 81.60.0.0/15 maxlen: 18
62.82.0.0/15 maxlen: 16
80.173.0.0/16 maxlen: 17
62.100.96.0/19 maxlen: 19
2.154.192.0/18 maxlen: 18
84.127.229.0/24 maxlen: 24
81.202.0.0/15 maxlen: 15
62.42.0.0/15 maxlen: 16
5.40.0.0/16 maxlen: 16
82.213.128.0/18 maxlen: 18
82.158.0.0/15 maxlen: 16
62.57.0.0/16 maxlen: 16
89.140.0.0/16 maxlen: 17
79.108.0.0/15 maxlen: 18
80.224.0.0/16 maxlen: 16
83.173.128.0/18 maxlen: 18
62.81.0.0/16 maxlen: 24
84.120.0.0/13 maxlen: 19
2.154.0.0/16 maxlen: 16
81.184.0.0/16 maxlen: 16
2.152.0.0/16 maxlen: 16
2.152.0.0/14 maxlen: 17
80.174.0.0/16 maxlen: 17
62.101.160.0/19 maxlen: 19
62.174.0.0/15 maxlen: 19
2a02:a800::/26 maxlen: 26
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 924435409 (0x3719c3d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jun 1 09:43:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c70784abe01cbbd22d340d72c8d61752042d0a57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d8:a7:48:b0:ab:62:d4:37:7b:d8:42:10:94:
74:eb:25:a8:2f:79:cc:5e:32:ac:c9:14:b0:54:8d:
f1:a7:09:c0:f2:bb:5d:2b:bb:76:fc:28:cd:75:a6:
2e:df:1b:16:5c:f7:b1:54:7b:54:12:9d:0c:4a:44:
bf:5e:59:f3:75:15:cb:50:4b:1d:fb:fe:e1:60:74:
2d:f6:26:49:d8:f9:a8:da:e1:46:b1:47:b5:6f:a6:
32:48:eb:5e:4f:d9:79:1e:65:e9:43:d9:05:c0:17:
98:16:19:71:3d:24:9b:76:5b:53:12:86:c3:88:32:
56:0b:ea:af:3d:82:73:90:63:f5:fa:7b:16:3d:a2:
e8:af:37:98:99:5c:eb:41:73:d5:f7:2b:39:3a:80:
82:6c:64:40:40:ff:c4:e7:85:a0:f4:45:68:2e:d9:
24:9c:de:e8:bb:c9:40:3b:f0:54:24:eb:bf:13:56:
7a:fa:d0:94:57:72:b6:44:e5:5b:ea:d0:60:db:d3:
cf:ea:0d:c8:c2:5a:a6:57:da:9e:22:8c:74:42:b0:
04:80:9b:47:62:ca:e4:a5:d1:ee:ca:1a:f7:ae:00:
a0:1d:fd:90:09:b1:1f:60:7e:f0:81:e6:f5:00:63:
1f:93:e6:20:7a:61:46:e9:fb:cb:18:b2:12:a0:4c:
77:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:07:84:AB:E0:1C:BB:D2:2D:34:0D:72:C8:D6:17:52:04:2D:0A:57
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/xweEq-Acu9ItNA1yyNYXUgQtClc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.152.0.0/14
5.40.0.0/16
62.42.0.0/15
62.57.0.0/16
62.81.0.0-62.83.255.255
62.100.96.0/19
62.101.160.0/19
62.174.0.0/15
79.108.0.0/15
80.173.0.0-80.174.255.255
80.224.0.0/16
81.60.0.0/15
81.184.0.0/16
81.202.0.0/15
82.158.0.0/15
82.213.128.0/18
83.173.128.0/18
84.120.0.0/13
89.140.0.0/16
IPv6:
2a02:a800::/26
Signature Algorithm: sha256WithRSAEncryption
73:15:02:ee:fd:98:e5:32:1f:f5:4a:da:a6:ed:d7:47:4a:57:
0c:17:c2:57:e1:47:c3:71:04:b1:c4:24:f6:c5:4e:09:34:87:
fd:e3:b6:76:c4:ce:ee:a1:9d:5a:e8:31:dc:25:33:28:36:12:
83:e9:11:36:54:69:3f:ed:ae:3b:aa:fc:97:ad:92:1e:11:f4:
80:72:9a:82:6c:36:22:f4:8e:e8:ad:02:0a:8c:3c:cc:b9:1b:
27:5e:db:45:16:06:20:98:44:29:58:76:c8:3e:8c:34:09:a7:
ec:23:5e:47:44:c4:44:86:f7:2f:cb:80:83:36:e6:7d:d5:6c:
c6:01:10:01:11:33:fc:4d:f8:2f:4f:b3:0a:07:9c:86:fb:a1:
20:82:a2:7c:90:89:da:eb:e9:f8:af:65:9d:cd:aa:88:b0:d5:
a6:e3:43:8b:38:d9:77:82:c8:7e:97:8f:c2:34:56:8e:12:57:
68:4a:a7:d3:33:c3:7c:9d:2e:fa:18:8b:7a:ce:e7:eb:1b:b5:
9e:cd:6b:ce:6e:49:c3:51:9f:96:55:70:f2:20:a0:d7:e9:31:
ce:d4:2d:9d:c8:b3:9d:36:4f:5c:71:fb:70:a7:9a:c8:16:ff:
09:80:2d:ed:02:25:1f:78:15:40:2b:de:a1:28:81:5c:47:be:
2b:f2:c9:78
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIENxnD0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDM0ZjE2ODYxMDI4NzZjNjIxNmJjZWEyOGE1ZTUwMmVjMGQ3YjZiMB4XDTIyMDYw
MTA5NDMxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzcwNzg0YWJlMDFj
YmJkMjJkMzQwZDcyYzhkNjE3NTIwNDJkMGE1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/Yp0iwq2LUN3vYQhCUdOslqC95zF4yrMkUsFSN8acJwPK7
XSu7dvwozXWmLt8bFlz3sVR7VBKdDEpEv15Z83UVy1BLHfv+4WB0LfYmSdj5qNrh
RrFHtW+mMkjrXk/ZeR5l6UPZBcAXmBYZcT0km3ZbUxKGw4gyVgvqrz2Cc5Bj9fp7
Fj2i6K83mJlc60Fz1fcrOTqAgmxkQED/xOeFoPRFaC7ZJJze6LvJQDvwVCTrvxNW
evrQlFdytkTlW+rQYNvTz+oNyMJaplfaniKMdEKwBICbR2LK5KXR7soa964AoB39
kAmxH2B+8IHm9QBjH5PmIHphRun7yxiyEqBMdxkCAwEAAaOCAoYwggKCMB0GA1Ud
DgQWBBTHB4Sr4By70i00DXLI1hdSBC0KVzAfBgNVHSMEGDAWgBTUNPFoYQKHbGIW
vOoopeUC7A17azAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFEVHhhR0VDaDJ4aUZyenFLS1hsQXV3TmUycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvNzI2YmI0LTVkODctNDAyZC05MWNlLTU3MTJkOTVhZTYzOC8x
L3h3ZUVxLUFjdTlJdE5BMXl5TllYVWdRdENsYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
NzI2YmI0LTVkODctNDAyZC05MWNlLTU3MTJkOTVhZTYzOC8xLzFEVHhhR0VDaDJ4
aUZyenFLS1hsQXV3TmUycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
mwYIKwYBBQUHAQcBAf8EgYswgYgwdwQCAAEwcQMDAgKYAwMABSgDAwE+KgMDAD45
MAoDAwA+UQMDAj5QAwQFPmRgAwQFPmWgAwMBPq4DAwFPbDAKAwMAUK0DAwBQrgMD
AFDgAwMBUTwDAwBRuAMDAVHKAwMBUp4DBAZS1YADBAZTrYADAwNUeAMDAFmMMA0E
AgACMAcDBQYqAqgAMA0GCSqGSIb3DQEBCwUAA4IBAQBzFQLu/ZjlMh/1Stqm7ddH
SlcMF8JX4UfDcQSxxCT2xU4JNIf947Z2xM7uoZ1a6DHcJTMoNhKD6RE2VGk/7a47
qvyXrZIeEfSAcpqCbDYi9I7orQIKjDzMuRsnXttFFgYgmEQpWHbIPow0CafsI15H
RMREhvcvy4CDNuZ91WzGARABETP8TfgvT7MKB5yG+6EggqJ8kIna6+n4r2WdzaqI
sNWm40OLONl3gsh+l4/CNFaOEldoSqfTM8N8nS76GIt6zufrG7WezWvObknDUZ+W
VXDyIKDX6THO1C2dyLOdNk9ccftwp5rIFv8JgC3tAiUfeBVAK96hKIFcR74r8sl4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:48 2023 by rpki-client on console-ams.rpki-client.org