Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/5DUCYXQ9EELacmvXkm1a77yUEeE.roa
File: 5DUCYXQ9EELacmvXkm1a77yUEeE.roa (raw, json)
Hash identifier: elxOBfIc4PawJi1N7x3OwdJqnViTKaduU3IQ8WRDktQ=
Subject key identifier: E4:35:02:61:74:3D:10:42:DA:72:6B:D7:92:6D:5A:EF:BC:94:11:E1
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01841381EB2C6CDB6D3D61CEE6786A74A204
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/5DUCYXQ9EELacmvXkm1a77yUEeE.roa
Signing time: Wed 26 Oct 2022 08:56:32 +0000
ROA not before: Wed 26 Oct 2022 08:56:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49581
IP address blocks: 37.221.92.0/24 maxlen: 24
185.117.3.0/24 maxlen: 24
45.13.227.0/24 maxlen: 24
45.131.111.0/24 maxlen: 24
45.131.108.0/24 maxlen: 24
5.253.246.0/24 maxlen: 24
92.118.207.0/24 maxlen: 24
45.142.104.0/24 maxlen: 24
45.142.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:13:81:eb:2c:6c:db:6d:3d:61:ce:e6:78:6a:74:a2:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Oct 26 08:56:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e4350261743d1042da726bd7926d5aefbc9411e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:95:95:44:c0:a7:f7:aa:47:35:8a:b1:d1:23:
ec:96:6a:c7:c2:ee:5d:98:2c:ef:94:74:32:da:67:
df:38:29:48:89:3d:8e:08:67:69:89:66:ad:e4:f1:
7c:3b:34:74:0e:11:32:98:d7:56:6e:f4:78:0b:45:
1c:54:d9:1c:4a:f4:ba:3b:fb:58:e3:ce:73:56:da:
60:a7:2f:f7:a8:6f:c2:4c:68:e4:cb:b7:b1:b0:8d:
32:94:ed:02:9b:9a:3f:7b:31:1f:56:a2:cb:b6:ec:
cc:00:88:61:7f:6e:de:f8:fc:36:39:4b:98:cc:6f:
4d:d6:27:5e:4c:4b:3a:7f:a9:6a:f4:ba:49:84:b4:
62:02:e4:6a:17:11:69:73:6c:2f:6b:b2:52:36:ab:
bd:71:98:54:a6:fb:25:2b:0c:29:b7:a4:18:5d:24:
42:6c:45:49:e6:69:f1:37:71:f1:d0:8b:4a:bb:63:
3e:51:2b:7c:6f:8b:6e:39:23:de:83:f4:45:8b:cd:
3c:4d:f0:7f:95:65:aa:6e:38:53:bd:7e:63:98:f5:
25:46:2f:7b:6e:9b:f7:04:1d:b3:b0:ca:c3:f7:d8:
44:90:e3:20:d7:80:b0:b8:d2:66:d3:5d:e8:e4:8d:
80:84:0a:d4:74:a3:40:91:7b:13:54:a1:17:8c:09:
31:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:35:02:61:74:3D:10:42:DA:72:6B:D7:92:6D:5A:EF:BC:94:11:E1
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/5DUCYXQ9EELacmvXkm1a77yUEeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.246.0/24
37.221.92.0/24
45.13.227.0/24
45.131.108.0/24
45.131.111.0/24
45.142.104.0/24
45.142.107.0/24
92.118.207.0/24
185.117.3.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:2d:43:1b:e5:fc:d8:71:a9:8a:45:95:8e:01:31:0d:8c:5a:
9b:52:e0:d8:64:6e:e5:83:a5:aa:9a:39:72:1a:7c:1d:4e:b6:
c7:d8:89:ec:90:cd:e3:ea:a9:aa:12:af:f0:87:60:de:d5:49:
cc:55:5d:26:ff:32:cb:cd:d1:b1:8f:b5:c7:ba:73:72:99:31:
59:fc:af:83:00:85:06:14:ba:8b:72:bc:cc:40:d1:1f:cb:5b:
44:e4:81:a5:04:f3:b8:12:10:dc:a0:01:90:4d:46:66:2b:4f:
6f:1c:98:f2:f2:1c:c0:c8:18:69:00:2b:03:7c:1d:ae:c4:67:
b4:31:9b:0d:79:a7:04:cc:c6:ce:84:6e:1a:c3:db:2c:3f:67:
90:82:f6:2f:dc:5e:51:6c:ee:bd:8f:75:55:f1:d0:c2:71:11:
82:47:45:b7:94:75:b1:2b:74:a2:e8:85:f9:77:3b:9c:9c:0c:
09:77:c4:36:17:cd:60:a9:64:c0:55:20:d3:bc:00:fc:61:8e:
ab:3e:c2:92:f7:98:55:bf:82:f0:e6:78:bc:9b:42:1b:81:c2:
29:c1:39:5b:7d:7d:49:92:d7:78:d1:5e:76:5d:63:92:21:14:
b1:1a:bd:8d:5d:66:e1:b5:cd:96:0e:8e:19:c6:d5:3a:f5:c5:
dc:73:80:fd
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYQTgessbNttPWHO5nhqdKIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjIxMDI2MDg1NjMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDM1MDI2MTc0M2QxMDQyZGE3MjZiZDc5MjZkNWFlZmJjOTQxMWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZWVRMCn96pHNYqx0SPslmrHwu5d
mCzvlHQy2mffOClIiT2OCGdpiWat5PF8OzR0DhEymNdWbvR4C0UcVNkcSvS6O/tY
485zVtpgpy/3qG/CTGjky7exsI0ylO0Cm5o/ezEfVqLLtuzMAIhhf27e+Pw2OUuY
zG9N1ideTEs6f6lq9LpJhLRiAuRqFxFpc2wva7JSNqu9cZhUpvslKwwpt6QYXSRC
bEVJ5mnxN3Hx0ItKu2M+USt8b4tuOSPeg/RFi808TfB/lWWqbjhTvX5jmPUlRi97
bpv3BB2zsMrD99hEkOMg14CwuNJm013o5I2AhArUdKNAkXsTVKEXjAkx2QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOQ1AmF0PRBC2nJr15JtWu+8lBHhMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvNURVQ1lYUTlFRUxhY212WGttMWE3N3lVRWVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABf32AwQA
Jd1cAwQALQ3jAwQALYNsAwQALYNvAwQALY5oAwQALY5rAwQAXHbPAwQAuXUDMA0G
CSqGSIb3DQEBCwUAA4IBAQAeLUMb5fzYcamKRZWOATENjFqbUuDYZG7lg6Wqmjly
GnwdTrbH2InskM3j6qmqEq/wh2De1UnMVV0m/zLLzdGxj7XHunNymTFZ/K+DAIUG
FLqLcrzMQNEfy1tE5IGlBPO4EhDcoAGQTUZmK09vHJjy8hzAyBhpACsDfB2uxGe0
MZsNeacEzMbOhG4aw9ssP2eQgvYv3F5RbO69j3VV8dDCcRGCR0W3lHWxK3Si6IX5
dzucnAwJd8Q2F81gqWTAVSDTvAD8YY6rPsKS95hVv4Lw5ni8m0IbgcIpwTlbfX1J
ktd40V52XWOSIRSxGr2NXWbhtc2WDo4ZxtU69cXcc4D9
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:18 2023 by rpki-client on console-ams.rpki-client.org