Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/4byKlNtNl3vwLGbvJ-bC2yiIJ-c.roa
File: 4byKlNtNl3vwLGbvJ-bC2yiIJ-c.roa (raw, json)
Hash identifier: 38Lub5ixRri0EGqolE4BGP7RfmtM1DRurfs8UBGTKRI=
Subject key identifier: E1:BC:8A:94:DB:4D:97:7B:F0:2C:66:EF:27:E6:C2:DB:28:88:27:E7
Certificate issuer: /CN=1808bf7fe48b057f9f2f3d5d1a6310fd9e14c571
Certificate serial: 071E0E13
Authority key identifier: 18:08:BF:7F:E4:8B:05:7F:9F:2F:3D:5D:1A:63:10:FD:9E:14:C5:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/4byKlNtNl3vwLGbvJ-bC2yiIJ-c.roa
Signing time: Sat 01 Jan 2022 02:56:52 +0000
ROA not before: Sat 01 Jan 2022 02:56:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14061
IP address blocks: 167.172.0.0/16 maxlen: 22
146.185.128.0/19 maxlen: 22
5.101.96.0/20 maxlen: 24
146.185.160.0/19 maxlen: 22
185.14.184.0/22 maxlen: 22
178.128.0.0/17 maxlen: 22
37.139.0.0/19 maxlen: 22
188.166.0.0/16 maxlen: 22
82.196.0.0/20 maxlen: 22
95.85.0.0/18 maxlen: 22
46.101.0.0/16 maxlen: 22
188.226.128.0/17 maxlen: 22
178.128.128.0/17 maxlen: 22
80.240.128.0/20 maxlen: 22
178.62.0.0/16 maxlen: 22
2a03:b0c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119410195 (0x71e0e13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1808bf7fe48b057f9f2f3d5d1a6310fd9e14c571
Validity
Not Before: Jan 1 02:56:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1bc8a94db4d977bf02c66ef27e6c2db288827e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:34:8d:99:eb:13:5c:dd:7b:d2:00:ad:22:94:
11:fd:92:3f:5a:9e:02:60:90:43:5c:96:ce:66:83:
48:11:e9:51:cf:12:b9:6a:3e:7d:96:8a:e2:d1:8c:
61:60:82:bc:4d:88:52:4d:ab:14:50:76:32:d5:ef:
28:d3:03:9c:92:45:75:6b:e4:35:7c:dd:9d:d6:cb:
91:73:00:96:6d:35:81:d4:dd:72:63:00:08:59:2d:
09:63:4f:7c:94:80:0b:b5:56:65:10:f4:f8:5f:dc:
b8:52:c7:8e:d9:b9:76:6e:48:71:33:16:b4:d8:fc:
f5:87:27:10:0a:1d:20:29:cc:b7:56:c7:1b:92:24:
65:1f:e5:6c:6e:56:2a:a5:b4:41:9f:03:b7:52:ea:
ae:df:15:62:d7:0b:e7:ee:54:a0:e1:ca:9a:48:06:
7c:99:7c:20:c0:c8:6d:5d:0c:6b:ff:88:ab:39:ff:
3a:91:0d:86:a3:a1:26:e3:9e:4c:ca:3d:f8:de:d5:
f2:aa:19:e3:6a:39:74:7e:a8:16:25:f8:ca:eb:1f:
60:b7:dc:3e:e5:48:d3:e8:a2:07:fc:06:b6:8f:e1:
3f:64:06:9d:5c:2d:66:d6:7b:0b:f8:a2:c4:c1:d4:
fa:37:3e:d1:b5:bd:29:d9:ff:ed:b3:1a:a2:19:73:
5f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:BC:8A:94:DB:4D:97:7B:F0:2C:66:EF:27:E6:C2:DB:28:88:27:E7
X509v3 Authority Key Identifier:
keyid:18:08:BF:7F:E4:8B:05:7F:9F:2F:3D:5D:1A:63:10:FD:9E:14:C5:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/4byKlNtNl3vwLGbvJ-bC2yiIJ-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.96.0/20
37.139.0.0/19
46.101.0.0/16
80.240.128.0/20
82.196.0.0/20
95.85.0.0/18
146.185.128.0/18
167.172.0.0/16
178.62.0.0/16
178.128.0.0/16
185.14.184.0/22
188.166.0.0/16
188.226.128.0/17
IPv6:
2a03:b0c0::/32
Signature Algorithm: sha256WithRSAEncryption
00:6c:9c:8b:1c:63:5f:f2:69:f2:77:b1:92:7f:c7:8a:d7:c2:
db:17:d5:7a:85:6f:3d:39:8f:fe:eb:93:d2:ad:9a:74:38:5c:
68:2d:38:0e:33:1e:b5:69:9e:d7:6b:24:d5:ea:88:38:7d:8c:
0e:38:66:29:44:a7:7b:c1:8b:30:c7:b1:00:4e:6f:98:1f:e4:
a8:10:41:66:28:ab:2e:74:36:31:9b:05:09:8e:e1:a6:64:21:
e2:2a:d3:ab:26:59:1e:c4:60:36:5a:c1:17:4c:0e:2d:f1:f1:
a6:51:9d:ef:43:d7:ae:12:62:ce:ee:c8:dc:0c:cf:fc:b6:ab:
d7:29:b6:eb:b0:6d:4c:29:9e:9f:7e:5e:07:ee:9e:81:f0:55:
b1:5a:91:52:7a:82:9b:2e:b6:6a:c5:5f:7d:d5:31:67:4a:38:
55:1d:f3:7f:ce:4b:61:2c:6e:cf:ee:79:33:fa:32:f4:5d:e1:
c2:24:68:46:1c:ea:26:1d:ee:f2:8a:e0:7b:ce:22:64:0e:7f:
de:87:e3:69:0c:95:0e:bb:71:0a:8a:55:b6:13:82:69:f2:67:
b1:f5:8f:6d:2c:96:76:3a:91:46:45:2d:39:43:55:2f:ed:ac:
f7:6e:da:09:5c:b6:b7:d1:d7:35:90:c3:38:e3:21:a2:24:c4:
d2:35:ec:9b
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIEBx4OEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ODA4YmY3ZmU0OGIwNTdmOWYyZjNkNWQxYTYzMTBmZDllMTRjNTcxMB4XDTIyMDEw
MTAyNTY1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTFiYzhhOTRkYjRk
OTc3YmYwMmM2NmVmMjdlNmMyZGIyODg4MjdlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQ0jZnrE1zde9IArSKUEf2SP1qeAmCQQ1yWzmaDSBHpUc8S
uWo+fZaK4tGMYWCCvE2IUk2rFFB2MtXvKNMDnJJFdWvkNXzdndbLkXMAlm01gdTd
cmMACFktCWNPfJSAC7VWZRD0+F/cuFLHjtm5dm5IcTMWtNj89YcnEAodICnMt1bH
G5IkZR/lbG5WKqW0QZ8Dt1Lqrt8VYtcL5+5UoOHKmkgGfJl8IMDIbV0Ma/+Iqzn/
OpENhqOhJuOeTMo9+N7V8qoZ42o5dH6oFiX4yusfYLfcPuVI0+iiB/wGto/hP2QG
nVwtZtZ7C/iixMHU+jc+0bW9Kdn/7bMaohlzX8MCAwEAAaOCAlswggJXMB0GA1Ud
DgQWBBThvIqU202Xe/AsZu8n5sLbKIgn5zAfBgNVHSMEGDAWgBQYCL9/5IsFf58v
PV0aYxD9nhTFcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dBaV9mLVNMQlgtZkx6MWRHbU1RX1o0VXhYRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvNTEwYzNiLWY4NzAtNDc2Yi1hMTYzLTlkMzkyZWVlMGY2Ni8x
LzRieUtsTnRObDN2d0xHYnZKLWJDMnlpSUotYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
NTEwYzNiLWY4NzAtNDc2Yi1hMTYzLTlkMzkyZWVlMGY2Ni8xL0dBaV9mLVNMQlgt
Zkx6MWRHbU1RX1o0VXhYRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBx
BggrBgEFBQcBBwEB/wRiMGAwTwQCAAEwSQMEBAVlYAMEBSWLAAMDAC5lAwQEUPCA
AwQEUsQAAwQGX1UAAwQGkrmAAwMAp6wDAwCyPgMDALKAAwQCuQ64AwMAvKYDBAe8
4oAwDQQCAAIwBwMFACoDsMAwDQYJKoZIhvcNAQELBQADggEBAABsnIscY1/yafJ3
sZJ/x4rXwtsX1XqFbz05j/7rk9KtmnQ4XGgtOA4zHrVpntdrJNXqiDh9jA44ZilE
p3vBizDHsQBOb5gf5KgQQWYoqy50NjGbBQmO4aZkIeIq06smWR7EYDZawRdMDi3x
8aZRne9D164SYs7uyNwMz/y2q9cptuuwbUwpnp9+XgfunoHwVbFakVJ6gpsutmrF
X33VMWdKOFUd83/OS2Esbs/ueTP6MvRd4cIkaEYc6iYd7vKK4HvOImQOf96H42kM
lQ67cQqKVbYTgmnyZ7H1j20slnY6kUZFLTlDVS/trPdu2glctrfR1zWQwzjjIaIk
xNI17Js=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:06 2024 by rpki-client on console-fra.rpki-client.org