Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/5731da-6665-4161-80c1-5e79b4435e2c/1/fIP3CMj1g1cM1J-DQW_hKJ8TotQ.roa
File: fIP3CMj1g1cM1J-DQW_hKJ8TotQ.roa (raw, json)
Hash identifier: HvKt74UvXaweNZclMmqIGji0F5bgtqIAns1fTLW0Y+k=
Subject key identifier: 7C:83:F7:08:C8:F5:83:57:0C:D4:9F:83:41:6F:E1:28:9F:13:A2:D4
Certificate issuer: /CN=4a409555105040578cb296070074f45107252eeb
Certificate serial: 5EE7A0
Authority key identifier: 4A:40:95:55:10:50:40:57:8C:B2:96:07:00:74:F4:51:07:25:2E:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SkCVVRBQQFeMspYHAHT0UQclLus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/5731da-6665-4161-80c1-5e79b4435e2c/1/fIP3CMj1g1cM1J-DQW_hKJ8TotQ.roa
Signing time: Tue 04 Jan 2022 06:29:34 +0000
ROA not before: Tue 04 Jan 2022 06:29:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21211
IP address blocks: 212.122.79.0/24 maxlen: 24
212.122.80.0/23 maxlen: 23
212.122.88.0/22 maxlen: 22
212.122.92.0/23 maxlen: 23
212.122.95.0/24 maxlen: 24
84.240.0.0/22 maxlen: 22
84.240.0.0/18 maxlen: 18
84.240.4.0/22 maxlen: 22
213.159.48.0/20 maxlen: 20
84.240.8.0/21 maxlen: 21
84.240.16.0/20 maxlen: 20
212.122.64.0/19 maxlen: 19
212.122.68.0/22 maxlen: 22
212.122.65.0/24 maxlen: 24
212.122.72.0/24 maxlen: 24
212.122.73.0/24 maxlen: 24
185.25.0.0/22 maxlen: 22
213.159.32.0/19 maxlen: 19
213.159.32.0/20 maxlen: 20
213.159.33.0/24 maxlen: 24
31.44.96.0/20 maxlen: 20
31.44.96.0/21 maxlen: 21
78.157.64.0/19 maxlen: 19
31.44.104.0/21 maxlen: 21
2a03:280::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6219680 (0x5ee7a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a409555105040578cb296070074f45107252eeb
Validity
Not Before: Jan 4 06:29:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7c83f708c8f583570cd49f83416fe1289f13a2d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9f:95:2b:55:1c:5d:a2:96:3d:25:08:56:d3:
c5:3b:ec:6a:65:ca:b5:ba:9f:79:45:d8:5a:45:16:
d1:f4:c9:36:0f:c3:1d:69:8d:53:1f:a3:b4:8a:1d:
91:3f:1d:8d:e5:c7:9b:56:a6:f4:4d:47:19:6d:87:
46:6a:7f:f6:ff:cf:4e:34:34:29:35:c6:01:0b:38:
56:c0:58:2c:39:2d:ab:f9:40:b6:2b:fb:e5:4a:6b:
c8:8a:c5:27:c9:a7:61:66:90:f7:0e:b9:25:0e:d2:
3a:d2:98:48:16:27:ad:20:49:90:55:82:57:c0:2d:
1a:21:c9:99:3c:bd:e3:96:00:4a:87:0e:82:d0:a0:
52:20:7d:09:e4:02:49:2a:66:61:eb:8d:96:a5:01:
dd:83:9e:78:8a:a9:e3:d5:6e:a2:db:d5:d6:5c:c0:
38:9c:00:0f:39:97:12:e8:6a:73:9f:e3:80:bc:91:
81:db:23:14:6f:e6:31:9c:58:e4:32:0a:2f:a3:e6:
04:e2:3d:a3:3f:ea:ea:26:93:86:e5:fc:88:76:fa:
9e:18:9c:cc:12:63:f8:fa:3b:5d:a1:f0:62:9d:2f:
3e:97:b6:cd:7f:e3:3f:10:2c:26:f9:e3:23:bd:81:
67:44:12:cd:c8:e6:64:7d:5e:86:89:58:01:76:b4:
4c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:83:F7:08:C8:F5:83:57:0C:D4:9F:83:41:6F:E1:28:9F:13:A2:D4
X509v3 Authority Key Identifier:
keyid:4A:40:95:55:10:50:40:57:8C:B2:96:07:00:74:F4:51:07:25:2E:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SkCVVRBQQFeMspYHAHT0UQclLus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5731da-6665-4161-80c1-5e79b4435e2c/1/fIP3CMj1g1cM1J-DQW_hKJ8TotQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5731da-6665-4161-80c1-5e79b4435e2c/1/SkCVVRBQQFeMspYHAHT0UQclLus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.96.0/20
78.157.64.0/19
84.240.0.0/18
185.25.0.0/22
212.122.64.0/19
213.159.32.0/19
IPv6:
2a03:280::/32
Signature Algorithm: sha256WithRSAEncryption
69:33:56:14:d3:eb:77:ed:d6:43:11:09:70:b0:c5:8b:a8:a8:
2d:1e:00:f7:84:f2:5c:56:d0:62:11:bb:21:f3:a8:60:11:f8:
e0:06:a9:d5:b0:fe:7f:98:0b:c6:79:d6:9d:86:44:25:57:c2:
1e:50:6d:4a:5a:c1:b2:df:e5:30:c9:5c:64:31:95:1d:f7:11:
07:32:b0:1a:76:3b:9d:ea:04:a5:53:6c:c2:23:e7:f8:5b:4d:
23:5e:ed:42:fd:fc:3c:86:5a:17:5f:c8:30:1d:0e:8b:dc:28:
3a:36:30:6c:20:90:bb:2a:32:6b:85:ac:0c:da:5d:2f:17:7d:
35:50:41:ee:b4:be:50:99:b9:6b:dd:fc:1f:4e:3c:94:8b:34:
76:bf:56:cc:20:d9:47:f5:34:3c:16:e8:41:d7:1d:07:e0:12:
2a:18:dc:10:d5:ad:77:6f:b4:9b:64:81:8b:18:1e:86:97:62:
e4:55:91:ca:48:ec:0f:2f:46:56:94:d1:9a:77:62:3c:8a:d4:
34:75:ac:d9:43:36:64:2d:27:c1:2a:3a:8e:ef:f1:83:86:20:
b0:0d:4b:d0:3c:08:2f:33:c7:4b:3b:d4:c4:22:77:e5:0f:f5:
50:c1:3b:b8:23:b1:a5:0b:df:31:af:a1:26:d7:d3:94:e2:41:
88:71:fa:05
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIDXuegMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRh
NDA5NTU1MTA1MDQwNTc4Y2IyOTYwNzAwNzRmNDUxMDcyNTJlZWIwHhcNMjIwMTA0
MDYyOTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3YzgzZjcwOGM4ZjU4
MzU3MGNkNDlmODM0MTZmZTEyODlmMTNhMmQ0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlZ+VK1UcXaKWPSUIVtPFO+xqZcq1up95RdhaRRbR9Mk2D8Md
aY1TH6O0ih2RPx2N5cebVqb0TUcZbYdGan/2/89ONDQpNcYBCzhWwFgsOS2r+UC2
K/vlSmvIisUnyadhZpD3DrklDtI60phIFietIEmQVYJXwC0aIcmZPL3jlgBKhw6C
0KBSIH0J5AJJKmZh642WpQHdg554iqnj1W6i29XWXMA4nAAPOZcS6Gpzn+OAvJGB
2yMUb+YxnFjkMgovo+YE4j2jP+rqJpOG5fyIdvqeGJzMEmP4+jtdofBinS8+l7bN
f+M/ECwm+eMjvYFnRBLNyOZkfV6GiVgBdrRMKwIDAQABo4ICNjCCAjIwHQYDVR0O
BBYEFHyD9wjI9YNXDNSfg0Fv4SifE6LUMB8GA1UdIwQYMBaAFEpAlVUQUEBXjLKW
BwB09FEHJS7rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
U2tDVlZSQlFRRmVNc3BZSEFIVDBVUWNsTHVzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC85MC81NzMxZGEtNjY2NS00MTYxLTgwYzEtNWU3OWI0NDM1ZTJjLzEv
ZklQM0NNajFnMWNNMUotRFFXX2hLSjhUb3RRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC81
NzMxZGEtNjY2NS00MTYxLTgwYzEtNWU3OWI0NDM1ZTJjLzEvU2tDVlZSQlFRRmVN
c3BZSEFIVDBVUWNsTHVzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEwG
CCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEHyxgAwQFTp1AAwQGVPAAAwQCuRkA
AwQF1HpAAwQF1Z8gMA0EAgACMAcDBQAqAwKAMA0GCSqGSIb3DQEBCwUAA4IBAQBp
M1YU0+t37dZDEQlwsMWLqKgtHgD3hPJcVtBiEbsh86hgEfjgBqnVsP5/mAvGedad
hkQlV8IeUG1KWsGy3+UwyVxkMZUd9xEHMrAadjud6gSlU2zCI+f4W00jXu1C/fw8
hloXX8gwHQ6L3Cg6NjBsIJC7KjJrhawM2l0vF301UEHutL5Qmblr3fwfTjyUizR2
v1bMINlH9TQ8FuhB1x0H4BIqGNwQ1a13b7SbZIGLGB6Gl2LkVZHKSOwPL0ZWlNGa
d2I8itQ0dazZQzZkLSfBKjqO7/GDhiCwDUvQPAgvM8dLO9TEInflD/VQwTu4I7Gl
C98xr6Em19OU4kGIcfoF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:46 2024 by rpki-client on console-ams.rpki-client.org