Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/2516e2-9e22-4e06-8a44-fa5ef4f53fbb/1/0be_o8GFaihR0zrDDXkiOLE-KuE.roa
File: 0be_o8GFaihR0zrDDXkiOLE-KuE.roa (raw, json)
Hash identifier: YFO6ksG4bqbPv5qTv+3ykYwxi1sE77wIXp8aKHli0QM=
Subject key identifier: D1:B7:BF:A3:C1:85:6A:28:51:D3:3A:C3:0D:79:22:38:B1:3E:2A:E1
Certificate issuer: /CN=9e394498e4798729ce9950be34b459a9ef29f5e8
Certificate serial: 01843734FD5DC5AC963C63444CFD42C0F321
Authority key identifier: 9E:39:44:98:E4:79:87:29:CE:99:50:BE:34:B4:59:A9:EF:29:F5:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/njlEmOR5hynOmVC-NLRZqe8p9eg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/2516e2-9e22-4e06-8a44-fa5ef4f53fbb/1/0be_o8GFaihR0zrDDXkiOLE-KuE.roa
Signing time: Wed 02 Nov 2022 07:18:50 +0000
ROA not before: Wed 02 Nov 2022 07:18:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38999
IP address blocks: 212.98.134.0/24 maxlen: 24
185.76.176.64/26 maxlen: 26
185.76.177.0/24 maxlen: 24
185.76.176.0/25 maxlen: 25
185.76.176.0/24 maxlen: 24
185.76.178.0/24 maxlen: 24
185.76.177.192/27 maxlen: 27
185.76.177.224/28 maxlen: 28
5.57.0.0/24 maxlen: 24
213.204.96.0/24 maxlen: 24
2a05:5b81::/32 maxlen: 32
2a05:5b84::/32 maxlen: 32
2a05:5b82::/32 maxlen: 32
2a05:5b83::/32 maxlen: 32
2a05:5b80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:37:34:fd:5d:c5:ac:96:3c:63:44:4c:fd:42:c0:f3:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e394498e4798729ce9950be34b459a9ef29f5e8
Validity
Not Before: Nov 2 07:18:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d1b7bfa3c1856a2851d33ac30d792238b13e2ae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f6:c4:2f:a5:2c:42:1c:bf:83:b7:85:b6:38:
80:5d:a5:c8:97:15:af:1a:d9:ae:e3:ed:6a:55:07:
54:4a:7b:21:aa:fa:ac:94:ff:c1:c9:a0:7d:41:83:
34:8d:b1:af:36:e8:18:51:42:2f:fb:d4:c3:8e:e8:
28:47:dc:79:b8:70:65:35:7a:69:d0:4f:da:c4:90:
ad:c9:6e:37:5d:47:92:0c:2b:89:7f:92:e1:79:bf:
38:a8:42:cb:66:8d:03:5c:0e:c6:f9:59:75:d4:ad:
6f:2e:bf:f6:ec:23:b4:05:ef:75:e6:13:ba:2b:07:
20:00:02:30:9f:9a:24:0e:f2:82:92:2b:be:10:0a:
d6:89:d9:17:79:4d:72:0a:5a:c5:df:32:2f:28:77:
0f:b5:65:66:85:ac:30:11:e1:98:6c:a2:7c:ce:49:
ae:c9:c2:8c:46:08:6c:c7:ca:89:db:52:3b:27:19:
82:5d:a9:5f:7b:23:af:72:15:5a:56:40:bb:78:07:
16:dc:0f:b8:a7:d8:79:d2:a5:32:48:46:b6:29:69:
47:1b:3a:f7:b8:01:4c:74:0c:54:37:17:08:08:f1:
27:5a:fc:fa:df:72:d7:12:d8:60:90:f3:49:d0:6a:
d0:f4:82:75:12:05:6f:d1:01:f7:cd:38:73:6f:de:
01:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B7:BF:A3:C1:85:6A:28:51:D3:3A:C3:0D:79:22:38:B1:3E:2A:E1
X509v3 Authority Key Identifier:
keyid:9E:39:44:98:E4:79:87:29:CE:99:50:BE:34:B4:59:A9:EF:29:F5:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/njlEmOR5hynOmVC-NLRZqe8p9eg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/2516e2-9e22-4e06-8a44-fa5ef4f53fbb/1/0be_o8GFaihR0zrDDXkiOLE-KuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/2516e2-9e22-4e06-8a44-fa5ef4f53fbb/1/njlEmOR5hynOmVC-NLRZqe8p9eg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.0.0/24
185.76.176.0-185.76.178.255
212.98.134.0/24
213.204.96.0/24
IPv6:
2a05:5b80::-2a05:5b84:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
32:ba:31:46:dc:32:30:b7:f4:57:c0:08:4d:38:24:de:4b:19:
00:41:bd:c3:1d:ef:cc:49:d4:bb:25:9b:af:e9:d4:a0:3b:5e:
97:27:30:87:2d:d3:c3:82:ea:4f:e1:4f:3d:dc:1c:06:c4:9c:
f4:45:5e:99:62:36:ba:53:6a:8f:09:7e:7d:ec:d8:55:52:05:
c9:ee:7c:6b:50:75:01:c6:fe:06:ee:8b:7e:3a:2a:ab:37:4b:
0d:8e:71:f5:97:69:6a:6e:5e:26:00:fe:8d:15:11:22:e8:90:
de:2e:f4:28:bc:07:d2:83:7a:82:4b:68:6d:52:f7:5d:20:f8:
37:74:00:99:13:95:f4:80:0e:bf:4e:63:e3:9a:4b:dd:08:7c:
be:8b:79:e1:51:1d:66:f9:3e:25:5a:ef:67:a7:b3:85:3d:12:
e8:12:9d:9a:12:5a:6d:d0:75:ae:59:b4:ed:b6:b7:36:da:e9:
71:3b:ee:bf:4c:05:f8:fd:52:97:66:ac:d0:94:37:f2:f8:a0:
fe:4d:56:e4:9b:84:5a:ec:b2:b8:7f:1d:f3:ff:9f:06:58:68:
83:e4:9b:d4:fd:c0:61:aa:37:f4:95:b8:34:23:f4:00:19:ae:
13:65:b3:bb:6f:ea:0d:54:6a:7c:5b:4c:85:d1:bd:5f:27:63:
4a:aa:6e:6b
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYQ3NP1dxayWPGNETP1CwPMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMzk0NDk4ZTQ3OTg3MjljZTk5NTBiZTM0YjQ1OWE5ZWYy
OWY1ZTgwHhcNMjIxMTAyMDcxODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWI3YmZhM2MxODU2YTI4NTFkMzNhYzMwZDc5MjIzOGIxM2UyYWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPbEL6UsQhy/g7eFtjiAXaXIlxWv
Gtmu4+1qVQdUSnshqvqslP/ByaB9QYM0jbGvNugYUUIv+9TDjugoR9x5uHBlNXpp
0E/axJCtyW43XUeSDCuJf5Lheb84qELLZo0DXA7G+Vl11K1vLr/27CO0Be915hO6
KwcgAAIwn5okDvKCkiu+EArWidkXeU1yClrF3zIvKHcPtWVmhawwEeGYbKJ8zkmu
ycKMRghsx8qJ21I7JxmCXalfeyOvchVaVkC7eAcW3A+4p9h50qUySEa2KWlHGzr3
uAFMdAxUNxcICPEnWvz633LXEthgkPNJ0GrQ9IJ1EgVv0QH3zThzb94BawIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFNG3v6PBhWooUdM6ww15IjixPirhMB8GA1UdIwQY
MBaAFJ45RJjkeYcpzplQvjS0WanvKfXoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmpsRW1PUjVoeW5PbVZDLU5MUlpxZThwOWVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8yNTE2ZTItOWUyMi00ZTA2LThhNDQt
ZmE1ZWY0ZjUzZmJiLzEvMGJlX284R0ZhaWhSMHpyRERYa2lPTEUtS3VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8yNTE2ZTItOWUyMi00ZTA2LThhNDQtZmE1ZWY0ZjUzZmJi
LzEvbmpsRW1PUjVoeW5PbVZDLU5MUlpxZThwOWVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAmBAIAATAgAwQABTkAMAwD
BAS5TLADBAC5TLIDBADUYoYDBADVzGAwFgQCAAIwEDAOAwUHKgVbgAMFACoFW4Qw
DQYJKoZIhvcNAQELBQADggEBADK6MUbcMjC39FfACE04JN5LGQBBvcMd78xJ1Lsl
m6/p1KA7XpcnMIct08OC6k/hTz3cHAbEnPRFXpliNrpTao8Jfn3s2FVSBcnufGtQ
dQHG/gbui346Kqs3Sw2OcfWXaWpuXiYA/o0VESLokN4u9Ci8B9KDeoJLaG1S910g
+Dd0AJkTlfSADr9OY+OaS90IfL6LeeFRHWb5PiVa72ens4U9EugSnZoSWm3Qda5Z
tO22tzba6XE77r9MBfj9UpdmrNCUN/L4oP5NVuSbhFrssrh/HfP/nwZYaIPkm9T9
wGGqN/SVuDQj9AAZrhNls7tv6g1UanxbTIXRvV8nY0qqbms=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:33 2024 by rpki-client on console-fra.rpki-client.org