Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/psNa65Za2mFpQXRAEykMelBa1EA.roa
File: psNa65Za2mFpQXRAEykMelBa1EA.roa (raw, json)
Hash identifier: K+9mZcviwT1zKWmjzWjkr3j2s4llUHwqKMMzRD5WtoA=
Subject key identifier: A6:C3:5A:EB:96:5A:DA:61:69:41:74:40:13:29:0C:7A:50:5A:D4:40
Certificate issuer: /CN=2df8779a3c82f00fc14435ee7d8d0b8d6dd8204e
Certificate serial: 06638229
Authority key identifier: 2D:F8:77:9A:3C:82:F0:0F:C1:44:35:EE:7D:8D:0B:8D:6D:D8:20:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lfh3mjyC8A_BRDXufY0LjW3YIE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/psNa65Za2mFpQXRAEykMelBa1EA.roa
Signing time: Sat 01 Jan 2022 08:00:54 +0000
ROA not before: Sat 01 Jan 2022 08:00:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48095
IP address blocks: 188.65.16.0/22 maxlen: 22
87.101.80.0/22 maxlen: 22
77.247.112.0/23 maxlen: 23
77.247.114.0/23 maxlen: 23
193.9.152.0/22 maxlen: 22
185.158.70.0/23 maxlen: 23
185.158.68.0/23 maxlen: 23
31.40.226.0/23 maxlen: 23
31.40.224.0/23 maxlen: 23
185.222.132.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107184681 (0x6638229)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2df8779a3c82f00fc14435ee7d8d0b8d6dd8204e
Validity
Not Before: Jan 1 08:00:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a6c35aeb965ada616941744013290c7a505ad440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:be:03:5a:00:75:5e:f9:f9:ea:da:d1:68:c2:
66:c3:83:cb:f2:84:07:bd:b4:e5:ab:8d:18:c9:5c:
8e:0f:96:3f:0c:04:53:1e:de:45:e8:d1:34:67:ca:
3e:c5:f8:e5:01:f6:8f:25:80:a5:d7:88:a4:26:65:
44:61:82:04:ba:3c:14:fd:28:08:21:e5:d3:78:87:
05:10:76:57:0c:49:50:7c:86:48:87:2a:c7:3c:bd:
34:82:cb:75:07:cd:51:8e:55:40:95:50:d4:f0:94:
70:93:e3:44:82:e9:7b:f5:e6:a5:70:76:31:b2:a1:
c1:1d:48:df:e8:7f:49:67:ff:3a:b1:52:1d:bb:69:
09:1d:57:5a:a4:97:4d:db:77:67:55:1a:20:41:d1:
03:63:2e:a3:5d:91:0a:b0:63:7c:ba:08:38:9b:59:
4f:28:fe:92:c8:09:80:0b:03:f2:cb:2b:92:f7:c2:
4c:02:90:ef:06:70:b0:1d:c6:ee:d1:e3:cd:02:33:
f4:c2:f9:73:e1:0e:8a:03:1c:b6:1a:43:14:79:30:
81:66:d7:e4:81:c0:dd:86:3e:ff:9e:ab:19:9a:56:
55:d2:42:93:09:7e:fb:a6:ed:da:b4:be:b6:cb:e9:
20:66:5b:b5:51:2b:37:1b:30:bf:25:16:2d:fe:de:
c6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:C3:5A:EB:96:5A:DA:61:69:41:74:40:13:29:0C:7A:50:5A:D4:40
X509v3 Authority Key Identifier:
keyid:2D:F8:77:9A:3C:82:F0:0F:C1:44:35:EE:7D:8D:0B:8D:6D:D8:20:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lfh3mjyC8A_BRDXufY0LjW3YIE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/psNa65Za2mFpQXRAEykMelBa1EA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.224.0/22
77.247.112.0/22
87.101.80.0/22
185.158.68.0/22
185.222.132.0/22
188.65.16.0/22
193.9.152.0/22
Signature Algorithm: sha256WithRSAEncryption
56:1e:74:cd:e3:19:b4:e5:84:6a:52:2f:d4:d3:e6:93:5a:7d:
06:51:f0:eb:2f:1e:d9:ea:99:03:9c:ff:0a:9b:50:3f:f5:f6:
45:cd:09:01:77:f4:3a:c2:2b:5d:bb:cc:06:8e:fa:37:1b:14:
6f:da:f7:1a:20:69:33:1a:21:6d:e1:71:70:d4:9b:08:17:9d:
a3:15:21:77:4d:a2:ab:f7:e3:74:6a:02:61:61:1f:53:10:1c:
68:bd:4d:c2:c1:0c:20:8e:df:34:68:bb:1c:96:80:d6:8c:60:
f3:44:dd:92:93:8e:1d:f3:7d:f8:aa:be:f7:ed:91:dd:e8:c6:
91:dd:15:4f:9a:3f:56:56:0a:3e:de:0c:b0:45:e6:e0:23:0c:
bd:aa:97:37:38:98:08:20:bc:7d:23:11:3a:94:a0:3e:fa:40:
37:a7:0f:bd:b6:77:ff:5c:4d:b8:88:b9:99:bd:69:5a:8a:16:
7a:0f:47:bb:9f:d3:84:b9:d4:9a:6a:14:d1:39:b9:bd:a7:47:
14:b8:1f:80:4a:9a:3c:be:e8:85:09:d7:3b:c4:c4:5e:a7:58:
45:38:a2:b3:34:84:05:e5:59:d9:db:b2:f9:a2:31:ac:c7:da:
96:46:09:f3:05:8a:3a:5c:70:e1:2e:33:2a:e9:43:e4:9b:68:
72:9f:65:4a
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEBmOCKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZGY4Nzc5YTNjODJmMDBmYzE0NDM1ZWU3ZDhkMGI4ZDZkZDgyMDRlMB4XDTIyMDEw
MTA4MDA1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTZjMzVhZWI5NjVh
ZGE2MTY5NDE3NDQwMTMyOTBjN2E1MDVhZDQ0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJO+A1oAdV75+era0WjCZsODy/KEB7205auNGMlcjg+WPwwE
Ux7eRejRNGfKPsX45QH2jyWApdeIpCZlRGGCBLo8FP0oCCHl03iHBRB2VwxJUHyG
SIcqxzy9NILLdQfNUY5VQJVQ1PCUcJPjRILpe/XmpXB2MbKhwR1I3+h/SWf/OrFS
HbtpCR1XWqSXTdt3Z1UaIEHRA2Muo12RCrBjfLoIOJtZTyj+ksgJgAsD8ssrkvfC
TAKQ7wZwsB3G7tHjzQIz9ML5c+EOigMcthpDFHkwgWbX5IHA3YY+/56rGZpWVdJC
kwl++6bt2rS+tsvpIGZbtVErNxswvyUWLf7exhsCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBSmw1rrllraYWlBdEATKQx6UFrUQDAfBgNVHSMEGDAWgBQt+HeaPILwD8FE
Ne59jQuNbdggTjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xmaDNtanlDOEFfQlJEWHVmWTBMalczWUlFNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvY2NkOTZlLTEzM2UtNDViNy04OGI3LWUyYWUwNTVlY2VkMS8x
L3BzTmE2NVphMm1GcFFYUkFFeWtNZWxCYTFFQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
Y2NkOTZlLTEzM2UtNDViNy04OGI3LWUyYWUwNTVlY2VkMS8xL0xmaDNtanlDOEFf
QlJEWHVmWTBMalczWUlFNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAh8o4AMEAk33cAMEAldlUAMEArme
RAMEArnehAMEArxBEAMEAsEJmDANBgkqhkiG9w0BAQsFAAOCAQEAVh50zeMZtOWE
alIv1NPmk1p9BlHw6y8e2eqZA5z/CptQP/X2Rc0JAXf0OsIrXbvMBo76NxsUb9r3
GiBpMxohbeFxcNSbCBedoxUhd02iq/fjdGoCYWEfUxAcaL1NwsEMII7fNGi7HJaA
1oxg80TdkpOOHfN9+Kq+9+2R3ejGkd0VT5o/VlYKPt4MsEXm4CMMvaqXNziYCCC8
fSMROpSgPvpAN6cPvbZ3/1xNuIi5mb1pWooWeg9Hu5/ThLnUmmoU0Tm5vadHFLgf
gEqaPL7ohQnXO8TEXqdYRTiiszSEBeVZ2duy+aIxrMfalkYJ8wWKOlxw4S4zKulD
5Jtocp9lSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:01 2024 by rpki-client on console-fra.rpki-client.org