Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/f4isgeZgejFZW3ZtPh3rfmN7eoY.roa
File: f4isgeZgejFZW3ZtPh3rfmN7eoY.roa (raw, json)
Hash identifier: 8Mqx+sUqWDssZxhVKbKawaQR0YNSCO12kDQ4n7D50OM=
Subject key identifier: 7F:88:AC:81:E6:60:7A:31:59:5B:76:6D:3E:1D:EB:7E:63:7B:7A:86
Certificate issuer: /CN=37518d180923a7f3c00653ec12bc702b95aab907
Certificate serial: 33E8B906
Authority key identifier: 37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/f4isgeZgejFZW3ZtPh3rfmN7eoY.roa
Signing time: Sat 01 Jan 2022 04:55:37 +0000
ROA not before: Sat 01 Jan 2022 04:55:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211249
IP address blocks: 193.140.4.0/22 maxlen: 22
193.140.2.0/23 maxlen: 23
193.140.1.0/24 maxlen: 24
193.255.112.0/21 maxlen: 21
95.183.138.0/23 maxlen: 23
194.27.96.0/22 maxlen: 22
194.27.92.0/22 maxlen: 22
194.27.100.0/23 maxlen: 23
95.183.192.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 870889734 (0x33e8b906)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37518d180923a7f3c00653ec12bc702b95aab907
Validity
Not Before: Jan 1 04:55:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7f88ac81e6607a31595b766d3e1deb7e637b7a86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a0:a4:d0:03:7b:dc:9e:24:71:9a:42:ba:78:
e6:7a:e4:a5:3b:1d:c1:93:ed:89:49:20:c8:81:40:
ad:18:2b:1a:6c:f2:c5:96:04:6b:6d:3d:99:ed:56:
14:6c:81:22:93:21:95:08:6b:24:b5:d7:da:cd:0e:
52:18:f1:6c:65:42:b4:83:4f:12:02:a8:e8:88:85:
44:ed:3d:35:30:7a:6c:76:3d:41:57:2e:66:de:c4:
7d:dc:b1:31:7a:8d:d8:9f:dc:64:a4:a3:13:c9:0d:
91:8a:b6:47:c2:5c:34:e6:12:05:ff:5c:a2:c8:dd:
68:92:ca:59:66:b1:21:ca:51:e9:bc:04:d8:fe:87:
7c:68:22:db:48:27:ff:7b:c5:8a:bd:2a:7c:b8:a5:
9b:93:2b:08:a1:b3:a1:a4:f6:99:49:da:5e:c0:1f:
a3:e5:86:99:be:d5:2a:12:b1:a9:52:93:e6:b0:92:
c5:57:16:2b:c1:97:fc:32:80:9d:8d:74:3e:13:e0:
89:95:48:61:0d:62:e7:62:27:0e:0f:db:fe:1e:10:
e6:c9:5e:9a:0d:53:ab:0f:0b:2b:8f:1b:93:6d:4b:
bf:8e:3e:77:b2:cd:8c:1d:68:3c:6d:9d:32:a6:d9:
88:3f:59:6c:5d:9b:5d:55:aa:df:a3:bb:1b:21:f3:
c4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:88:AC:81:E6:60:7A:31:59:5B:76:6D:3E:1D:EB:7E:63:7B:7A:86
X509v3 Authority Key Identifier:
keyid:37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/f4isgeZgejFZW3ZtPh3rfmN7eoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.183.138.0/23
95.183.192.0/22
193.140.1.0-193.140.7.255
193.255.112.0/21
194.27.92.0-194.27.101.255
Signature Algorithm: sha256WithRSAEncryption
6e:b3:c4:84:09:2c:68:5c:34:43:b1:8f:77:7b:38:b4:24:ee:
f7:cd:c6:bf:d5:d9:72:70:22:9d:d3:b0:0d:71:dc:08:a2:7d:
d0:3e:49:89:63:9b:5c:1c:fd:d6:a2:fc:47:25:7b:a8:79:b2:
44:3b:20:52:75:d4:ae:b3:2b:25:d0:e8:e0:ea:51:ce:11:98:
28:80:2f:d9:37:8c:12:0e:38:ab:42:59:05:3a:1d:d5:e4:f4:
5c:f3:9a:da:63:ed:a9:91:91:cc:db:1c:a7:d6:ef:b0:02:82:
5b:f6:61:b2:fe:b0:d4:48:b7:82:aa:05:d2:ba:e7:72:f1:4f:
dc:41:5c:df:fe:83:36:0f:cc:d7:66:e1:87:ef:bc:f2:dc:33:
f9:58:3f:98:23:68:da:28:b1:b1:c6:e1:fb:74:fc:3a:e8:8b:
bc:8e:b4:a0:32:e9:49:de:0c:0d:96:1f:a1:76:88:ea:29:0e:
74:f8:1e:cd:bf:42:8f:4b:a0:28:e5:95:a7:ca:9d:c9:41:e3:
7c:82:c9:d7:52:9c:ee:d9:02:ac:bf:de:80:f6:8d:2e:00:b3:
8a:c3:65:fc:0b:8f:82:b1:cb:62:64:bf:cd:05:70:32:13:3f:
01:a7:ad:75:d1:d2:d4:a9:f6:be:ba:e4:6b:af:d4:bc:5f:df:
50:53:f1:58
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEM+i5BjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NzUxOGQxODA5MjNhN2YzYzAwNjUzZWMxMmJjNzAyYjk1YWFiOTA3MB4XDTIyMDEw
MTA0NTUzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2Y4OGFjODFlNjYw
N2EzMTU5NWI3NjZkM2UxZGViN2U2MzdiN2E4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKigpNADe9yeJHGaQrp45nrkpTsdwZPtiUkgyIFArRgrGmzy
xZYEa209me1WFGyBIpMhlQhrJLXX2s0OUhjxbGVCtINPEgKo6IiFRO09NTB6bHY9
QVcuZt7EfdyxMXqN2J/cZKSjE8kNkYq2R8JcNOYSBf9cosjdaJLKWWaxIcpR6bwE
2P6HfGgi20gn/3vFir0qfLilm5MrCKGzoaT2mUnaXsAfo+WGmb7VKhKxqVKT5rCS
xVcWK8GX/DKAnY10PhPgiZVIYQ1i52InDg/b/h4Q5slemg1Tqw8LK48bk21Lv44+
d7LNjB1oPG2dMqbZiD9ZbF2bXVWq36O7GyHzxAUCAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBR/iKyB5mB6MVlbdm0+Het+Y3t6hjAfBgNVHSMEGDAWgBQ3UY0YCSOn88AG
U+wSvHArlaq5BzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L04xR05HQWtqcF9QQUJsUHNFcnh3SzVXcXVRYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvZjgwZWYzLTlmMGItNGJkMS04MDE4LTU5NjcxOTIwZmI2MC8x
L2Y0aXNnZVpnZWpGWlczWnRQaDNyZm1ON2VvWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
ZjgwZWYzLTlmMGItNGJkMS04MDE4LTU5NjcxOTIwZmI2MC8xL04xR05HQWtqcF9Q
QUJsUHNFcnh3SzVXcXVRYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwNAQCAAEwLgMEAV+3igMEAl+3wDAMAwQAwYwBAwQD
wYwAAwQDwf9wMAwDBALCG1wDBAHCG2QwDQYJKoZIhvcNAQELBQADggEBAG6zxIQJ
LGhcNEOxj3d7OLQk7vfNxr/V2XJwIp3TsA1x3AiifdA+SYljm1wc/dai/Ecle6h5
skQ7IFJ11K6zKyXQ6ODqUc4RmCiAL9k3jBIOOKtCWQU6HdXk9Fzzmtpj7amRkczb
HKfW77ACglv2YbL+sNRIt4KqBdK653LxT9xBXN/+gzYPzNdm4YfvvPLcM/lYP5gj
aNoosbHG4ft0/Droi7yOtKAy6UneDA2WH6F2iOopDnT4Hs2/Qo9LoCjllafKnclB
43yCyddSnO7ZAqy/3oD2jS4As4rDZfwLj4Kxy2Jkv80FcDITPwGnrXXR0tSp9r66
5Guv1Lxf31BT8Vg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:01 2024 by rpki-client on console-ams.rpki-client.org