Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/00c711-0c29-4301-94bc-ea57cbe36811/1/jw5gQVq3xdZj0Elu9HFNKseApZ8.roa
File: jw5gQVq3xdZj0Elu9HFNKseApZ8.roa (raw, json)
Hash identifier: UOsVK31cUgdR/JoQdjNYioibiHrq+ZrGEad64fzmigw=
Subject key identifier: 8F:0E:60:41:5A:B7:C5:D6:63:D0:49:6E:F4:71:4D:2A:C7:80:A5:9F
Certificate issuer: /CN=bfe6fc768ad47b968e0a259fecc8a3da32fac5ea
Certificate serial: 23A4ED61
Authority key identifier: BF:E6:FC:76:8A:D4:7B:96:8E:0A:25:9F:EC:C8:A3:DA:32:FA:C5:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-b8dorUe5aOCiWf7Mij2jL6xeo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/00c711-0c29-4301-94bc-ea57cbe36811/1/jw5gQVq3xdZj0Elu9HFNKseApZ8.roa
Signing time: Sat 01 Jan 2022 13:04:34 +0000
ROA not before: Sat 01 Jan 2022 13:04:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15817
IP address blocks: 178.16.56.0/21 maxlen: 21
185.247.148.0/24 maxlen: 24
185.247.149.0/24 maxlen: 24
185.247.151.0/24 maxlen: 24
185.215.156.0/22 maxlen: 22
185.227.112.0/22 maxlen: 22
193.53.246.0/23 maxlen: 23
193.53.250.0/23 maxlen: 23
185.243.132.0/22 maxlen: 22
185.166.20.0/22 maxlen: 22
188.94.248.0/21 maxlen: 21
31.220.120.0/21 maxlen: 21
45.144.184.0/22 maxlen: 22
37.202.0.0/21 maxlen: 21
46.30.56.0/21 maxlen: 21
176.52.240.0/21 maxlen: 21
185.221.104.0/22 maxlen: 22
185.233.52.0/22 maxlen: 22
185.181.132.0/22 maxlen: 22
185.224.152.0/22 maxlen: 22
185.15.192.0/22 maxlen: 22
185.237.64.0/22 maxlen: 22
2a03:2a00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 598011233 (0x23a4ed61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe6fc768ad47b968e0a259fecc8a3da32fac5ea
Validity
Not Before: Jan 1 13:04:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8f0e60415ab7c5d663d0496ef4714d2ac780a59f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:02:a6:86:68:b7:16:31:59:42:6c:93:76:cc:
50:37:ca:e5:58:55:c9:2d:04:1c:4a:f4:32:c6:32:
74:8f:6f:2b:66:2f:24:14:ef:48:15:fc:3b:82:29:
9c:c4:15:18:6b:6e:29:da:05:bc:5c:83:4d:75:4d:
5f:77:51:6c:60:fe:a0:3c:43:95:3b:0b:3b:3a:a1:
51:f6:59:47:c2:a7:4f:de:ea:9f:2a:84:81:16:61:
09:2f:5a:26:ab:ea:98:01:b2:71:21:9a:02:99:85:
2a:14:97:b5:34:45:a0:31:4d:0a:6f:db:95:4e:69:
45:53:e7:33:ca:84:4a:ff:f1:ed:cd:55:ac:7f:67:
ad:8a:0d:69:33:9a:3a:65:08:75:f1:47:a3:75:4b:
cf:d3:30:32:fc:34:91:16:aa:a6:61:f7:64:0e:a8:
ca:0f:1f:49:62:f0:50:bb:63:e5:c7:8a:d8:63:98:
6b:83:13:ae:a5:47:9e:da:11:56:b1:2e:82:6f:c5:
7d:45:3d:fd:be:44:cf:97:cd:af:d6:2d:ff:6e:a2:
f7:b8:de:a1:ae:81:5f:65:a5:46:fb:ff:99:fe:2f:
3c:8b:5b:6b:f3:25:6c:73:82:d9:24:52:47:41:94:
d6:ae:61:d8:37:c3:ad:4e:ce:95:2d:49:d9:e6:ee:
36:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:0E:60:41:5A:B7:C5:D6:63:D0:49:6E:F4:71:4D:2A:C7:80:A5:9F
X509v3 Authority Key Identifier:
keyid:BF:E6:FC:76:8A:D4:7B:96:8E:0A:25:9F:EC:C8:A3:DA:32:FA:C5:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-b8dorUe5aOCiWf7Mij2jL6xeo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/00c711-0c29-4301-94bc-ea57cbe36811/1/jw5gQVq3xdZj0Elu9HFNKseApZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/00c711-0c29-4301-94bc-ea57cbe36811/1/v-b8dorUe5aOCiWf7Mij2jL6xeo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.120.0/21
37.202.0.0/21
45.144.184.0/22
46.30.56.0/21
176.52.240.0/21
178.16.56.0/21
185.15.192.0/22
185.166.20.0/22
185.181.132.0/22
185.215.156.0/22
185.221.104.0/22
185.224.152.0/22
185.227.112.0/22
185.233.52.0/22
185.237.64.0/22
185.243.132.0/22
185.247.148.0/23
185.247.151.0/24
188.94.248.0/21
193.53.246.0/23
193.53.250.0/23
IPv6:
2a03:2a00::/29
Signature Algorithm: sha256WithRSAEncryption
0a:2d:d7:4f:5f:2d:61:0b:20:13:05:89:23:af:f3:44:d3:ed:
03:42:d8:5a:92:51:09:f1:cf:c6:f2:ba:b1:ec:d2:f0:fe:1c:
bd:ea:f2:a1:8e:48:cb:da:24:b8:cb:13:f4:13:96:99:f3:31:
35:61:d3:d8:d1:3d:d7:e1:29:4d:1a:89:e4:39:20:81:cb:65:
fb:02:66:a7:51:58:a8:65:bc:6b:30:3e:f5:e8:46:6e:32:5b:
57:79:86:99:3b:8a:fe:2e:67:58:f0:d5:e4:d7:9f:51:e2:03:
a6:35:65:86:e3:11:d6:9e:c6:fd:3a:46:92:c1:0b:09:8c:ce:
01:c1:d2:f6:79:f0:74:f3:1e:a7:b3:15:5a:c8:de:04:54:13:
ec:60:45:b0:92:66:c7:2f:b7:c8:c5:69:e9:27:81:30:55:5d:
a2:87:09:c8:f3:1a:52:ab:58:ba:2d:a6:ec:8b:d8:8a:49:0d:
70:86:17:72:57:6e:28:15:bd:fd:f6:e0:61:f4:63:2e:79:b3:
11:b2:ce:a5:fc:56:17:fe:2e:f5:50:23:93:98:63:cf:39:f6:
49:77:4a:5c:5d:ce:80:3f:f5:19:b2:d6:05:17:8e:5d:b3:3a:
29:b2:88:bc:0b:8f:ef:60:ee:1d:07:dc:e3:a8:94:18:95:96:
2b:cd:81:34
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIEI6TtYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZmU2ZmM3NjhhZDQ3Yjk2OGUwYTI1OWZlY2M4YTNkYTMyZmFjNWVhMB4XDTIyMDEw
MTEzMDQzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGYwZTYwNDE1YWI3
YzVkNjYzZDA0OTZlZjQ3MTRkMmFjNzgwYTU5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQCpoZotxYxWUJsk3bMUDfK5VhVyS0EHEr0MsYydI9vK2Yv
JBTvSBX8O4IpnMQVGGtuKdoFvFyDTXVNX3dRbGD+oDxDlTsLOzqhUfZZR8KnT97q
nyqEgRZhCS9aJqvqmAGycSGaApmFKhSXtTRFoDFNCm/blU5pRVPnM8qESv/x7c1V
rH9nrYoNaTOaOmUIdfFHo3VLz9MwMvw0kRaqpmH3ZA6oyg8fSWLwULtj5ceK2GOY
a4MTrqVHntoRVrEugm/FfUU9/b5Ez5fNr9Yt/26i97jeoa6BX2WlRvv/mf4vPItb
a/MlbHOC2SRSR0GU1q5h2DfDrU7OlS1J2ebuNnsCAwEAAaOCApQwggKQMB0GA1Ud
DgQWBBSPDmBBWrfF1mPQSW70cU0qx4ClnzAfBgNVHSMEGDAWgBS/5vx2itR7lo4K
JZ/syKPaMvrF6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3YtYjhkb3JVZTVhT0NpV2Y3TWlqMmpMNnhlby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvMDBjNzExLTBjMjktNDMwMS05NGJjLWVhNTdjYmUzNjgxMS8x
L2p3NWdRVnEzeGRaajBFbHU5SEZOS3NlQXBaOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
MDBjNzExLTBjMjktNDMwMS05NGJjLWVhNTdjYmUzNjgxMS8xL3YtYjhkb3JVZTVh
T0NpV2Y3TWlqMmpMNnhlby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
qQYIKwYBBQUHAQcBAf8EgZkwgZYwgYQEAgABMH4DBAMf3HgDBAMlygADBAItkLgD
BAMuHjgDBAOwNPADBAOyEDgDBAK5D8ADBAK5phQDBAK5tYQDBAK515wDBAK53WgD
BAK54JgDBAK543ADBAK56TQDBAK57UADBAK584QDBAG595QDBAC595cDBAO8XvgD
BAHBNfYDBAHBNfowDQQCAAIwBwMFAyoDKgAwDQYJKoZIhvcNAQELBQADggEBAAot
109fLWELIBMFiSOv80TT7QNC2FqSUQnxz8byurHs0vD+HL3q8qGOSMvaJLjLE/QT
lpnzMTVh09jRPdfhKU0aieQ5IIHLZfsCZqdRWKhlvGswPvXoRm4yW1d5hpk7iv4u
Z1jw1eTXn1HiA6Y1ZYbjEdaexv06RpLBCwmMzgHB0vZ58HTzHqezFVrI3gRUE+xg
RbCSZscvt8jFaekngTBVXaKHCcjzGlKrWLotpuyL2IpJDXCGF3JXbigVvf324GH0
Yy55sxGyzqX8Vhf+LvVQI5OYY8859kl3SlxdzoA/9Rmy1gUXjl2zOimyiLwLj+9g
7h0H3OOolBiVlivNgTQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:01 2024 by rpki-client on console-ams.rpki-client.org