Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/50f08f-f907-44de-be94-05764c7edaa7/1/rkFhFB5PhklbmLF18C8hRVM3yME.roa
File: rkFhFB5PhklbmLF18C8hRVM3yME.roa (raw, json)
Hash identifier: mKY+tpNzoqUBlVXA42f8e0wPtbMX86tePMfKsNIhOdA=
Subject key identifier: AE:41:61:14:1E:4F:86:49:5B:98:B1:75:F0:2F:21:45:53:37:C8:C1
Certificate issuer: /CN=4ab6d7c468d092c921314d66473cfa53851cd686
Certificate serial: 081E39CC
Authority key identifier: 4A:B6:D7:C4:68:D0:92:C9:21:31:4D:66:47:3C:FA:53:85:1C:D6:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SrbXxGjQkskhMU1mRzz6U4Uc1oY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/50f08f-f907-44de-be94-05764c7edaa7/1/rkFhFB5PhklbmLF18C8hRVM3yME.roa
Signing time: Sat 01 Jan 2022 03:01:20 +0000
ROA not before: Sat 01 Jan 2022 03:01:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35047
IP address blocks: 92.60.16.0/20 maxlen: 20
77.242.16.0/20 maxlen: 20
77.242.18.0/23 maxlen: 23
77.242.20.0/24 maxlen: 24
77.242.22.0/23 maxlen: 23
77.242.21.0/24 maxlen: 24
77.242.24.0/24 maxlen: 24
77.242.31.0/24 maxlen: 24
77.242.29.0/24 maxlen: 24
77.242.28.0/22 maxlen: 22
77.242.30.0/24 maxlen: 24
77.242.25.0/24 maxlen: 24
77.242.26.0/24 maxlen: 24
109.236.32.0/20 maxlen: 20
185.55.150.0/24 maxlen: 24
185.55.148.0/22 maxlen: 24
31.44.64.0/20 maxlen: 20
31.44.68.0/22 maxlen: 22
80.91.117.0/24 maxlen: 24
80.91.116.0/24 maxlen: 24
31.44.72.0/22 maxlen: 22
80.91.112.0/20 maxlen: 24
80.91.120.0/21 maxlen: 24
80.91.122.0/24 maxlen: 24
80.91.123.0/24 maxlen: 24
80.91.127.0/24 maxlen: 24
80.91.126.0/24 maxlen: 24
2a01:4f00:2233::/48 maxlen: 48
2a01:4f00::/32 maxlen: 32
2a01:4f00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136198604 (0x81e39cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ab6d7c468d092c921314d66473cfa53851cd686
Validity
Not Before: Jan 1 03:01:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae4161141e4f86495b98b175f02f21455337c8c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:69:4f:d2:9e:fc:a0:de:b7:e9:fb:51:e7:99:
ae:ef:4d:61:b7:8d:1e:af:2d:4e:62:fe:69:66:7a:
cc:3a:c0:49:62:ff:75:15:5c:d9:bb:20:8f:79:8a:
cd:ed:cb:7c:d8:2e:e6:3d:59:3e:f2:44:b8:b4:36:
ee:78:ac:80:6c:aa:93:09:84:ce:c0:b0:5f:87:06:
5a:10:35:d0:73:aa:3c:46:be:b5:6e:72:88:ee:e9:
bd:9d:75:ff:1d:ed:c8:0e:65:3a:df:b5:e4:0a:42:
b3:48:07:b8:1f:d5:f3:ab:14:95:b6:c5:c8:d7:10:
cd:3a:85:db:eb:03:fd:93:aa:1a:a3:0a:77:30:b7:
d6:7e:27:e2:8b:20:5f:81:65:13:0a:67:7f:86:43:
f3:a5:8f:2f:66:c0:47:71:ad:47:74:b9:f2:75:cd:
4f:68:18:58:cb:a3:5d:26:9d:42:66:e2:6e:9d:18:
0b:fc:93:88:ab:f3:e3:63:71:f9:f5:38:91:89:8c:
d5:a8:49:ea:bc:a2:a5:8a:61:01:46:e6:c6:ea:bf:
8f:03:33:6d:73:60:03:5e:19:9a:d2:6a:3e:bf:05:
b9:eb:21:9b:84:c3:e0:8c:81:ef:61:d5:cd:61:bf:
d1:6c:e3:ff:6e:74:a5:42:36:d3:37:e5:fd:8d:77:
3e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:41:61:14:1E:4F:86:49:5B:98:B1:75:F0:2F:21:45:53:37:C8:C1
X509v3 Authority Key Identifier:
keyid:4A:B6:D7:C4:68:D0:92:C9:21:31:4D:66:47:3C:FA:53:85:1C:D6:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SrbXxGjQkskhMU1mRzz6U4Uc1oY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/50f08f-f907-44de-be94-05764c7edaa7/1/rkFhFB5PhklbmLF18C8hRVM3yME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/50f08f-f907-44de-be94-05764c7edaa7/1/SrbXxGjQkskhMU1mRzz6U4Uc1oY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.64.0/20
77.242.16.0/20
80.91.112.0/20
92.60.16.0/20
109.236.32.0/20
185.55.148.0/22
IPv6:
2a01:4f00::/32
Signature Algorithm: sha256WithRSAEncryption
15:f1:f7:3c:09:e3:dc:2a:1a:9d:ac:e6:5b:4f:13:88:17:95:
49:df:0c:36:e4:d9:2e:00:4f:fe:83:ab:87:d6:ec:6e:bc:3b:
56:5f:7d:df:ea:38:03:66:d6:31:c3:5f:a0:53:05:0c:03:18:
af:b4:c1:3e:ca:0b:0d:09:f0:f5:48:05:b6:90:75:c9:0c:d7:
57:ba:13:a3:66:fe:ea:6b:23:59:11:b5:20:12:8d:0e:3a:6b:
be:92:6b:80:53:18:79:90:10:61:1e:c2:01:06:af:d9:2f:d0:
c5:46:5c:79:c6:fa:2e:02:88:45:d8:38:05:46:fb:10:8c:19:
88:1f:d9:de:09:af:3e:3e:7a:1f:41:0d:83:58:28:4d:0f:93:
dd:e4:a8:72:a3:28:b5:65:c9:ed:2b:1d:16:16:57:2a:d0:b7:
0e:7f:05:e2:fa:3e:fb:a9:80:31:c0:a6:dc:30:ac:fe:05:1c:
48:1d:b2:9a:09:40:cc:02:4f:dc:00:2e:34:d5:11:0e:15:53:
fe:6b:0b:48:50:2d:d0:cb:3c:b6:ff:f4:68:e0:2c:9c:54:21:
3f:b4:7a:4c:02:0b:82:59:70:09:7c:a4:a2:5c:c7:a7:41:32:
a2:c4:93:ad:77:11:76:89:9e:11:8e:2f:de:96:61:fc:8c:8d:
9d:08:2e:e0
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIECB45zDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YWI2ZDdjNDY4ZDA5MmM5MjEzMTRkNjY0NzNjZmE1Mzg1MWNkNjg2MB4XDTIyMDEw
MTAzMDEyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWU0MTYxMTQxZTRm
ODY0OTViOThiMTc1ZjAyZjIxNDU1MzM3YzhjMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ1pT9Ke/KDet+n7UeeZru9NYbeNHq8tTmL+aWZ6zDrASWL/
dRVc2bsgj3mKze3LfNgu5j1ZPvJEuLQ27nisgGyqkwmEzsCwX4cGWhA10HOqPEa+
tW5yiO7pvZ11/x3tyA5lOt+15ApCs0gHuB/V86sUlbbFyNcQzTqF2+sD/ZOqGqMK
dzC31n4n4osgX4FlEwpnf4ZD86WPL2bAR3GtR3S58nXNT2gYWMujXSadQmbibp0Y
C/yTiKvz42Nx+fU4kYmM1ahJ6ryipYphAUbmxuq/jwMzbXNgA14ZmtJqPr8Fuesh
m4TD4IyB72HVzWG/0Wzj/250pUI20zfl/Y13PoECAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBSuQWEUHk+GSVuYsXXwLyFFUzfIwTAfBgNVHSMEGDAWgBRKttfEaNCSySEx
TWZHPPpThRzWhjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NyYlh4R2pRa3NraE1VMW1Seno2VTRVYzFvWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTMvNTBmMDhmLWY5MDctNDRkZS1iZTk0LTA1NzY0YzdlZGFhNy8x
L3JrRmhGQjVQaGtsYm1MRjE4QzhoUlZNM3lNRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMv
NTBmMDhmLWY5MDctNDRkZS1iZTk0LTA1NzY0YzdlZGFhNy8xL1NyYlh4R2pRa3Nr
aE1VMW1Seno2VTRVYzFvWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEBB8sQAMEBE3yEAMEBFBbcAMEBFw8
EAMEBG3sIAMEArk3lDANBAIAAjAHAwUAKgFPADANBgkqhkiG9w0BAQsFAAOCAQEA
FfH3PAnj3CoanazmW08TiBeVSd8MNuTZLgBP/oOrh9bsbrw7Vl993+o4A2bWMcNf
oFMFDAMYr7TBPsoLDQnw9UgFtpB1yQzXV7oTo2b+6msjWRG1IBKNDjprvpJrgFMY
eZAQYR7CAQav2S/QxUZcecb6LgKIRdg4BUb7EIwZiB/Z3gmvPj56H0ENg1goTQ+T
3eSocqMotWXJ7SsdFhZXKtC3Dn8F4vo++6mAMcCm3DCs/gUcSB2ymglAzAJP3AAu
NNURDhVT/msLSFAt0Ms8tv/0aOAsnFQhP7R6TAILgllwCXykolzHp0EyosSTrXcR
domeEY4v3pZh/IyNnQgu4A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:16 2024 by rpki-client on console-ams.rpki-client.org