Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/r0x1ebFygt-UJYmBpXLaE3ZH4qs.roa
File: r0x1ebFygt-UJYmBpXLaE3ZH4qs.roa (raw, json)
Hash identifier: wuqOaOxrz0erIfdF8g9NwxuwAP8BI1Hq80YpbiGtRr0=
Subject key identifier: AF:4C:75:79:B1:72:82:DF:94:25:89:81:A5:72:DA:13:76:47:E2:AB
Certificate issuer: /CN=43fad79548afc5c83e59bbfe388c64492cb55013
Certificate serial: 109FD3E0
Authority key identifier: 43:FA:D7:95:48:AF:C5:C8:3E:59:BB:FE:38:8C:64:49:2C:B5:50:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/r0x1ebFygt-UJYmBpXLaE3ZH4qs.roa
Signing time: Sat 01 Jan 2022 05:05:39 +0000
ROA not before: Sat 01 Jan 2022 05:05:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49594
IP address blocks: 95.174.72.0/21 maxlen: 21
213.151.164.0/23 maxlen: 23
213.151.160.0/22 maxlen: 22
213.151.167.0/24 maxlen: 24
185.29.32.0/22 maxlen: 22
188.73.0.0/18 maxlen: 18
2a02:468::/29 maxlen: 29
2a03:800::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 278909920 (0x109fd3e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43fad79548afc5c83e59bbfe388c64492cb55013
Validity
Not Before: Jan 1 05:05:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af4c7579b17282df94258981a572da137647e2ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9f:55:f5:1d:9e:5c:fa:03:33:ee:b4:2d:b8:
36:b1:ad:64:a5:2e:8b:b1:9d:6b:44:cf:66:65:8d:
97:53:aa:0f:4f:dd:02:ca:10:e5:54:b7:45:48:69:
d4:71:1f:95:4a:19:99:9d:d0:17:7a:8f:0f:4e:2f:
39:80:5f:c3:d9:71:0b:9a:58:07:a7:e3:50:ab:0d:
4f:17:c3:27:b7:07:31:63:1e:b4:2f:30:36:5c:06:
cb:e7:da:14:5f:85:bb:66:7d:eb:b8:ae:fa:cc:44:
2c:63:71:1a:0b:33:70:6b:44:91:fb:9e:b1:0a:c2:
81:cb:9e:38:0d:1e:c7:36:37:8c:d8:75:53:0b:f3:
21:13:f6:26:eb:82:03:02:03:aa:a9:81:c4:41:0d:
35:29:03:78:9f:97:7e:48:e2:06:27:b7:09:ac:9b:
ac:4d:cd:06:7c:4a:62:b1:7a:a3:95:6c:72:72:84:
de:6f:9d:fe:67:9b:9e:48:eb:d0:2d:a9:05:ba:1c:
1c:d1:53:15:ba:24:5a:39:5c:e6:fe:9e:18:dd:a2:
33:d4:da:41:bd:16:bd:e7:16:a7:98:a5:4d:10:43:
44:9d:72:b1:86:a2:d0:35:9c:7f:77:d7:e1:8e:15:
bc:45:19:f1:81:5e:3b:a7:1d:52:9a:e2:f9:2f:39:
26:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:4C:75:79:B1:72:82:DF:94:25:89:81:A5:72:DA:13:76:47:E2:AB
X509v3 Authority Key Identifier:
keyid:43:FA:D7:95:48:AF:C5:C8:3E:59:BB:FE:38:8C:64:49:2C:B5:50:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/r0x1ebFygt-UJYmBpXLaE3ZH4qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.174.72.0/21
185.29.32.0/22
188.73.0.0/18
213.151.160.0-213.151.165.255
213.151.167.0/24
IPv6:
2a02:468::/29
2a03:800::/32
Signature Algorithm: sha256WithRSAEncryption
a2:60:29:ff:2e:78:eb:1e:71:0c:ca:f4:55:a6:1d:50:e7:e2:
90:e9:e9:c4:e1:08:04:2c:9a:f7:45:13:23:24:f4:1b:9f:0a:
2b:48:89:a6:90:11:56:78:e2:d0:a9:ac:ec:c4:42:79:26:1e:
55:fd:5b:de:7d:c9:63:74:dd:32:24:5a:f8:e4:92:f4:b0:68:
2b:f8:fa:2e:f1:72:c5:01:06:c0:70:08:f3:6e:6e:f3:7e:45:
e2:c4:21:67:68:fc:e8:1b:38:ac:8e:33:96:4b:c2:0c:55:cb:
19:b8:55:0f:d7:d8:34:0f:6d:5a:5a:e8:de:58:9e:68:5b:1f:
e5:45:a4:77:12:32:98:cc:fc:0e:69:a4:5e:ea:2b:cd:1b:90:
de:c7:5a:40:81:e1:18:6e:9e:83:9e:2d:29:f1:34:43:41:8f:
ae:2a:0e:29:9c:de:dd:51:ff:58:83:67:28:b2:6d:76:88:2c:
57:59:a2:8c:9e:96:19:5a:85:80:65:ed:3e:d1:86:a4:63:0c:
c8:d2:21:6f:ed:9b:2e:64:f3:86:83:94:da:56:84:07:8a:cc:
4b:47:fe:23:e8:e3:2e:12:ac:24:1d:f7:5b:c1:57:bd:6a:1e:
0d:43:a6:20:6d:f9:37:c0:d2:c8:46:09:0e:3a:fc:d9:96:62:
65:c8:a4:5c
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIEEJ/T4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
M2ZhZDc5NTQ4YWZjNWM4M2U1OWJiZmUzODhjNjQ0OTJjYjU1MDEzMB4XDTIyMDEw
MTA1MDUzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWY0Yzc1NzliMTcy
ODJkZjk0MjU4OTgxYTU3MmRhMTM3NjQ3ZTJhYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJefVfUdnlz6AzPutC24NrGtZKUui7Gda0TPZmWNl1OqD0/d
AsoQ5VS3RUhp1HEflUoZmZ3QF3qPD04vOYBfw9lxC5pYB6fjUKsNTxfDJ7cHMWMe
tC8wNlwGy+faFF+Fu2Z967iu+sxELGNxGgszcGtEkfuesQrCgcueOA0exzY3jNh1
UwvzIRP2JuuCAwIDqqmBxEENNSkDeJ+XfkjiBie3CaybrE3NBnxKYrF6o5VscnKE
3m+d/mebnkjr0C2pBbocHNFTFbokWjlc5v6eGN2iM9TaQb0WvecWp5ilTRBDRJ1y
sYai0DWcf3fX4Y4VvEUZ8YFeO6cdUpri+S85JhkCAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBSvTHV5sXKC35QliYGlctoTdkfiqzAfBgNVHSMEGDAWgBRD+teVSK/FyD5Z
u/44jGRJLLVQEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FfclhsVWl2eGNnLVdidi1PSXhrU1N5MVVCTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvMmNmMmMxLTE5NjItNGI3MC05ZTViLWZlODU1ZGFiYjc1ZS8x
L3IweDFlYkZ5Z3QtVUpZbUJwWExhRTNaSDRxcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
MmNmMmMxLTE5NjItNGI3MC05ZTViLWZlODU1ZGFiYjc1ZS8xL1FfclhsVWl2eGNn
LVdidi1PSXhrU1N5MVVCTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwLAQCAAEwJgMEA1+uSAMEArkdIAMEBrxJADAMAwQF
1ZegAwQB1ZekAwQA1ZenMBQEAgACMA4DBQMqAgRoAwUAKgMIADANBgkqhkiG9w0B
AQsFAAOCAQEAomAp/y546x5xDMr0VaYdUOfikOnpxOEIBCya90UTIyT0G58KK0iJ
ppARVnji0Kms7MRCeSYeVf1b3n3JY3TdMiRa+OSS9LBoK/j6LvFyxQEGwHAI825u
835F4sQhZ2j86Bs4rI4zlkvCDFXLGbhVD9fYNA9tWlro3lieaFsf5UWkdxIymMz8
DmmkXuorzRuQ3sdaQIHhGG6eg54tKfE0Q0GPrioOKZze3VH/WINnKLJtdogsV1mi
jJ6WGVqFgGXtPtGGpGMMyNIhb+2bLmTzhoOU2laEB4rMS0f+I+jjLhKsJB33W8FX
vWoeDUOmIG35N8DSyEYJDjr82ZZiZcikXA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:19 2024 by rpki-client on console-ams.rpki-client.org