Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/grV4Tz5t_AmgL-KJNsREuKnW560.roa
File: grV4Tz5t_AmgL-KJNsREuKnW560.roa (raw, json)
Hash identifier: 7jC4jLnLayi2TbAQ0kjC1lrCCmkHhGZL7gCkWC+Q2n8=
Subject key identifier: 82:B5:78:4F:3E:6D:FC:09:A0:2F:E2:89:36:C4:44:B8:A9:D6:E7:AD
Certificate issuer: /CN=dcf85c36c696d5db2cbb48fd43e821737ee34227
Certificate serial: 024E0E6C
Authority key identifier: DC:F8:5C:36:C6:96:D5:DB:2C:BB:48:FD:43:E8:21:73:7E:E3:42:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/grV4Tz5t_AmgL-KJNsREuKnW560.roa
Signing time: Thu 31 Mar 2022 08:54:51 +0000
ROA not before: Thu 31 Mar 2022 08:54:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207174
IP address blocks: 5.181.240.0/24 maxlen: 24
185.49.192.0/24 maxlen: 24
5.181.242.0/24 maxlen: 24
5.181.241.0/24 maxlen: 24
5.181.243.0/24 maxlen: 24
185.49.193.0/24 maxlen: 24
185.49.195.0/24 maxlen: 24
185.49.194.0/24 maxlen: 24
185.249.111.0/24 maxlen: 24
185.249.108.0/24 maxlen: 24
185.249.110.0/24 maxlen: 24
185.249.109.0/24 maxlen: 24
185.211.212.0/24 maxlen: 24
185.211.213.0/24 maxlen: 24
185.211.215.0/24 maxlen: 24
185.211.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38669932 (0x24e0e6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcf85c36c696d5db2cbb48fd43e821737ee34227
Validity
Not Before: Mar 31 08:54:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=82b5784f3e6dfc09a02fe28936c444b8a9d6e7ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f6:d0:1a:e1:40:df:14:73:46:ba:f1:bd:d2:
d8:07:b7:e6:eb:29:f4:a4:4d:c7:23:a9:75:46:ea:
a2:f9:20:63:56:25:2e:8f:7c:62:7e:6b:75:1c:ab:
25:47:39:9a:e4:12:a8:d5:4c:f6:dd:e9:73:4e:27:
25:6b:50:6d:9e:0e:76:20:36:eb:b5:83:a3:da:d5:
64:f5:f7:19:2b:07:81:d4:5c:a7:86:78:f6:ab:2c:
3e:c5:45:a0:a2:5c:77:30:99:4e:3c:ad:7b:9a:51:
a6:6d:93:a1:cb:c4:53:6d:08:5f:28:fc:95:32:2f:
57:3a:53:0f:cd:14:e5:1d:4f:f7:ab:ba:ac:af:4c:
8b:ad:07:58:ec:e7:f7:00:23:63:6f:5b:a6:0f:13:
dc:e3:0c:4c:4e:8b:8e:41:3a:e5:c0:20:f1:26:cd:
c8:2c:2b:62:3a:66:a5:9f:af:43:5f:30:02:ba:e5:
3a:63:91:8e:ef:d0:f5:29:50:f7:3b:de:2c:7f:eb:
53:77:c4:8e:3f:d1:74:56:84:7a:f9:e3:b7:44:ff:
59:83:06:22:02:f9:91:d7:1f:5a:0b:9a:a2:34:25:
77:73:34:3a:15:cf:3a:45:7d:59:29:96:f7:0c:e1:
13:dc:21:86:d5:c5:60:b5:04:59:07:31:6e:70:83:
66:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:B5:78:4F:3E:6D:FC:09:A0:2F:E2:89:36:C4:44:B8:A9:D6:E7:AD
X509v3 Authority Key Identifier:
keyid:DC:F8:5C:36:C6:96:D5:DB:2C:BB:48:FD:43:E8:21:73:7E:E3:42:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/grV4Tz5t_AmgL-KJNsREuKnW560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.240.0/22
185.49.192.0/22
185.211.212.0/22
185.249.108.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:03:df:55:a1:3a:c8:30:c9:cc:64:4c:79:e9:c0:2c:bc:4c:
51:d6:bf:3b:a1:c1:0b:78:1d:0e:d0:cd:99:94:3a:b0:5e:08:
6e:81:5a:54:d2:0e:33:d7:36:8e:55:26:ae:62:15:c6:16:d3:
7a:dd:35:93:06:7a:68:0f:19:dd:65:16:4d:8e:54:f7:18:9c:
7c:e1:b0:44:e9:81:6e:5f:67:aa:ef:66:27:2b:99:e6:5a:23:
d7:d0:e1:b9:a2:33:9b:c7:28:06:4a:d6:25:af:7e:c6:0e:30:
0e:23:dd:fb:36:95:e5:06:cd:d6:b4:cd:ad:25:d3:72:3b:8e:
ba:e7:d3:43:40:4f:d1:56:7e:be:0b:0a:04:1b:f7:7b:93:80:
da:7b:51:9c:69:10:74:e9:9f:11:eb:62:ca:12:40:b2:0a:01:
7b:8d:f3:55:1b:1d:74:53:89:9c:c7:ba:56:21:af:a7:d9:6b:
46:e7:1c:91:4d:5c:63:95:92:ed:ef:c2:ad:70:28:27:d6:64:
d4:77:2d:d5:b6:6d:a3:5e:ea:6e:35:e6:8b:c6:ae:5f:46:eb:
0b:a5:4b:c1:8b:ee:89:1d:b4:d1:ac:0e:40:c6:45:cb:c1:2c:
d4:b8:77:af:59:d4:6c:18:a4:9c:cf:29:c9:17:40:29:fd:f7:
cb:29:1f:8f
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEAk4ObDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Y2Y4NWMzNmM2OTZkNWRiMmNiYjQ4ZmQ0M2U4MjE3MzdlZTM0MjI3MB4XDTIyMDMz
MTA4NTQ1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODJiNTc4NGYzZTZk
ZmMwOWEwMmZlMjg5MzZjNDQ0YjhhOWQ2ZTdhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMf20BrhQN8Uc0a68b3S2Ae35usp9KRNxyOpdUbqovkgY1Yl
Lo98Yn5rdRyrJUc5muQSqNVM9t3pc04nJWtQbZ4OdiA267WDo9rVZPX3GSsHgdRc
p4Z49qssPsVFoKJcdzCZTjyte5pRpm2TocvEU20IXyj8lTIvVzpTD80U5R1P96u6
rK9Mi60HWOzn9wAjY29bpg8T3OMMTE6LjkE65cAg8SbNyCwrYjpmpZ+vQ18wArrl
OmORju/Q9SlQ9zveLH/rU3fEjj/RdFaEevnjt0T/WYMGIgL5kdcfWguaojQld3M0
OhXPOkV9WSmW9wzhE9whhtXFYLUEWQcxbnCDZkkCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSCtXhPPm38CaAv4ok2xES4qdbnrTAfBgNVHSMEGDAWgBTc+Fw2xpbV2yy7
SP1D6CFzfuNCJzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNQaGNOc2FXMWRzc3UwajlRLWdoYzM3alFpYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvY2ZiYzYyLTVkNTQtNDMyNy1iMDcyLTBmNTJmODY3MTc4ZC8x
L2dyVjRUejV0X0FtZ0wtS0pOc1JFdUtuVzU2MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
Y2ZiYzYyLTVkNTQtNDMyNy1iMDcyLTBmNTJmODY3MTc4ZC8xLzNQaGNOc2FXMWRz
c3UwajlRLWdoYzM3alFpYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAgW18AMEArkxwAMEArnT1AMEArn5
bDANBgkqhkiG9w0BAQsFAAOCAQEApQPfVaE6yDDJzGRMeenALLxMUda/O6HBC3gd
DtDNmZQ6sF4IboFaVNIOM9c2jlUmrmIVxhbTet01kwZ6aA8Z3WUWTY5U9xicfOGw
ROmBbl9nqu9mJyuZ5loj19DhuaIzm8coBkrWJa9+xg4wDiPd+zaV5QbN1rTNrSXT
cjuOuufTQ0BP0VZ+vgsKBBv3e5OA2ntRnGkQdOmfEetiyhJAsgoBe43zVRsddFOJ
nMe6ViGvp9lrRucckU1cY5WS7e/CrXAoJ9Zk1Hct1bZto17qbjXmi8auX0brC6VL
wYvuiR200awOQMZFy8Es1Lh3r1nUbBiknM8pyRdAKf33yykfjw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:53 2024 by rpki-client on console-ams.rpki-client.org