Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/4SO9DT61h8LHrZK97V4jGl0-5M4.roa
File: 4SO9DT61h8LHrZK97V4jGl0-5M4.roa (raw, json)
Hash identifier: xtE4mQxISk6LdLdueexhxMy1a8JOmwhKm9T9c/c05VA=
Subject key identifier: E1:23:BD:0D:3E:B5:87:C2:C7:AD:92:BD:ED:5E:23:1A:5D:3E:E4:CE
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 0D2EF7CD
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/4SO9DT61h8LHrZK97V4jGl0-5M4.roa
Signing time: Thu 12 May 2022 23:22:02 +0000
ROA not before: Thu 12 May 2022 23:22:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34927
IP address blocks: 193.148.251.0/24 maxlen: 24
193.148.250.0/24 maxlen: 24
193.148.249.0/24 maxlen: 24
193.148.248.0/24 maxlen: 24
2a0c:9a40:1024::/48 maxlen: 48
2a0c:9a40:1002::/48 maxlen: 48
2a0c:9a44::/48 maxlen: 48
2a0c:9a40:1000::/44 maxlen: 48
2a0c:9a40:1080::/44 maxlen: 48
2a0c:9a40:1::/48 maxlen: 48
2a0c:9a40:1001::/48 maxlen: 48
2a0c:9a40:1055::/48 maxlen: 48
2a0c:9a40:1070::/48 maxlen: 48
2a0c:9a40:1050::/48 maxlen: 48
2a0c:9a40:1054::/48 maxlen: 48
2a0c:9a40:1057::/48 maxlen: 48
2a0c:9a40:1090::/44 maxlen: 48
2a0c:9a40:1030::/44 maxlen: 48
2a0c:9a40:1070::/44 maxlen: 48
2a0c:9a40:1051::/48 maxlen: 48
2a0c:9a40:2600::/40 maxlen: 48
2a0c:9a40:2c00::/40 maxlen: 48
2a0c:9a40:2400::/40 maxlen: 40
2a0c:9a40:2a00::/40 maxlen: 40
2a0c:9a40:2100::/40 maxlen: 40
2a0c:9a40:2800::/40 maxlen: 40
2a0c:9a40:2500::/40 maxlen: 40
2a0c:9a40:2700::/40 maxlen: 40
2a0c:9a40:2200::/40 maxlen: 40
2a0c:9a40:1060::/48 maxlen: 48
2a0c:9a40:2900::/48 maxlen: 48
2a0c:9a40:1080::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 221181901 (0xd2ef7cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: May 12 23:22:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e123bd0d3eb587c2c7ad92bded5e231a5d3ee4ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:fd:f9:32:28:a3:9c:4a:4b:51:b4:3b:31:08:
f5:8b:e5:c1:4e:df:9b:db:e6:0d:bc:14:7e:db:b9:
63:83:71:07:11:07:fc:86:97:98:6b:80:dc:26:ba:
6e:8b:2c:9d:e2:b5:ea:13:3a:e1:ff:3e:0c:a8:d1:
5f:19:67:df:8c:01:fe:88:46:98:9d:96:12:cd:bc:
2a:09:40:d2:97:d6:b5:fb:b4:e4:b6:65:26:ca:99:
4b:c6:48:ab:60:4e:69:52:c0:ac:95:8d:e5:da:a8:
e4:a1:78:bd:d3:d7:55:2c:b6:28:ba:72:13:fd:c1:
06:fa:94:74:02:76:9b:97:15:c8:13:bf:df:b9:f1:
c6:96:36:24:85:5b:c8:27:42:a4:75:18:12:e3:73:
57:d4:d9:01:04:0b:fe:f4:21:41:47:3c:fe:22:cc:
74:20:6e:aa:7d:4d:09:36:63:c1:0d:d2:33:ad:4c:
25:d0:51:e6:1a:0d:66:0b:11:fe:be:ec:b2:37:4d:
c8:c7:17:39:a7:3e:cd:27:96:0d:2d:e2:b5:7c:3f:
28:1f:46:d7:55:4b:ee:ab:1a:31:5e:de:fe:aa:85:
47:72:d9:a0:75:eb:b8:0d:38:53:76:ce:ef:7a:db:
07:8f:a9:27:f5:1e:a9:d8:ed:7f:f6:16:bf:53:ca:
c1:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:23:BD:0D:3E:B5:87:C2:C7:AD:92:BD:ED:5E:23:1A:5D:3E:E4:CE
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/4SO9DT61h8LHrZK97V4jGl0-5M4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.148.248.0/22
IPv6:
2a0c:9a40:1::/48
2a0c:9a40:1000::/44
2a0c:9a40:1024::/48
2a0c:9a40:1030::/44
2a0c:9a40:1050::/47
2a0c:9a40:1054::/47
2a0c:9a40:1057::/48
2a0c:9a40:1060::/48
2a0c:9a40:1070::-2a0c:9a40:109f:ffff:ffff:ffff:ffff:ffff
2a0c:9a40:2100::-2a0c:9a40:22ff:ffff:ffff:ffff:ffff:ffff
2a0c:9a40:2400::-2a0c:9a40:2900:ffff:ffff:ffff:ffff:ffff
2a0c:9a40:2a00::/40
2a0c:9a40:2c00::/40
2a0c:9a44::/48
Signature Algorithm: sha256WithRSAEncryption
52:f1:85:da:ae:6f:e0:1a:00:36:bf:92:76:f8:91:e0:3a:40:
c4:53:aa:b9:2d:c4:cd:b7:8d:a3:48:61:a8:3b:08:4e:00:fe:
f9:81:a3:3e:22:8e:f9:df:bc:67:64:71:82:19:00:63:91:f7:
14:3d:d6:d7:41:26:3f:7f:f7:88:4a:9d:ee:5e:75:87:23:c9:
3b:c6:b7:53:f5:8c:58:a5:f5:b9:d6:e0:be:b8:71:2d:9e:c8:
b9:10:b6:63:d3:6b:db:28:0a:e3:37:fa:ca:3a:d7:7e:f8:f1:
3a:59:27:37:b1:f6:12:86:4f:11:c5:93:72:e0:18:4a:a2:f6:
03:ae:47:4b:81:0c:fa:f5:6a:0f:58:63:f3:44:9c:3e:f3:5a:
cb:cc:99:f1:2b:6e:29:39:de:ef:29:5f:ab:54:a8:cf:72:60:
c6:53:73:d8:c6:be:72:a7:b8:55:e0:59:5c:7f:66:7c:82:d2:
a7:7e:ec:22:18:e1:4c:e3:f7:21:8f:d3:bc:66:08:f2:f9:3d:
81:aa:37:7f:fc:c0:b0:47:39:88:80:a0:de:05:7f:2d:83:22:
51:3b:c4:4b:31:84:62:39:9a:78:9d:4c:34:1b:76:1b:8b:03:
b8:1f:c7:ee:ca:e5:1b:d2:1f:50:e9:26:1f:83:98:e5:20:b6:
07:6d:48:65
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIEDS73zTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTk1YTM2MWZlMmIyYzUyOTI2MjZiYTRjNTZhNjVhODE0ZTQ4MDA4MB4XDTIyMDUx
MjIzMjIwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTEyM2JkMGQzZWI1
ODdjMmM3YWQ5MmJkZWQ1ZTIzMWE1ZDNlZTRjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOD9+TIoo5xKS1G0OzEI9YvlwU7fm9vmDbwUftu5Y4NxBxEH
/IaXmGuA3Ca6bossneK16hM64f8+DKjRXxln34wB/ohGmJ2WEs28KglA0pfWtfu0
5LZlJsqZS8ZIq2BOaVLArJWN5dqo5KF4vdPXVSy2KLpyE/3BBvqUdAJ2m5cVyBO/
37nxxpY2JIVbyCdCpHUYEuNzV9TZAQQL/vQhQUc8/iLMdCBuqn1NCTZjwQ3SM61M
JdBR5hoNZgsR/r7ssjdNyMcXOac+zSeWDS3itXw/KB9G11VL7qsaMV7e/qqFR3LZ
oHXruA04U3bO73rbB4+pJ/Ueqdjtf/YWv1PKwXUCAwEAAaOCArAwggKsMB0GA1Ud
DgQWBBThI70NPrWHwsetkr3tXiMaXT7kzjAfBgNVHSMEGDAWgBSelaNh/issUpJi
a6TFamWoFOSACDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25wV2pZZjRyTEZLU1ltdWt4V3BscUJUa2dBZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvZjk2ZjczLTY2ODYtNDE2NC1iMjNmLWJmNGU1MjdiOWZhOC8x
LzRTTzlEVDYxaDhMSHJaSzk3VjRqR2wwLTVNNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
Zjk2ZjczLTY2ODYtNDE2NC1iMjNmLWJmNGU1MjdiOWZhOC8xL25wV2pZZjRyTEZL
U1ltdWt4V3BscUJUa2dBZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
xQYIKwYBBQUHAQcBAf8EgbUwgbIwDAQCAAEwBgMEAsGU+DCBoQQCAAIwgZoDBwAq
DJpAAAEDBwQqDJpAEAADBwAqDJpAECQDBwQqDJpAEDADBwEqDJpAEFADBwEqDJpA
EFQDBwAqDJpAEFcDBwAqDJpAEGAwEgMHBCoMmkAQcAMHBSoMmkAQgDAQAwYAKgya
QCEDBgAqDJpAIjARAwYCKgyaQCQDBwAqDJpAKQADBgAqDJpAKgMGACoMmkAsAwcA
KgyaRAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBS8YXarm/gGgA2v5J2+JHgOkDEU6q5
LcTNt42jSGGoOwhOAP75gaM+Io7537xnZHGCGQBjkfcUPdbXQSY/f/eISp3uXnWH
I8k7xrdT9YxYpfW51uC+uHEtnsi5ELZj02vbKArjN/rKOtd++PE6WSc3sfYShk8R
xZNy4BhKovYDrkdLgQz69WoPWGPzRJw+81rLzJnxK24pOd7vKV+rVKjPcmDGU3PY
xr5yp7hV4Flcf2Z8gtKnfuwiGOFM4/chj9O8Zgjy+T2Bqjd//MCwRzmIgKDeBX8t
gyJRO8RLMYRiOZp4nUw0G3YbiwO4H8fuyuUb0h9Q6SYfg5jlILYHbUhl
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:33 2023 by rpki-client on console-fra.rpki-client.org