Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/01f6ed-7b86-4f76-828f-4e19239f0c35/1/4uMj22aK_Zqrs4btC3PJNY2-G2Q.roa
File: 4uMj22aK_Zqrs4btC3PJNY2-G2Q.roa (raw, json)
Hash identifier: UCCkxvAwcCOR67XLcQG4Wvjck53qemKD6gS4ZHZEOGg=
Subject key identifier: E2:E3:23:DB:66:8A:FD:9A:AB:B3:86:ED:0B:73:C9:35:8D:BE:1B:64
Certificate issuer: /CN=30683cffa061f28a9e1135c9fc30376a6474cbf4
Certificate serial: 04E0DC05
Authority key identifier: 30:68:3C:FF:A0:61:F2:8A:9E:11:35:C9:FC:30:37:6A:64:74:CB:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MGg8_6Bh8oqeETXJ_DA3amR0y_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/01f6ed-7b86-4f76-828f-4e19239f0c35/1/4uMj22aK_Zqrs4btC3PJNY2-G2Q.roa
Signing time: Sat 01 Jan 2022 09:57:24 +0000
ROA not before: Sat 01 Jan 2022 09:57:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8426
IP address blocks: 213.221.64.0/18 maxlen: 18
62.80.62.0/24 maxlen: 24
195.170.96.0/19 maxlen: 19
212.66.0.0/19 maxlen: 19
212.82.224.0/19 maxlen: 19
62.24.0.0/19 maxlen: 19
62.80.0.0/18 maxlen: 18
62.176.128.0/19 maxlen: 19
195.38.128.0/19 maxlen: 19
212.6.128.0/17 maxlen: 17
2a00:1798::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81845253 (0x4e0dc05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30683cffa061f28a9e1135c9fc30376a6474cbf4
Validity
Not Before: Jan 1 09:57:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2e323db668afd9aabb386ed0b73c9358dbe1b64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d3:bc:0d:7e:2f:34:52:b6:f4:c2:08:dc:b7:
f9:00:b5:d8:f1:72:26:32:64:01:b3:a8:ac:ca:1e:
27:03:32:96:ef:60:e0:1c:1b:d8:2b:91:4f:02:0b:
c9:d2:45:f5:fa:cb:ee:3c:21:17:dc:c9:1e:b8:fd:
1b:96:f3:d3:66:8c:6c:b4:d1:ad:23:03:17:e1:42:
69:dc:95:a3:68:3a:80:bc:98:6e:95:30:72:2a:55:
72:0b:51:0a:33:99:99:9e:d5:cb:e8:13:95:a1:94:
84:a8:2b:d7:d1:62:00:31:00:aa:40:46:57:85:32:
92:75:a5:65:7c:e0:27:e6:c6:0e:21:b6:eb:85:23:
af:d2:1d:61:1e:27:f8:ca:3b:74:23:dd:b2:72:d6:
4e:70:88:25:3b:ef:87:08:4e:5a:ec:93:e8:3b:e7:
dd:9d:b4:fa:99:ab:9b:3c:77:72:0f:02:6f:27:cd:
ed:71:83:8a:4b:c0:13:1c:e1:26:c0:8a:75:90:7a:
9e:70:b8:49:58:b9:d8:44:84:bb:9d:f0:be:c2:35:
b4:04:20:4f:42:9e:95:be:6e:56:f7:d6:ef:b4:41:
8c:d2:99:94:bd:d5:e5:c6:1d:2f:3d:17:cd:36:d0:
cf:a2:12:2b:bc:68:a0:b3:b1:03:ea:d3:92:03:a0:
6b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:E3:23:DB:66:8A:FD:9A:AB:B3:86:ED:0B:73:C9:35:8D:BE:1B:64
X509v3 Authority Key Identifier:
keyid:30:68:3C:FF:A0:61:F2:8A:9E:11:35:C9:FC:30:37:6A:64:74:CB:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MGg8_6Bh8oqeETXJ_DA3amR0y_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/01f6ed-7b86-4f76-828f-4e19239f0c35/1/4uMj22aK_Zqrs4btC3PJNY2-G2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/01f6ed-7b86-4f76-828f-4e19239f0c35/1/MGg8_6Bh8oqeETXJ_DA3amR0y_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.24.0.0/19
62.80.0.0/18
62.176.128.0/19
195.38.128.0/19
195.170.96.0/19
212.6.128.0/17
212.66.0.0/19
212.82.224.0/19
213.221.64.0/18
IPv6:
2a00:1798::/32
Signature Algorithm: sha256WithRSAEncryption
64:47:a4:07:bb:8f:ec:da:52:b4:de:1c:08:eb:c4:26:55:de:
08:d4:33:2f:ca:c8:56:b3:30:d8:57:ac:f3:1d:97:19:e7:c3:
43:56:2d:09:c1:5d:6f:6b:16:d1:73:5c:57:6c:7f:a2:e0:7f:
5e:3c:c7:bb:8d:8e:50:5d:b2:c9:03:72:3e:44:36:47:96:d1:
cd:f5:20:db:c4:fc:86:8a:b7:89:39:d8:77:a9:7d:3e:35:5d:
62:fb:07:32:aa:b0:a6:1f:d9:3e:65:45:50:3d:08:18:9d:94:
71:84:9d:3f:e4:b8:d0:8e:4f:99:0c:94:d7:6e:02:58:a5:7e:
85:76:77:f5:98:e5:a1:a9:53:cd:87:7c:e5:fe:84:67:60:1d:
c3:ef:2e:d2:60:70:6c:ba:02:ec:80:6c:e1:7b:27:44:6a:2e:
a1:da:00:5d:a0:5a:aa:de:4a:bd:9d:17:64:00:26:5e:e7:5e:
9a:89:00:a5:1e:ba:cb:f1:33:94:f3:fe:5e:81:e3:63:8a:1b:
eb:f9:37:89:74:9f:1e:23:b6:f6:e1:38:0c:6c:96:3b:d7:a1:
b9:40:ef:38:c0:ee:ec:98:76:19:b5:b7:67:19:97:88:2a:a1:
70:5d:76:cd:a4:ca:6d:ac:a7:57:9e:9b:ec:22:18:e4:77:3f:
6b:30:e6:c3
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEBODcBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDY4M2NmZmEwNjFmMjhhOWUxMTM1YzlmYzMwMzc2YTY0NzRjYmY0MB4XDTIyMDEw
MTA5NTcyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJlMzIzZGI2Njhh
ZmQ5YWFiYjM4NmVkMGI3M2M5MzU4ZGJlMWI2NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/TvA1+LzRStvTCCNy3+QC12PFyJjJkAbOorMoeJwMylu9g
4Bwb2CuRTwILydJF9frL7jwhF9zJHrj9G5bz02aMbLTRrSMDF+FCadyVo2g6gLyY
bpUwcipVcgtRCjOZmZ7Vy+gTlaGUhKgr19FiADEAqkBGV4UyknWlZXzgJ+bGDiG2
64Ujr9IdYR4n+Mo7dCPdsnLWTnCIJTvvhwhOWuyT6Dvn3Z20+pmrmzx3cg8CbyfN
7XGDikvAExzhJsCKdZB6nnC4SVi52ESEu53wvsI1tAQgT0Kelb5uVvfW77RBjNKZ
lL3V5cYdLz0XzTbQz6ISK7xooLOxA+rTkgOga7cCAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBTi4yPbZor9mquzhu0Lc8k1jb4bZDAfBgNVHSMEGDAWgBQwaDz/oGHyip4R
Ncn8MDdqZHTL9DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01HZzhfNkJoOG9xZUVUWEpfREEzYW1SMHlfUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDUvMDFmNmVkLTdiODYtNGY3Ni04MjhmLTRlMTkyMzlmMGMzNS8x
LzR1TWoyMmFLX1pxcnM0YnRDM1BKTlkyLUcyUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUv
MDFmNmVkLTdiODYtNGY3Ni04MjhmLTRlMTkyMzlmMGMzNS8xL01HZzhfNkJoOG9x
ZUVUWEpfREEzYW1SMHlfUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEBT4YAAMEBj5QAAMEBT6wgAMEBcMm
gAMEBcOqYAMEB9QGgAMEBdRCAAMEBdRS4AMEBtXdQDANBAIAAjAHAwUAKgAXmDAN
BgkqhkiG9w0BAQsFAAOCAQEAZEekB7uP7NpStN4cCOvEJlXeCNQzL8rIVrMw2Fes
8x2XGefDQ1YtCcFdb2sW0XNcV2x/ouB/XjzHu42OUF2yyQNyPkQ2R5bRzfUg28T8
hoq3iTnYd6l9PjVdYvsHMqqwph/ZPmVFUD0IGJ2UcYSdP+S40I5PmQyU124CWKV+
hXZ39ZjloalTzYd85f6EZ2Adw+8u0mBwbLoC7IBs4XsnRGouodoAXaBaqt5KvZ0X
ZAAmXudemokApR66y/EzlPP+XoHjY4ob6/k3iXSfHiO29uE4DGyWO9ehuUDvOMDu
7Jh2GbW3ZxmXiCqhcF12zaTKbaynV56b7CIY5Hc/azDmww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:01 2024 by rpki-client on console-ams.rpki-client.org