Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/4H5M3a8zJK-mN8vrMv1aK8xSWWE.roa
File: 4H5M3a8zJK-mN8vrMv1aK8xSWWE.roa (raw, json)
Hash identifier: QU0Z8n6vFHI1KQuvcCvdB5d+1T/ckfkx5LF19zaMAEA=
Subject key identifier: E0:7E:4C:DD:AF:33:24:AF:A6:37:CB:EB:32:FD:5A:2B:CC:52:59:61
Certificate issuer: /CN=0af61798dd18965c027afa7f93ae030ff5e1d76e
Certificate serial: 04C80CCF
Authority key identifier: 0A:F6:17:98:DD:18:96:5C:02:7A:FA:7F:93:AE:03:0F:F5:E1:D7:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CvYXmN0YllwCevp_k64DD_Xh124.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/4H5M3a8zJK-mN8vrMv1aK8xSWWE.roa
Signing time: Fri 13 May 2022 07:24:01 +0000
ROA not before: Fri 13 May 2022 07:24:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5606
IP address blocks: 128.140.224.0/21 maxlen: 24
176.223.110.0/24 maxlen: 24
188.212.152.0/24 maxlen: 24
188.213.33.0/24 maxlen: 24
185.8.152.0/22 maxlen: 24
188.241.222.0/24 maxlen: 24
109.205.91.0/24 maxlen: 24
109.205.88.0/24 maxlen: 24
109.205.90.0/24 maxlen: 24
109.205.89.0/24 maxlen: 24
193.41.251.0/24 maxlen: 24
109.205.95.0/24 maxlen: 24
188.212.37.0/24 maxlen: 24
193.226.128.0/18 maxlen: 24
188.213.132.0/23 maxlen: 24
188.211.236.0/24 maxlen: 24
194.105.1.0/24 maxlen: 24
2001:4d80::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80219343 (0x4c80ccf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0af61798dd18965c027afa7f93ae030ff5e1d76e
Validity
Not Before: May 13 07:24:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e07e4cddaf3324afa637cbeb32fd5a2bcc525961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:70:9b:3b:68:6e:af:ba:87:10:87:a4:0c:36:
ed:ee:4a:64:7b:ac:a9:ee:9a:81:ca:d3:26:eb:f7:
87:f4:e2:5c:8e:16:d6:68:75:6d:21:44:ef:ed:91:
60:46:49:3b:2a:a9:3a:4d:87:55:fd:ff:67:f2:64:
07:b8:06:02:0a:96:83:81:73:8c:ea:50:83:df:cc:
b8:d0:41:26:e6:8b:ca:17:cb:a4:ae:43:cd:2b:2e:
0c:55:75:d0:9d:50:25:a0:99:5d:3f:6e:54:46:9b:
1d:a8:82:a0:64:9f:f5:d3:94:af:1b:d2:77:53:ba:
cb:b7:b5:cc:74:b2:86:91:74:df:2e:04:96:c5:ac:
0e:f6:bd:dd:6c:fd:d7:77:96:12:0e:6e:1f:5a:2d:
c2:96:ee:5c:c0:bd:2b:f3:9b:f8:93:e8:fc:66:85:
89:15:fc:47:98:52:d5:0b:4a:4a:80:e9:93:40:54:
0e:aa:8a:8e:56:40:64:5e:de:b5:07:08:51:c7:6c:
4e:c3:d7:0f:5b:85:20:c7:df:a8:76:58:7b:0e:16:
12:c8:03:92:17:13:07:6d:b0:1d:7c:11:53:6e:ec:
cb:3b:6c:e6:a5:b9:e6:7f:9d:5c:a4:d6:e2:46:97:
3f:28:60:5b:31:d6:c7:49:3a:4e:87:7c:65:63:df:
5b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:7E:4C:DD:AF:33:24:AF:A6:37:CB:EB:32:FD:5A:2B:CC:52:59:61
X509v3 Authority Key Identifier:
keyid:0A:F6:17:98:DD:18:96:5C:02:7A:FA:7F:93:AE:03:0F:F5:E1:D7:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CvYXmN0YllwCevp_k64DD_Xh124.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/4H5M3a8zJK-mN8vrMv1aK8xSWWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/CvYXmN0YllwCevp_k64DD_Xh124.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.88.0/22
109.205.95.0/24
128.140.224.0/21
176.223.110.0/24
185.8.152.0/22
188.211.236.0/24
188.212.37.0/24
188.212.152.0/24
188.213.33.0/24
188.213.132.0/23
188.241.222.0/24
193.41.251.0/24
193.226.128.0/18
194.105.1.0/24
IPv6:
2001:4d80::/32
Signature Algorithm: sha256WithRSAEncryption
bb:15:75:81:b0:f0:32:90:5d:83:dd:17:85:ff:a7:b8:56:93:
cd:ac:6d:c0:b9:fa:e5:26:13:d0:58:e3:43:34:b3:a8:56:f5:
2b:21:8c:66:a6:02:6a:32:16:06:12:94:6a:ff:b1:53:f1:e0:
0e:be:5d:36:14:78:6e:93:53:bd:a3:91:61:47:e7:86:df:80:
f7:32:22:c1:9e:1b:aa:30:87:56:ed:c8:e0:f0:6b:ae:fd:94:
e3:cc:3e:81:87:c9:d1:c1:64:2f:ca:a6:77:5b:b7:1d:1b:41:
46:eb:dc:62:06:d0:80:aa:1a:3a:fa:f2:90:dd:7d:c5:38:6b:
b2:bc:d4:59:81:af:0d:69:ff:7f:dd:21:8a:67:78:c3:d0:4d:
90:cd:cf:19:34:65:ab:44:f7:1c:76:7a:15:d3:48:7d:75:2d:
ad:5c:db:88:77:f9:84:ed:3a:27:3c:26:4d:3a:64:fb:37:df:
d1:b5:87:da:02:ed:7f:2b:cb:73:c8:35:09:a4:35:fe:2f:3e:
5e:bc:a9:7d:cc:7d:01:5a:80:bc:24:51:2f:9e:da:04:92:d3:
f0:7f:3f:e7:dc:c6:df:04:52:2a:48:f2:57:40:74:27:12:8b:
58:1e:00:62:bb:f1:4d:8b:f5:3d:3d:d2:ce:c4:7b:28:e7:33:
25:04:d9:74
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgIEBMgMzzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YWY2MTc5OGRkMTg5NjVjMDI3YWZhN2Y5M2FlMDMwZmY1ZTFkNzZlMB4XDTIyMDUx
MzA3MjQwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTA3ZTRjZGRhZjMz
MjRhZmE2MzdjYmViMzJmZDVhMmJjYzUyNTk2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO1wmztobq+6hxCHpAw27e5KZHusqe6agcrTJuv3h/TiXI4W
1mh1bSFE7+2RYEZJOyqpOk2HVf3/Z/JkB7gGAgqWg4FzjOpQg9/MuNBBJuaLyhfL
pK5DzSsuDFV10J1QJaCZXT9uVEabHaiCoGSf9dOUrxvSd1O6y7e1zHSyhpF03y4E
lsWsDva93Wz913eWEg5uH1otwpbuXMC9K/Ob+JPo/GaFiRX8R5hS1QtKSoDpk0BU
DqqKjlZAZF7etQcIUcdsTsPXD1uFIMffqHZYew4WEsgDkhcTB22wHXwRU27syzts
5qW55n+dXKTW4kaXPyhgWzHWx0k6Tod8ZWPfW4MCAwEAAaOCAmYwggJiMB0GA1Ud
DgQWBBTgfkzdrzMkr6Y3y+sy/VorzFJZYTAfBgNVHSMEGDAWgBQK9heY3RiWXAJ6
+n+TrgMP9eHXbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0N2WVhtTjBZbGx3Q2V2cF9rNjRERF9YaDEyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvNjE1MTY0LTZkOTYtNDg4YS05NmJhLWQ2ZTFlMzQ3ZjljNy8x
LzRINU0zYTh6SkstbU44dnJNdjFhSzh4U1dXRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
NjE1MTY0LTZkOTYtNDg4YS05NmJhLWQ2ZTFlMzQ3ZjljNy8xL0N2WVhtTjBZbGx3
Q2V2cF9rNjRERF9YaDEyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB8
BggrBgEFBQcBBwEB/wRtMGswWgQCAAEwVAMEAm3NWAMEAG3NXwMEA4CM4AMEALDf
bgMEArkImAMEALzT7AMEALzUJQMEALzUmAMEALzVIQMEAbzVhAMEALzx3gMEAMEp
+wMEBsHigAMEAMJpATANBAIAAjAHAwUAIAFNgDANBgkqhkiG9w0BAQsFAAOCAQEA
uxV1gbDwMpBdg90Xhf+nuFaTzaxtwLn65SYT0FjjQzSzqFb1KyGMZqYCajIWBhKU
av+xU/HgDr5dNhR4bpNTvaORYUfnht+A9zIiwZ4bqjCHVu3I4PBrrv2U48w+gYfJ
0cFkL8qmd1u3HRtBRuvcYgbQgKoaOvrykN19xThrsrzUWYGvDWn/f90himd4w9BN
kM3PGTRlq0T3HHZ6FdNIfXUtrVzbiHf5hO06JzwmTTpk+zff0bWH2gLtfyvLc8g1
CaQ1/i8+Xrypfcx9AVqAvCRRL57aBJLT8H8/59zG3wRSKkjyV0B0JxKLWB4AYrvx
TYv1PT3SzsR7KOczJQTZdA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:34 2023 by rpki-client on console-ams.rpki-client.org