Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/d5phnQN81vWgiug4dn24E0d1wVA.roa
File: d5phnQN81vWgiug4dn24E0d1wVA.roa (raw, json)
Hash identifier: cZzy31jRbVVJxP96xBpoMLtAUOfYKq2wNWeaO0Tf2jg=
Subject key identifier: 77:9A:61:9D:03:7C:D6:F5:A0:8A:E8:38:76:7D:B8:13:47:75:C1:50
Certificate issuer: /CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Certificate serial: 35E0B98F
Authority key identifier: E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/d5phnQN81vWgiug4dn24E0d1wVA.roa
Signing time: Sat 01 Jan 2022 12:57:07 +0000
ROA not before: Sat 01 Jan 2022 12:57:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49349
IP address blocks: 185.11.146.0/24 maxlen: 32
185.11.147.0/24 maxlen: 32
188.209.49.0/24 maxlen: 24
188.209.52.0/23 maxlen: 24
185.62.190.0/24 maxlen: 32
185.62.188.0/23 maxlen: 32
185.11.145.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 903920015 (0x35e0b98f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Validity
Not Before: Jan 1 12:57:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=779a619d037cd6f5a08ae838767db8134775c150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b4:f5:2a:5a:c6:a5:56:8f:ef:8b:1c:e7:d1:
55:70:3e:4c:18:39:a8:5b:0c:3f:82:79:1d:4e:38:
59:13:4a:68:f7:f3:97:77:c1:d8:9d:30:3b:80:be:
9c:2c:6b:f5:c1:70:c3:c1:19:b0:72:17:00:4e:e1:
cf:17:8f:73:c2:83:11:00:da:ee:67:7b:bb:64:51:
79:be:1d:58:b5:ec:56:79:f2:57:48:44:ee:a5:a8:
87:fb:89:0c:d1:c3:d1:0c:35:6c:4a:80:86:e7:49:
6d:5f:7a:d7:a2:57:74:74:c6:e7:f8:10:a5:0c:48:
78:79:3f:18:68:83:99:f0:fe:bd:2e:42:93:21:0c:
35:93:51:da:43:1b:3b:e7:5a:4b:13:84:2a:eb:d5:
14:e6:b2:47:5d:37:41:ed:96:68:b9:70:62:4c:44:
63:5c:dd:e7:37:86:1a:a6:d1:77:a7:80:8d:0b:c2:
07:59:15:02:eb:76:a4:93:59:52:39:03:4a:a5:4b:
09:a4:4d:2f:50:e7:d9:a4:40:4c:f8:a9:6c:3d:4c:
2d:25:e2:02:db:a9:03:a0:93:ea:bf:6f:22:aa:12:
e5:72:97:5c:8d:17:dd:89:88:ed:78:8c:97:91:c2:
65:90:d4:57:f8:94:cd:52:11:e0:41:57:c8:96:18:
cc:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:9A:61:9D:03:7C:D6:F5:A0:8A:E8:38:76:7D:B8:13:47:75:C1:50
X509v3 Authority Key Identifier:
keyid:E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/d5phnQN81vWgiug4dn24E0d1wVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.145.0-185.11.147.255
185.62.188.0-185.62.190.255
188.209.49.0/24
188.209.52.0/23
Signature Algorithm: sha256WithRSAEncryption
c2:22:29:6b:13:32:b7:58:1c:bf:fd:d5:8c:cf:e6:84:23:c7:
bf:b6:77:16:18:ca:88:1e:4b:81:65:65:0c:49:7b:a7:a5:10:
43:c8:f0:9e:a3:cb:c1:12:dd:19:96:a3:63:37:b3:01:56:55:
58:89:00:c7:ca:69:e9:5e:e5:f4:4c:09:cf:06:36:0d:25:fe:
ab:e7:66:af:03:e4:35:fa:e3:ee:32:a5:cb:f9:02:2b:69:7e:
2a:80:41:ed:2c:5d:c5:a2:35:16:07:92:7d:b3:5b:2c:4c:e1:
47:bc:a9:46:a6:c3:fd:e3:a9:07:d4:97:1b:20:7f:ce:d4:34:
81:ba:14:ee:72:72:80:f8:3f:5b:c6:1c:16:12:4e:2f:75:ca:
9a:d5:25:a8:4b:8a:4c:a0:10:6a:0f:ee:49:4c:a2:2e:b9:91:
60:a3:ab:f2:f2:2c:22:9d:93:35:a6:3d:b6:fa:79:e9:7c:de:
79:ee:22:58:09:40:12:0e:d0:a1:33:82:52:ea:ef:db:ec:e7:
be:73:58:13:64:28:06:34:f2:24:3f:35:6c:62:cb:d4:8d:67:
09:a0:8a:fc:a7:64:9e:be:09:46:0c:f3:ee:26:ac:19:fa:b7:
95:2e:0d:af:be:63:20:98:84:0e:d6:da:7f:4c:21:a7:56:44:
a7:70:b9:a9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIENeC5jzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MTM4ZWMyNDJhNDNlOWM5ZDRjZWIyNWRjOTBlNTQ1MzM3M2QzZjQ2MB4XDTIyMDEw
MTEyNTcwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzc5YTYxOWQwMzdj
ZDZmNWEwOGFlODM4NzY3ZGI4MTM0Nzc1YzE1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIe09SpaxqVWj++LHOfRVXA+TBg5qFsMP4J5HU44WRNKaPfz
l3fB2J0wO4C+nCxr9cFww8EZsHIXAE7hzxePc8KDEQDa7md7u2RReb4dWLXsVnny
V0hE7qWoh/uJDNHD0Qw1bEqAhudJbV9616JXdHTG5/gQpQxIeHk/GGiDmfD+vS5C
kyEMNZNR2kMbO+daSxOEKuvVFOayR103Qe2WaLlwYkxEY1zd5zeGGqbRd6eAjQvC
B1kVAut2pJNZUjkDSqVLCaRNL1Dn2aRATPipbD1MLSXiAtupA6CT6r9vIqoS5XKX
XI0X3YmI7XiMl5HCZZDUV/iUzVIR4EFXyJYYzM8CAwEAAaOCAiswggInMB0GA1Ud
DgQWBBR3mmGdA3zW9aCK6Dh2fbgTR3XBUDAfBgNVHSMEGDAWgBThOOwkKkPpydTO
sl3JDlRTNz0/RjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRUanNKQ3BENmNuVXpySmR5UTVVVXpjOVAwWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvMGI3ZmQzLTkwZjAtNDVkMS04YTU4LTY3ODVjZDQ1Njg3MS8x
L2Q1cGhuUU44MXZXZ2l1ZzRkbjI0RTBkMXdWQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
MGI3ZmQzLTkwZjAtNDVkMS04YTU4LTY3ODVjZDQ1Njg3MS8xLzRUanNKQ3BENmNu
VXpySmR5UTVVVXpjOVAwWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKDAMAwQAuQuRAwQCuQuQMAwDBAK5PrwD
BAC5Pr4DBAC80TEDBAG80TQwDQYJKoZIhvcNAQELBQADggEBAMIiKWsTMrdYHL/9
1YzP5oQjx7+2dxYYyogeS4FlZQxJe6elEEPI8J6jy8ES3RmWo2M3swFWVViJAMfK
aele5fRMCc8GNg0l/qvnZq8D5DX64+4ypcv5AitpfiqAQe0sXcWiNRYHkn2zWyxM
4Ue8qUamw/3jqQfUlxsgf87UNIG6FO5ycoD4P1vGHBYSTi91yprVJahLikygEGoP
7klMoi65kWCjq/LyLCKdkzWmPbb6eel83nnuIlgJQBIO0KEzglLq79vs575zWBNk
KAY08iQ/NWxiy9SNZwmgivynZJ6+CUYM8+4mrBn6t5UuDa++YyCYhA7W2n9MIadW
RKdwuak=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:58 2024 by rpki-client on console-fra.rpki-client.org