Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/z4WF47-tNTqdV3rNXJiiylkhwnA.roa
File: z4WF47-tNTqdV3rNXJiiylkhwnA.roa (raw, json)
Hash identifier: iD22cuRJBMSuqdf/XMFJWmfLMEc8ftLYGv1gFgFa4p8=
Subject key identifier: CF:85:85:E3:BF:AD:35:3A:9D:57:7A:CD:5C:98:A2:CA:59:21:C2:70
Certificate issuer: /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial: 05022B10
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/z4WF47-tNTqdV3rNXJiiylkhwnA.roa
Signing time: Tue 19 Apr 2022 09:23:08 +0000
ROA not before: Tue 19 Apr 2022 09:23:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8308
IP address blocks: 195.164.0.0/16 maxlen: 16
217.9.160.0/20 maxlen: 20
217.9.160.0/24 maxlen: 24
217.9.165.0/24 maxlen: 24
194.181.0.0/16 maxlen: 16
195.187.101.0/24 maxlen: 24
195.187.0.0/18 maxlen: 18
193.59.0.0/16 maxlen: 16
194.181.255.0/24 maxlen: 24
195.187.128.0/17 maxlen: 17
2001:a10::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84028176 (0x5022b10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Validity
Not Before: Apr 19 09:23:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf8585e3bfad353a9d577acd5c98a2ca5921c270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0e:14:b6:1e:7b:f0:98:7a:f5:46:fc:51:4e:
64:49:5a:65:7b:4c:87:f7:88:c8:b6:48:50:3a:ef:
46:da:39:4e:61:58:54:19:33:3f:a3:66:be:65:06:
e8:2f:e8:5d:26:60:d7:70:b0:59:f3:eb:d2:6c:16:
61:7c:95:fd:46:d4:f1:d1:e1:b9:a2:79:6e:c1:f6:
38:47:84:d3:42:50:95:5d:44:be:99:8d:72:63:68:
f3:41:d5:1d:e1:19:90:96:16:f1:9e:98:b2:f4:f6:
39:c6:79:33:c3:65:16:aa:59:3e:f6:4f:b0:6e:c3:
47:16:65:fe:c2:57:1f:19:85:e3:46:6d:6f:95:1e:
8b:4f:dd:63:a5:23:12:f6:a2:9b:4c:77:e9:ff:c2:
ad:8a:52:3d:5e:1b:55:23:97:19:d7:ad:50:61:a4:
06:d0:fa:e2:6a:01:ba:2c:1e:1a:45:18:94:4e:ee:
52:17:91:a4:19:23:93:65:02:25:0c:fc:76:6c:4e:
a6:60:06:ee:1a:2a:bb:a3:af:2d:f2:72:01:ec:01:
30:c7:97:50:34:3e:59:b4:e2:cb:97:0e:6f:58:a5:
8d:6a:cb:1a:b8:56:14:d0:80:7e:d9:16:5a:3c:96:
cb:60:9b:de:ba:c2:e7:aa:dd:61:53:a8:53:f3:8a:
4d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:85:85:E3:BF:AD:35:3A:9D:57:7A:CD:5C:98:A2:CA:59:21:C2:70
X509v3 Authority Key Identifier:
keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/z4WF47-tNTqdV3rNXJiiylkhwnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.59.0.0/16
194.181.0.0/16
195.164.0.0/16
195.187.0.0/18
195.187.101.0/24
195.187.128.0/17
217.9.160.0/20
IPv6:
2001:a10::/32
Signature Algorithm: sha256WithRSAEncryption
24:fd:63:0e:ba:8a:98:0a:4c:27:61:74:d2:21:de:c2:7e:f6:
1d:fb:50:7e:73:aa:fe:dc:5f:4d:60:04:cf:e2:60:30:ca:94:
5d:b6:32:af:93:f7:ae:49:74:ef:4e:b9:73:fc:d3:bf:34:6c:
e7:7f:b1:8a:06:75:13:94:ed:fb:6a:21:87:d7:90:1c:53:71:
fc:90:8c:fc:03:a2:65:74:0b:78:02:03:61:17:c6:5b:03:bf:
ab:52:c2:3e:24:c3:4b:52:1b:ad:54:56:f0:1f:2c:01:2d:c2:
bd:30:1b:6e:5b:fc:00:41:cd:0c:91:b2:88:3f:1c:fd:c7:56:
17:a0:19:ac:41:65:e1:ee:2a:15:ab:76:b6:98:b2:2c:b3:cc:
80:ca:77:bf:1c:77:75:2e:d0:49:c8:cb:14:e2:89:5a:e8:75:
5c:11:00:3a:5c:e7:a8:3a:0d:0d:45:2e:da:c2:6b:6c:9f:8e:
10:e2:1c:13:b4:27:f3:2c:8e:88:7e:49:9d:fe:ff:1d:16:3b:
9f:61:e9:24:90:43:d0:10:a0:b3:8a:63:e9:66:c6:93:03:4f:
b3:e2:0b:c7:4c:dc:ae:0e:1f:1e:b6:33:56:87:6b:f0:6a:4e:
20:ec:10:01:0a:79:b5:3a:1d:a2:f6:61:4d:af:1a:7c:8d:55:
cd:5f:fe:d5
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEBQIrEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MGM0MDk2MTNmZWEwYTJiNDQyY2UxMTJlOWNiZGI0ODVlMDExODhmMB4XDTIyMDQx
OTA5MjMwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Y4NTg1ZTNiZmFk
MzUzYTlkNTc3YWNkNWM5OGEyY2E1OTIxYzI3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALsOFLYee/CYevVG/FFOZElaZXtMh/eIyLZIUDrvRto5TmFY
VBkzP6NmvmUG6C/oXSZg13CwWfPr0mwWYXyV/UbU8dHhuaJ5bsH2OEeE00JQlV1E
vpmNcmNo80HVHeEZkJYW8Z6YsvT2OcZ5M8NlFqpZPvZPsG7DRxZl/sJXHxmF40Zt
b5Uei0/dY6UjEvaim0x36f/CrYpSPV4bVSOXGdetUGGkBtD64moBuiweGkUYlE7u
UheRpBkjk2UCJQz8dmxOpmAG7hoqu6OvLfJyAewBMMeXUDQ+WbTiy5cOb1iljWrL
GrhWFNCAftkWWjyWy2Cb3rrC56rdYVOoU/OKTc8CAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBTPhYXjv601Op1Xes1cmKLKWSHCcDAfBgNVHSMEGDAWgBQwxAlhP+oKK0Qs
4RLpy9tIXgEYjzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01NUUpZVF9xQ2l0RUxPRVM2Y3ZiU0Y0QkdJOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvYjc4ZmI1LWFmY2EtNGRiNy04ODg2LWMwNjcxYmY0Y2YzZS8x
L3o0V0Y0Ny10TlRxZFYzck5YSmlpeWxraHduQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
Yjc4ZmI1LWFmY2EtNGRiNy04ODg2LWMwNjcxYmY0Y2YzZS8xL01NUUpZVF9xQ2l0
RUxPRVM2Y3ZiU0Y0QkdJOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wLQQCAAEwJwMDAME7AwMAwrUDAwDDpAMEBsO7AAME
AMO7ZQMEB8O7gAMEBNkJoDANBAIAAjAHAwUAIAEKEDANBgkqhkiG9w0BAQsFAAOC
AQEAJP1jDrqKmApMJ2F00iHewn72HftQfnOq/txfTWAEz+JgMMqUXbYyr5P3rkl0
7065c/zTvzRs53+xigZ1E5Tt+2ohh9eQHFNx/JCM/AOiZXQLeAIDYRfGWwO/q1LC
PiTDS1IbrVRW8B8sAS3CvTAbblv8AEHNDJGyiD8c/cdWF6AZrEFl4e4qFat2tpiy
LLPMgMp3vxx3dS7QScjLFOKJWuh1XBEAOlznqDoNDUUu2sJrbJ+OEOIcE7Qn8yyO
iH5Jnf7/HRY7n2HpJJBD0BCgs4pj6WbGkwNPs+ILx0zcrg4fHrYzVodr8GpOIOwQ
AQp5tTodovZhTa8afI1VzV/+1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:05 2024 by rpki-client on console-ams.rpki-client.org