Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/U3tUiWtkc7REbXqobR6jhlEMQCY.roa
File: U3tUiWtkc7REbXqobR6jhlEMQCY.roa (raw, json)
Hash identifier: nZmF4oGDQ2OtZVMGv0zBZurnMSArWcPo6MAgBR2roLU=
Subject key identifier: 53:7B:54:89:6B:64:73:B4:44:6D:7A:A8:6D:1E:A3:86:51:0C:40:26
Certificate issuer: /CN=0146b429f8c49611fcfea1efa1a51b9c0eddb6e7
Certificate serial: 05E92784
Authority key identifier: 01:46:B4:29:F8:C4:96:11:FC:FE:A1:EF:A1:A5:1B:9C:0E:DD:B6:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AUa0KfjElhH8_qHvoaUbnA7dtuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/U3tUiWtkc7REbXqobR6jhlEMQCY.roa
Signing time: Fri 29 Apr 2022 08:39:42 +0000
ROA not before: Fri 29 Apr 2022 08:39:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42568
IP address blocks: 89.36.152.0/23 maxlen: 23
93.114.140.0/24 maxlen: 24
89.33.202.0/23 maxlen: 23
89.45.160.0/23 maxlen: 23
89.33.10.0/24 maxlen: 24
89.33.11.0/24 maxlen: 24
188.213.200.0/23 maxlen: 23
89.42.234.0/24 maxlen: 24
89.42.235.0/24 maxlen: 24
89.41.174.0/23 maxlen: 23
31.14.222.0/23 maxlen: 23
89.42.176.0/23 maxlen: 23
89.45.64.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99166084 (0x5e92784)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0146b429f8c49611fcfea1efa1a51b9c0eddb6e7
Validity
Not Before: Apr 29 08:39:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=537b54896b6473b4446d7aa86d1ea386510c4026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:5f:a4:03:66:5e:46:34:8c:6a:06:74:bc:68:
09:b8:ed:4f:ea:8a:c5:d7:9a:30:9d:34:ac:9a:20:
a7:a5:5d:a5:5e:65:29:f5:fc:d6:ae:45:46:76:fb:
6b:1d:1d:ae:58:6e:d2:ba:00:42:1f:e2:74:ce:7d:
9a:0d:f3:17:7e:b2:be:29:c1:be:bb:d8:be:8d:60:
13:23:a3:44:c0:54:5a:c4:bd:46:f2:e5:fb:ee:59:
b4:ae:6c:08:a4:b4:68:d8:19:0d:ba:1f:47:5e:d5:
87:9e:69:fa:bb:fc:d7:30:d1:7d:7b:92:4b:3b:9a:
87:f8:4b:35:d9:3c:b4:1a:33:01:93:5d:85:3c:96:
5b:13:87:c8:74:e2:98:d3:ea:9c:4d:6e:66:89:2a:
58:4b:14:ff:bf:db:84:9a:94:fd:fc:eb:5f:88:31:
f5:7a:40:f4:a4:cc:2c:5d:fa:61:7b:6d:e8:0b:66:
d9:71:1f:91:cc:15:48:00:98:86:24:18:9d:f3:11:
99:57:ea:5d:10:6e:c9:cc:48:cd:7e:4f:a6:21:57:
ba:22:1e:28:75:47:aa:b7:78:6a:80:f2:4b:ea:dc:
aa:9d:75:0b:70:5c:75:4a:f8:f0:1b:fd:07:0e:40:
64:06:a0:c8:a1:76:7d:58:4d:8b:d2:34:fb:6d:d0:
7a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:7B:54:89:6B:64:73:B4:44:6D:7A:A8:6D:1E:A3:86:51:0C:40:26
X509v3 Authority Key Identifier:
keyid:01:46:B4:29:F8:C4:96:11:FC:FE:A1:EF:A1:A5:1B:9C:0E:DD:B6:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AUa0KfjElhH8_qHvoaUbnA7dtuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/U3tUiWtkc7REbXqobR6jhlEMQCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/AUa0KfjElhH8_qHvoaUbnA7dtuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.222.0/23
89.33.10.0/23
89.33.202.0/23
89.36.152.0/23
89.41.174.0/23
89.42.176.0/23
89.42.234.0/23
89.45.64.0/23
89.45.160.0/23
93.114.140.0/24
188.213.200.0/23
Signature Algorithm: sha256WithRSAEncryption
19:d7:70:80:d7:1b:68:9e:fb:13:3c:87:cf:16:ab:ce:e2:b5:
d9:ef:5a:95:4c:6c:71:38:fa:56:8a:bd:e3:c4:53:24:1d:10:
45:74:08:ab:d2:24:b3:c1:7d:15:55:f6:24:70:ad:8c:09:de:
76:e9:6c:c2:c8:f9:95:17:9b:76:4f:cf:96:5c:1b:fa:39:fe:
59:c7:ea:6f:16:73:ec:2e:89:2e:0f:07:5b:ec:9b:8d:08:6d:
3b:b0:01:cf:d5:f9:ad:eb:88:a5:d1:10:40:3f:86:87:8e:0b:
f4:0f:df:e7:d1:37:86:51:cf:6a:c5:d9:7c:55:ad:4b:88:d4:
92:35:fd:6b:b3:66:c5:fb:00:21:7c:ec:49:4c:8d:e0:db:3b:
27:ae:ca:07:de:87:23:50:8a:47:49:5b:a0:46:58:bb:92:14:
03:92:d0:29:70:7c:9d:14:11:63:a1:71:9f:4b:b2:88:12:43:
2b:a6:f2:4b:7a:9a:0d:2e:97:0e:7f:d6:8d:de:b2:6a:c7:0b:
d4:82:e9:0c:52:fc:a0:bb:ba:b0:9f:a2:26:b9:4d:6e:8f:be:
b9:bf:3c:7b:de:b9:50:70:52:73:9c:4a:35:3d:71:44:9f:d6:
f3:98:1a:13:5e:a9:26:b1:04:ca:13:ec:76:f3:e9:2d:7b:bb:
b0:9a:b5:9c
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEBeknhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MTQ2YjQyOWY4YzQ5NjExZmNmZWExZWZhMWE1MWI5YzBlZGRiNmU3MB4XDTIyMDQy
OTA4Mzk0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTM3YjU0ODk2YjY0
NzNiNDQ0NmQ3YWE4NmQxZWEzODY1MTBjNDAyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZfpANmXkY0jGoGdLxoCbjtT+qKxdeaMJ00rJogp6VdpV5l
KfX81q5FRnb7ax0drlhu0roAQh/idM59mg3zF36yvinBvrvYvo1gEyOjRMBUWsS9
RvLl++5ZtK5sCKS0aNgZDbofR17Vh55p+rv81zDRfXuSSzuah/hLNdk8tBozAZNd
hTyWWxOHyHTimNPqnE1uZokqWEsU/7/bhJqU/fzrX4gx9XpA9KTMLF36YXtt6Atm
2XEfkcwVSACYhiQYnfMRmVfqXRBuycxIzX5PpiFXuiIeKHVHqrd4aoDyS+rcqp11
C3BcdUr48Bv9Bw5AZAagyKF2fVhNi9I0+23QetECAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBRTe1SJa2RztERteqhtHqOGUQxAJjAfBgNVHSMEGDAWgBQBRrQp+MSWEfz+
oe+hpRucDt225zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FVYTBLZmpFbGhIOF9xSHZvYVVibkE3ZHR1Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvZTVlMzc5LTY1NmQtNDYyMi1hN2JjLWVhMjZlNzQ2YTBhZC8x
L1UzdFVpV3RrYzdSRWJYcW9iUjZqaGxFTVFDWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
ZTVlMzc5LTY1NmQtNDYyMi1hN2JjLWVhMjZlNzQ2YTBhZC8xL0FVYTBLZmpFbGhI
OF9xSHZvYVVibkE3ZHR1Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAR8O3gMEAVkhCgMEAVkhygMEAVkk
mAMEAVkprgMEAVkqsAMEAVkq6gMEAVktQAMEAVktoAMEAF1yjAMEAbzVyDANBgkq
hkiG9w0BAQsFAAOCAQEAGddwgNcbaJ77EzyHzxarzuK12e9alUxscTj6Voq948RT
JB0QRXQIq9Iks8F9FVX2JHCtjAnedulswsj5lRebdk/Pllwb+jn+WcfqbxZz7C6J
Lg8HW+ybjQhtO7ABz9X5reuIpdEQQD+Gh44L9A/f59E3hlHPasXZfFWtS4jUkjX9
a7NmxfsAIXzsSUyN4Ns7J67KB96HI1CKR0lboEZYu5IUA5LQKXB8nRQRY6Fxn0uy
iBJDK6byS3qaDS6XDn/Wjd6yascL1ILpDFL8oLu6sJ+iJrlNbo++ub88e965UHBS
c5xKNT1xRJ/W85gaE16pJrEEyhPsdvPpLXu7sJq1nA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:26 2023 by rpki-client on console-fra.rpki-client.org