Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/5tDaDYUjev7T48sL1xg8TmnkrsA.roa
File: 5tDaDYUjev7T48sL1xg8TmnkrsA.roa (raw, json)
Hash identifier: SL7UivLOOUsKERYs8qsDQS+Vhoh3FZ5UTWdgiIRxu5E=
Subject key identifier: E6:D0:DA:0D:85:23:7A:FE:D3:E3:CB:0B:D7:18:3C:4E:69:E4:AE:C0
Certificate issuer: /CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Certificate serial: 2DF6AED4
Authority key identifier: F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/5tDaDYUjev7T48sL1xg8TmnkrsA.roa
Signing time: Sat 01 Jan 2022 14:58:13 +0000
ROA not before: Sat 01 Jan 2022 14:58:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5607
IP address blocks: 188.220.0.0/14 maxlen: 14
51.146.0.0/16 maxlen: 16
90.192.0.0/11 maxlen: 11
87.80.0.0/15 maxlen: 15
51.198.0.0/15 maxlen: 15
176.255.240.0/24 maxlen: 24
176.255.242.0/24 maxlen: 24
176.255.241.0/24 maxlen: 24
5.64.0.0/13 maxlen: 13
151.224.0.0/13 maxlen: 13
51.194.0.0/16 maxlen: 16
93.96.0.0/16 maxlen: 16
46.64.0.0/15 maxlen: 15
94.192.0.0/14 maxlen: 14
78.86.0.0/16 maxlen: 16
149.241.0.0/16 maxlen: 16
51.241.0.0/16 maxlen: 16
176.248.0.0/13 maxlen: 13
2.216.0.0/13 maxlen: 13
2.120.0.0/13 maxlen: 13
51.186.0.0/15 maxlen: 15
94.0.0.0/12 maxlen: 12
51.19.0.0/16 maxlen: 16
176.24.0.0/14 maxlen: 14
78.105.0.0/16 maxlen: 16
2a02:c78::/29 maxlen: 29
2a02:c7d::/33 maxlen: 33
2a02:c7d:8000::/33 maxlen: 33
2a02:c7f::/33 maxlen: 33
2a02:c7f:8000::/33 maxlen: 33
2a02:c7e::/33 maxlen: 33
2a02:c7e:8000::/33 maxlen: 33
2a02:c7c::/33 maxlen: 33
2a02:c7c:8000::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 771141332 (0x2df6aed4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Validity
Not Before: Jan 1 14:58:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e6d0da0d85237afed3e3cb0bd7183c4e69e4aec0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1c:0c:0e:80:df:05:ab:dc:04:36:b7:f0:a2:
e7:d2:5d:66:2f:1f:f7:35:7b:15:a8:22:74:03:80:
60:85:af:9b:e3:21:0a:32:36:70:aa:5b:c6:55:53:
4d:cf:af:db:bc:f3:9a:9c:ff:2b:e3:84:63:9d:0e:
5f:77:af:e5:7a:ab:58:8e:45:6b:74:59:c4:c0:bf:
cf:25:51:85:93:1d:16:75:48:a0:e4:fd:ca:da:35:
f2:e3:5c:cc:04:4f:0e:cd:4a:be:d4:be:8a:7d:f2:
7b:9b:01:8f:97:3c:8b:fd:ac:54:8c:95:f7:df:28:
09:4b:15:45:d1:22:88:c2:f6:bd:3d:21:8f:d1:ce:
6c:1c:6d:1b:d2:30:bc:ec:b7:67:5a:5a:6e:41:eb:
63:45:1b:46:db:f0:33:b1:72:9f:4e:ae:75:d6:9e:
70:0c:3c:6d:ef:43:da:41:12:12:9f:9a:32:b3:57:
e2:a3:90:e3:9f:37:25:ba:b2:b9:10:78:e4:f8:6e:
7d:39:42:e9:13:1b:96:f4:f2:f0:0b:e9:70:ee:5d:
29:06:72:ca:eb:e4:16:b9:07:ef:e4:d8:2f:74:99:
e5:19:1d:95:d4:19:ef:1d:b5:77:91:f6:8d:e9:62:
aa:d0:0a:3b:5f:15:20:d4:d4:0e:c2:94:3a:34:3d:
52:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:D0:DA:0D:85:23:7A:FE:D3:E3:CB:0B:D7:18:3C:4E:69:E4:AE:C0
X509v3 Authority Key Identifier:
keyid:F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/5tDaDYUjev7T48sL1xg8TmnkrsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.120.0.0/13
2.216.0.0/13
5.64.0.0/13
46.64.0.0/15
51.19.0.0/16
51.146.0.0/16
51.186.0.0/15
51.194.0.0/16
51.198.0.0/15
51.241.0.0/16
78.86.0.0/16
78.105.0.0/16
87.80.0.0/15
90.192.0.0/11
93.96.0.0/16
94.0.0.0/12
94.192.0.0/14
149.241.0.0/16
151.224.0.0/13
176.24.0.0/14
176.248.0.0/13
188.220.0.0/14
IPv6:
2a02:c78::/29
Signature Algorithm: sha256WithRSAEncryption
4e:34:e8:ec:97:c6:99:35:95:b5:e5:7a:f3:82:39:de:35:83:
63:45:94:1d:57:b7:a9:d7:0a:28:c9:3a:f2:a6:4a:6d:5f:2b:
a8:85:5e:74:69:13:34:b2:a2:46:e2:f5:73:6c:5a:29:7e:8d:
21:1b:c8:0a:05:28:d8:59:b5:d9:da:8e:6b:f9:c5:11:86:d0:
e5:7c:f6:84:2c:68:09:2e:35:0f:8c:86:23:35:55:76:7e:ee:
fe:1c:d3:df:76:c4:7c:f5:e6:f1:71:b7:1f:41:1f:fd:70:2e:
e7:f6:c4:9d:67:55:54:38:84:c7:78:59:08:37:92:fc:c4:21:
53:8d:8c:b5:3c:b3:80:a5:84:7c:c0:f5:a7:ce:5f:bc:11:cd:
81:9c:ff:82:d3:7a:4b:2a:a7:26:dd:06:0a:f7:b5:e1:77:1e:
34:ff:b9:cb:e4:a8:5c:ba:e9:ea:fa:da:38:14:e0:87:3c:f0:
78:7f:83:bc:a1:9c:cc:41:05:45:a8:1b:7d:bf:9b:03:6f:d5:
14:c1:02:b9:cd:5f:12:d1:a2:d7:23:a8:9e:21:35:2c:32:e7:
d1:07:8e:97:cf:72:cb:97:cc:12:e8:a7:b9:e7:4a:cb:ab:b7:
24:4c:ee:c8:76:80:79:c1:4c:fa:55:9e:00:73:cc:b4:bb:a6:
1b:17:bb:56
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgIELfau1DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NzFkNGE0Mzc0ZGYyMjJhYzMyMzViOTYwMjIwNmQ5NmJmMWRhYzgyMB4XDTIyMDEw
MTE0NTgxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTZkMGRhMGQ4NTIz
N2FmZWQzZTNjYjBiZDcxODNjNGU2OWU0YWVjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALQcDA6A3wWr3AQ2t/Ci59JdZi8f9zV7FagidAOAYIWvm+Mh
CjI2cKpbxlVTTc+v27zzmpz/K+OEY50OX3ev5XqrWI5Fa3RZxMC/zyVRhZMdFnVI
oOT9yto18uNczARPDs1KvtS+in3ye5sBj5c8i/2sVIyV998oCUsVRdEiiML2vT0h
j9HObBxtG9IwvOy3Z1pabkHrY0UbRtvwM7Fyn06uddaecAw8be9D2kESEp+aMrNX
4qOQ4583JbqyuRB45PhufTlC6RMblvTy8AvpcO5dKQZyyuvkFrkH7+TYL3SZ5Rkd
ldQZ7x21d5H2jeliqtAKO18VINTUDsKUOjQ9Uk8CAwEAAaOCAoMwggJ/MB0GA1Ud
DgQWBBTm0NoNhSN6/tPjywvXGDxOaeSuwDAfBgNVHSMEGDAWgBT3HUpDdN8iKsMj
W5YCIG2Wvx2sgjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzl4MUtRM1RmSWlyREkxdVdBaUJ0bHI4ZHJJSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzczOWRjLTExMzItNDgzNy05Yjg1LWU5YWMyYjAwMzE2YS8x
LzV0RGFEWVVqZXY3VDQ4c0wxeGc4VG1ua3JzQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzczOWRjLTExMzItNDgzNy05Yjg1LWU5YWMyYjAwMzE2YS8xLzl4MUtRM1RmSWly
REkxdVdBaUJ0bHI4ZHJJSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
mAYIKwYBBQUHAQcBAf8EgYgwgYUwdAQCAAEwbgMDAwJ4AwMDAtgDAwMFQAMDAS5A
AwMAMxMDAwAzkgMDATO6AwMAM8IDAwEzxgMDADPxAwMATlYDAwBOaQMDAVdQAwMF
WsADAwBdYAMDBF4AAwMCXsADAwCV8QMDA5fgAwMCsBgDAwOw+AMDArzcMA0EAgAC
MAcDBQMqAgx4MA0GCSqGSIb3DQEBCwUAA4IBAQBONOjsl8aZNZW15XrzgjneNYNj
RZQdV7ep1wooyTrypkptXyuohV50aRM0sqJG4vVzbFopfo0hG8gKBSjYWbXZ2o5r
+cURhtDlfPaELGgJLjUPjIYjNVV2fu7+HNPfdsR89ebxcbcfQR/9cC7n9sSdZ1VU
OITHeFkIN5L8xCFTjYy1PLOApYR8wPWnzl+8Ec2BnP+C03pLKqcm3QYK97Xhdx40
/7nL5Khcuunq+to4FOCHPPB4f4O8oZzMQQVFqBt9v5sDb9UUwQK5zV8S0aLXI6ie
ITUsMufRB46Xz3LLl8wS6Ke550rLq7ckTO7IdoB5wUz6VZ4Ac8y0u6YbF7tW
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:29 2023 by rpki-client on console-fra.rpki-client.org