Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/Auh7mPlCPomRJV2VzRnSmiavv4I.roa
File: Auh7mPlCPomRJV2VzRnSmiavv4I.roa (raw, json)
Hash identifier: qLR+f06mtRQQ/fmoeC+G1rDcxzngPDHsJsLG2/MNrMo=
Subject key identifier: 02:E8:7B:98:F9:42:3E:89:91:25:5D:95:CD:19:D2:9A:26:AF:BF:82
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018410505A58F3A5019560A18E9A941001CD
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/Auh7mPlCPomRJV2VzRnSmiavv4I.roa
Signing time: Tue 25 Oct 2022 18:03:32 +0000
ROA not before: Tue 25 Oct 2022 18:03:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47952
IP address blocks: 194.56.186.0/24 maxlen: 24
194.56.185.0/24 maxlen: 24
194.56.184.0/24 maxlen: 24
194.56.187.0/24 maxlen: 24
212.103.38.0/24 maxlen: 24
212.103.37.0/24 maxlen: 24
212.103.36.0/24 maxlen: 24
212.103.39.0/24 maxlen: 24
193.138.172.0/24 maxlen: 24
193.138.175.0/24 maxlen: 24
193.138.174.0/24 maxlen: 24
193.138.173.0/24 maxlen: 24
81.90.177.0/24 maxlen: 24
81.90.176.0/24 maxlen: 24
81.90.179.0/24 maxlen: 24
81.90.178.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:10:50:5a:58:f3:a5:01:95:60:a1:8e:9a:94:10:01:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Oct 25 18:03:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02e87b98f9423e8991255d95cd19d29a26afbf82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:73:17:65:96:3a:ab:9d:54:19:ec:fd:5a:b9:
05:33:06:5e:9f:9f:c4:73:31:d3:c8:89:47:80:86:
6a:72:3a:27:e9:6a:dd:30:2a:4e:ee:4d:48:22:b5:
bf:81:c7:b3:ed:d2:2b:60:b3:18:18:84:7e:dc:af:
93:c3:76:be:96:a5:b0:13:1b:01:75:db:40:f5:83:
af:ae:18:6a:0c:38:10:95:0e:43:3c:b6:e3:9c:13:
cc:69:5b:85:84:92:51:90:97:59:c1:27:2c:2f:53:
11:48:5f:49:9e:64:93:df:c5:6a:ab:bf:91:36:5e:
f4:92:1a:0c:46:5b:90:40:18:b6:69:dd:36:68:5c:
a2:fd:0f:1e:33:54:3d:38:01:dc:74:6f:4f:63:24:
31:e4:fa:6d:68:8d:85:91:3c:bd:c3:63:6f:7a:ab:
eb:a1:81:6c:0a:b0:ef:79:02:fb:a9:cf:3c:57:c0:
7f:06:61:76:e3:cf:4a:18:26:1d:f3:85:18:3a:65:
c8:cb:19:f5:e1:35:c9:c1:eb:d1:2c:e5:d5:a2:3d:
5f:fe:a3:3e:69:b2:2f:62:31:8f:29:8b:38:72:66:
3f:f6:0b:2b:23:a2:b9:ce:cb:5b:58:78:25:c4:1a:
d1:8f:87:a5:2b:1d:6c:17:1c:36:b5:44:b8:2a:45:
32:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:E8:7B:98:F9:42:3E:89:91:25:5D:95:CD:19:D2:9A:26:AF:BF:82
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/Auh7mPlCPomRJV2VzRnSmiavv4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.90.176.0/22
193.138.172.0/22
194.56.184.0/22
212.103.36.0/22
Signature Algorithm: sha256WithRSAEncryption
d3:6d:43:e7:73:6b:28:06:5a:5e:8c:f2:91:d3:2b:e0:a7:cc:
00:a9:4b:f9:8e:f2:23:33:a1:38:e7:e0:e0:1c:19:1a:b0:17:
be:ff:54:aa:99:ea:d4:e2:e0:dc:54:ee:18:6c:d6:91:d6:2e:
e8:ed:a4:db:fa:db:f7:3b:66:64:f5:ee:6b:93:56:00:68:2b:
27:c0:48:82:c8:f1:25:b8:47:4e:3a:50:2e:16:83:00:07:01:
a0:fe:4c:d7:74:0d:b1:e5:61:f9:96:cf:31:0a:6a:1e:ba:3e:
d1:d5:51:0a:3a:11:3f:73:ea:8b:eb:ac:50:e9:3f:b1:56:c8:
4d:ee:a3:fe:f3:d4:8c:37:8d:3e:26:fa:27:9f:5a:cb:a3:0f:
70:3a:46:21:07:7f:e9:c1:39:7b:c7:89:d9:f2:a8:9e:c1:e4:
c0:2f:c7:94:66:f2:b1:a8:40:40:86:d0:9a:35:3c:d6:b9:43:
ff:6e:8a:0e:8d:1b:cb:56:76:c0:43:06:0b:31:6b:6b:2d:79:
8e:7f:7c:7b:d9:50:fd:68:12:bc:ce:ab:1c:60:af:94:f1:7a:
6b:cf:5e:6b:7d:48:10:3a:3a:e1:22:4c:fd:ed:12:ad:55:81:
d7:53:60:9a:e9:20:44:e3:a3:21:dc:30:4e:68:80:2b:bb:38:
e5:27:06:37
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYQQUFpY86UBlWChjpqUEAHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjIxMDI1MTgwMzMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmU4N2I5OGY5NDIzZTg5OTEyNTVkOTVjZDE5ZDI5YTI2YWZiZjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXMXZZY6q51UGez9WrkFMwZen5/E
czHTyIlHgIZqcjon6WrdMCpO7k1IIrW/gcez7dIrYLMYGIR+3K+Tw3a+lqWwExsB
ddtA9YOvrhhqDDgQlQ5DPLbjnBPMaVuFhJJRkJdZwScsL1MRSF9JnmST38Vqq7+R
Nl70khoMRluQQBi2ad02aFyi/Q8eM1Q9OAHcdG9PYyQx5PptaI2FkTy9w2Nveqvr
oYFsCrDveQL7qc88V8B/BmF2489KGCYd84UYOmXIyxn14TXJwevRLOXVoj1f/qM+
abIvYjGPKYs4cmY/9gsrI6K5zstbWHglxBrRj4elKx1sFxw2tUS4KkUyrQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFALoe5j5Qj6JkSVdlc0Z0pomr7+CMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvQXVoN21QbENQb21SSlYyVnpSblNtaWF2djRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCUVqwAwQC
wYqsAwQCwji4AwQC1GckMA0GCSqGSIb3DQEBCwUAA4IBAQDTbUPnc2soBlpejPKR
0yvgp8wAqUv5jvIjM6E45+DgHBkasBe+/1SqmerU4uDcVO4YbNaR1i7o7aTb+tv3
O2Zk9e5rk1YAaCsnwEiCyPEluEdOOlAuFoMABwGg/kzXdA2x5WH5ls8xCmoeuj7R
1VEKOhE/c+qL66xQ6T+xVshN7qP+89SMN40+Jvonn1rLow9wOkYhB3/pwTl7x4nZ
8qieweTAL8eUZvKxqEBAhtCaNTzWuUP/booOjRvLVnbAQwYLMWtrLXmOf3x72VD9
aBK8zqscYK+U8Xprz15rfUgQOjrhIkz97RKtVYHXU2Ca6SBE46Mh3DBOaIAruzjl
JwY3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org