Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/at3HkDj0_uqeNOAqaneE2Mszg2g.roa
File: at3HkDj0_uqeNOAqaneE2Mszg2g.roa (raw, json)
Hash identifier: l11rN6dIX06BTIiMUzH6A0i1uxhbnLaln+InZ6wju5Q=
Subject key identifier: 6A:DD:C7:90:38:F4:FE:EA:9E:34:E0:2A:6A:77:84:D8:CB:33:83:68
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 01843F0FC8484B70106355ABBBB3019DE716
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/at3HkDj0_uqeNOAqaneE2Mszg2g.roa
Signing time: Thu 03 Nov 2022 19:55:09 +0000
ROA not before: Thu 03 Nov 2022 19:55:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 85.8.160.0/23 maxlen: 23
85.8.162.0/23 maxlen: 23
62.182.32.0/23 maxlen: 23
62.182.34.0/23 maxlen: 23
139.28.240.0/23 maxlen: 23
139.28.242.0/23 maxlen: 23
5.133.100.0/23 maxlen: 23
5.133.102.0/23 maxlen: 23
31.40.204.0/23 maxlen: 23
31.40.206.0/23 maxlen: 23
212.107.4.0/23 maxlen: 23
212.107.6.0/23 maxlen: 23
84.54.0.0/23 maxlen: 23
84.54.2.0/23 maxlen: 23
85.8.144.0/23 maxlen: 23
85.8.146.0/23 maxlen: 23
139.28.212.0/22 maxlen: 22
92.249.62.0/23 maxlen: 23
92.249.60.0/23 maxlen: 23
193.187.108.0/22 maxlen: 22
176.53.156.0/23 maxlen: 23
176.53.158.0/23 maxlen: 23
194.93.60.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3f:0f:c8:48:4b:70:10:63:55:ab:bb:b3:01:9d:e7:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Nov 3 19:55:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6addc79038f4feea9e34e02a6a7784d8cb338368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3b:35:55:2d:ac:4e:38:53:40:3b:11:45:6e:
93:e3:a5:ec:e7:d3:40:fa:c6:b5:49:d7:5d:a6:c7:
29:a6:49:73:57:fb:a8:db:8f:b8:31:63:cf:44:69:
fb:cf:d2:7d:13:e0:02:ad:89:11:56:27:05:85:ef:
4e:bb:ef:e0:08:a3:24:d2:15:86:9d:70:7f:ca:4c:
ec:89:fb:5a:1a:e4:4a:5d:18:c3:e8:40:6c:4f:80:
9f:a2:6f:d0:a3:8e:20:ab:39:3f:42:d8:97:52:43:
26:4b:8b:5a:de:f5:e5:10:ae:74:c2:b1:c7:8e:bc:
83:c2:40:99:8e:f3:5d:d7:59:75:cf:f1:d7:a5:b3:
8c:0a:08:6b:dc:7b:a9:cd:5d:10:e5:21:55:29:ff:
cc:6d:87:85:05:dc:8d:50:0a:d8:52:45:14:2b:09:
db:64:15:7d:a4:c6:2a:e1:4d:ab:76:fe:24:f5:e9:
d3:90:e8:ac:44:26:8b:6b:53:78:94:76:76:9d:ad:
40:c0:84:cf:07:2f:89:dc:75:3c:12:4b:ac:e4:ed:
9b:68:8f:6a:26:43:e7:68:f7:5a:31:a1:8b:a5:86:
5b:75:2e:0b:7f:70:48:2a:cb:65:0a:45:96:4c:95:
09:38:a4:5f:47:c9:a6:b9:7e:d6:83:a8:d6:92:7b:
67:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:DD:C7:90:38:F4:FE:EA:9E:34:E0:2A:6A:77:84:D8:CB:33:83:68
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/at3HkDj0_uqeNOAqaneE2Mszg2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.100.0/22
31.40.204.0/22
62.182.32.0/22
84.54.0.0/22
85.8.144.0/22
85.8.160.0/22
92.249.60.0/22
139.28.212.0/22
139.28.240.0/22
176.53.156.0/22
193.187.108.0/22
194.93.60.0/22
212.107.4.0/22
Signature Algorithm: sha256WithRSAEncryption
02:ea:70:50:d6:50:42:ff:94:de:61:11:6e:07:31:33:bb:7c:
1b:b8:dd:72:2b:43:1f:92:af:3b:b4:4c:1b:a9:1b:2b:95:bb:
99:7d:14:dd:2e:03:e0:ee:74:07:53:a4:f7:97:65:b5:9b:17:
e6:96:56:a0:86:6a:39:1e:c7:15:4a:bf:e1:26:38:cd:ef:4a:
5e:ca:28:50:6f:8e:88:cc:ee:4a:58:a2:f0:1d:5f:9b:bc:86:
c9:9b:13:8f:6d:88:bd:db:fe:4a:fc:fc:7d:df:f5:60:bc:1a:
9c:43:8a:6c:83:56:a4:93:59:c7:ef:ed:a2:48:84:b1:67:4a:
f3:6a:73:97:1e:bb:8b:a8:7e:e5:1b:cb:e7:7f:82:26:41:13:
ba:f5:63:d8:01:05:42:a7:c9:20:72:81:56:dd:a7:e0:ac:8b:
ec:48:18:a5:44:09:6e:4c:29:95:bb:30:b5:00:6a:85:14:56:
01:e1:8e:95:5b:fd:7f:e5:c6:b3:a3:f2:44:d5:ca:4f:4c:07:
a1:4e:53:76:fc:c7:30:2a:96:2c:ee:c3:fe:f0:b3:00:88:37:
89:c8:5a:27:9c:90:19:11:72:99:ff:42:c6:dc:9b:31:26:8c:
64:1a:9d:ae:3f:83:8c:06:bf:b6:cc:80:ac:89:33:06:4b:4c:
93:6c:45:83
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYQ/D8hIS3AQY1Wru7MBnecWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjIxMTAzMTk1NTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWRkYzc5MDM4ZjRmZWVhOWUzNGUwMmE2YTc3ODRkOGNiMzM4MzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTs1VS2sTjhTQDsRRW6T46Xs59NA
+sa1SdddpscppklzV/uo24+4MWPPRGn7z9J9E+ACrYkRVicFhe9Ou+/gCKMk0hWG
nXB/ykzsiftaGuRKXRjD6EBsT4Cfom/Qo44gqzk/QtiXUkMmS4ta3vXlEK50wrHH
jryDwkCZjvNd11l1z/HXpbOMCghr3HupzV0Q5SFVKf/MbYeFBdyNUArYUkUUKwnb
ZBV9pMYq4U2rdv4k9enTkOisRCaLa1N4lHZ2na1AwITPBy+J3HU8Ekus5O2baI9q
JkPnaPdaMaGLpYZbdS4Lf3BIKstlCkWWTJUJOKRfR8mmuX7Wg6jWkntndwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFGrdx5A49P7qnjTgKmp3hNjLM4NoMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvYXQzSGtEajBfdXFlTk9BcWFuZUUyTXN6ZzJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQCBYVkAwQC
HyjMAwQCPrYgAwQCVDYAAwQCVQiQAwQCVQigAwQCXPk8AwQCixzUAwQCixzwAwQC
sDWcAwQCwbtsAwQCwl08AwQC1GsEMA0GCSqGSIb3DQEBCwUAA4IBAQAC6nBQ1lBC
/5TeYRFuBzEzu3wbuN1yK0Mfkq87tEwbqRsrlbuZfRTdLgPg7nQHU6T3l2W1mxfm
llaghmo5HscVSr/hJjjN70peyihQb46IzO5KWKLwHV+bvIbJmxOPbYi92/5K/Px9
3/VgvBqcQ4psg1akk1nH7+2iSISxZ0rzanOXHruLqH7lG8vnf4ImQRO69WPYAQVC
p8kgcoFW3afgrIvsSBilRAluTCmVuzC1AGqFFFYB4Y6VW/1/5cazo/JE1cpPTAeh
TlN2/McwKpYs7sP+8LMAiDeJyFonnJAZEXKZ/0LG3JsxJoxkGp2uP4OMBr+2zICs
iTMGS0yTbEWD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org