Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/fP-jU1BCKcLPXMGue42IRaY2x7U.roa
File: fP-jU1BCKcLPXMGue42IRaY2x7U.roa (raw, json)
Hash identifier: vpcvIUEg2Dlj1+5cfTW7C/xwA+ghhQXa60bter8FDuQ=
Subject key identifier: 7C:FF:A3:53:50:42:29:C2:CF:5C:C1:AE:7B:8D:88:45:A6:36:C7:B5
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 0185556C572D9798C5470150AECDE7219C64
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/fP-jU1BCKcLPXMGue42IRaY2x7U.roa
Signing time: Tue 27 Dec 2022 21:10:41 +0000
ROA not before: Tue 27 Dec 2022 21:10:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 85.8.160.0/23 maxlen: 23
85.8.162.0/23 maxlen: 23
62.182.32.0/23 maxlen: 23
62.182.34.0/23 maxlen: 23
139.28.240.0/23 maxlen: 23
139.28.242.0/23 maxlen: 23
5.133.100.0/23 maxlen: 23
5.133.102.0/23 maxlen: 23
31.40.204.0/23 maxlen: 23
31.40.206.0/23 maxlen: 23
212.107.4.0/23 maxlen: 23
212.107.6.0/23 maxlen: 23
84.54.0.0/23 maxlen: 23
84.54.2.0/23 maxlen: 23
85.8.144.0/23 maxlen: 23
85.8.146.0/23 maxlen: 23
139.28.212.0/22 maxlen: 22
193.32.204.0/22 maxlen: 22
92.249.62.0/23 maxlen: 23
92.249.60.0/23 maxlen: 23
193.187.108.0/22 maxlen: 22
176.53.156.0/23 maxlen: 23
176.53.158.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:55:6c:57:2d:97:98:c5:47:01:50:ae:cd:e7:21:9c:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Dec 27 21:10:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7cffa353504229c2cf5cc1ae7b8d8845a636c7b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2b:e8:ef:86:98:cf:31:16:4a:68:e9:60:17:
f5:34:39:7d:bb:ec:a7:f1:74:d1:00:88:bb:a9:c5:
a3:71:26:30:ff:34:32:84:c4:03:6f:dc:17:47:68:
63:b3:9d:c5:c8:e9:60:d4:2d:3c:fe:b0:20:b8:75:
30:0d:de:06:87:f7:47:a2:c3:a0:a1:d5:b6:6c:cf:
8c:eb:8b:45:0c:bc:a8:5c:92:cd:f0:8f:2b:43:86:
72:56:fa:0b:b5:e2:dd:35:09:b5:95:e5:ed:22:80:
17:55:62:ff:0d:80:a2:d0:3c:42:ea:5a:c7:07:8f:
77:a4:06:a2:f8:5a:4d:eb:e4:92:0d:76:50:f7:83:
4e:ba:69:c8:13:6a:b0:2e:a7:b1:b6:4f:05:57:25:
4e:5d:ca:b0:39:21:d9:c0:6e:d2:3d:f6:78:6f:1b:
fa:36:fb:9e:5b:54:86:55:2b:69:6d:1d:56:d8:7c:
7f:cb:76:f6:4f:d5:3c:ca:7d:68:ca:bd:b8:72:fa:
a7:bb:ca:61:8c:ec:df:ba:8f:a0:36:1e:05:07:ad:
ff:c8:35:46:6e:35:00:52:7a:ab:92:37:d5:d5:4a:
19:2a:4e:d1:bd:fc:61:65:d2:50:1c:f3:85:c6:21:
62:1a:5a:cc:c1:18:1a:1b:65:16:7d:aa:b1:c1:db:
bc:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:FF:A3:53:50:42:29:C2:CF:5C:C1:AE:7B:8D:88:45:A6:36:C7:B5
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/fP-jU1BCKcLPXMGue42IRaY2x7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.100.0/22
31.40.204.0/22
62.182.32.0/22
84.54.0.0/22
85.8.144.0/22
85.8.160.0/22
92.249.60.0/22
139.28.212.0/22
139.28.240.0/22
176.53.156.0/22
193.32.204.0/22
193.187.108.0/22
212.107.4.0/22
Signature Algorithm: sha256WithRSAEncryption
d3:05:c4:74:bf:56:20:6a:38:64:e6:66:e1:27:b6:c5:9b:75:
be:7e:83:95:63:25:38:d4:bd:43:c2:cb:fd:f5:c2:fd:b5:8a:
2e:70:3b:df:81:c1:ad:a2:ff:88:9c:3f:1d:3f:5a:63:11:e9:
ee:ec:b3:bd:23:34:fb:56:83:d6:ba:c5:43:54:7d:2a:99:5a:
d4:ac:27:61:99:c5:02:6d:e5:fa:5e:5c:d0:91:15:76:5f:b7:
13:1e:8c:08:cd:ad:a8:62:df:c9:42:f0:26:a6:ee:6c:a1:1b:
95:96:b9:bd:16:79:5e:b5:f5:a0:60:bc:bf:34:d1:02:14:d2:
61:cc:5d:1b:a4:17:e9:de:ca:7e:e5:2a:d0:0c:c8:0d:ba:cc:
4b:cc:38:0f:aa:86:22:16:8e:c0:ee:c4:73:33:30:d3:66:4d:
a5:62:73:67:cc:9c:a9:d6:20:19:93:c1:50:55:fa:c7:03:f5:
72:17:3a:e9:1c:c1:c5:fa:fb:3b:a5:73:0f:68:0e:1f:f3:52:
42:b3:4e:42:0c:05:4c:74:22:03:f6:dd:49:ce:37:ef:37:27:
51:f0:84:82:db:ee:06:ce:16:09:35:ef:12:2d:f5:8c:7b:14:
17:0e:24:1b:b2:46:95:a4:54:b9:4e:d7:ad:f9:fc:b7:5a:c5:
b1:e0:b6:fe
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYVVbFctl5jFRwFQrs3nIZxkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjIxMjI3MjExMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2ZmYTM1MzUwNDIyOWMyY2Y1Y2MxYWU3YjhkODg0NWE2MzZjN2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyvo74aYzzEWSmjpYBf1NDl9u+yn
8XTRAIi7qcWjcSYw/zQyhMQDb9wXR2hjs53FyOlg1C08/rAguHUwDd4Gh/dHosOg
odW2bM+M64tFDLyoXJLN8I8rQ4ZyVvoLteLdNQm1leXtIoAXVWL/DYCi0DxC6lrH
B493pAai+FpN6+SSDXZQ94NOumnIE2qwLqextk8FVyVOXcqwOSHZwG7SPfZ4bxv6
NvueW1SGVStpbR1W2Hx/y3b2T9U8yn1oyr24cvqnu8phjOzfuo+gNh4FB63/yDVG
bjUAUnqrkjfV1UoZKk7RvfxhZdJQHPOFxiFiGlrMwRgaG2UWfaqxwdu8TQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFHz/o1NQQinCz1zBrnuNiEWmNse1MB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvZlAtalUxQkNLY0xQWE1HdWU0MklSYVkyeDdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQCBYVkAwQC
HyjMAwQCPrYgAwQCVDYAAwQCVQiQAwQCVQigAwQCXPk8AwQCixzUAwQCixzwAwQC
sDWcAwQCwSDMAwQCwbtsAwQC1GsEMA0GCSqGSIb3DQEBCwUAA4IBAQDTBcR0v1Yg
ajhk5mbhJ7bFm3W+foOVYyU41L1Dwsv99cL9tYoucDvfgcGtov+InD8dP1pjEenu
7LO9IzT7VoPWusVDVH0qmVrUrCdhmcUCbeX6XlzQkRV2X7cTHowIza2oYt/JQvAm
pu5soRuVlrm9FnletfWgYLy/NNECFNJhzF0bpBfp3sp+5SrQDMgNusxLzDgPqoYi
Fo7A7sRzMzDTZk2lYnNnzJyp1iAZk8FQVfrHA/VyFzrpHMHF+vs7pXMPaA4f81JC
s05CDAVMdCID9t1JzjfvNydR8ISC2+4GzhYJNe8SLfWMexQXDiQbskaVpFS5Ttet
+fy3WsWx4Lb+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:49 2024 by rpki-client on console-ams.rpki-client.org