Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/R5UEZ4Gy0WvTqeahYbJ5SoLNcYQ.roa
File: R5UEZ4Gy0WvTqeahYbJ5SoLNcYQ.roa (raw, json)
Hash identifier: 9rZH8hBbR2LIMFbU4OnM6Tas1bMvWDIxBdDGTGYWFdU=
Subject key identifier: 47:95:04:67:81:B2:D1:6B:D3:A9:E6:A1:61:B2:79:4A:82:CD:71:84
Certificate issuer: /CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Certificate serial: 01838DE35243FEBDBFAEE90F47CAA63598B3
Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/R5UEZ4Gy0WvTqeahYbJ5SoLNcYQ.roa
Signing time: Fri 30 Sep 2022 10:13:48 +0000
ROA not before: Fri 30 Sep 2022 10:13:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202422
IP address blocks: 92.223.102.0/24 maxlen: 24
80.93.209.0/24 maxlen: 24
80.93.210.0/24 maxlen: 24
80.93.219.0/24 maxlen: 24
80.93.218.0/24 maxlen: 24
80.93.214.0/24 maxlen: 24
80.93.215.0/24 maxlen: 24
80.93.217.0/24 maxlen: 24
80.93.223.0/24 maxlen: 24
92.38.148.0/24 maxlen: 24
92.38.155.0/24 maxlen: 24
92.38.173.0/24 maxlen: 24
5.188.148.0/24 maxlen: 24
92.38.186.0/23 maxlen: 24
92.38.186.0/24 maxlen: 24
92.38.180.0/24 maxlen: 24
5.8.24.0/24 maxlen: 24
78.111.105.0/24 maxlen: 24
78.111.99.0/24 maxlen: 24
78.111.102.0/24 maxlen: 24
78.111.101.0/24 maxlen: 24
217.195.193.0/24 maxlen: 24
92.38.187.0/24 maxlen: 24
5.188.169.0/24 maxlen: 24
146.185.236.0/24 maxlen: 24
146.185.237.0/24 maxlen: 24
37.9.33.0/24 maxlen: 24
37.9.32.0/24 maxlen: 24
217.195.205.0/24 maxlen: 24
146.185.216.0/24 maxlen: 24
146.185.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:8d:e3:52:43:fe:bd:bf:ae:e9:0f:47:ca:a6:35:98:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Validity
Not Before: Sep 30 10:13:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4795046781b2d16bd3a9e6a161b2794a82cd7184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:07:ac:84:61:ce:b7:0a:03:0c:27:49:c1:2c:
f1:ce:b5:f4:84:a0:f4:ec:d1:da:46:ee:48:90:f1:
fd:1c:33:37:7e:ea:93:81:9f:8a:d0:f5:2d:e7:e6:
56:b6:81:37:4a:05:9d:44:90:27:1c:3e:27:c8:a8:
4c:59:de:a5:ec:9c:d9:f4:0a:2f:6f:9d:83:06:dc:
32:b4:dd:73:5d:97:b5:b7:7f:d4:a8:9f:ac:10:43:
e6:d5:cf:61:1e:ff:39:34:99:d6:98:98:c0:39:cc:
9c:ce:f1:2a:13:e3:43:d4:2d:1a:04:32:f4:c4:fa:
0f:14:6d:79:e7:7a:f3:6f:84:14:2d:6c:e6:b4:f2:
17:e2:b1:2b:f5:d5:05:95:2a:5d:5a:1c:9f:3c:ef:
52:a4:94:89:0f:3e:6c:4f:21:6f:a4:eb:dc:8c:ab:
60:10:6e:ab:5a:d7:3d:3f:3b:fe:17:e6:46:a6:1e:
02:05:4b:46:75:d3:2e:ed:22:e5:24:2c:9f:3a:4f:
4a:85:32:5f:11:7f:83:85:a0:15:58:be:f9:d4:1b:
ac:73:d5:07:cf:61:ea:9f:59:41:a5:ca:3b:37:c6:
4c:87:2a:8e:c1:e8:f8:f4:bc:0b:ac:15:fd:80:f9:
da:77:65:96:c6:d3:d7:ec:ab:c2:71:df:dd:22:ed:
8b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:95:04:67:81:B2:D1:6B:D3:A9:E6:A1:61:B2:79:4A:82:CD:71:84
X509v3 Authority Key Identifier:
keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/R5UEZ4Gy0WvTqeahYbJ5SoLNcYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.24.0/24
5.188.148.0/24
5.188.169.0/24
37.9.32.0/23
78.111.99.0/24
78.111.101.0-78.111.102.255
78.111.105.0/24
80.93.209.0-80.93.210.255
80.93.214.0/23
80.93.217.0-80.93.219.255
80.93.223.0/24
92.38.148.0/24
92.38.155.0/24
92.38.173.0/24
92.38.180.0/24
92.38.186.0/23
92.223.102.0/24
146.185.216.0/23
146.185.236.0/23
217.195.193.0/24
217.195.205.0/24
Signature Algorithm: sha256WithRSAEncryption
66:6f:fe:c6:16:5f:16:8c:76:9f:f7:38:ee:6a:b7:65:4c:6f:
11:20:31:d3:bd:4c:0b:c6:86:fa:85:da:6e:e4:20:47:5b:b4:
ae:1f:a9:59:38:16:1e:42:d2:fa:15:25:e8:d3:6b:99:83:07:
2e:1e:ba:ce:63:cb:e8:df:ba:db:9d:65:b6:69:ee:18:c4:f7:
cd:d3:70:93:cd:40:2c:fe:7c:26:b0:3a:08:0d:20:fd:f5:d9:
d1:32:6a:73:fa:73:55:e2:11:0d:74:21:80:e3:0a:52:c9:3c:
fd:b7:61:e5:55:31:81:73:fb:a0:24:da:3a:20:af:f4:7b:0e:
be:b9:2e:ef:34:2d:5a:cf:69:10:cb:7c:4b:37:30:65:54:96:
ab:3d:f7:66:0a:11:c9:11:b8:0c:ae:85:5f:72:a3:85:70:bc:
0f:f6:e5:ad:bb:ab:6f:7d:69:a7:43:be:77:6f:de:ad:13:0f:
19:04:00:ee:66:4d:21:28:a4:74:01:7e:a5:6e:51:90:9c:2c:
7b:7a:26:19:2e:9a:84:42:e7:a3:37:f0:c7:bb:0f:df:42:c4:
28:32:38:1d:c8:ed:e5:ec:3b:07:b7:a4:7f:6a:99:d1:00:cc:
b4:4f:f6:90:44:c5:8b:67:6d:44:ae:21:16:b0:bf:c9:c7:28:
1c:a5:bd:92
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYON41JD/r2/rukPR8qmNZizMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw
MDhhZWMwHhcNMjIwOTMwMTAxMzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Nzk1MDQ2NzgxYjJkMTZiZDNhOWU2YTE2MWIyNzk0YTgyY2Q3MTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QeshGHOtwoDDCdJwSzxzrX0hKD0
7NHaRu5IkPH9HDM3fuqTgZ+K0PUt5+ZWtoE3SgWdRJAnHD4nyKhMWd6l7JzZ9Aov
b52DBtwytN1zXZe1t3/UqJ+sEEPm1c9hHv85NJnWmJjAOcyczvEqE+ND1C0aBDL0
xPoPFG1553rzb4QULWzmtPIX4rEr9dUFlSpdWhyfPO9SpJSJDz5sTyFvpOvcjKtg
EG6rWtc9Pzv+F+ZGph4CBUtGddMu7SLlJCyfOk9KhTJfEX+DhaAVWL751Busc9UH
z2Hqn1lBpco7N8ZMhyqOwej49LwLrBX9gPnad2WWxtPX7KvCcd/dIu2LWQIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFEeVBGeBstFr06nmoWGyeUqCzXGEMB8GA1UdIwQY
MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt
YjA3ZDg0MTZhZTRhLzEvUjVVRVo0R3kwV3ZUcWVhaFliSjVTb0xOY1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh
LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBAAF
CBgDBAAFvJQDBAAFvKkDBAElCSADBABOb2MwDAMEAE5vZQMEAE5vZgMEAE5vaTAM
AwQAUF3RAwQAUF3SAwQBUF3WMAwDBABQXdkDBAJQXdgDBABQXd8DBABcJpQDBABc
JpsDBABcJq0DBABcJrQDBAFcJroDBABc32YDBAGSudgDBAGSuewDBADZw8EDBADZ
w80wDQYJKoZIhvcNAQELBQADggEBAGZv/sYWXxaMdp/3OO5qt2VMbxEgMdO9TAvG
hvqF2m7kIEdbtK4fqVk4Fh5C0voVJejTa5mDBy4eus5jy+jfutudZbZp7hjE983T
cJPNQCz+fCawOggNIP312dEyanP6c1XiEQ10IYDjClLJPP23YeVVMYFz+6Ak2jog
r/R7Dr65Lu80LVrPaRDLfEs3MGVUlqs992YKEckRuAyuhV9yo4VwvA/25a27q299
aadDvndv3q0TDxkEAO5mTSEopHQBfqVuUZCcLHt6JhkumoRC56M38Me7D99CxCgy
OB3I7eXsOwe3pH9qmdEAzLRP9pBExYtnbUSuIRawv8nHKBylvZI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:56 2023 by rpki-client on console-ams.rpki-client.org