Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/UcBLtNbWFcCI6KDE3mpA5Tz7cgo.roa
File: UcBLtNbWFcCI6KDE3mpA5Tz7cgo.roa (raw, json)
Hash identifier: d8x4PSUqlR138oTDeVhy/qPy9Ln7lPicTyzd/T4XfZY=
Subject key identifier: 51:C0:4B:B4:D6:D6:15:C0:88:E8:A0:C4:DE:6A:40:E5:3C:FB:72:0A
Certificate issuer: /CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Certificate serial: 08904DC1
Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/UcBLtNbWFcCI6KDE3mpA5Tz7cgo.roa
Signing time: Wed 19 Jan 2022 11:43:48 +0000
ROA not before: Wed 19 Jan 2022 11:43:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202422
IP address blocks: 92.38.187.0/24 maxlen: 24
5.188.169.0/24 maxlen: 24
146.185.236.0/24 maxlen: 24
146.185.237.0/24 maxlen: 24
92.38.148.0/24 maxlen: 24
37.9.33.0/24 maxlen: 24
37.9.32.0/24 maxlen: 24
92.38.155.0/24 maxlen: 24
92.38.173.0/24 maxlen: 24
5.188.148.0/24 maxlen: 24
92.38.186.0/23 maxlen: 24
92.38.186.0/24 maxlen: 24
92.38.180.0/24 maxlen: 24
5.8.24.0/24 maxlen: 24
146.185.216.0/24 maxlen: 24
146.185.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143674817 (0x8904dc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Validity
Not Before: Jan 19 11:43:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=51c04bb4d6d615c088e8a0c4de6a40e53cfb720a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:6a:56:fe:ad:09:74:89:a3:fc:c2:3e:2a:fe:
70:e5:86:bb:9c:aa:c9:04:90:53:35:c1:75:1e:d1:
58:a7:2f:91:27:8a:be:ce:8d:f4:a4:ab:c2:c0:9e:
82:4b:13:43:8d:49:29:72:ba:4f:4f:bb:c1:fd:59:
36:60:06:cf:1b:42:f1:8a:47:06:87:e0:d8:83:bd:
90:e2:e3:67:85:6e:f6:68:59:a8:5b:9c:a8:b1:02:
85:63:06:1a:99:ff:dc:c0:c0:09:ce:50:c3:7a:2f:
c9:8a:79:94:42:54:17:b0:78:2f:70:71:63:a7:df:
39:2d:4f:04:9a:da:fa:9f:a9:12:2f:dc:0a:75:8a:
f8:cf:f1:7e:fd:d0:90:ff:ff:1b:94:63:9b:14:04:
a8:0e:3d:68:63:d5:21:b5:76:1d:6e:e8:ca:d8:04:
ec:f5:a6:b6:f6:2b:9a:52:6c:d9:60:a2:cf:99:b1:
ad:c8:e6:42:06:fd:bc:6e:6c:54:d1:53:26:e0:ad:
54:38:15:68:4c:74:27:a3:94:8f:2b:99:c5:79:92:
61:32:cf:e2:93:e5:94:61:bc:53:4e:a6:26:5c:12:
58:c9:16:67:6d:fa:46:73:88:8f:0b:9a:e8:94:31:
ee:d6:c6:ba:98:b2:35:f0:a1:ac:36:0a:69:e5:d6:
23:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:C0:4B:B4:D6:D6:15:C0:88:E8:A0:C4:DE:6A:40:E5:3C:FB:72:0A
X509v3 Authority Key Identifier:
keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/UcBLtNbWFcCI6KDE3mpA5Tz7cgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.24.0/24
5.188.148.0/24
5.188.169.0/24
37.9.32.0/23
92.38.148.0/24
92.38.155.0/24
92.38.173.0/24
92.38.180.0/24
92.38.186.0/23
146.185.216.0/23
146.185.236.0/23
Signature Algorithm: sha256WithRSAEncryption
14:62:d7:fa:51:3f:35:c3:31:01:8a:aa:57:ab:3e:9c:8d:d9:
d5:80:2a:d0:dd:52:07:df:d2:fc:22:96:f3:af:39:1d:6b:2e:
10:db:7f:da:78:32:ff:a1:4a:1b:be:63:7e:f8:fc:40:a3:e6:
5d:f3:09:e8:bc:fe:72:7d:b8:25:b2:93:58:68:36:ef:70:e5:
18:bf:45:79:8d:3f:9c:c9:1f:cc:3f:71:5a:ba:6f:cf:fb:6b:
d2:af:cd:3a:15:e1:39:a8:db:25:b2:f2:d8:7e:9d:e5:18:3e:
2b:7d:fb:6b:91:24:33:bd:a3:3e:54:7b:44:84:e7:06:af:ca:
1e:af:5d:55:65:46:db:a7:48:09:c8:46:5e:a7:45:7a:bf:ca:
7e:56:cb:8a:ff:24:6b:39:53:40:70:2a:c2:ca:a6:31:cb:ec:
10:0c:fb:86:13:69:ab:37:4d:c5:df:f9:e1:ba:50:41:ff:95:
d7:86:b3:8a:e2:05:0f:64:29:78:b8:c1:34:88:bd:3d:a3:93:
82:2e:7a:8e:da:31:63:a6:7e:df:17:66:91:ed:ff:a9:6e:53:
a3:ae:0f:6a:b9:e2:a2:b3:ef:fa:96:27:9c:72:0a:4e:0b:8f:
40:f8:e2:0a:a0:75:04:d3:c8:ac:0d:5e:ea:f4:6d:a2:a2:00:
12:85:3e:ea
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIECJBNwTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MGU0ZjZhNzczNjhiN2NlY2ZlNjcyMjBiNDM2NTc2YjFlMDA4YWVjMB4XDTIyMDEx
OTExNDM0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTFjMDRiYjRkNmQ2
MTVjMDg4ZThhMGM0ZGU2YTQwZTUzY2ZiNzIwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJJqVv6tCXSJo/zCPir+cOWGu5yqyQSQUzXBdR7RWKcvkSeK
vs6N9KSrwsCegksTQ41JKXK6T0+7wf1ZNmAGzxtC8YpHBofg2IO9kOLjZ4Vu9mhZ
qFucqLEChWMGGpn/3MDACc5Qw3ovyYp5lEJUF7B4L3BxY6ffOS1PBJra+p+pEi/c
CnWK+M/xfv3QkP//G5RjmxQEqA49aGPVIbV2HW7oytgE7PWmtvYrmlJs2WCiz5mx
rcjmQgb9vG5sVNFTJuCtVDgVaEx0J6OUjyuZxXmSYTLP4pPllGG8U06mJlwSWMkW
Z236RnOIjwua6JQx7tbGupiyNfChrDYKaeXWI9ECAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBRRwEu01tYVwIjooMTeakDlPPtyCjAfBgNVHSMEGDAWgBQA5Panc2i3zs/m
ciC0NldrHgCK7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FPVDJwM05vdDg3UDVuSWd0RFpYYXg0QWl1dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzEvNjUyZGE5LWFmYzQtNGUyMC04MmZjLWIwN2Q4NDE2YWU0YS8x
L1VjQkx0TmJXRmNDSTZLREUzbXBBNVR6N2Nnby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEv
NjUyZGE5LWFmYzQtNGUyMC04MmZjLWIwN2Q4NDE2YWU0YS8xL0FPVDJwM05vdDg3
UDVuSWd0RFpYYXg0QWl1dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAAUIGAMEAAW8lAMEAAW8qQMEASUJ
IAMEAFwmlAMEAFwmmwMEAFwmrQMEAFwmtAMEAVwmugMEAZK52AMEAZK57DANBgkq
hkiG9w0BAQsFAAOCAQEAFGLX+lE/NcMxAYqqV6s+nI3Z1YAq0N1SB9/S/CKW8685
HWsuENt/2ngy/6FKG75jfvj8QKPmXfMJ6Lz+cn24JbKTWGg273DlGL9FeY0/nMkf
zD9xWrpvz/tr0q/NOhXhOajbJbLy2H6d5Rg+K337a5EkM72jPlR7RITnBq/KHq9d
VWVG26dICchGXqdFer/KflbLiv8kazlTQHAqwsqmMcvsEAz7hhNpqzdNxd/54bpQ
Qf+V14aziuIFD2QpeLjBNIi9PaOTgi56jtoxY6Z+3xdmke3/qW5To64ParniorPv
+pYnnHIKTguPQPjiCqB1BNPIrA1e6vRtoqIAEoU+6g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:56 2023 by rpki-client on console-ams.rpki-client.org