Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/5PQYH6dC8Os0uI3IDdT0od2XzaA.roa
File: 5PQYH6dC8Os0uI3IDdT0od2XzaA.roa (raw, json)
Hash identifier: fdOY0KXUpvM+9r3Ut9S5RzNKKZ9wC7JxZmFDXfQ2jcA=
Subject key identifier: E4:F4:18:1F:A7:42:F0:EB:34:B8:8D:C8:0D:D4:F4:A1:DD:97:CD:A0
Certificate issuer: /CN=4d5f0cb06a5a47b4ddac7f4d6dfd44aba4d31f2e
Certificate serial: 0BA74EB3
Authority key identifier: 4D:5F:0C:B0:6A:5A:47:B4:DD:AC:7F:4D:6D:FD:44:AB:A4:D3:1F:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/5PQYH6dC8Os0uI3IDdT0od2XzaA.roa
Signing time: Wed 25 May 2022 07:08:13 +0000
ROA not before: Wed 25 May 2022 07:08:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197588
IP address blocks: 185.101.188.0/22 maxlen: 22
185.101.188.0/24 maxlen: 24
185.101.190.0/24 maxlen: 24
185.101.190.0/23 maxlen: 23
195.110.51.0/24 maxlen: 24
178.219.129.0/24 maxlen: 24
178.219.130.0/24 maxlen: 24
2a00:c020::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 195514035 (0xba74eb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d5f0cb06a5a47b4ddac7f4d6dfd44aba4d31f2e
Validity
Not Before: May 25 07:08:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e4f4181fa742f0eb34b88dc80dd4f4a1dd97cda0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:5d:6f:09:87:64:ce:b7:14:f6:3d:1a:f4:3b:
00:2c:15:40:52:1f:b8:00:f7:e3:36:59:67:44:2d:
cd:6b:5b:0d:19:cf:5a:73:eb:22:59:fb:62:6d:f4:
b2:35:1d:60:d9:d6:1e:48:ef:49:13:2c:b6:29:17:
90:c8:3b:e4:79:73:57:f6:46:2f:1f:08:9b:b5:b7:
6d:17:4f:b1:ca:b4:5d:49:9e:02:38:6b:74:78:f0:
bd:85:3f:8f:36:67:12:7f:80:53:77:33:c0:4b:3a:
38:a3:36:48:32:a5:15:d5:69:5c:86:d0:3c:88:38:
f2:02:c8:31:a0:0f:34:b2:20:b2:cc:38:aa:5b:f2:
25:f6:7c:1e:30:7e:bb:a9:78:d2:ac:4c:5b:07:f5:
36:11:ad:ed:e9:77:26:89:0f:31:d6:1a:45:68:18:
91:9a:d6:bb:3a:4f:eb:95:ba:ab:10:51:d9:69:97:
5a:df:db:0e:90:d7:2c:5e:5b:b5:de:d5:8d:60:34:
02:54:30:8e:01:9e:e9:65:b5:57:9f:20:20:5a:f3:
52:35:26:56:64:10:9d:c6:a8:a6:79:65:1a:f4:fd:
85:5f:b6:4d:20:06:16:9c:49:15:51:99:50:3d:fe:
84:a5:df:5d:6f:44:23:be:a3:85:ac:bf:71:0e:7b:
e3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:F4:18:1F:A7:42:F0:EB:34:B8:8D:C8:0D:D4:F4:A1:DD:97:CD:A0
X509v3 Authority Key Identifier:
keyid:4D:5F:0C:B0:6A:5A:47:B4:DD:AC:7F:4D:6D:FD:44:AB:A4:D3:1F:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/5PQYH6dC8Os0uI3IDdT0od2XzaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.219.129.0-178.219.130.255
185.101.188.0/22
195.110.51.0/24
IPv6:
2a00:c020::/36
Signature Algorithm: sha256WithRSAEncryption
90:ec:ba:fb:a4:07:4c:b6:c2:e4:c6:57:3a:c2:32:fa:02:8a:
18:93:52:2c:3a:57:bf:39:9a:5d:e3:f1:e5:89:c9:ef:f0:88:
90:dd:06:a1:92:99:38:52:0a:1d:53:5d:03:fc:8d:ba:03:d9:
94:ef:b6:45:00:be:53:52:c4:82:9d:31:46:5e:b8:fe:85:6b:
65:f1:b4:96:fc:31:d4:f4:e0:18:f0:c9:b1:0e:3d:30:45:5f:
f4:36:bb:ae:ad:35:13:e9:22:c5:5c:d3:47:54:c5:b9:61:0c:
cb:68:dd:95:cf:a6:ae:06:b0:63:8e:e5:09:36:3f:f2:9c:e1:
e1:46:8c:1a:a9:23:20:10:c8:c1:44:b9:13:20:98:f3:50:02:
81:4c:f6:d0:b3:72:18:e9:55:14:c2:fd:a4:47:9a:1a:76:2c:
b0:d4:87:bb:63:05:d7:44:a8:b4:c8:86:1b:e5:4b:25:a0:d6:
6c:36:aa:e7:82:c8:96:45:c6:2d:7d:2a:03:6c:3a:02:86:30:
d1:03:53:a9:61:33:d5:c0:ef:d2:ee:9d:53:ec:2c:b0:02:4a:
8e:73:fa:b0:f0:4e:b6:0f:99:09:8a:2d:b4:6a:a1:e9:6c:4c:
c0:6d:03:b5:cf:e2:ca:53:bb:90:29:eb:fb:8c:23:12:95:88:
bc:33:98:e6
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEC6dOszANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZDVmMGNiMDZhNWE0N2I0ZGRhYzdmNGQ2ZGZkNDRhYmE0ZDMxZjJlMB4XDTIyMDUy
NTA3MDgxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTRmNDE4MWZhNzQy
ZjBlYjM0Yjg4ZGM4MGRkNGY0YTFkZDk3Y2RhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJNdbwmHZM63FPY9GvQ7ACwVQFIfuAD34zZZZ0QtzWtbDRnP
WnPrIln7Ym30sjUdYNnWHkjvSRMstikXkMg75HlzV/ZGLx8Im7W3bRdPscq0XUme
AjhrdHjwvYU/jzZnEn+AU3czwEs6OKM2SDKlFdVpXIbQPIg48gLIMaAPNLIgssw4
qlvyJfZ8HjB+u6l40qxMWwf1NhGt7el3JokPMdYaRWgYkZrWuzpP65W6qxBR2WmX
Wt/bDpDXLF5btd7VjWA0AlQwjgGe6WW1V58gIFrzUjUmVmQQncaopnllGvT9hV+2
TSAGFpxJFVGZUD3+hKXfXW9EI76jhay/cQ574xECAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBTk9Bgfp0Lw6zS4jcgN1PSh3ZfNoDAfBgNVHSMEGDAWgBRNXwywalpHtN2s
f01t/USrpNMfLjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RWOE1zR3BhUjdUZHJIOU5iZjFFcTZUVEh5NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvY2I4MzM5LWNlZTMtNDAzNy1iYWNjLWRjOGI1MmUzZWEwYS8x
LzVQUVlINmRDOE9zMHVJM0lEZFQwb2QyWHphQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
Y2I4MzM5LWNlZTMtNDAzNy1iYWNjLWRjOGI1MmUzZWEwYS8xL1RWOE1zR3BhUjdU
ZHJIOU5iZjFFcTZUVEh5NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwIAQCAAEwGjAMAwQAstuBAwQAstuCAwQCuWW8AwQA
w24zMA4EAgACMAgDBgQqAMAgADANBgkqhkiG9w0BAQsFAAOCAQEAkOy6+6QHTLbC
5MZXOsIy+gKKGJNSLDpXvzmaXePx5YnJ7/CIkN0GoZKZOFIKHVNdA/yNugPZlO+2
RQC+U1LEgp0xRl64/oVrZfG0lvwx1PTgGPDJsQ49MEVf9Da7rq01E+kixVzTR1TF
uWEMy2jdlc+mrgawY47lCTY/8pzh4UaMGqkjIBDIwUS5EyCY81ACgUz20LNyGOlV
FML9pEeaGnYssNSHu2MF10SotMiGG+VLJaDWbDaq54LIlkXGLX0qA2w6AoYw0QNT
qWEz1cDv0u6dU+wssAJKjnP6sPBOtg+ZCYottGqh6WxMwG0Dtc/iylO7kCnr+4wj
EpWIvDOY5g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:15 2023 by rpki-client on console-fra.rpki-client.org