Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/F2D4X1io-SzDk2gfr_3h-QCnE5w.roa
File: F2D4X1io-SzDk2gfr_3h-QCnE5w.roa (raw, json)
Hash identifier: H1KHuUqxY/WSQPlUVMpNbsYQ7bD4LXsZGkO8GaOEYM4=
Subject key identifier: 17:60:F8:5F:58:A8:F9:2C:C3:93:68:1F:AF:FD:E1:F9:00:A7:13:9C
Certificate issuer: /CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Certificate serial: 086090EF
Authority key identifier: 73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/F2D4X1io-SzDk2gfr_3h-QCnE5w.roa
Signing time: Mon 16 May 2022 11:31:36 +0000
ROA not before: Mon 16 May 2022 11:31:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39521
IP address blocks: 185.144.56.0/22 maxlen: 24
45.130.100.0/22 maxlen: 22
95.178.107.0/24 maxlen: 24
45.10.16.0/22 maxlen: 22
45.95.40.0/22 maxlen: 22
45.88.5.0/24 maxlen: 24
45.88.6.0/24 maxlen: 24
45.88.7.0/24 maxlen: 24
188.191.48.0/22 maxlen: 22
5.22.204.0/22 maxlen: 22
2a05:e4c0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140546287 (0x86090ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Validity
Not Before: May 16 11:31:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1760f85f58a8f92cc393681faffde1f900a7139c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a9:71:96:80:95:04:1b:24:ac:5a:c4:3b:eb:
85:6a:0c:f5:84:8b:42:a1:91:3b:e0:9f:1a:0b:85:
c4:e9:2e:bd:53:9b:dd:fe:f7:6b:27:32:ff:e4:25:
11:38:bf:ee:48:4f:ac:1c:f5:0d:38:89:55:61:4e:
7e:e4:f8:42:78:94:81:6e:5c:6d:62:c2:dc:f8:f5:
31:79:29:9c:fb:d7:f5:3b:7a:62:f4:0a:b7:0b:72:
e3:45:ed:34:4c:a7:a4:2e:3a:23:c1:40:f2:83:26:
6d:c6:51:cc:b0:d7:47:da:15:cd:b2:f7:a9:88:60:
2a:83:48:be:d6:c5:db:d1:f9:c8:05:c1:6e:17:4d:
3b:fa:47:32:68:0a:0c:44:ea:1f:ec:8b:33:c9:15:
ab:42:a8:fc:b6:6d:01:89:96:22:27:c5:52:43:7c:
f9:2d:75:fb:a4:d1:dc:41:1b:c6:d2:11:99:96:aa:
0e:ac:1a:eb:d5:74:3b:bd:1b:e4:48:96:3a:fe:cf:
d6:e0:c7:7e:1f:b4:a0:e4:c8:f0:c9:c8:e0:b7:32:
94:92:71:c7:b5:0a:60:1c:4a:d0:be:cf:db:f5:24:
f4:58:b9:ce:40:f0:56:ab:90:9f:59:a9:ad:76:34:
f2:8d:8d:f4:24:17:13:70:ba:88:1a:c6:68:b5:79:
d6:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:60:F8:5F:58:A8:F9:2C:C3:93:68:1F:AF:FD:E1:F9:00:A7:13:9C
X509v3 Authority Key Identifier:
keyid:73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/F2D4X1io-SzDk2gfr_3h-QCnE5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.204.0/22
45.10.16.0/22
45.88.5.0-45.88.7.255
45.95.40.0/22
45.130.100.0/22
95.178.107.0/24
185.144.56.0/22
188.191.48.0/22
IPv6:
2a05:e4c0::/29
Signature Algorithm: sha256WithRSAEncryption
7b:7c:08:e5:5a:5b:e0:78:26:79:de:d7:31:e7:cb:11:f8:ec:
08:a4:23:75:67:3c:1f:7a:52:3c:83:31:37:eb:48:0c:55:74:
94:05:67:c9:bb:b0:e2:b3:3b:4c:aa:82:2d:40:e8:e7:31:e6:
15:1d:61:e5:da:a8:19:bc:88:ba:d2:5d:44:74:47:87:de:60:
a6:7c:7a:60:d7:9a:e2:4e:64:22:88:d0:72:3f:29:48:9c:64:
52:70:98:51:89:7e:3e:f5:16:fc:67:a9:e9:24:2f:8d:63:db:
c3:54:bc:f1:7a:ab:3b:4d:fa:7d:42:04:f4:76:57:81:35:39:
72:c8:9e:c8:63:15:a4:7e:f8:95:ae:b5:bf:f0:18:f1:91:ab:
db:22:2c:67:f2:59:44:f2:d7:3e:b0:06:9d:2c:81:4c:96:0f:
4d:ca:79:db:9b:b6:c3:e2:9a:61:f7:41:12:9e:26:5a:8b:f6:
46:e3:40:93:ff:a2:f1:28:7d:83:76:29:64:c5:7d:a3:8e:8b:
2c:27:9f:0f:5c:11:d2:79:ed:33:11:af:1f:c3:9f:13:76:f0:
27:c5:16:57:f6:04:0d:3f:c9:41:44:df:82:8e:4e:49:40:a7:
7b:72:7e:52:3e:ef:18:00:85:82:eb:f2:23:67:de:16:16:6e:
7b:f0:b9:ab
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIECGCQ7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
M2YyMTBmMTI5OWExZTBhZWU3MWRjMWQ3OWU1ZmIxMjA5MmQzMGE5MB4XDTIyMDUx
NjExMzEzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTc2MGY4NWY1OGE4
ZjkyY2MzOTM2ODFmYWZmZGUxZjkwMGE3MTM5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALypcZaAlQQbJKxaxDvrhWoM9YSLQqGRO+CfGguFxOkuvVOb
3f73aycy/+QlETi/7khPrBz1DTiJVWFOfuT4QniUgW5cbWLC3Pj1MXkpnPvX9Tt6
YvQKtwty40XtNEynpC46I8FA8oMmbcZRzLDXR9oVzbL3qYhgKoNIvtbF29H5yAXB
bhdNO/pHMmgKDETqH+yLM8kVq0Ko/LZtAYmWIifFUkN8+S11+6TR3EEbxtIRmZaq
Dqwa69V0O70b5EiWOv7P1uDHfh+0oOTI8MnI4LcylJJxx7UKYBxK0L7P2/Uk9Fi5
zkDwVquQn1mprXY08o2N9CQXE3C6iBrGaLV51gUCAwEAAaOCAkowggJGMB0GA1Ud
DgQWBBQXYPhfWKj5LMOTaB+v/eH5AKcTnDAfBgNVHSMEGDAWgBRz8hDxKZoeCu5x
3B155fsSCS0wqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NfSVE4U21hSGdydWNkd2RlZVg3RWdrdE1Lay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZGIxYjQ4LTFjYzUtNDgzMy05M2Q5LWI5NDY0NzE4YmEzNy8x
L0YyRDRYMWlvLVN6RGsyZ2ZyXzNoLVFDbkU1dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZGIxYjQ4LTFjYzUtNDgzMy05M2Q5LWI5NDY0NzE4YmEzNy8xL2NfSVE4U21hSGdy
dWNkd2RlZVg3RWdrdE1Lay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBg
BggrBgEFBQcBBwEB/wRRME8wPgQCAAEwOAMEAgUWzAMEAi0KEDAMAwQALVgFAwQD
LVgAAwQCLV8oAwQCLYJkAwQAX7JrAwQCuZA4AwQCvL8wMA0EAgACMAcDBQMqBeTA
MA0GCSqGSIb3DQEBCwUAA4IBAQB7fAjlWlvgeCZ53tcx58sR+OwIpCN1ZzwfelI8
gzE360gMVXSUBWfJu7DisztMqoItQOjnMeYVHWHl2qgZvIi60l1EdEeH3mCmfHpg
15riTmQiiNByPylInGRScJhRiX4+9Rb8Z6npJC+NY9vDVLzxeqs7Tfp9QgT0dleB
NTlyyJ7IYxWkfviVrrW/8BjxkavbIixn8llE8tc+sAadLIFMlg9Nynnbm7bD4pph
90ESniZai/ZG40CT/6LxKH2DdilkxX2jjossJ58PXBHSee0zEa8fw58TdvAnxRZX
9gQNP8lBRN+Cjk5JQKd7cn5SPu8YAIWC6/IjZ94WFm578Lmr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:26 2024 by rpki-client on console-ams.rpki-client.org