Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/ciPYFsuWzwFn32QOxpRtltA8xqo.roa
File: ciPYFsuWzwFn32QOxpRtltA8xqo.roa (raw, json)
Hash identifier: kNp3cEkALMM8v+YJSi2Kn4yc8+TtwiHftpcf0+cTU/Q=
Subject key identifier: 72:23:D8:16:CB:96:CF:01:67:DF:64:0E:C6:94:6D:96:D0:3C:C6:AA
Certificate issuer: /CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Certificate serial: 018355C5CE39B165D033E1F933F221BE0046
Authority key identifier: 73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/ciPYFsuWzwFn32QOxpRtltA8xqo.roa
Signing time: Mon 19 Sep 2022 12:42:50 +0000
ROA not before: Mon 19 Sep 2022 12:42:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39521
IP address blocks: 185.144.56.0/22 maxlen: 24
83.229.113.0/24 maxlen: 24
45.95.40.0/22 maxlen: 22
83.229.23.0/24 maxlen: 24
188.191.48.0/22 maxlen: 22
5.22.204.0/22 maxlen: 22
217.194.153.0/24 maxlen: 24
83.229.34.0/24 maxlen: 24
193.57.94.0/23 maxlen: 23
45.130.100.0/22 maxlen: 22
95.178.107.0/24 maxlen: 24
45.10.16.0/22 maxlen: 22
45.88.5.0/24 maxlen: 24
45.88.6.0/24 maxlen: 24
45.88.7.0/24 maxlen: 24
2a05:e4c0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:55:c5:ce:39:b1:65:d0:33:e1:f9:33:f2:21:be:00:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Validity
Not Before: Sep 19 12:42:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7223d816cb96cf0167df640ec6946d96d03cc6aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b9:f8:ee:5c:b9:44:da:7e:1e:51:ea:05:a0:
2e:62:03:34:40:46:63:04:cd:00:31:85:14:4f:63:
7f:85:1e:bf:ea:6a:37:29:8a:01:e6:9d:72:a7:2d:
17:f3:92:7c:00:29:5e:60:29:60:81:46:f4:4a:1d:
06:31:73:b5:a5:ef:43:cd:7d:76:98:57:de:b5:9d:
cf:7b:01:21:ce:00:e7:4c:f8:59:15:3c:af:fc:3e:
6b:d1:2a:4b:61:4d:fa:b4:5e:43:9c:53:4f:a2:78:
10:0e:e2:4f:db:9b:cf:54:48:88:05:05:8a:3a:19:
4a:4a:19:8a:10:98:56:cb:81:83:04:09:61:0a:b3:
97:d2:f8:57:5a:83:a9:a3:77:84:30:ae:ef:d0:ef:
12:ab:a2:e3:54:3e:07:b9:64:5d:31:76:2b:f6:be:
00:b7:91:93:ce:a6:89:a0:d8:36:82:02:46:28:0f:
13:56:3c:04:0f:60:76:03:d1:7e:65:3b:74:53:a0:
f8:6c:cb:bd:00:1d:18:34:dd:50:ed:10:6a:c7:15:
31:c5:f6:5b:14:5a:fe:a3:69:7c:93:74:fe:5e:d5:
e3:e1:82:fc:0e:4b:5f:81:8a:98:c9:77:40:49:43:
37:f2:01:dc:bc:5b:96:57:58:85:c5:e0:b2:64:b1:
6a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:23:D8:16:CB:96:CF:01:67:DF:64:0E:C6:94:6D:96:D0:3C:C6:AA
X509v3 Authority Key Identifier:
keyid:73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/ciPYFsuWzwFn32QOxpRtltA8xqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.204.0/22
45.10.16.0/22
45.88.5.0-45.88.7.255
45.95.40.0/22
45.130.100.0/22
83.229.23.0/24
83.229.34.0/24
83.229.113.0/24
95.178.107.0/24
185.144.56.0/22
188.191.48.0/22
193.57.94.0/23
217.194.153.0/24
IPv6:
2a05:e4c0::/29
Signature Algorithm: sha256WithRSAEncryption
16:2e:3f:77:98:3a:22:9f:bb:d8:3b:8f:a9:73:25:65:e1:37:
11:4c:49:e1:62:27:71:c0:31:63:1c:fc:d1:4c:42:27:31:ea:
c2:2b:ce:9d:d6:d6:a9:ac:b8:58:17:10:c9:74:20:c5:68:1d:
b5:f3:67:09:8c:9d:e2:95:c9:8f:32:5b:cc:71:9b:3d:21:41:
10:5b:d9:0c:94:d3:de:1e:d6:f9:44:f5:53:54:7b:34:b5:e1:
42:1a:b0:d4:3a:c9:7e:6b:3c:16:96:52:64:b7:95:45:01:e6:
af:01:7e:b6:cb:aa:5f:ca:1d:ee:b9:30:fa:11:47:bd:9c:b9:
20:bd:a0:40:dc:c2:4d:61:51:32:1d:ac:a7:ab:dc:f2:1e:66:
09:2f:80:07:ee:81:b1:7c:a5:0d:b5:ce:f1:2f:d4:31:d3:14:
36:ff:31:69:fa:d0:ed:a2:74:0c:87:48:0e:aa:c5:56:1c:a8:
93:65:10:ec:dd:43:22:ad:2a:7c:ed:e7:09:4b:c3:da:9a:f4:
05:e8:cd:a2:5b:fd:73:52:fd:08:96:f9:21:a6:da:04:63:af:
84:b3:88:69:00:1c:5d:8a:96:24:ef:ca:fe:27:82:08:ea:25:
04:d0:52:27:54:a6:c5:b7:03:b7:65:21:ce:0d:89:f0:4d:a7:
2f:80:f1:00
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAYNVxc45sWXQM+H5M/IhvgBGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjIxMGYxMjk5YTFlMGFlZTcxZGMxZDc5ZTVmYjEyMDky
ZDMwYTkwHhcNMjIwOTE5MTI0MjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjIzZDgxNmNiOTZjZjAxNjdkZjY0MGVjNjk0NmQ5NmQwM2NjNmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrn47ly5RNp+HlHqBaAuYgM0QEZj
BM0AMYUUT2N/hR6/6mo3KYoB5p1ypy0X85J8ACleYClggUb0Sh0GMXO1pe9DzX12
mFfetZ3PewEhzgDnTPhZFTyv/D5r0SpLYU36tF5DnFNPongQDuJP25vPVEiIBQWK
OhlKShmKEJhWy4GDBAlhCrOX0vhXWoOpo3eEMK7v0O8Sq6LjVD4HuWRdMXYr9r4A
t5GTzqaJoNg2ggJGKA8TVjwED2B2A9F+ZTt0U6D4bMu9AB0YNN1Q7RBqxxUxxfZb
FFr+o2l8k3T+XtXj4YL8DktfgYqYyXdASUM38gHcvFuWV1iFxeCyZLFqgQIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFHIj2BbLls8BZ99kDsaUbZbQPMaqMB8GA1UdIwQY
MBaAFHPyEPEpmh4K7nHcHXnl+xIJLTCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDkt
Yjk0NjQ3MThiYTM3LzEvY2lQWUZzdVd6d0ZuMzJRT3hwUnRsdEE4eHFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDktYjk0NjQ3MThiYTM3
LzEvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBcBAIAATBWAwQCBRbMAwQC
LQoQMAwDBAAtWAUDBAMtWAADBAItXygDBAItgmQDBABT5RcDBABT5SIDBABT5XED
BABfsmsDBAK5kDgDBAK8vzADBAHBOV4DBADZwpkwDQQCAAIwBwMFAyoF5MAwDQYJ
KoZIhvcNAQELBQADggEBABYuP3eYOiKfu9g7j6lzJWXhNxFMSeFiJ3HAMWMc/NFM
Qicx6sIrzp3W1qmsuFgXEMl0IMVoHbXzZwmMneKVyY8yW8xxmz0hQRBb2QyU094e
1vlE9VNUezS14UIasNQ6yX5rPBaWUmS3lUUB5q8BfrbLql/KHe65MPoRR72cuSC9
oEDcwk1hUTIdrKer3PIeZgkvgAfugbF8pQ21zvEv1DHTFDb/MWn60O2idAyHSA6q
xVYcqJNlEOzdQyKtKnzt5wlLw9qa9AXozaJb/XNS/QiW+SGm2gRjr4SziGkAHF2K
liTvyv4nggjqJQTQUidUpsW3A7dlIc4NifBNpy+A8QA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:26 2024 by rpki-client on console-ams.rpki-client.org