Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/Es5Y960GBAmsCg6vRdhalNd1seg.roa
File: Es5Y960GBAmsCg6vRdhalNd1seg.roa (raw, json)
Hash identifier: /mvHQyBfRSnq95mvBT50lsO6gBxFTkKgEQa45Xlq+ZU=
Subject key identifier: 12:CE:58:F7:AD:06:04:09:AC:0A:0E:AF:45:D8:5A:94:D7:75:B1:E8
Certificate issuer: /CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Certificate serial: 04604390
Authority key identifier: 40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/Es5Y960GBAmsCg6vRdhalNd1seg.roa
Signing time: Wed 25 May 2022 08:45:37 +0000
ROA not before: Wed 25 May 2022 08:45:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44043
IP address blocks: 176.223.120.0/23 maxlen: 23
176.223.124.0/23 maxlen: 23
176.223.122.0/23 maxlen: 23
176.223.126.0/23 maxlen: 23
94.176.105.0/24 maxlen: 24
94.176.104.0/24 maxlen: 24
188.240.2.0/23 maxlen: 23
188.241.183.0/24 maxlen: 24
188.213.20.0/23 maxlen: 23
92.114.95.0/24 maxlen: 24
92.114.94.0/24 maxlen: 24
91.195.28.0/24 maxlen: 24
91.195.29.0/24 maxlen: 24
46.102.249.0/24 maxlen: 24
188.215.244.0/23 maxlen: 23
89.44.47.0/24 maxlen: 24
188.212.156.0/24 maxlen: 24
188.215.250.0/23 maxlen: 23
188.240.235.0/24 maxlen: 24
185.92.192.0/24 maxlen: 24
185.92.195.0/24 maxlen: 24
185.92.193.0/24 maxlen: 24
185.92.194.0/24 maxlen: 24
89.44.120.0/24 maxlen: 24
89.44.139.0/24 maxlen: 24
89.44.138.0/24 maxlen: 24
176.126.201.0/24 maxlen: 24
176.126.202.0/24 maxlen: 24
176.126.200.0/24 maxlen: 24
176.126.203.0/24 maxlen: 24
89.46.7.0/24 maxlen: 24
31.14.15.0/24 maxlen: 24
31.14.13.0/24 maxlen: 24
31.14.14.0/24 maxlen: 24
31.14.12.0/24 maxlen: 24
31.14.22.0/24 maxlen: 24
31.14.23.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73417616 (0x4604390)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Validity
Not Before: May 25 08:45:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=12ce58f7ad060409ac0a0eaf45d85a94d775b1e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:aa:7a:39:13:d7:27:a3:ae:28:6e:12:2c:73:
53:9c:11:88:bd:97:ff:88:bf:db:3e:a3:d7:39:c0:
56:71:d3:1d:ce:64:dd:59:cb:30:db:85:ca:b0:24:
e3:cb:bc:76:8f:a3:11:be:df:9c:9f:8a:86:35:39:
b6:76:a4:ed:77:b3:b6:3f:02:20:b6:67:08:f8:11:
a7:6a:c6:4d:98:18:10:da:35:d4:37:de:a7:56:79:
3c:04:b7:28:0a:a6:02:c1:20:67:72:42:c6:08:63:
53:b1:81:51:45:0b:4a:ef:8d:14:f4:3f:bb:d9:be:
4d:81:a6:64:10:d5:7f:80:30:2d:e4:91:84:f7:ba:
54:fb:9a:3d:c8:98:93:ca:29:9b:d4:81:ce:25:06:
0a:2a:34:f6:7b:9a:65:a4:ff:74:53:4d:e1:45:7d:
69:54:a6:cf:fe:86:a7:97:8a:9b:73:6e:3d:55:4c:
54:f4:09:e2:65:70:99:c6:2d:7e:99:ed:62:66:e1:
18:f5:8b:47:30:0b:a3:7e:1f:6b:c1:e4:31:f3:18:
16:0c:e3:23:fb:c9:cf:3f:89:c7:d8:75:55:7a:df:
c3:06:1e:97:f6:67:e5:54:cb:26:83:c9:d2:e1:c7:
8e:fe:93:98:80:e4:2a:f1:b4:f4:75:8d:12:86:8d:
89:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:CE:58:F7:AD:06:04:09:AC:0A:0E:AF:45:D8:5A:94:D7:75:B1:E8
X509v3 Authority Key Identifier:
keyid:40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/Es5Y960GBAmsCg6vRdhalNd1seg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.12.0/22
31.14.22.0/23
46.102.249.0/24
89.44.47.0/24
89.44.120.0/24
89.44.138.0/23
89.46.7.0/24
91.195.28.0/23
92.114.94.0/23
94.176.104.0/23
176.126.200.0/22
176.223.120.0/21
185.92.192.0/22
188.212.156.0/24
188.213.20.0/23
188.215.244.0/23
188.215.250.0/23
188.240.2.0/23
188.240.235.0/24
188.241.183.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:e1:6b:7d:c1:3f:aa:03:73:76:07:6d:64:a3:d5:b8:b0:c4:
16:a1:36:e4:3b:9e:3e:6b:24:35:7b:59:99:80:82:2e:7b:06:
19:60:12:1d:2f:94:1d:51:6a:8c:a1:e5:f7:96:60:63:42:61:
df:41:04:d5:0a:4c:bd:b4:0d:82:08:8f:c5:fb:23:c5:60:76:
98:35:8b:11:f7:34:31:62:de:ef:e0:c2:e2:3d:e2:e0:0f:1b:
0f:9e:d5:ca:70:2d:30:f6:ed:69:f3:84:83:78:a8:e1:ab:5e:
44:ff:d9:06:ec:e2:4d:d2:3a:18:9e:75:5c:9f:b3:92:0b:95:
1d:c8:34:b6:50:9a:51:1d:ef:36:40:20:af:f4:60:13:51:36:
6e:e2:ab:46:6e:c5:7d:9a:86:a5:9b:9f:be:58:26:91:07:96:
f2:4e:c1:c0:2b:d7:b7:5b:9c:43:6f:d4:81:ad:3e:b5:e4:e9:
16:18:9f:da:4c:74:2b:47:5f:7a:65:77:4a:69:63:fb:64:fd:
74:5e:99:e0:de:87:5b:3d:07:21:ea:15:2b:51:6f:80:4c:58:
ab:53:63:ae:f4:f1:ef:47:fd:89:49:2b:84:ee:e5:3f:9e:0a:
8d:d8:8b:21:a5:83:ec:47:a5:cf:44:6a:d7:ad:48:f5:50:d3:
19:6b:02:57
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgIEBGBDkDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MDhhZjQ4NWI0ZmQwZjAzNzE3Y2Q0YTcwOWVmMTFjNjFkM2VmNDZlMB4XDTIyMDUy
NTA4NDUzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTJjZTU4ZjdhZDA2
MDQwOWFjMGEwZWFmNDVkODVhOTRkNzc1YjFlODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI+qejkT1yejrihuEixzU5wRiL2X/4i/2z6j1znAVnHTHc5k
3VnLMNuFyrAk48u8do+jEb7fnJ+KhjU5tnak7Xeztj8CILZnCPgRp2rGTZgYENo1
1Dfep1Z5PAS3KAqmAsEgZ3JCxghjU7GBUUULSu+NFPQ/u9m+TYGmZBDVf4AwLeSR
hPe6VPuaPciYk8opm9SBziUGCio09nuaZaT/dFNN4UV9aVSmz/6Gp5eKm3NuPVVM
VPQJ4mVwmcYtfpntYmbhGPWLRzALo34fa8HkMfMYFgzjI/vJzz+Jx9h1VXrfwwYe
l/Zn5VTLJoPJ0uHHjv6TmIDkKvG09HWNEoaNifsCAwEAAaOCAn4wggJ6MB0GA1Ud
DgQWBBQSzlj3rQYECawKDq9F2FqU13Wx6DAfBgNVHSMEGDAWgBRAivSFtP0PA3F8
1KcJ7xHGHT70bjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FJcjBoYlQ5RHdOeGZOU25DZThSeGgwLTlHNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvZTExNzFjLTUyNzAtNDljZC05Mzc5LWI5NWIwOGEyM2FlMS8x
L0VzNVk5NjBHQkFtc0NnNnZSZGhhbE5kMXNlZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
ZTExNzFjLTUyNzAtNDljZC05Mzc5LWI5NWIwOGEyM2FlMS8xL1FJcjBoYlQ5RHdO
eGZOU25DZThSeGgwLTlHNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
kwYIKwYBBQUHAQcBAf8EgYMwgYAwfgQCAAEweAMEAh8ODAMEAR8OFgMEAC5m+QME
AFksLwMEAFkseAMEAVksigMEAFkuBwMEAVvDHAMEAVxyXgMEAV6waAMEArB+yAME
A7DfeAMEArlcwAMEALzUnAMEAbzVFAMEAbzX9AMEAbzX+gMEAbzwAgMEALzw6wME
ALzxtzANBgkqhkiG9w0BAQsFAAOCAQEAXOFrfcE/qgNzdgdtZKPVuLDEFqE25Due
PmskNXtZmYCCLnsGGWASHS+UHVFqjKHl95ZgY0Jh30EE1QpMvbQNggiPxfsjxWB2
mDWLEfc0MWLe7+DC4j3i4A8bD57VynAtMPbtafOEg3io4ateRP/ZBuziTdI6GJ51
XJ+zkguVHcg0tlCaUR3vNkAgr/RgE1E2buKrRm7FfZqGpZufvlgmkQeW8k7BwCvX
t1ucQ2/Uga0+teTpFhif2kx0K0dfemV3Smlj+2T9dF6Z4N6HWz0HIeoVK1FvgExY
q1NjrvTx70f9iUkrhO7lP54KjdiLIaWD7Eelz0Rq161I9VDTGWsCVw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:06 2024 by rpki-client on console-ams.rpki-client.org