Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/440781-f614-450d-9d9f-2b8761d8a137/1/l1MJyNtimxTzpxxcqKCieDI95HI.roa
File: l1MJyNtimxTzpxxcqKCieDI95HI.roa (raw, json)
Hash identifier: rKSH5dcriFfpLnFq6eHAMGPqjlbImXJR+WtNRGYq0Ms=
Subject key identifier: 97:53:09:C8:DB:62:9B:14:F3:A7:1C:5C:A8:A0:A2:78:32:3D:E4:72
Certificate issuer: /CN=8831d621d192f92db093d933092c1e236b4d497b
Certificate serial: 0AB44965
Authority key identifier: 88:31:D6:21:D1:92:F9:2D:B0:93:D9:33:09:2C:1E:23:6B:4D:49:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iDHWIdGS-S2wk9kzCSweI2tNSXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/440781-f614-450d-9d9f-2b8761d8a137/1/l1MJyNtimxTzpxxcqKCieDI95HI.roa
Signing time: Sat 01 Jan 2022 16:10:34 +0000
ROA not before: Sat 01 Jan 2022 16:10:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39798
IP address blocks: 185.225.16.0/22 maxlen: 24
94.158.244.0/22 maxlen: 24
185.163.44.0/22 maxlen: 24
194.180.158.0/24 maxlen: 24
194.180.157.0/24 maxlen: 24
5.252.176.0/22 maxlen: 24
194.180.174.0/24 maxlen: 24
194.180.191.0/24 maxlen: 24
5.181.156.0/22 maxlen: 24
2a0a:c800::/29 maxlen: 48
2001:67c:2db8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 179587429 (0xab44965)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8831d621d192f92db093d933092c1e236b4d497b
Validity
Not Before: Jan 1 16:10:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=975309c8db629b14f3a71c5ca8a0a278323de472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a1:a1:8c:f3:df:04:43:20:58:90:d1:f6:81:
3c:be:55:64:df:59:04:35:dc:e7:9c:aa:f5:d5:1c:
f1:52:c2:62:38:67:de:85:97:6c:8b:ef:a8:e4:39:
91:3d:a5:e6:7b:8e:b7:84:d9:b8:cc:9f:ea:3e:f6:
59:b7:83:42:19:0f:c4:54:a3:79:55:d7:c8:b2:c1:
56:6b:41:f3:f0:be:ff:98:87:89:9d:08:f9:28:7c:
a7:6d:09:5f:1a:5f:7b:f8:3d:2b:eb:41:e3:8d:ee:
51:46:5b:11:02:ae:4b:94:61:74:6a:d7:f8:be:ad:
3f:f8:60:b7:87:e5:5d:ad:2d:48:be:10:ca:26:70:
44:0a:46:43:f8:2c:61:f3:67:8e:cb:b8:40:75:6f:
90:ca:43:df:8d:e6:3a:ec:a6:49:68:99:69:6a:10:
97:6a:2a:47:db:15:b6:3c:7a:42:bf:e4:50:7d:1b:
1c:df:15:80:7d:60:62:58:92:c7:b6:eb:5b:7b:64:
5f:32:21:8f:02:b2:1c:21:25:fc:59:82:1b:67:01:
9e:6b:27:bc:d7:8d:19:ad:dd:b2:4b:b5:2d:79:83:
86:31:90:e0:c0:e4:f1:02:44:a5:2a:c4:a6:44:6e:
b0:24:40:0e:c3:9e:02:74:1a:39:61:5c:53:d3:65:
9e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:53:09:C8:DB:62:9B:14:F3:A7:1C:5C:A8:A0:A2:78:32:3D:E4:72
X509v3 Authority Key Identifier:
keyid:88:31:D6:21:D1:92:F9:2D:B0:93:D9:33:09:2C:1E:23:6B:4D:49:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iDHWIdGS-S2wk9kzCSweI2tNSXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/440781-f614-450d-9d9f-2b8761d8a137/1/l1MJyNtimxTzpxxcqKCieDI95HI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/440781-f614-450d-9d9f-2b8761d8a137/1/iDHWIdGS-S2wk9kzCSweI2tNSXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.156.0/22
5.252.176.0/22
94.158.244.0/22
185.163.44.0/22
185.225.16.0/22
194.180.157.0-194.180.158.255
194.180.174.0/24
194.180.191.0/24
IPv6:
2001:67c:2db8::/48
2a0a:c800::/29
Signature Algorithm: sha256WithRSAEncryption
ab:10:3b:71:64:72:d0:cb:92:ac:49:02:39:2d:14:21:e9:54:
5e:eb:5d:be:b9:11:f1:3b:91:58:42:51:43:11:c3:c4:53:81:
bd:a3:51:3c:e5:48:98:df:b2:ef:da:53:0e:01:7f:fd:cd:42:
3c:1d:a4:6c:c0:0f:a0:51:60:55:c9:31:63:b8:75:e5:14:2e:
22:83:06:47:ce:f3:5d:e2:64:cb:f1:f9:14:24:01:2e:32:e4:
a6:8a:66:94:52:7b:dc:7d:15:16:d6:85:69:c7:13:35:00:7c:
4b:19:13:6c:fd:22:97:7d:6b:b1:6d:69:55:1c:ee:be:36:b6:
c3:b9:97:c5:29:38:20:a1:c7:4e:1e:c4:4b:61:4e:32:31:47:
1a:3a:9d:12:62:14:65:92:c5:30:a4:4e:15:e0:b6:75:54:46:
9f:ef:ec:38:c6:24:9e:3f:4e:e6:16:31:da:42:2d:1f:20:ff:
a5:1a:3c:01:a1:14:3a:5a:f0:5b:8f:db:35:32:1e:8a:9e:d5:
00:e9:08:72:8b:7b:77:d8:63:2c:a9:77:f2:6b:53:b5:55:dd:
70:10:07:cb:2c:5e:79:8e:48:05:f2:15:ce:18:a4:02:2f:bd:
69:cb:87:da:53:a0:2b:0e:b0:aa:c7:3b:fa:47:dc:5f:25:e7:
27:a8:26:13
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIECrRJZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ODMxZDYyMWQxOTJmOTJkYjA5M2Q5MzMwOTJjMWUyMzZiNGQ0OTdiMB4XDTIyMDEw
MTE2MTAzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTc1MzA5YzhkYjYy
OWIxNGYzYTcxYzVjYThhMGEyNzgzMjNkZTQ3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKuhoYzz3wRDIFiQ0faBPL5VZN9ZBDXc55yq9dUc8VLCYjhn
3oWXbIvvqOQ5kT2l5nuOt4TZuMyf6j72WbeDQhkPxFSjeVXXyLLBVmtB8/C+/5iH
iZ0I+Sh8p20JXxpfe/g9K+tB443uUUZbEQKuS5RhdGrX+L6tP/hgt4flXa0tSL4Q
yiZwRApGQ/gsYfNnjsu4QHVvkMpD343mOuymSWiZaWoQl2oqR9sVtjx6Qr/kUH0b
HN8VgH1gYliSx7brW3tkXzIhjwKyHCEl/FmCG2cBnmsnvNeNGa3dsku1LXmDhjGQ
4MDk8QJEpSrEpkRusCRADsOeAnQaOWFcU9NlnsMCAwEAAaOCAlMwggJPMB0GA1Ud
DgQWBBSXUwnI22KbFPOnHFyooKJ4Mj3kcjAfBgNVHSMEGDAWgBSIMdYh0ZL5LbCT
2TMJLB4ja01JezAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lESFdJZEdTLVMyd2s5a3pDU3dlSTJ0TlNYcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2UvNDQwNzgxLWY2MTQtNDUwZC05ZDlmLTJiODc2MWQ4YTEzNy8x
L2wxTUp5TnRpbXhUenB4eGNxS0NpZURJOTVISS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Uv
NDQwNzgxLWY2MTQtNDUwZC05ZDlmLTJiODc2MWQ4YTEzNy8xL2lESFdJZEdTLVMy
d2s5a3pDU3dlSTJ0TlNYcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBp
BggrBgEFBQcBBwEB/wRaMFgwPgQCAAEwOAMEAgW1nAMEAgX8sAMEAl6e9AMEArmj
LAMEArnhEDAMAwQAwrSdAwQAwrSeAwQAwrSuAwQAwrS/MBYEAgACMBADBwAgAQZ8
LbgDBQMqCsgAMA0GCSqGSIb3DQEBCwUAA4IBAQCrEDtxZHLQy5KsSQI5LRQh6VRe
612+uRHxO5FYQlFDEcPEU4G9o1E85UiY37Lv2lMOAX/9zUI8HaRswA+gUWBVyTFj
uHXlFC4igwZHzvNd4mTL8fkUJAEuMuSmimaUUnvcfRUW1oVpxxM1AHxLGRNs/SKX
fWuxbWlVHO6+NrbDuZfFKTggocdOHsRLYU4yMUcaOp0SYhRlksUwpE4V4LZ1VEaf
7+w4xiSeP07mFjHaQi0fIP+lGjwBoRQ6WvBbj9s1Mh6KntUA6Qhyi3t32GMsqXfy
a1O1Vd1wEAfLLF55jkgF8hXOGKQCL71py4faU6ArDrCqxzv6R9xfJecnqCYT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:30 2024 by rpki-client on console-fra.rpki-client.org