Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/RPI5Y_7cAFtSkjgxkwUZV0h_Myg.roa
File: RPI5Y_7cAFtSkjgxkwUZV0h_Myg.roa (raw, json)
Hash identifier: CEnaaFLZDyQRFxHNGnhksdbrCgK4Rvlhudms4tkKYiY=
Subject key identifier: 44:F2:39:63:FE:DC:00:5B:52:92:38:31:93:05:19:57:48:7F:33:28
Certificate issuer: /CN=cbf74cd846493138f522c57c0065b5c60512dd09
Certificate serial: 0538E652
Authority key identifier: CB:F7:4C:D8:46:49:31:38:F5:22:C5:7C:00:65:B5:C6:05:12:DD:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/RPI5Y_7cAFtSkjgxkwUZV0h_Myg.roa
Signing time: Sat 01 Jan 2022 04:00:51 +0000
ROA not before: Sat 01 Jan 2022 04:00:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200478
IP address blocks: 141.226.226.0/24 maxlen: 24
141.226.224.0/23 maxlen: 24
141.226.231.0/24 maxlen: 24
141.226.124.0/24 maxlen: 24
141.226.227.0/24 maxlen: 24
141.226.230.0/24 maxlen: 24
141.226.229.0/24 maxlen: 24
141.226.228.0/24 maxlen: 24
141.226.127.0/24 maxlen: 24
185.106.32.0/22 maxlen: 24
2a06:3b80:110::/48 maxlen: 48
2a06:3b80:30::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87615058 (0x538e652)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbf74cd846493138f522c57c0065b5c60512dd09
Validity
Not Before: Jan 1 04:00:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44f23963fedc005b5292383193051957487f3328
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:32:4f:09:bd:e4:08:29:3c:69:8c:47:a0:d7:
8d:ef:db:18:82:b1:1a:5c:61:ed:52:44:73:43:de:
40:39:41:8a:6a:d3:69:f7:f6:27:3e:e0:85:d7:ec:
bb:72:b8:ae:5f:35:0d:97:9b:ff:03:77:7f:5e:35:
a6:15:65:63:37:e6:9a:b3:91:e4:25:69:84:de:75:
06:5e:b2:f0:1c:c0:4c:65:6e:eb:99:33:1f:83:42:
4d:ad:cb:1c:e2:4f:dc:9b:c5:6e:15:91:6c:b3:f8:
50:e7:75:e1:1f:26:d9:70:20:b3:b4:58:51:cd:f5:
fa:5a:0a:98:4e:c3:eb:15:4a:ee:1c:d2:02:65:ca:
0a:b9:09:c8:7b:47:17:73:8c:8e:a1:11:de:5a:9c:
8b:8a:15:29:59:e2:e4:70:69:c8:a1:32:5f:ae:20:
81:6c:cd:9e:20:88:8b:2a:3d:07:58:86:a0:b8:f1:
0d:6a:97:80:ab:ae:86:30:87:8a:c4:6d:69:fe:5c:
12:90:e4:46:85:f2:35:58:79:bb:be:aa:b9:e6:7f:
9a:b7:12:b7:a1:14:2c:dd:83:95:3f:f9:1f:4c:b8:
e3:5b:45:f3:5b:00:55:c4:b7:2f:bf:f6:e5:22:ee:
27:8c:f6:97:3d:af:8f:77:6f:72:40:2a:7f:18:3b:
35:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:F2:39:63:FE:DC:00:5B:52:92:38:31:93:05:19:57:48:7F:33:28
X509v3 Authority Key Identifier:
keyid:CB:F7:4C:D8:46:49:31:38:F5:22:C5:7C:00:65:B5:C6:05:12:DD:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/RPI5Y_7cAFtSkjgxkwUZV0h_Myg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.124.0/24
141.226.127.0/24
141.226.224.0/21
185.106.32.0/22
IPv6:
2a06:3b80:30::/48
2a06:3b80:110::/48
Signature Algorithm: sha256WithRSAEncryption
a9:0a:24:12:97:7e:7d:51:96:b6:08:2d:92:bd:6e:9a:41:6d:
21:97:ba:b7:50:0f:05:79:5b:c9:45:ed:69:35:07:3e:78:b2:
fc:9c:35:d6:ce:5e:a3:d5:80:bc:16:c8:e7:07:92:2c:7b:fc:
e3:77:8a:0b:ba:f7:cc:67:6a:ce:59:fa:3c:47:a6:0b:b8:84:
60:e9:f3:db:86:a8:32:5f:02:94:26:18:e9:ca:1c:7b:d9:d2:
af:03:95:90:91:ba:9b:fa:e7:96:e4:9a:82:cf:95:a6:0c:44:
40:3b:1b:45:d7:47:62:0a:7d:82:fb:48:64:fa:ee:a8:5e:e8:
60:76:e1:15:9a:8a:21:3a:72:cf:9d:6d:7c:a2:22:a3:24:76:
48:50:50:79:47:ac:e8:6a:15:35:78:9c:97:2b:17:6a:49:dc:
dc:81:75:33:54:88:bf:fb:d8:4a:ef:e2:42:27:ce:7b:25:51:
dc:c9:07:95:f8:74:01:c6:8c:6a:d2:b8:fc:47:20:74:50:c3:
0f:1d:27:c0:c5:7c:2f:c3:b6:a8:b7:70:cb:6d:0a:62:3e:6e:
7b:c2:e3:f8:43:62:c1:7a:2a:29:1c:c9:52:d6:3b:cb:18:52:
a0:e7:dd:ff:c3:b2:a3:94:1f:d1:05:d8:9b:de:a5:cc:9c:8e:
3d:0b:02:33
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEBTjmUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YmY3NGNkODQ2NDkzMTM4ZjUyMmM1N2MwMDY1YjVjNjA1MTJkZDA5MB4XDTIyMDEw
MTA0MDA1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDRmMjM5NjNmZWRj
MDA1YjUyOTIzODMxOTMwNTE5NTc0ODdmMzMyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJIyTwm95AgpPGmMR6DXje/bGIKxGlxh7VJEc0PeQDlBimrT
aff2Jz7ghdfsu3K4rl81DZeb/wN3f141phVlYzfmmrOR5CVphN51Bl6y8BzATGVu
65kzH4NCTa3LHOJP3JvFbhWRbLP4UOd14R8m2XAgs7RYUc31+loKmE7D6xVK7hzS
AmXKCrkJyHtHF3OMjqER3lqci4oVKVni5HBpyKEyX64ggWzNniCIiyo9B1iGoLjx
DWqXgKuuhjCHisRtaf5cEpDkRoXyNVh5u76queZ/mrcSt6EULN2DlT/5H0y441tF
81sAVcS3L7/25SLuJ4z2lz2vj3dvckAqfxg7NZcCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBRE8jlj/twAW1KSODGTBRlXSH8zKDAfBgNVHSMEGDAWgBTL90zYRkkxOPUi
xXwAZbXGBRLdCTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lfZE0yRVpKTVRqMUlzVjhBR1cxeGdVUzNRay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvMzQ4Nzg5LTMyMDgtNDg0Ny05YzNmLTk4MmQxZjIxYTMyYi8x
L1JQSTVZXzdjQUZ0U2tqZ3hrd1VaVjBoX015Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
MzQ4Nzg5LTMyMDgtNDg0Ny05YzNmLTk4MmQxZjIxYTMyYi8xL3lfZE0yRVpKTVRq
MUlzVjhBR1cxeGdVUzNRay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowHgQCAAEwGAMEAI3ifAMEAI3ifwMEA43i4AMEArlq
IDAYBAIAAjASAwcAKgY7gAAwAwcAKgY7gAEQMA0GCSqGSIb3DQEBCwUAA4IBAQCp
CiQSl359UZa2CC2SvW6aQW0hl7q3UA8FeVvJRe1pNQc+eLL8nDXWzl6j1YC8Fsjn
B5Ise/zjd4oLuvfMZ2rOWfo8R6YLuIRg6fPbhqgyXwKUJhjpyhx72dKvA5WQkbqb
+ueW5JqCz5WmDERAOxtF10diCn2C+0hk+u6oXuhgduEVmoohOnLPnW18oiKjJHZI
UFB5R6zoahU1eJyXKxdqSdzcgXUzVIi/+9hK7+JCJ857JVHcyQeV+HQBxoxq0rj8
RyB0UMMPHSfAxXwvw7aot3DLbQpiPm57wuP4Q2LBeiopHMlS1jvLGFKg593/w7Kj
lB/RBdib3qXMnI49CwIz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:52 2024 by rpki-client on console-ams.rpki-client.org