Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/389231-2b5f-4c9e-941d-b4b28437fe6c/1/OdR6G9X7-A9Zv5Ln7vKFdGa-O38.roa
File: OdR6G9X7-A9Zv5Ln7vKFdGa-O38.roa (raw, json)
Hash identifier: xslIAnTMrcSWLtD4aX1az7Os1NmI3BtjesAItN/FM0I=
Subject key identifier: 39:D4:7A:1B:D5:FB:F8:0F:59:BF:92:E7:EE:F2:85:74:66:BE:3B:7F
Certificate issuer: /CN=f4a5b042fe48eeb123be56dbf9e8dda20c1ea11d
Certificate serial: 2684470D
Authority key identifier: F4:A5:B0:42:FE:48:EE:B1:23:BE:56:DB:F9:E8:DD:A2:0C:1E:A1:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9KWwQv5I7rEjvlbb-ejdogweoR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/389231-2b5f-4c9e-941d-b4b28437fe6c/1/OdR6G9X7-A9Zv5Ln7vKFdGa-O38.roa
Signing time: Sat 01 Jan 2022 14:54:41 +0000
ROA not before: Sat 01 Jan 2022 14:54:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8304
IP address blocks: 213.182.32.0/19 maxlen: 24
81.91.64.0/20 maxlen: 24
195.200.96.0/19 maxlen: 24
46.227.80.0/21 maxlen: 24
213.218.128.0/19 maxlen: 24
91.188.64.0/19 maxlen: 24
5.144.136.0/21 maxlen: 24
128.204.208.0/21 maxlen: 24
185.91.36.0/22 maxlen: 24
2a00:e00::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 646203149 (0x2684470d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4a5b042fe48eeb123be56dbf9e8dda20c1ea11d
Validity
Not Before: Jan 1 14:54:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=39d47a1bd5fbf80f59bf92e7eef2857466be3b7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:93:61:fd:d8:60:dc:6e:4d:22:60:56:d3:db:
a9:ae:8e:43:97:d4:42:6c:b7:42:2d:9d:0e:3c:43:
2e:9f:83:c2:b6:28:87:b5:e4:e6:93:07:42:0b:ef:
4d:20:9c:b3:05:99:f8:61:e8:bf:a6:6d:e2:c5:44:
10:fa:9e:b8:ac:d1:75:9b:86:6b:7a:a9:cd:45:31:
3d:f4:36:ac:59:30:ee:de:6c:50:83:4b:cf:0b:c4:
f2:8f:05:c5:78:15:cf:ab:92:f9:40:91:dc:d7:3c:
aa:a7:64:7b:45:3b:f6:e7:6e:e6:1a:f3:9d:06:f9:
38:c0:00:b5:bf:a1:b8:bc:f6:da:de:cb:5b:fd:73:
c0:7c:ad:69:bb:13:57:79:4f:04:de:61:ff:35:6e:
b7:98:40:0b:b8:6e:f7:67:f1:2f:a2:fd:b5:67:f2:
cb:2a:ac:1b:1a:8f:76:24:36:10:84:8d:f6:8c:69:
f5:dc:61:a9:e4:4b:c7:19:95:0a:34:92:d7:9a:e1:
72:d8:93:63:4c:d6:a3:6b:d8:83:9b:7e:14:96:9c:
8e:71:1f:64:46:e0:91:4f:55:63:6c:74:e7:99:3c:
87:06:ec:7e:91:c0:00:ad:aa:d1:05:31:dc:48:28:
1c:d4:92:d8:b9:1c:99:6a:3e:4f:5f:0d:77:8a:c9:
c9:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:D4:7A:1B:D5:FB:F8:0F:59:BF:92:E7:EE:F2:85:74:66:BE:3B:7F
X509v3 Authority Key Identifier:
keyid:F4:A5:B0:42:FE:48:EE:B1:23:BE:56:DB:F9:E8:DD:A2:0C:1E:A1:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9KWwQv5I7rEjvlbb-ejdogweoR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/389231-2b5f-4c9e-941d-b4b28437fe6c/1/OdR6G9X7-A9Zv5Ln7vKFdGa-O38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/389231-2b5f-4c9e-941d-b4b28437fe6c/1/9KWwQv5I7rEjvlbb-ejdogweoR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.136.0/21
46.227.80.0/21
81.91.64.0/20
91.188.64.0/19
128.204.208.0/21
185.91.36.0/22
195.200.96.0/19
213.182.32.0/19
213.218.128.0/19
IPv6:
2a00:e00::/32
Signature Algorithm: sha256WithRSAEncryption
69:99:30:81:ed:d3:2d:25:7f:03:eb:6c:04:8d:10:5a:36:11:
83:9d:3c:11:50:42:98:f0:da:ab:a0:9e:c6:e5:39:e6:49:0d:
a4:27:07:19:77:b9:1e:21:ed:19:f8:0b:5a:a7:3f:59:2a:a9:
18:56:81:f5:47:f9:30:87:ef:33:5b:97:c1:3a:6b:49:58:2f:
45:07:d5:52:a0:c0:46:bf:18:40:c5:61:6c:2c:36:51:c3:b1:
ef:d8:0b:79:7c:03:4a:49:1a:1c:74:65:98:b2:d1:7f:c4:38:
49:aa:7e:63:1b:ed:fc:2a:04:ef:eb:02:78:5a:f3:d5:bf:b9:
15:9e:4f:e0:40:e9:31:22:a9:92:7b:55:ce:0d:cf:db:eb:f7:
9f:74:55:ad:de:d8:87:5e:a6:13:46:4f:3e:48:58:6e:bb:f6:
86:b1:61:89:46:03:a4:57:0b:69:98:c3:0c:f5:e1:8a:d0:30:
f1:30:07:96:0b:08:95:0b:cc:a7:3a:79:67:3d:38:ae:27:a7:
a3:dc:5c:24:46:01:29:92:93:e2:e1:4b:f4:5e:6f:f8:fe:44:
1a:c1:3e:53:fc:a5:47:ab:59:e0:12:ad:e5:7a:6c:fa:51:d1:
72:1c:de:41:e3:2a:8d:ee:48:b2:84:38:41:e7:66:63:48:a4:
b1:a2:ca:15
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEJoRHDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NGE1YjA0MmZlNDhlZWIxMjNiZTU2ZGJmOWU4ZGRhMjBjMWVhMTFkMB4XDTIyMDEw
MTE0NTQ0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzlkNDdhMWJkNWZi
ZjgwZjU5YmY5MmU3ZWVmMjg1NzQ2NmJlM2I3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK+TYf3YYNxuTSJgVtPbqa6OQ5fUQmy3Qi2dDjxDLp+DwrYo
h7Xk5pMHQgvvTSCcswWZ+GHov6Zt4sVEEPqeuKzRdZuGa3qpzUUxPfQ2rFkw7t5s
UINLzwvE8o8FxXgVz6uS+UCR3Nc8qqdke0U79udu5hrznQb5OMAAtb+huLz22t7L
W/1zwHytabsTV3lPBN5h/zVut5hAC7hu92fxL6L9tWfyyyqsGxqPdiQ2EISN9oxp
9dxhqeRLxxmVCjSS15rhctiTY0zWo2vYg5t+FJacjnEfZEbgkU9VY2x055k8hwbs
fpHAAK2q0QUx3EgoHNSS2LkcmWo+T18Nd4rJyZMCAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBQ51Hob1fv4D1m/kufu8oV0Zr47fzAfBgNVHSMEGDAWgBT0pbBC/kjusSO+
Vtv56N2iDB6hHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlLV3dRdjVJN3JFanZsYmItZWpkb2d3ZW9SMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvMzg5MjMxLTJiNWYtNGM5ZS05NDFkLWI0YjI4NDM3ZmU2Yy8x
L09kUjZHOVg3LUE5WnY1TG43dktGZEdhLU8zOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
Mzg5MjMxLTJiNWYtNGM5ZS05NDFkLWI0YjI4NDM3ZmU2Yy8xLzlLV3dRdjVJN3JF
anZsYmItZWpkb2d3ZW9SMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEAwWQiAMEAy7jUAMEBFFbQAMEBVu8
QAMEA4DM0AMEArlbJAMEBcPIYAMEBdW2IAMEBdXagDANBAIAAjAHAwUAKgAOADAN
BgkqhkiG9w0BAQsFAAOCAQEAaZkwge3TLSV/A+tsBI0QWjYRg508EVBCmPDaq6Ce
xuU55kkNpCcHGXe5HiHtGfgLWqc/WSqpGFaB9Uf5MIfvM1uXwTprSVgvRQfVUqDA
Rr8YQMVhbCw2UcOx79gLeXwDSkkaHHRlmLLRf8Q4Sap+Yxvt/CoE7+sCeFrz1b+5
FZ5P4EDpMSKpkntVzg3P2+v3n3RVrd7Yh16mE0ZPPkhYbrv2hrFhiUYDpFcLaZjD
DPXhitAw8TAHlgsIlQvMpzp5Zz04rieno9xcJEYBKZKT4uFL9F5v+P5EGsE+U/yl
R6tZ4BKt5Xps+lHRchzeQeMqje5IsoQ4QedmY0iksaLKFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:52 2024 by rpki-client on console-ams.rpki-client.org