Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/di-s4-yz0t7mKAMgtiBYzAlnUXw.roa
File: di-s4-yz0t7mKAMgtiBYzAlnUXw.roa (raw, json)
Hash identifier: gX4HXLA5VHhj2oLi6wZ0ZIEBKpv51QY0r70W1JE5je8=
Subject key identifier: 76:2F:AC:E3:EC:B3:D2:DE:E6:28:03:20:B6:20:58:CC:09:67:51:7C
Certificate issuer: /CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Certificate serial: 0182ED3E0D64BDC8F74930A69E101E0AE008
Authority key identifier: E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/di-s4-yz0t7mKAMgtiBYzAlnUXw.roa
Signing time: Tue 30 Aug 2022 05:34:02 +0000
ROA not before: Tue 30 Aug 2022 05:34:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24651
IP address blocks: 188.92.16.0/24 maxlen: 32
188.92.16.0/21 maxlen: 32
82.193.64.0/19 maxlen: 32
46.23.32.0/20 maxlen: 32
89.221.122.0/23 maxlen: 23
89.221.122.0/24 maxlen: 24
89.221.123.0/24 maxlen: 24
89.221.121.0/24 maxlen: 24
89.221.124.0/24 maxlen: 24
89.221.124.0/23 maxlen: 24
89.221.125.0/24 maxlen: 24
185.31.44.0/22 maxlen: 32
89.221.126.0/23 maxlen: 24
89.221.127.0/24 maxlen: 24
109.73.96.0/20 maxlen: 32
217.195.48.0/20 maxlen: 32
82.193.83.0/24 maxlen: 32
185.141.52.0/22 maxlen: 32
77.93.0.0/19 maxlen: 32
185.75.236.0/22 maxlen: 32
83.99.128.0/17 maxlen: 32
212.142.64.0/18 maxlen: 32
2a01:4e0::/32 maxlen: 32
2a01:4e1:cc1::/64 maxlen: 64
2a04:4e00::/29 maxlen: 29
2a01:4e1:460:1::/64 maxlen: 64
2a01:4e0::/29 maxlen: 29
2a01:4e1:1745::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ed:3e:0d:64:bd:c8:f7:49:30:a6:9e:10:1e:0a:e0:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Validity
Not Before: Aug 30 05:34:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=762face3ecb3d2dee6280320b62058cc0967517c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:bf:dc:c5:7a:e7:96:3e:bc:a9:f9:91:90:ff:
49:8e:a1:bf:48:bc:9e:ee:a3:af:12:0e:b1:70:4a:
b1:59:0d:6d:96:1a:b9:f6:72:23:39:ed:2b:7b:e6:
fe:1a:0b:28:b7:0a:bc:bf:52:52:b9:99:49:4a:0a:
5e:26:a6:2f:f0:79:4f:30:d8:73:59:ac:5a:90:8b:
d2:c5:ae:98:29:1e:d5:1d:bc:74:94:1e:44:12:dc:
2d:30:29:d7:e3:41:ba:f9:0e:30:80:e8:ab:6c:e7:
3a:52:03:c4:00:ae:8c:93:88:8c:94:87:f0:1d:5f:
a8:9f:bc:6a:15:30:d9:dd:6f:1a:1c:a1:74:97:f0:
ed:09:bd:76:e2:75:f7:18:a3:0f:46:3c:a5:b5:cf:
43:32:db:55:08:23:56:2f:63:7c:21:c8:04:8a:f5:
a4:24:ff:54:ca:3b:86:d6:70:6f:76:00:c5:25:20:
66:99:ac:07:0a:d8:60:c9:e3:24:f2:70:6a:80:64:
fe:95:0f:9f:75:fa:b9:0d:69:2d:a7:fb:c7:58:da:
e1:46:1c:85:fc:6f:43:45:be:0e:c9:9e:1a:85:08:
98:d2:23:3a:6b:92:da:a8:77:ea:c9:92:f1:c1:9b:
dc:a6:e4:3d:69:e1:04:b2:4c:4c:70:03:48:a3:e6:
95:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:2F:AC:E3:EC:B3:D2:DE:E6:28:03:20:B6:20:58:CC:09:67:51:7C
X509v3 Authority Key Identifier:
keyid:E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/di-s4-yz0t7mKAMgtiBYzAlnUXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/5aGzZVL52sy5KsXDtEtCbWQ3SeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.32.0/20
77.93.0.0/19
82.193.64.0/19
83.99.128.0/17
89.221.121.0-89.221.127.255
109.73.96.0/20
185.31.44.0/22
185.75.236.0/22
185.141.52.0/22
188.92.16.0/21
212.142.64.0/18
217.195.48.0/20
IPv6:
2a01:4e0::/29
2a04:4e00::/29
Signature Algorithm: sha256WithRSAEncryption
44:19:29:05:b3:51:6f:7e:92:9a:46:d9:29:b2:25:20:2e:e7:
38:a5:e9:89:70:29:45:7c:e7:37:7d:46:a7:d1:2a:8f:13:c4:
5b:c3:42:63:14:d0:d3:46:d4:d3:65:ef:bb:13:1b:10:ab:26:
5f:70:18:63:9b:fe:8b:e2:16:74:53:1a:33:dc:61:63:df:d3:
9f:a8:5f:fd:bc:ee:cf:ab:a0:4d:e6:5d:1b:89:d2:5a:a7:5c:
a4:fa:e2:03:9f:da:db:14:ae:2a:aa:2a:fb:3b:79:43:44:cb:
18:c3:d9:c8:55:45:95:06:54:d9:18:da:ec:95:3d:a1:0e:5e:
0a:a9:63:dd:7f:92:49:cf:20:60:94:de:b5:a2:b2:d9:b2:aa:
72:17:c1:cb:1a:0a:ff:53:55:37:70:36:36:27:25:79:1a:6e:
12:18:ac:10:ae:32:46:60:c9:b2:c0:a7:e0:c8:4c:51:c6:00:
b8:4c:39:01:99:dd:14:0c:c5:e3:d9:ec:fd:8f:36:6f:e5:37:
ea:f7:a6:a8:24:e7:60:f8:79:16:49:e1:df:7c:29:f4:42:b3:
32:9c:7b:70:3b:15:33:54:d6:d6:03:64:59:d9:e7:76:54:44:
1e:52:b5:a8:52:8d:48:81:ea:5a:2b:fb:18:3d:c7:46:40:12:
ae:0f:61:be
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYLtPg1kvcj3STCmnhAeCuAIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YTFiMzY1NTJmOWRhY2NiOTJhYzVjM2I0NGI0MjZkNjQz
NzQ5ZTIwHhcNMjIwODMwMDUzNDAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjJmYWNlM2VjYjNkMmRlZTYyODAzMjBiNjIwNThjYzA5Njc1MTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhr/cxXrnlj68qfmRkP9JjqG/SLye
7qOvEg6xcEqxWQ1tlhq59nIjOe0re+b+Ggsotwq8v1JSuZlJSgpeJqYv8HlPMNhz
WaxakIvSxa6YKR7VHbx0lB5EEtwtMCnX40G6+Q4wgOirbOc6UgPEAK6Mk4iMlIfw
HV+on7xqFTDZ3W8aHKF0l/DtCb124nX3GKMPRjyltc9DMttVCCNWL2N8IcgEivWk
JP9UyjuG1nBvdgDFJSBmmawHCthgyeMk8nBqgGT+lQ+fdfq5DWktp/vHWNrhRhyF
/G9DRb4OyZ4ahQiY0iM6a5LaqHfqyZLxwZvcpuQ9aeEEskxMcANIo+aVlQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFHYvrOPss9Le5igDILYgWMwJZ1F8MB8GA1UdIwQY
MBaAFOWhs2VS+drMuSrFw7RLQm1kN0niMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWFHelpWTDUyc3k1S3NYRHRFdENiV1EzU2VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iOGVhNWItM2RkNC00Mzc0LWE3OTMt
YzVlNmQyM2Y4YjA5LzEvZGktczQteXowdDdtS0FNZ3RpQll6QWxuVVh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iOGVhNWItM2RkNC00Mzc0LWE3OTMtYzVlNmQyM2Y4YjA5
LzEvNWFHelpWTDUyc3k1S3NYRHRFdENiV1EzU2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQAwQELhcgAwQF
TV0AAwQFUsFAAwQHU2OAMAwDBABZ3XkDBAdZ3QADBARtSWADBAK5HywDBAK5S+wD
BAK5jTQDBAO8XBADBAbUjkADBATZwzAwFAQCAAIwDgMFAyoBBOADBQMqBE4AMA0G
CSqGSIb3DQEBCwUAA4IBAQBEGSkFs1FvfpKaRtkpsiUgLuc4pemJcClFfOc3fUan
0SqPE8Rbw0JjFNDTRtTTZe+7ExsQqyZfcBhjm/6L4hZ0Uxoz3GFj39OfqF/9vO7P
q6BN5l0bidJap1yk+uIDn9rbFK4qqir7O3lDRMsYw9nIVUWVBlTZGNrslT2hDl4K
qWPdf5JJzyBglN61orLZsqpyF8HLGgr/U1U3cDY2JyV5Gm4SGKwQrjJGYMmywKfg
yExRxgC4TDkBmd0UDMXj2ez9jzZv5Tfq96aoJOdg+HkWSeHffCn0QrMynHtwOxUz
VNbWA2RZ2ed2VEQeUrWoUo1IgepaK/sYPcdGQBKuD2G+
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:04 2023 by rpki-client on console-fra.rpki-client.org