Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/1-5jHuofePOXsL5YY0NgzmOSGTOs.roa
File: 1-5jHuofePOXsL5YY0NgzmOSGTOs.roa (raw, json)
Hash identifier: D4CtkuuU+nuOa4GsJ5d1vU92oatvL53dC4bIK+POmME=
Subject key identifier: FB:98:C7:BA:87:DE:3C:E5:EC:2F:96:18:D0:D8:33:98:E4:86:4C:EB
Certificate issuer: /CN=cddd902a1271270027e4577778ea35883b4515f6
Certificate serial: 34550A82
Authority key identifier: CD:DD:90:2A:12:71:27:00:27:E4:57:77:78:EA:35:88:3B:45:15:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/1-5jHuofePOXsL5YY0NgzmOSGTOs.roa
Signing time: Sat 01 Jan 2022 00:50:31 +0000
ROA not before: Sat 01 Jan 2022 00:50:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42425
IP address blocks: 94.125.232.0/21 maxlen: 24
94.125.236.0/24 maxlen: 24
94.125.237.0/24 maxlen: 24
94.125.234.0/24 maxlen: 24
94.125.235.0/24 maxlen: 24
94.125.238.0/24 maxlen: 24
94.125.239.0/24 maxlen: 24
185.28.82.0/24 maxlen: 24
185.28.80.0/22 maxlen: 22
185.28.83.0/24 maxlen: 24
185.28.80.0/24 maxlen: 24
185.28.81.0/24 maxlen: 24
178.255.184.0/24 maxlen: 24
178.255.184.0/21 maxlen: 21
178.255.185.0/24 maxlen: 24
178.255.186.0/24 maxlen: 24
178.255.190.0/24 maxlen: 24
178.255.191.0/24 maxlen: 24
178.255.188.0/24 maxlen: 24
178.255.189.0/24 maxlen: 24
178.255.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 877988482 (0x34550a82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddd902a1271270027e4577778ea35883b4515f6
Validity
Not Before: Jan 1 00:50:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb98c7ba87de3ce5ec2f9618d0d83398e4864ceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a2:a6:4c:33:11:f9:56:1e:d9:b1:87:2a:fb:
86:b2:8d:d7:52:12:88:33:a9:eb:9b:94:44:32:4c:
31:14:c2:a2:ec:39:8f:87:b5:14:d1:3b:7a:39:67:
5b:a2:19:4b:c4:0d:8b:d4:92:03:cf:86:12:37:21:
d4:80:68:c3:06:ee:33:e9:89:bf:5d:55:0a:40:17:
29:c4:7e:73:54:94:ae:8f:75:1b:26:fe:5c:65:d1:
e4:d9:40:16:4e:6f:a4:24:e0:60:92:6b:77:ca:80:
4f:60:26:55:61:dc:c0:de:b0:2a:8d:94:da:38:44:
84:79:8d:00:b5:87:85:05:15:ed:ea:fc:df:c6:c4:
72:52:43:92:03:49:21:9a:bc:38:07:a7:7b:29:dd:
27:17:6f:1e:cf:20:ba:69:bc:3a:7e:e5:89:00:2d:
2d:99:7a:29:ce:36:7e:bb:64:d4:ba:c6:6f:de:d0:
92:d6:e9:d0:40:35:86:0d:46:d2:a8:7b:04:61:0d:
db:43:7d:72:f4:40:9e:09:a9:12:aa:54:28:c6:ac:
1c:87:b6:fa:f8:48:b2:de:59:98:6b:b7:2b:9e:e9:
25:5f:d3:1c:f4:85:2e:5e:ea:93:2c:e8:61:29:fe:
d0:85:b0:69:55:33:62:c1:ba:0c:0d:3a:53:ea:23:
c1:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:98:C7:BA:87:DE:3C:E5:EC:2F:96:18:D0:D8:33:98:E4:86:4C:EB
X509v3 Authority Key Identifier:
keyid:CD:DD:90:2A:12:71:27:00:27:E4:57:77:78:EA:35:88:3B:45:15:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/1-5jHuofePOXsL5YY0NgzmOSGTOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.125.232.0/21
178.255.184.0/21
185.28.80.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:5e:e0:f4:ea:e1:1a:4c:aa:ef:c5:34:43:e3:4d:e4:5b:04:
a3:67:ba:e0:7f:3f:67:14:38:34:a3:0f:75:fb:97:27:11:3e:
2b:07:cc:83:04:a5:57:87:a7:ec:2d:86:a6:55:60:71:80:fc:
dd:59:70:d5:29:d9:0e:02:3a:58:68:08:fb:e4:00:40:64:26:
54:cc:5a:d5:d8:70:14:38:fb:f3:2a:0a:a7:ca:a5:60:b5:d9:
f9:96:db:0b:78:b4:1f:07:5e:0e:c6:55:2b:6a:56:19:73:d4:
fa:1a:8b:c3:37:41:dc:4e:01:f7:58:c0:b9:10:92:9e:82:4f:
68:9c:4d:f5:84:c7:cc:87:0a:52:40:f9:4a:57:58:87:ea:82:
ba:88:19:53:74:d0:92:3e:56:03:75:97:4d:7b:ed:bf:50:af:
28:dd:44:59:d3:48:b7:71:85:7e:b9:8e:b6:c3:08:67:da:0a:
e9:0f:dd:04:73:d7:45:76:f7:86:8f:82:91:fa:e5:2b:3a:f3:
f2:63:02:d9:11:9a:a0:5d:c8:86:80:a0:0c:c2:df:5b:24:74:
12:72:62:df:dd:e5:54:c5:4f:77:4f:65:e4:fd:56:40:6c:93:
dd:d7:d4:67:39:97:9c:09:a6:58:9f:7c:ca:a3:e3:e1:6a:92:
ce:74:f2:38
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIENFUKgjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZGRkOTAyYTEyNzEyNzAwMjdlNDU3Nzc3OGVhMzU4ODNiNDUxNWY2MB4XDTIyMDEw
MTAwNTAzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmI5OGM3YmE4N2Rl
M2NlNWVjMmY5NjE4ZDBkODMzOThlNDg2NGNlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIyipkwzEflWHtmxhyr7hrKN11ISiDOp65uURDJMMRTCouw5
j4e1FNE7ejlnW6IZS8QNi9SSA8+GEjch1IBowwbuM+mJv11VCkAXKcR+c1SUro91
Gyb+XGXR5NlAFk5vpCTgYJJrd8qAT2AmVWHcwN6wKo2U2jhEhHmNALWHhQUV7er8
38bEclJDkgNJIZq8OAeneyndJxdvHs8gumm8On7liQAtLZl6Kc42frtk1LrGb97Q
ktbp0EA1hg1G0qh7BGEN20N9cvRAngmpEqpUKMasHIe2+vhIst5ZmGu3K57pJV/T
HPSFLl7qkyzoYSn+0IWwaVUzYsG6DA06U+ojwekCAwEAAaOCAhYwggISMB0GA1Ud
DgQWBBT7mMe6h9485ewvlhjQ2DOY5IZM6zAfBgNVHSMEGDAWgBTN3ZAqEnEnACfk
V3d46jWIO0UV9jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pkMlFLaEp4SndBbjVGZDNlT28xaUR0RkZmWS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvN2ExZWI0LTI5MGEtNDY4Ni04YmJhLWRjNzU0MjEzODk1Mi8x
LzEtNWpIdW9mZVBPWHNMNVlZME5nem1PU0dUT3Mucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQx
LzdhMWViNC0yOTBhLTQ2ODYtOGJiYS1kYzc1NDIxMzg5NTIvMS96ZDJRS2hKeEp3
QW41RmQzZU9vMWlEdEZGZlkuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
KwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBANefegDBAOy/7gDBAK5HFAwDQYJ
KoZIhvcNAQELBQADggEBAJte4PTq4RpMqu/FNEPjTeRbBKNnuuB/P2cUODSjD3X7
lycRPisHzIMEpVeHp+wthqZVYHGA/N1ZcNUp2Q4COlhoCPvkAEBkJlTMWtXYcBQ4
+/MqCqfKpWC12fmW2wt4tB8HXg7GVStqVhlz1Poai8M3QdxOAfdYwLkQkp6CT2ic
TfWEx8yHClJA+UpXWIfqgrqIGVN00JI+VgN1l0177b9QryjdRFnTSLdxhX65jrbD
CGfaCukP3QRz10V294aPgpH65Ss68/JjAtkRmqBdyIaAoAzC31skdBJyYt/d5VTF
T3dPZeT9VkBsk93X1Gc5l5wJpliffMqj4+Fqks508jg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:14 2024 by rpki-client on console-ams.rpki-client.org