Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/161b52-24f2-4535-8382-e7fe9c47660f/1/bn_H7h4fO32KqoJlxIuLzZ9dCBw.roa
File: bn_H7h4fO32KqoJlxIuLzZ9dCBw.roa (raw, json)
Hash identifier: zOOy4GXEfMaq5ldpOyXKL1+fUfJWa9yQEhZuIUg7quY=
Subject key identifier: 6E:7F:C7:EE:1E:1F:3B:7D:8A:AA:82:65:C4:8B:8B:CD:9F:5D:08:1C
Certificate issuer: /CN=cf10ad912ef942aacb4d10add39903c6e9fbb03a
Certificate serial: FDAAA1
Authority key identifier: CF:10:AD:91:2E:F9:42:AA:CB:4D:10:AD:D3:99:03:C6:E9:FB:B0:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zxCtkS75QqrLTRCt05kDxun7sDo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/161b52-24f2-4535-8382-e7fe9c47660f/1/bn_H7h4fO32KqoJlxIuLzZ9dCBw.roa
Signing time: Thu 07 Apr 2022 23:18:19 +0000
ROA not before: Thu 07 Apr 2022 23:18:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212598
IP address blocks: 5.42.202.0/24 maxlen: 24
194.31.64.0/24 maxlen: 24
194.31.59.0/24 maxlen: 24
194.31.79.0/24 maxlen: 24
194.31.87.0/24 maxlen: 24
2a0f:a440::/29 maxlen: 29
2a12:1dc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16624289 (0xfdaaa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf10ad912ef942aacb4d10add39903c6e9fbb03a
Validity
Not Before: Apr 7 23:18:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e7fc7ee1e1f3b7d8aaa8265c48b8bcd9f5d081c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:81:a1:61:15:5b:1f:53:eb:b4:71:f1:f2:c0:
15:b7:21:08:54:17:f4:34:98:c7:78:2d:63:4f:e0:
a9:5e:70:65:19:db:3e:2a:9c:5a:0f:c7:f4:04:9a:
89:a8:4f:16:02:40:7c:41:1f:3d:e4:34:39:b8:f9:
c5:c0:c6:f6:83:0f:41:06:dd:15:ca:7e:90:54:8a:
72:81:14:a6:e2:5c:18:23:2b:46:d1:e2:1a:cd:82:
da:75:df:e7:21:b5:4e:09:10:42:76:ac:c4:12:85:
7a:78:93:4d:90:61:e3:56:13:11:68:da:e2:8d:a0:
9f:22:5e:b8:07:b9:ad:b5:73:e0:b4:ed:46:a0:b8:
6a:db:ba:f1:34:93:3a:d3:19:e0:25:4d:83:b7:88:
84:74:d2:5a:fe:bc:81:a1:36:70:e9:a1:f0:02:ca:
3e:0e:9b:16:99:c4:1e:48:81:bd:32:19:df:06:40:
b0:8a:92:d4:a1:8b:ad:05:d7:22:68:b7:f4:ab:1a:
41:78:d1:4c:37:cb:85:a8:3b:8f:74:89:ac:73:10:
74:f8:91:1f:31:ab:ab:cd:44:2a:3b:49:a7:72:39:
7c:41:4f:64:ce:c4:08:e4:42:98:5f:d1:06:4a:e6:
42:0d:c3:e9:da:09:d0:cf:18:0e:28:de:d2:ee:7b:
56:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:7F:C7:EE:1E:1F:3B:7D:8A:AA:82:65:C4:8B:8B:CD:9F:5D:08:1C
X509v3 Authority Key Identifier:
keyid:CF:10:AD:91:2E:F9:42:AA:CB:4D:10:AD:D3:99:03:C6:E9:FB:B0:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zxCtkS75QqrLTRCt05kDxun7sDo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/161b52-24f2-4535-8382-e7fe9c47660f/1/bn_H7h4fO32KqoJlxIuLzZ9dCBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/161b52-24f2-4535-8382-e7fe9c47660f/1/zxCtkS75QqrLTRCt05kDxun7sDo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.202.0/24
194.31.59.0/24
194.31.64.0/24
194.31.79.0/24
194.31.87.0/24
IPv6:
2a0f:a440::/29
2a12:1dc0::/29
Signature Algorithm: sha256WithRSAEncryption
65:8d:a8:9d:8a:0b:ac:ae:c0:e8:51:7e:60:07:f2:b4:af:61:
ea:fa:52:ba:6d:b9:a1:d2:14:8d:e3:72:85:eb:d7:fd:57:80:
25:de:03:f8:58:fb:df:08:41:d7:f1:cf:b9:38:2c:4f:92:18:
fe:41:86:f6:0e:ac:7e:16:14:22:59:53:cf:7a:19:92:da:ac:
15:8a:a6:fd:7e:a2:ed:09:de:7d:ec:5c:f0:90:40:fc:72:b0:
0c:11:9f:4d:27:5a:24:78:8c:c2:d9:f6:ca:71:6c:41:3b:8a:
e5:a1:38:cb:e6:72:d1:38:f2:0e:4a:74:05:a3:70:53:86:bc:
26:6e:eb:d0:9e:34:d5:7e:bd:ee:c0:86:2f:55:1b:e6:c2:fc:
cf:58:8a:64:b5:0d:20:a1:de:4b:cd:d3:d4:cf:26:1d:e9:cd:
4c:2c:8d:7c:67:01:33:ec:9c:d4:a7:32:2b:45:28:53:78:ae:
b1:92:c7:0f:6d:33:4f:02:f5:99:4c:9c:c3:9f:4d:66:36:5d:
4c:87:9c:2d:f9:39:1f:53:4b:c3:74:ac:b6:80:59:75:2e:34:
e3:e7:80:9d:13:fb:0e:90:8d:e2:43:28:ef:63:db:17:07:fb:
14:ab:c9:e1:1b:3e:06:30:d0:c1:ec:39:20:0b:4e:bc:2f:e7:
0e:c7:fd:90
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEAP2qoTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZjEwYWQ5MTJlZjk0MmFhY2I0ZDEwYWRkMzk5MDNjNmU5ZmJiMDNhMB4XDTIyMDQw
NzIzMTgxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmU3ZmM3ZWUxZTFm
M2I3ZDhhYWE4MjY1YzQ4YjhiY2Q5ZjVkMDgxYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANqBoWEVWx9T67Rx8fLAFbchCFQX9DSYx3gtY0/gqV5wZRnb
PiqcWg/H9ASaiahPFgJAfEEfPeQ0Obj5xcDG9oMPQQbdFcp+kFSKcoEUpuJcGCMr
RtHiGs2C2nXf5yG1TgkQQnasxBKFeniTTZBh41YTEWja4o2gnyJeuAe5rbVz4LTt
RqC4atu68TSTOtMZ4CVNg7eIhHTSWv68gaE2cOmh8ALKPg6bFpnEHkiBvTIZ3wZA
sIqS1KGLrQXXImi39KsaQXjRTDfLhag7j3SJrHMQdPiRHzGrq81EKjtJp3I5fEFP
ZM7ECORCmF/RBkrmQg3D6doJ0M8YDije0u57VlUCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBRuf8fuHh87fYqqgmXEi4vNn10IHDAfBgNVHSMEGDAWgBTPEK2RLvlCqstN
EK3TmQPG6fuwOjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3p4Q3RrUzc1UXFyTFRSQ3QwNWtEeHVuN3NEby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvMTYxYjUyLTI0ZjItNDUzNS04MzgyLWU3ZmU5YzQ3NjYwZi8x
L2JuX0g3aDRmTzMyS3FvSmx4SXVMelo5ZENCdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
MTYxYjUyLTI0ZjItNDUzNS04MzgyLWU3ZmU5YzQ3NjYwZi8xL3p4Q3RrUzc1UXFy
TFRSQ3QwNWtEeHVuN3NEby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwJAQCAAEwHgMEAAUqygMEAMIfOwMEAMIfQAMEAMIf
TwMEAMIfVzAUBAIAAjAOAwUDKg+kQAMFAyoSHcAwDQYJKoZIhvcNAQELBQADggEB
AGWNqJ2KC6yuwOhRfmAH8rSvYer6UrptuaHSFI3jcoXr1/1XgCXeA/hY+98IQdfx
z7k4LE+SGP5BhvYOrH4WFCJZU896GZLarBWKpv1+ou0J3n3sXPCQQPxysAwRn00n
WiR4jMLZ9spxbEE7iuWhOMvmctE48g5KdAWjcFOGvCZu69CeNNV+ve7Ahi9VG+bC
/M9YimS1DSCh3kvN09TPJh3pzUwsjXxnATPsnNSnMitFKFN4rrGSxw9tM08C9ZlM
nMOfTWY2XUyHnC35OR9TS8N0rLaAWXUuNOPngJ0T+w6QjeJDKO9j2xcH+xSryeEb
PgYw0MHsOSALTrwv5w7H/ZA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:17 2024 by rpki-client on console-fra.rpki-client.org