Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/An0eazdxDdZ453-XrjaCbkSjq6Y.roa
File: An0eazdxDdZ453-XrjaCbkSjq6Y.roa (raw, json)
Hash identifier: CVGvYpCn5spEx+n9w2OGShXaT5FTHWx9CSQitSJPVso=
Subject key identifier: 02:7D:1E:6B:37:71:0D:D6:78:E7:7F:97:AE:36:82:6E:44:A3:AB:A6
Certificate issuer: /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial: 0870EE9B
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/An0eazdxDdZ453-XrjaCbkSjq6Y.roa
Signing time: Sat 01 Jan 2022 00:53:29 +0000
ROA not before: Sat 01 Jan 2022 00:53:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43811
IP address blocks: 194.176.54.0/23 maxlen: 23
85.206.140.0/24 maxlen: 24
85.206.141.0/24 maxlen: 24
85.206.142.0/24 maxlen: 24
85.206.143.0/24 maxlen: 24
82.135.217.0/24 maxlen: 24
82.135.218.0/24 maxlen: 24
85.206.148.0/22 maxlen: 22
195.12.180.0/24 maxlen: 24
194.176.36.0/24 maxlen: 24
194.176.32.0/24 maxlen: 24
194.176.33.0/24 maxlen: 24
194.176.35.0/24 maxlen: 24
88.119.222.0/24 maxlen: 24
88.119.220.0/24 maxlen: 24
88.119.221.0/24 maxlen: 24
212.47.123.0/24 maxlen: 24
88.119.246.0/24 maxlen: 24
31.193.192.0/24 maxlen: 24
31.193.197.0/24 maxlen: 24
31.193.198.0/24 maxlen: 24
31.193.199.0/24 maxlen: 24
31.193.193.0/24 maxlen: 24
31.193.194.0/24 maxlen: 24
31.193.195.0/24 maxlen: 24
31.193.196.0/24 maxlen: 24
88.119.180.0/24 maxlen: 24
81.7.105.0/24 maxlen: 24
88.118.143.0/24 maxlen: 24
81.7.106.0/24 maxlen: 24
81.7.114.0/24 maxlen: 24
81.7.115.0/24 maxlen: 24
92.61.32.0/20 maxlen: 32
185.3.231.0/24 maxlen: 24
185.3.228.0/24 maxlen: 24
185.3.229.0/24 maxlen: 24
185.3.230.0/24 maxlen: 24
2a00:1eb8:c004::/48 maxlen: 48
2a02:118:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141618843 (0x870ee9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
Validity
Not Before: Jan 1 00:53:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=027d1e6b37710dd678e77f97ae36826e44a3aba6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:28:e8:30:96:80:1f:b4:d1:24:f4:d6:94:9a:
cf:6e:9e:5b:d5:37:4f:2c:17:ff:88:f7:dc:57:70:
54:d5:fd:37:3e:63:37:f5:d4:51:c7:d0:bc:cc:c9:
b4:fb:34:c9:da:2b:6b:40:d6:22:3b:9f:14:1c:7b:
30:60:10:e2:08:27:de:23:37:86:36:9d:90:c9:8a:
ac:35:cc:d6:a3:63:19:85:81:a4:6c:14:24:7c:a5:
77:cb:d0:e0:6a:da:9f:ab:51:b4:26:c6:a3:6e:dd:
33:76:25:96:47:61:03:d3:a3:12:e8:58:62:dc:e2:
09:02:7b:67:23:85:2c:42:32:67:ee:ce:85:79:fa:
e6:28:2a:b8:eb:ae:23:98:9d:64:0b:87:dc:c2:de:
82:43:ee:26:62:98:63:14:7c:52:ab:a7:06:84:a6:
e9:7f:c3:c1:e3:86:2a:7a:9a:38:3a:ca:63:cb:60:
18:84:ac:10:cc:6b:2c:cf:70:49:0e:6e:e1:0b:1f:
ea:b7:6e:f3:dd:e8:d8:d6:eb:78:57:b5:aa:c7:c4:
06:76:1f:7f:92:54:22:67:20:f4:de:d2:91:a0:8b:
b0:81:53:8c:5f:a9:1b:64:7e:42:a2:2e:8e:ac:02:
c8:01:54:6a:20:c4:98:fe:ff:a3:44:7b:93:4a:23:
75:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:7D:1E:6B:37:71:0D:D6:78:E7:7F:97:AE:36:82:6E:44:A3:AB:A6
X509v3 Authority Key Identifier:
keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/An0eazdxDdZ453-XrjaCbkSjq6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.192.0/21
81.7.105.0-81.7.106.255
81.7.114.0/23
82.135.217.0-82.135.218.255
85.206.140.0/22
85.206.148.0/22
88.118.143.0/24
88.119.180.0/24
88.119.220.0-88.119.222.255
88.119.246.0/24
92.61.32.0/20
185.3.228.0/22
194.176.32.0/23
194.176.35.0-194.176.36.255
194.176.54.0/23
195.12.180.0/24
212.47.123.0/24
IPv6:
2a00:1eb8:c004::/48
2a02:118:2::/48
Signature Algorithm: sha256WithRSAEncryption
71:ad:aa:df:33:c3:15:2e:1a:ee:42:2a:ab:13:7c:e6:29:65:
71:8f:43:63:4d:06:f4:ea:2d:6b:9e:df:96:db:3a:32:b2:9e:
57:b5:b5:b8:ad:50:76:6f:69:70:8e:af:da:05:31:ff:e1:07:
a7:f7:6a:d2:3a:c3:ef:8d:2a:1e:b5:7b:9e:48:06:11:46:e6:
bb:3c:50:42:a7:0f:3d:87:83:88:70:68:b8:5b:b5:57:c6:92:
88:51:0e:a4:12:d8:9f:91:72:6b:e8:f5:31:57:31:f6:d3:94:
0d:20:b8:c8:3d:52:72:b1:4f:ba:84:dc:d8:05:18:e9:48:b1:
d5:da:28:de:b3:56:31:aa:a9:83:e7:27:99:35:85:36:f3:a9:
1e:76:38:a1:bd:29:e7:2f:af:ef:63:e4:3d:8a:59:fc:b4:c6:
9b:98:48:9a:eb:fa:b3:f4:7e:09:0b:dd:c5:86:75:48:42:54:
d9:75:61:03:48:3e:81:94:c9:e8:ef:f6:95:3f:90:31:7b:92:
c7:93:81:a2:8d:54:90:89:0f:ed:fb:e8:7f:e2:a2:a1:d9:51:
1f:56:50:43:5a:a6:fb:c5:d9:12:f7:07:59:ef:ed:19:0f:66:
46:36:5d:a1:b1:02:b8:e7:b7:a6:dd:ac:f4:6b:9f:04:45:54:
8f:f9:75:8a
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIECHDumzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Yjk4NzI0NDYxMWI1MjMwNTM2NzQ0YjZhODlmMDQ0ZjMyZjQ2MmVhMB4XDTIyMDEw
MTAwNTMyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDI3ZDFlNmIzNzcx
MGRkNjc4ZTc3Zjk3YWUzNjgyNmU0NGEzYWJhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIYo6DCWgB+00ST01pSaz26eW9U3TywX/4j33FdwVNX9Nz5j
N/XUUcfQvMzJtPs0ydora0DWIjufFBx7MGAQ4ggn3iM3hjadkMmKrDXM1qNjGYWB
pGwUJHyld8vQ4Gran6tRtCbGo27dM3YllkdhA9OjEuhYYtziCQJ7ZyOFLEIyZ+7O
hXn65igquOuuI5idZAuH3MLegkPuJmKYYxR8UqunBoSm6X/DweOGKnqaODrKY8tg
GISsEMxrLM9wSQ5u4Qsf6rdu893o2NbreFe1qsfEBnYff5JUImcg9N7SkaCLsIFT
jF+pG2R+QqIujqwCyAFUaiDEmP7/o0R7k0ojdUcCAwEAAaOCAqowggKmMB0GA1Ud
DgQWBBQCfR5rN3EN1njnf5euNoJuRKOrpjAfBgNVHSMEGDAWgBT7mHJEYRtSMFNn
RLaonwRPMvRi6jAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzQ0LzMxOWQ3Yy03ZTc2LTQzMDgtYmMwMC1iZTU4MzJkNWY3YWEv
MS9BbjBlYXpkeERkWjQ1My1YcmphQ2JrU2pxNlkucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ0
LzMxOWQ3Yy03ZTc2LTQzMDgtYmMwMC1iZTU4MzJkNWY3YWEvMS8xLTVoeVJHRWJV
akJUWjBTMnFKOEVUekwwWXVvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBjQQCAAEwgYYDBAMfwcAwDAMEAFEHaQME
AFEHagMEAVEHcjAMAwQAUofZAwQAUofaAwQCVc6MAwQCVc6UAwQAWHaPAwQAWHe0
MAwDBAJYd9wDBABYd94DBABYd/YDBARcPSADBAK5A+QDBAHCsCAwDAMEAMKwIwME
AMKwJAMEAcKwNgMEAMMMtAMEANQvezAYBAIAAjASAwcAKgAeuMAEAwcAKgIBGAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQBxrarfM8MVLhruQiqrE3zmKWVxj0NjTQb06i1r
nt+W2zoysp5XtbW4rVB2b2lwjq/aBTH/4Qen92rSOsPvjSoetXueSAYRRua7PFBC
pw89h4OIcGi4W7VXxpKIUQ6kEtifkXJr6PUxVzH205QNILjIPVJysU+6hNzYBRjp
SLHV2ijes1YxqqmD5yeZNYU286kedjihvSnnL6/vY+Q9iln8tMabmEia6/qz9H4J
C93FhnVIQlTZdWEDSD6BlMno7/aVP5Axe5LHk4GijVSQiQ/t++h/4qKh2VEfVlBD
Wqb7xdkS9wdZ7+0ZD2ZGNl2hsQK457em3az0a58ERVSP+XWK
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:14 2023 by rpki-client on console-fra.rpki-client.org