Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/ITiJ_4SfPr265vgoVnU2up9LffQ.roa
File: ITiJ_4SfPr265vgoVnU2up9LffQ.roa (raw, json)
Hash identifier: JHwVn7g4Mi9bINU6K0LV40KTm1245V4lAKIDyRf/M+A=
Subject key identifier: 21:38:89:FF:84:9F:3E:BD:BA:E6:F8:28:56:75:36:BA:9F:4B:7D:F4
Certificate issuer: /CN=586936266e980dd203b2cbeb1c9c4570604b911b
Certificate serial: 04F9FF34
Authority key identifier: 58:69:36:26:6E:98:0D:D2:03:B2:CB:EB:1C:9C:45:70:60:4B:91:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WGk2Jm6YDdIDssvrHJxFcGBLkRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/ITiJ_4SfPr265vgoVnU2up9LffQ.roa
Signing time: Tue 01 Mar 2022 09:37:51 +0000
ROA not before: Tue 01 Mar 2022 09:37:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49628
IP address blocks: 185.46.176.0/22 maxlen: 22
193.176.215.0/24 maxlen: 24
78.40.106.0/24 maxlen: 24
78.40.107.0/24 maxlen: 24
193.176.214.0/24 maxlen: 24
5.187.9.0/24 maxlen: 24
5.187.8.0/21 maxlen: 21
193.176.212.0/24 maxlen: 24
193.176.212.0/22 maxlen: 22
78.40.104.0/24 maxlen: 24
78.40.104.0/22 maxlen: 22
193.176.213.0/24 maxlen: 24
78.40.105.0/24 maxlen: 24
185.168.224.0/24 maxlen: 24
185.168.224.0/22 maxlen: 22
185.168.225.0/24 maxlen: 24
185.168.226.0/24 maxlen: 24
185.168.227.0/24 maxlen: 24
37.75.128.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83492660 (0x4f9ff34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=586936266e980dd203b2cbeb1c9c4570604b911b
Validity
Not Before: Mar 1 09:37:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=213889ff849f3ebdbae6f828567536ba9f4b7df4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bc:71:b4:ac:8e:a4:53:df:60:7c:bb:e1:c4:
66:c6:84:1e:be:16:b1:6c:dd:7d:da:9e:b3:8c:0e:
dd:5f:d5:43:57:e8:5f:ab:7c:8b:47:d3:e4:ec:80:
66:a1:4e:69:ce:19:3f:fc:84:57:be:47:60:52:cf:
34:6c:4e:c3:6b:94:d9:ce:8f:08:8d:ca:3a:db:71:
d2:a8:c3:1e:a3:99:a0:f8:2c:96:f3:7d:f7:3d:e1:
9e:2a:55:c8:93:87:31:86:ef:6f:fa:a8:ae:39:82:
52:42:13:61:20:0f:50:d1:45:11:f3:db:7e:46:89:
82:c9:43:6a:a5:2f:8d:1c:ea:68:dc:25:bb:ae:82:
75:ad:f7:35:c2:12:e8:94:dc:bf:1e:f2:bb:e9:96:
60:a6:5e:b0:69:f5:3a:3d:8e:79:89:46:79:eb:2e:
01:13:49:bc:be:85:06:3e:e8:fb:05:e4:38:5d:a0:
5b:7f:bd:b4:3c:28:52:03:d6:aa:c6:8c:f3:6a:e6:
e5:60:26:80:1c:5f:6d:40:60:fb:f1:1c:8f:20:3c:
66:9a:18:36:18:8e:6e:88:22:3c:1b:dc:0b:9a:97:
5a:83:a3:a9:22:61:5a:13:2b:d8:dc:cd:08:c4:f7:
58:a3:24:07:80:3a:e7:14:f0:be:59:5b:b2:7c:7e:
89:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:38:89:FF:84:9F:3E:BD:BA:E6:F8:28:56:75:36:BA:9F:4B:7D:F4
X509v3 Authority Key Identifier:
keyid:58:69:36:26:6E:98:0D:D2:03:B2:CB:EB:1C:9C:45:70:60:4B:91:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WGk2Jm6YDdIDssvrHJxFcGBLkRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/ITiJ_4SfPr265vgoVnU2up9LffQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/WGk2Jm6YDdIDssvrHJxFcGBLkRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.8.0/21
37.75.128.0/21
78.40.104.0/22
185.46.176.0/22
185.168.224.0/22
193.176.212.0/22
Signature Algorithm: sha256WithRSAEncryption
39:0b:af:88:93:cd:23:21:9d:d4:a8:95:6d:10:4a:c4:30:9c:
ff:a0:41:d8:9e:02:12:03:c0:c4:46:d1:8c:84:67:33:97:f6:
ea:24:39:fa:37:09:b1:87:5d:2f:d3:67:67:c9:c3:9a:23:52:
3c:1e:f0:7c:85:0b:2b:38:62:dc:bb:f0:6d:e3:a0:15:d1:84:
0f:39:fa:13:a5:88:7e:cb:15:24:b9:49:a0:f6:94:96:91:23:
2b:ad:30:63:2e:3e:92:23:ae:b2:7f:61:27:a8:b3:de:8a:b1:
84:1f:f9:05:3b:30:99:85:62:f5:2a:7a:c9:8b:b0:f8:a3:a7:
16:aa:d6:2d:3f:e3:4b:2c:f7:e1:03:44:44:76:6b:2d:14:94:
96:fe:b5:6e:6f:10:af:cf:38:81:b3:f2:84:78:98:96:3f:aa:
fa:5e:e3:08:23:74:3c:e3:b6:7f:b0:9d:6b:96:7e:cd:f0:1f:
a7:7c:3b:5f:0d:53:02:17:59:4f:28:46:a5:4c:34:f8:dc:0c:
95:ee:30:cb:d6:e3:0c:65:36:89:49:ed:1d:40:d2:a3:8e:5b:
96:92:8c:7b:85:75:02:40:7b:c2:af:b3:f8:c4:cf:70:da:b6:
f2:7d:1d:76:cd:11:a0:db:be:2c:2f:f4:81:25:bb:22:cc:35:
3f:f0:c4:66
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEBPn/NDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODY5MzYyNjZlOTgwZGQyMDNiMmNiZWIxYzljNDU3MDYwNGI5MTFiMB4XDTIyMDMw
MTA5Mzc1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjEzODg5ZmY4NDlm
M2ViZGJhZTZmODI4NTY3NTM2YmE5ZjRiN2RmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKy8cbSsjqRT32B8u+HEZsaEHr4WsWzdfdqes4wO3V/VQ1fo
X6t8i0fT5OyAZqFOac4ZP/yEV75HYFLPNGxOw2uU2c6PCI3KOttx0qjDHqOZoPgs
lvN99z3hnipVyJOHMYbvb/qorjmCUkITYSAPUNFFEfPbfkaJgslDaqUvjRzqaNwl
u66Cda33NcIS6JTcvx7yu+mWYKZesGn1Oj2OeYlGeesuARNJvL6FBj7o+wXkOF2g
W3+9tDwoUgPWqsaM82rm5WAmgBxfbUBg+/EcjyA8ZpoYNhiObogiPBvcC5qXWoOj
qSJhWhMr2NzNCMT3WKMkB4A65xTwvllbsnx+iZ8CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQhOIn/hJ8+vbrm+ChWdTa6n0t99DAfBgNVHSMEGDAWgBRYaTYmbpgN0gOy
y+scnEVwYEuRGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dHazJKbTZZRGRJRHNzdnJISnhGY0dCTGtScy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvNGM2NmNjLWZhOWEtNGY1OC1hZDIxLTdkYTE4M2VmZjExNS8x
L0lUaUpfNFNmUHIyNjV2Z29WblUydXA5TGZmUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
NGM2NmNjLWZhOWEtNGY1OC1hZDIxLTdkYTE4M2VmZjExNS8xL1dHazJKbTZZRGRJ
RHNzdnJISnhGY0dCTGtScy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAwW7CAMEAyVLgAMEAk4oaAMEArku
sAMEArmo4AMEAsGw1DANBgkqhkiG9w0BAQsFAAOCAQEAOQuviJPNIyGd1KiVbRBK
xDCc/6BB2J4CEgPAxEbRjIRnM5f26iQ5+jcJsYddL9NnZ8nDmiNSPB7wfIULKzhi
3LvwbeOgFdGEDzn6E6WIfssVJLlJoPaUlpEjK60wYy4+kiOusn9hJ6iz3oqxhB/5
BTswmYVi9Sp6yYuw+KOnFqrWLT/jSyz34QNERHZrLRSUlv61bm8Qr884gbPyhHiY
lj+q+l7jCCN0POO2f7Cda5Z+zfAfp3w7Xw1TAhdZTyhGpUw0+NwMle4wy9bjDGU2
iUntHUDSo45blpKMe4V1AkB7wq+z+MTPcNq28n0dds0RoNu+LC/0gSW7Isw1P/DE
Zg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:38 2023 by rpki-client on console-fra.rpki-client.org