Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/pkFT-s6Cj-jPp7wZ-IVO2b4D4Xo.roa
File: pkFT-s6Cj-jPp7wZ-IVO2b4D4Xo.roa (raw, json)
Hash identifier: ZCpoi39zZeX5BMdzjHtfkG3Xr0aQ9tWaWGWlAvMk0lg=
Subject key identifier: A6:41:53:FA:CE:82:8F:E8:CF:A7:BC:19:F8:85:4E:D9:BE:03:E1:7A
Certificate issuer: /CN=05d658594b65364b2c2e56a6a45ebb06847b3849
Certificate serial: 38178BCF
Authority key identifier: 05:D6:58:59:4B:65:36:4B:2C:2E:56:A6:A4:5E:BB:06:84:7B:38:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BdZYWUtlNkssLlampF67BoR7OEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/pkFT-s6Cj-jPp7wZ-IVO2b4D4Xo.roa
Signing time: Wed 23 Mar 2022 18:51:08 +0000
ROA not before: Wed 23 Mar 2022 18:51:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24935
IP address blocks: 195.74.80.0/24 maxlen: 24
185.161.45.0/24 maxlen: 24
185.161.47.0/24 maxlen: 24
185.252.156.0/24 maxlen: 24
185.252.159.0/24 maxlen: 24
185.252.158.0/24 maxlen: 24
37.235.92.0/24 maxlen: 24
46.29.122.0/24 maxlen: 24
37.235.93.0/24 maxlen: 24
194.213.30.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 941067215 (0x38178bcf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05d658594b65364b2c2e56a6a45ebb06847b3849
Validity
Not Before: Mar 23 18:51:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a64153face828fe8cfa7bc19f8854ed9be03e17a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:dd:17:e8:d0:f9:7a:53:37:0b:f1:5f:31:b6:
49:ba:34:42:d7:08:6d:a8:3c:45:04:d6:bb:94:03:
d8:23:9e:7d:34:a7:64:c5:0d:f9:94:d1:90:84:11:
8c:2d:36:a7:9a:56:19:cb:27:82:ae:2b:e6:67:5d:
ac:92:56:39:cf:b1:05:0e:ee:1e:c9:73:10:53:0e:
5f:2c:aa:76:e8:1e:7f:43:18:b1:2a:28:6a:ed:59:
65:6e:38:4a:ca:f8:7d:49:70:dd:fe:2a:bd:26:48:
ea:bf:5b:e7:89:0b:01:45:95:d4:cb:aa:93:2a:07:
98:45:b7:49:51:52:c7:61:51:c8:3f:cb:cb:03:c3:
2f:7f:97:23:cb:fc:5d:50:de:67:70:33:d4:1a:7d:
11:84:42:da:64:0e:7f:e4:8a:47:bb:2e:f1:f3:3b:
f2:c6:59:9a:97:76:a7:4e:d8:1d:30:d6:1f:a9:1f:
89:e0:5d:11:70:97:e8:22:f6:2f:f8:fe:99:73:b4:
03:52:61:f4:04:07:a6:ff:21:82:0d:24:6f:ee:67:
49:02:e6:bf:a3:ef:3f:bf:d4:e1:df:23:26:43:32:
a4:c0:f9:b4:1e:16:f6:ce:22:09:1d:b1:c7:95:4b:
5b:32:49:e0:9e:45:62:a0:bb:50:5b:37:72:ce:d9:
54:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:41:53:FA:CE:82:8F:E8:CF:A7:BC:19:F8:85:4E:D9:BE:03:E1:7A
X509v3 Authority Key Identifier:
keyid:05:D6:58:59:4B:65:36:4B:2C:2E:56:A6:A4:5E:BB:06:84:7B:38:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BdZYWUtlNkssLlampF67BoR7OEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/pkFT-s6Cj-jPp7wZ-IVO2b4D4Xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/BdZYWUtlNkssLlampF67BoR7OEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.92.0/23
46.29.122.0/24
185.161.45.0/24
185.161.47.0/24
185.252.156.0/24
185.252.158.0/23
194.213.30.0/24
195.74.80.0/24
Signature Algorithm: sha256WithRSAEncryption
99:f0:63:53:7e:f4:f9:f3:38:9f:47:cf:83:41:df:ec:61:cb:
c0:b8:41:25:1e:8e:30:a7:b1:69:ae:b6:f9:2c:b4:fa:71:95:
b1:5c:7f:bd:16:5f:23:bc:49:cf:ea:66:68:00:84:48:d6:fa:
2f:84:33:0b:a1:eb:ef:68:c8:db:bd:c3:c7:d7:4e:55:2c:66:
7c:da:87:0b:fd:0d:7f:c1:d1:f0:1a:24:b6:9e:f6:37:a8:ee:
0d:21:aa:7c:4a:5f:fd:11:4e:86:42:21:a2:e4:1f:e6:77:7e:
22:d1:71:34:3a:e8:0e:0c:22:4e:d5:c9:cc:89:50:1e:2e:4a:
ca:07:b5:77:2a:a4:dc:4d:04:96:ae:79:85:60:8a:68:6a:79:
60:6a:03:e7:8e:a5:50:22:50:dd:02:55:ed:86:d3:11:dc:a7:
87:fc:10:d8:55:fd:ea:bb:7f:c9:ad:6e:a8:b9:69:32:4a:c5:
2a:3e:e9:d6:0c:10:07:2f:49:d7:13:8f:71:4c:ca:2f:c3:dc:
82:13:52:e5:c8:d1:49:d5:bd:55:3a:d6:99:d1:8b:8a:fb:8d:
55:e9:c3:34:8d:df:91:8c:f1:8e:54:ae:19:eb:24:59:2f:a5:
5d:01:69:11:59:a9:06:71:3e:f5:29:d7:70:55:c4:ee:fd:7f:
12:64:7a:67
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEOBeLzzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWQ2NTg1OTRiNjUzNjRiMmMyZTU2YTZhNDVlYmIwNjg0N2IzODQ5MB4XDTIyMDMy
MzE4NTEwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTY0MTUzZmFjZTgy
OGZlOGNmYTdiYzE5Zjg4NTRlZDliZTAzZTE3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANjdF+jQ+XpTNwvxXzG2Sbo0QtcIbag8RQTWu5QD2COefTSn
ZMUN+ZTRkIQRjC02p5pWGcsngq4r5mddrJJWOc+xBQ7uHslzEFMOXyyqdugef0MY
sSooau1ZZW44Ssr4fUlw3f4qvSZI6r9b54kLAUWV1MuqkyoHmEW3SVFSx2FRyD/L
ywPDL3+XI8v8XVDeZ3Az1Bp9EYRC2mQOf+SKR7su8fM78sZZmpd2p07YHTDWH6kf
ieBdEXCX6CL2L/j+mXO0A1Jh9AQHpv8hgg0kb+5nSQLmv6PvP7/U4d8jJkMypMD5
tB4W9s4iCR2xx5VLWzJJ4J5FYqC7UFs3cs7ZVOkCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBSmQVP6zoKP6M+nvBn4hU7ZvgPhejAfBgNVHSMEGDAWgBQF1lhZS2U2Sywu
VqakXrsGhHs4STAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JkWllXVXRsTmtzc0xsYW1wRjY3Qm9SN09Fay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvOWIxZjk1LTNiMTgtNDgxMi05MjRlLTdiZmRhNjI1NDRjZS8x
L3BrRlQtczZDai1qUHA3d1otSVZPMmI0RDRYby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
OWIxZjk1LTNiMTgtNDgxMi05MjRlLTdiZmRhNjI1NDRjZS8xL0JkWllXVXRsTmtz
c0xsYW1wRjY3Qm9SN09Fay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEASXrXAMEAC4degMEALmhLQMEALmh
LwMEALn8nAMEAbn8ngMEAMLVHgMEAMNKUDANBgkqhkiG9w0BAQsFAAOCAQEAmfBj
U370+fM4n0fPg0Hf7GHLwLhBJR6OMKexaa62+Sy0+nGVsVx/vRZfI7xJz+pmaACE
SNb6L4QzC6Hr72jI273Dx9dOVSxmfNqHC/0Nf8HR8Boktp72N6juDSGqfEpf/RFO
hkIhouQf5nd+ItFxNDroDgwiTtXJzIlQHi5Kyge1dyqk3E0Elq55hWCKaGp5YGoD
546lUCJQ3QJV7YbTEdynh/wQ2FX96rt/ya1uqLlpMkrFKj7p1gwQBy9J1xOPcUzK
L8PcghNS5cjRSdW9VTrWmdGLivuNVenDNI3fkYzxjlSuGeskWS+lXQFpEVmpBnE+
9SnXcFXE7v1/EmR6Zw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:39 2023 by rpki-client on console-fra.rpki-client.org