Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/h2ndtJ2vBq7SL09dciFENmFNx9k.roa
File: h2ndtJ2vBq7SL09dciFENmFNx9k.roa (raw, json)
Hash identifier: JbEeAsdpLmuTSV2Zn31brYMJJUXf5I0Si7Z5cP6/KTQ=
Subject key identifier: 87:69:DD:B4:9D:AF:06:AE:D2:2F:4F:5D:72:21:44:36:61:4D:C7:D9
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 20131DC0
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/h2ndtJ2vBq7SL09dciFENmFNx9k.roa
Signing time: Sat 19 Feb 2022 20:54:08 +0000
ROA not before: Sat 19 Feb 2022 20:54:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60461
IP address blocks: 43.251.160.0/24 maxlen: 24
176.100.37.0/24 maxlen: 24
176.100.36.0/24 maxlen: 24
176.100.39.0/24 maxlen: 24
37.114.44.0/24 maxlen: 24
37.114.39.0/24 maxlen: 24
94.154.50.0/24 maxlen: 24
37.114.50.0/24 maxlen: 24
37.114.45.0/24 maxlen: 24
37.114.58.0/24 maxlen: 24
37.114.54.0/24 maxlen: 24
2a00:ccc3::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 538123712 (0x20131dc0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Feb 19 20:54:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8769ddb49daf06aed22f4f5d72214436614dc7d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:27:f4:17:bf:6a:f8:dc:98:d8:ce:3f:ae:fb:
11:7e:c7:8c:b4:38:37:ff:47:5d:03:84:2f:31:df:
7f:76:8c:e3:91:97:9e:9e:82:61:0d:85:13:65:19:
28:02:85:f5:90:4c:1d:f2:e4:8e:48:12:5b:b5:09:
0d:eb:25:8f:86:de:e7:50:cc:7d:9b:2f:91:ea:78:
fb:d9:55:d0:01:3d:44:52:6d:40:c3:4e:08:39:e4:
46:e4:22:86:2c:89:a4:19:28:e5:97:dd:4f:2e:87:
cb:0d:83:b0:61:38:3d:9b:8c:df:98:ea:a1:d0:84:
89:16:36:45:eb:bf:de:5e:27:99:d8:cf:96:64:74:
85:74:38:76:ff:ea:35:f8:65:90:22:d6:dc:2a:23:
c3:51:c1:93:75:b7:ce:2f:2a:36:37:0d:81:8d:42:
e3:94:75:60:4a:8c:72:75:f8:c7:2d:f8:63:69:34:
50:1d:b2:c8:21:6e:a9:51:ba:90:cb:15:f3:c6:c2:
fe:b6:54:8d:fc:46:44:ce:19:5d:b6:51:52:c6:3e:
85:97:e2:8f:85:11:37:8c:cf:bb:f7:32:92:38:80:
34:66:6a:04:fb:19:19:64:d4:a3:7a:80:9d:29:61:
34:a4:90:4b:54:a4:df:86:33:a4:c9:05:1c:61:ec:
7f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:69:DD:B4:9D:AF:06:AE:D2:2F:4F:5D:72:21:44:36:61:4D:C7:D9
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/h2ndtJ2vBq7SL09dciFENmFNx9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.39.0/24
37.114.44.0/23
37.114.50.0/24
37.114.54.0/24
37.114.58.0/24
43.251.160.0/24
94.154.50.0/24
176.100.36.0/23
176.100.39.0/24
IPv6:
2a00:ccc3::/32
Signature Algorithm: sha256WithRSAEncryption
29:0f:c1:6c:50:6f:41:79:6b:56:66:1a:0c:e4:f5:46:27:3c:
c2:c4:88:08:98:00:6f:8e:f9:2d:49:82:c5:52:67:b1:71:e8:
b4:aa:74:35:b2:99:7a:32:a2:27:9e:a7:2d:15:e4:1f:f3:63:
0d:5e:cc:60:d9:53:4b:63:82:60:9e:65:61:21:35:bd:79:7a:
54:84:24:44:30:65:96:f5:3d:1d:ad:1b:1d:a1:96:2d:48:86:
ef:f7:b8:15:6c:57:d0:b2:96:f2:24:a0:a3:f0:69:c2:47:26:
cf:b7:55:6f:7e:76:c1:13:2b:59:98:34:df:f5:bf:ac:4a:90:
9c:9e:ae:29:f5:50:4a:a2:65:c6:bd:6f:f9:a5:3f:58:f1:e3:
88:91:7c:e0:30:d9:ab:85:40:80:e7:65:5e:16:5d:91:a7:1a:
ab:0e:52:84:0a:1c:68:b1:b8:88:39:81:10:e6:61:fc:5b:d9:
dc:b6:af:e3:d3:2c:48:8f:7e:74:b8:78:40:b6:ba:25:e9:ac:
e7:1a:fa:b0:db:d9:97:8b:2e:9a:a7:4d:b0:05:23:89:88:da:
08:8a:39:4d:b9:c8:1b:7a:0b:89:79:eb:99:74:a6:23:c2:ed:
d7:46:8b:be:f7:fd:1a:8d:3d:66:78:5a:4a:94:c7:24:22:0f:
23:e6:83:02
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEIBMdwDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTY1OTNiNzQ3ZTc2YTU2NDkyNTExYmIzNjEyZTRkNWU0Y2JlN2VjMB4XDTIyMDIx
OTIwNTQwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODc2OWRkYjQ5ZGFm
MDZhZWQyMmY0ZjVkNzIyMTQ0MzY2MTRkYzdkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgn9Be/avjcmNjOP677EX7HjLQ4N/9HXQOELzHff3aM45GX
np6CYQ2FE2UZKAKF9ZBMHfLkjkgSW7UJDeslj4be51DMfZsvkep4+9lV0AE9RFJt
QMNOCDnkRuQihiyJpBko5ZfdTy6Hyw2DsGE4PZuM35jqodCEiRY2Reu/3l4nmdjP
lmR0hXQ4dv/qNfhlkCLW3Cojw1HBk3W3zi8qNjcNgY1C45R1YEqMcnX4xy34Y2k0
UB2yyCFuqVG6kMsV88bC/rZUjfxGRM4ZXbZRUsY+hZfij4URN4zPu/cykjiANGZq
BPsZGWTUo3qAnSlhNKSQS1Sk34YzpMkFHGHsf2UCAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBSHad20na8GrtIvT11yIUQ2YU3H2TAfBgNVHSMEGDAWgBQpZZO3R+dqVkkl
Ebs2EuTV5Mvn7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tXV1R0MGZuYWxaSkpSRzdOaExrMWVUTDUtdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvYzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8x
L2gybmR0SjJ2QnE3U0wwOWRjaUZFTm1GTng5ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
YzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8xL0tXV1R0MGZuYWxa
SkpSRzdOaExrMWVUTDUtdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEACVyJwMEASVyLAMEACVyMgMEACVy
NgMEACVyOgMEACv7oAMEAF6aMgMEAbBkJAMEALBkJzANBAIAAjAHAwUAKgDMwzAN
BgkqhkiG9w0BAQsFAAOCAQEAKQ/BbFBvQXlrVmYaDOT1Ric8wsSICJgAb475LUmC
xVJnsXHotKp0NbKZejKiJ56nLRXkH/NjDV7MYNlTS2OCYJ5lYSE1vXl6VIQkRDBl
lvU9Ha0bHaGWLUiG7/e4FWxX0LKW8iSgo/Bpwkcmz7dVb352wRMrWZg03/W/rEqQ
nJ6uKfVQSqJlxr1v+aU/WPHjiJF84DDZq4VAgOdlXhZdkacaqw5ShAocaLG4iDmB
EOZh/FvZ3Lav49MsSI9+dLh4QLa6Jems5xr6sNvZl4sumqdNsAUjiYjaCIo5TbnI
G3oLiXnrmXSmI8Lt10aLvvf9Go09ZnhaSpTHJCIPI+aDAg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:57 2024 by rpki-client on console-fra.rpki-client.org