Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/SrNUzxxzUeTksMFHsGUzTNZ7o8M.roa
File: SrNUzxxzUeTksMFHsGUzTNZ7o8M.roa (raw, json)
Hash identifier: IdwMtQLWLzVKVzLDSNUr3GVBKO+Xo4San+mMC2dZhqg=
Subject key identifier: 4A:B3:54:CF:1C:73:51:E4:E4:B0:C1:47:B0:65:33:4C:D6:7B:A3:C3
Certificate issuer: /CN=af121cd6e11da095f856d79deec469d0c6358494
Certificate serial: 0256A0DF
Authority key identifier: AF:12:1C:D6:E1:1D:A0:95:F8:56:D7:9D:EE:C4:69:D0:C6:35:84:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/SrNUzxxzUeTksMFHsGUzTNZ7o8M.roa
Signing time: Sat 01 Jan 2022 08:04:30 +0000
ROA not before: Sat 01 Jan 2022 08:04:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19905
IP address blocks: 185.62.136.0/22 maxlen: 24
185.160.65.0/24 maxlen: 24
185.160.66.0/23 maxlen: 24
185.141.188.0/22 maxlen: 24
185.148.128.0/22 maxlen: 24
185.149.112.0/22 maxlen: 24
185.52.148.0/22 maxlen: 24
185.146.20.0/22 maxlen: 24
185.143.44.0/22 maxlen: 24
185.168.108.0/22 maxlen: 24
185.133.20.0/22 maxlen: 24
185.132.4.0/22 maxlen: 24
185.166.145.0/24 maxlen: 24
185.166.146.0/23 maxlen: 24
185.148.44.0/22 maxlen: 24
185.151.48.0/22 maxlen: 24
85.187.128.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39231711 (0x256a0df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af121cd6e11da095f856d79deec469d0c6358494
Validity
Not Before: Jan 1 08:04:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ab354cf1c7351e4e4b0c147b065334cd67ba3c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:0f:b1:ac:6e:8c:18:25:d2:dc:ad:73:77:37:
92:d4:8c:12:b7:22:df:71:cb:b0:23:43:75:d7:dc:
9c:7e:1a:d8:74:5a:78:3c:84:3f:bf:b8:85:75:f1:
22:41:c8:e9:3e:59:2d:ee:e2:01:5d:d3:79:84:52:
46:3b:c5:8d:53:ad:40:5a:0b:51:e5:f9:f5:3c:ca:
0c:df:b8:6f:f9:a3:49:cd:a5:68:0d:af:52:c5:f2:
dd:18:2b:a2:f0:28:da:29:7f:3e:f4:bc:ed:0b:20:
1c:f0:9f:87:2e:5d:75:b3:4c:a5:04:43:2a:2e:f0:
4b:e2:08:c7:75:0e:96:d5:ae:2b:26:fb:c6:9c:70:
17:11:a5:e1:17:13:82:25:ea:45:33:ef:4a:02:9d:
e2:a4:ee:d6:7f:af:94:c2:db:57:ca:34:00:44:cc:
6b:2c:d5:65:99:7a:20:35:b4:24:37:9b:3f:f5:6b:
da:82:f1:b3:40:59:9a:21:d6:16:d8:ac:66:60:f7:
3e:c6:a8:a9:6c:73:61:a9:d4:26:47:b4:14:7e:af:
8d:42:4a:8e:82:a9:a4:91:7f:39:b3:6d:cc:a4:4d:
ea:bd:9e:8b:82:59:f5:7d:43:85:28:66:41:84:81:
ff:e4:bf:31:ea:25:eb:a7:86:4c:54:3c:a0:5c:3f:
b7:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:B3:54:CF:1C:73:51:E4:E4:B0:C1:47:B0:65:33:4C:D6:7B:A3:C3
X509v3 Authority Key Identifier:
keyid:AF:12:1C:D6:E1:1D:A0:95:F8:56:D7:9D:EE:C4:69:D0:C6:35:84:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/SrNUzxxzUeTksMFHsGUzTNZ7o8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rxIc1uEdoJX4Vted7sRp0MY1hJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.128.0/19
185.52.148.0/22
185.62.136.0/22
185.132.4.0/22
185.133.20.0/22
185.141.188.0/22
185.143.44.0/22
185.146.20.0/22
185.148.44.0/22
185.148.128.0/22
185.149.112.0/22
185.151.48.0/22
185.160.65.0-185.160.67.255
185.166.145.0-185.166.147.255
185.168.108.0/22
Signature Algorithm: sha256WithRSAEncryption
34:6b:7e:e8:a8:44:e9:bc:d8:ea:b1:ca:a0:3b:36:20:d5:32:
80:70:4b:86:e0:73:85:40:dd:39:64:d5:e5:ff:92:2f:bd:82:
40:22:ff:ae:66:50:c1:e1:34:4d:b4:f8:db:76:76:96:82:b2:
3c:37:44:55:8d:34:52:38:90:60:49:f3:73:87:a6:c7:58:87:
48:5c:85:c5:1d:c7:ad:77:80:20:cd:60:c4:ef:fb:3a:46:ab:
75:2d:07:9f:87:f5:a6:6c:0b:e6:b2:4c:74:17:20:32:aa:76:
d3:88:d4:50:e4:04:ca:7c:ec:09:50:10:f4:6f:33:e5:34:47:
dd:6a:15:97:1e:cf:5d:11:11:dd:29:97:83:39:db:00:b5:d9:
18:b1:3b:1c:a7:20:e3:ce:44:09:80:46:b2:aa:c4:08:20:3e:
6c:81:18:64:f0:69:fd:e7:80:25:47:6c:9a:5d:fb:dd:6f:59:
6f:db:43:8b:b3:19:03:10:a2:87:d7:5a:2f:17:59:50:fb:3d:
25:1c:ec:c3:15:4d:dc:ee:2a:e6:2d:7b:88:e7:b6:04:00:1d:
48:14:ce:fa:d6:c1:00:c6:35:68:38:67:49:a3:ec:09:c7:99:
a6:15:b1:ac:b7:d4:f3:01:bb:4c:7f:c2:d6:87:0e:26:77:81:
23:08:bf:f4
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIEAlag3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZjEyMWNkNmUxMWRhMDk1Zjg1NmQ3OWRlZWM0NjlkMGM2MzU4NDk0MB4XDTIyMDEw
MTA4MDQzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGFiMzU0Y2YxYzcz
NTFlNGU0YjBjMTQ3YjA2NTMzNGNkNjdiYTNjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMYPsaxujBgl0tytc3c3ktSMErci33HLsCNDddfcnH4a2HRa
eDyEP7+4hXXxIkHI6T5ZLe7iAV3TeYRSRjvFjVOtQFoLUeX59TzKDN+4b/mjSc2l
aA2vUsXy3RgrovAo2il/PvS87QsgHPCfhy5ddbNMpQRDKi7wS+IIx3UOltWuKyb7
xpxwFxGl4RcTgiXqRTPvSgKd4qTu1n+vlMLbV8o0AETMayzVZZl6IDW0JDebP/Vr
2oLxs0BZmiHWFtisZmD3PsaoqWxzYanUJke0FH6vjUJKjoKppJF/ObNtzKRN6r2e
i4JZ9X1DhShmQYSB/+S/Meol66eGTFQ8oFw/t5UCAwEAAaOCAm4wggJqMB0GA1Ud
DgQWBBRKs1TPHHNR5OSwwUewZTNM1nujwzAfBgNVHSMEGDAWgBSvEhzW4R2glfhW
153uxGnQxjWElDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3J4SWMxdUVkb0pYNFZ0ZWQ3c1JwME1ZMWhKUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvZmQ2MDY5LTQxNzktNDViZS1iODJhLWFmM2Y3OTRhZTYwNy8x
L1NyTlV6eHh6VWVUa3NNRkhzR1V6VE5aN284TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
ZmQ2MDY5LTQxNzktNDViZS1iODJhLWFmM2Y3OTRhZTYwNy8xL3J4SWMxdUVkb0pY
NFZ0ZWQ3c1JwME1ZMWhKUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
gwYIKwYBBQUHAQcBAf8EdDByMHAEAgABMGoDBAVVu4ADBAK5NJQDBAK5PogDBAK5
hAQDBAK5hRQDBAK5jbwDBAK5jywDBAK5khQDBAK5lCwDBAK5lIADBAK5lXADBAK5
lzAwDAMEALmgQQMEArmgQDAMAwQAuaaRAwQCuaaQAwQCuahsMA0GCSqGSIb3DQEB
CwUAA4IBAQA0a37oqETpvNjqscqgOzYg1TKAcEuG4HOFQN05ZNXl/5IvvYJAIv+u
ZlDB4TRNtPjbdnaWgrI8N0RVjTRSOJBgSfNzh6bHWIdIXIXFHcetd4AgzWDE7/s6
Rqt1LQefh/WmbAvmskx0FyAyqnbTiNRQ5ATKfOwJUBD0bzPlNEfdahWXHs9dERHd
KZeDOdsAtdkYsTscpyDjzkQJgEayqsQIID5sgRhk8Gn954AlR2yaXfvdb1lv20OL
sxkDEKKH11ovF1lQ+z0lHOzDFU3c7irmLXuI57YEAB1IFM761sEAxjVoOGdJo+wJ
x5mmFbGst9TzAbtMf8LWhw4md4EjCL/0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:06 2024 by rpki-client on console-fra.rpki-client.org