Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/38LeNlCoinnfW8Q-trkut56UlSE.roa
File: 38LeNlCoinnfW8Q-trkut56UlSE.roa (raw, json)
Hash identifier: VIW6pU+z1AgLMBbky3+D7dSTWmBdREC3JEzdt4c3gbk=
Subject key identifier: DF:C2:DE:36:50:A8:8A:79:DF:5B:C4:3E:B6:B9:2E:B7:9E:94:95:21
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 018404BFD6F15C75CCC43AE5A215068BE710
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/38LeNlCoinnfW8Q-trkut56UlSE.roa
Signing time: Sun 23 Oct 2022 12:09:52 +0000
ROA not before: Sun 23 Oct 2022 12:09:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34471
IP address blocks: 185.228.124.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
46.28.160.0/21 maxlen: 24
91.242.148.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
176.56.64.0/19 maxlen: 24
193.246.154.0/23 maxlen: 24
193.246.156.0/23 maxlen: 24
89.40.84.0/22 maxlen: 24
185.4.32.0/22 maxlen: 24
185.176.107.0/24 maxlen: 24
31.25.176.0/21 maxlen: 24
185.239.163.0/24 maxlen: 24
185.239.160.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:04:bf:d6:f1:5c:75:cc:c4:3a:e5:a2:15:06:8b:e7:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Oct 23 12:09:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dfc2de3650a88a79df5bc43eb6b92eb79e949521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d5:c0:4d:c2:4d:5c:9b:ac:51:33:79:f5:d7:
45:1b:4f:f2:f1:1b:63:90:4b:cd:82:88:4c:9e:12:
36:dd:fa:86:4f:0c:49:88:c2:84:76:08:66:27:bc:
bc:6f:e5:e2:ad:38:dc:d6:11:38:87:af:0e:84:16:
67:59:44:d9:36:04:e3:17:3a:04:e5:c6:56:0b:8e:
4a:62:41:cf:9f:70:9f:5d:c8:ad:f7:a6:9a:85:76:
7d:fc:32:aa:38:71:df:4c:8b:6a:9a:66:08:2c:25:
a4:8f:90:aa:cb:96:93:86:a4:9b:a1:79:77:74:30:
a5:20:1b:92:ed:76:b3:5f:f6:b5:60:3d:11:39:02:
75:da:c8:d0:c8:5d:04:2f:63:6d:8b:6b:3a:b2:20:
a4:ab:d6:f1:48:e9:ec:f5:1a:9e:86:51:7a:bf:9f:
cb:06:c2:98:f2:8a:ec:06:24:97:9d:2b:ad:b9:b2:
6f:a8:59:f8:86:32:49:8e:4b:96:f0:23:75:5e:07:
c7:51:1a:ee:60:df:97:31:c0:52:a2:00:75:38:96:
c5:1d:e0:40:81:43:09:3c:73:ae:bc:9f:f3:b0:17:
52:4a:15:dc:4f:67:91:90:15:2d:33:ef:f0:f9:83:
dc:a5:7e:e6:99:47:88:13:ce:3c:e5:93:81:49:6e:
58:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:C2:DE:36:50:A8:8A:79:DF:5B:C4:3E:B6:B9:2E:B7:9E:94:95:21
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/38LeNlCoinnfW8Q-trkut56UlSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.176.0/21
46.28.160.0/21
89.40.84.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.4.32.0/22
185.5.84.0/22
185.176.104.0/22
185.228.124.0/22
185.239.160.0/24
185.239.163.0/24
193.246.154.0-193.246.157.255
Signature Algorithm: sha256WithRSAEncryption
b6:1d:52:82:68:65:1c:ab:82:27:b0:2b:f4:87:82:6a:9a:77:
8b:ca:5f:37:4b:66:24:d8:a3:f3:fd:e2:a3:1c:14:78:52:27:
42:69:18:69:6d:76:92:a9:1e:16:36:a6:e0:80:6b:65:63:26:
19:ed:1e:36:80:be:74:0a:95:2e:63:c6:fd:78:69:67:b6:6e:
1a:a3:3d:ea:09:ed:68:01:dc:66:a6:41:ee:e7:1f:84:21:5f:
84:36:ea:ae:42:0f:04:b2:b0:ed:24:51:62:b7:74:8c:49:01:
84:d5:76:9d:b5:a4:83:0a:25:47:64:94:fd:8c:91:a4:c0:c0:
cc:ae:d1:c8:01:ec:f3:d7:e1:52:1b:f2:97:fd:72:49:33:e2:
c0:db:1f:ee:7e:97:17:83:0f:8b:44:38:d0:78:18:13:bd:82:
fb:5b:7d:18:90:37:92:b4:55:46:34:b2:e9:ad:46:d5:73:f4:
96:60:2b:73:ee:bb:5f:35:b4:14:43:86:80:48:6a:08:75:2b:
bd:af:f2:51:9d:08:62:59:96:eb:22:c1:d5:26:2e:60:27:1f:
b9:bf:8d:ee:3b:de:4b:ee:61:11:1e:db:27:b6:c5:e8:db:71:
c7:f2:40:2e:cd:39:0b:a8:80:84:77:55:c7:0c:ca:82:19:a1:
0d:4a:6c:e3
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYQEv9bxXHXMxDrlohUGi+cQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjIxMDIzMTIwOTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmMyZGUzNjUwYTg4YTc5ZGY1YmM0M2ViNmI5MmViNzllOTQ5NTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNXATcJNXJusUTN59ddFG0/y8Rtj
kEvNgohMnhI23fqGTwxJiMKEdghmJ7y8b+XirTjc1hE4h68OhBZnWUTZNgTjFzoE
5cZWC45KYkHPn3CfXcit96aahXZ9/DKqOHHfTItqmmYILCWkj5Cqy5aThqSboXl3
dDClIBuS7XazX/a1YD0ROQJ12sjQyF0EL2Nti2s6siCkq9bxSOns9RqehlF6v5/L
BsKY8orsBiSXnSutubJvqFn4hjJJjkuW8CN1XgfHURruYN+XMcBSogB1OJbFHeBA
gUMJPHOuvJ/zsBdSShXcT2eRkBUtM+/w+YPcpX7mmUeIE8485ZOBSW5YcQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFN/C3jZQqIp531vEPra5LreelJUhMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvMzhMZU5sQ29pbm5mVzhRLXRya3V0NTZVbFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQDHxmwAwQD
LhygAwQCWShUAwQCW/KUAwQDbesQAwQFsDhAAwQCuQQgAwQCuQVUAwQCubBoAwQC
ueR8AwQAue+gAwQAue+jMAwDBAHB9poDBAHB9pwwDQYJKoZIhvcNAQELBQADggEB
ALYdUoJoZRyrgiewK/SHgmqad4vKXzdLZiTYo/P94qMcFHhSJ0JpGGltdpKpHhY2
puCAa2VjJhntHjaAvnQKlS5jxv14aWe2bhqjPeoJ7WgB3GamQe7nH4QhX4Q26q5C
DwSysO0kUWK3dIxJAYTVdp21pIMKJUdklP2MkaTAwMyu0cgB7PPX4VIb8pf9ckkz
4sDbH+5+lxeDD4tEONB4GBO9gvtbfRiQN5K0VUY0sumtRtVz9JZgK3Puu181tBRD
hoBIagh1K72v8lGdCGJZlusiwdUmLmAnH7m/je473kvuYREe2ye2xejbccfyQC7N
OQuogIR3VccMyoIZoQ1KbOM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:47 2024 by rpki-client on console-ams.rpki-client.org