Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/5Y-2gWbSYHfsSTv8kEQKwQqPoTk.roa
File: 5Y-2gWbSYHfsSTv8kEQKwQqPoTk.roa (raw, json)
Hash identifier: 8HSyrBqz/74vZ9W9uwYT5DG0DTEpybnPOl6Ee9k4guA=
Subject key identifier: E5:8F:B6:81:66:D2:60:77:EC:49:3B:FC:90:44:0A:C1:0A:8F:A1:39
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 0183FA83986DF381E749AF32496AB798D743
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/5Y-2gWbSYHfsSTv8kEQKwQqPoTk.roa
Signing time: Fri 21 Oct 2022 12:27:51 +0000
ROA not before: Fri 21 Oct 2022 12:27:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34471
IP address blocks: 185.228.124.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
185.228.127.0/24 maxlen: 24
185.228.126.0/24 maxlen: 24
185.176.104.0/22 maxlen: 24
46.28.160.0/24 maxlen: 24
91.242.148.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
176.56.64.0/19 maxlen: 24
193.246.154.0/24 maxlen: 24
193.246.156.0/23 maxlen: 24
193.246.155.0/24 maxlen: 24
89.40.84.0/22 maxlen: 24
31.25.176.0/21 maxlen: 24
185.176.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fa:83:98:6d:f3:81:e7:49:af:32:49:6a:b7:98:d7:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Oct 21 12:27:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e58fb68166d26077ec493bfc90440ac10a8fa139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a2:3d:54:40:d7:9e:e9:a5:53:80:9a:10:d2:
6c:71:ca:85:8c:6b:a1:a5:bb:7c:38:64:13:6a:c2:
3a:d8:7c:d1:c2:44:d5:cf:da:49:3b:aa:7f:45:c4:
8d:d6:3a:d8:2a:16:52:d0:dd:90:dc:2e:7f:f2:48:
f4:54:bb:2e:a2:02:dd:c7:37:33:17:53:b7:fb:92:
f6:31:dc:37:23:ec:16:f4:c1:e9:b1:d9:c1:ec:d0:
c0:c7:fc:c4:b6:ce:97:a3:ee:2b:f1:51:ac:2a:2e:
d8:db:4b:90:95:3f:7b:7a:fa:f0:97:75:c5:7f:d3:
bb:90:7f:49:43:ab:8a:b2:c8:e4:ad:7c:d3:e3:ca:
7b:1a:63:0e:a9:6e:a2:68:6c:e3:65:ca:f8:66:70:
e7:c7:44:46:24:8c:8f:9e:6b:3c:69:7a:dd:85:86:
01:37:ae:0a:7b:6e:11:74:34:25:d3:e6:a2:32:0f:
28:bc:37:ef:fb:b6:83:b3:d8:30:7b:22:61:c2:11:
5a:c1:ed:4c:76:3c:50:10:01:87:aa:c6:be:8f:af:
ed:6f:bb:94:3d:e9:cd:9d:57:51:2d:3d:08:51:31:
7a:fe:90:26:32:9e:1e:fb:85:4d:48:c5:7e:7b:f7:
31:1c:63:fc:9a:41:9f:3d:62:56:cb:99:e7:bd:27:
2c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:8F:B6:81:66:D2:60:77:EC:49:3B:FC:90:44:0A:C1:0A:8F:A1:39
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/5Y-2gWbSYHfsSTv8kEQKwQqPoTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.176.0/21
46.28.160.0/24
89.40.84.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.5.84.0/22
185.176.104.0/22
185.228.124.0/22
193.246.154.0-193.246.157.255
Signature Algorithm: sha256WithRSAEncryption
5f:f8:f1:ba:a8:39:9d:88:cc:8b:39:ba:cf:cf:1d:e7:4c:78:
7a:59:80:a4:7d:0c:18:c3:db:b9:f7:0c:af:f9:38:d1:84:af:
f6:31:ad:9a:06:84:89:5c:5b:7a:fe:61:6d:f6:8d:62:11:ac:
73:78:a0:83:2a:e9:69:19:f5:ce:6c:d7:c0:b2:3c:85:34:73:
db:7a:9f:26:03:4b:22:05:89:7f:43:55:57:09:4d:a4:bb:d2:
0b:49:4d:02:e9:a8:ff:8d:42:c4:26:df:bc:ad:76:d3:78:ab:
97:45:a5:d6:3e:e0:3e:8d:39:f4:3f:7b:0f:ab:f0:17:84:c5:
c7:8e:37:d6:32:5f:60:45:77:81:3f:46:47:59:5c:f1:50:30:
a1:3e:e2:0b:6c:90:f6:42:2e:2b:44:07:4e:e7:cf:02:f3:30:
73:81:4c:08:8f:7e:31:e7:11:3e:b7:32:3b:f1:02:73:78:20:
80:66:af:7a:26:cb:ed:ae:77:77:db:e3:f6:a4:7a:f8:e6:ef:
9d:1c:fd:26:c9:87:57:a1:7e:e4:1d:e2:02:8b:11:6b:95:b7:
af:61:ce:9e:b4:29:61:96:83:41:f6:29:f6:08:de:d3:45:df:
98:a6:05:fa:c3:d6:9e:ae:2b:96:fb:d1:e9:c3:c0:d6:5d:8a:
5d:6b:70:fe
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYP6g5ht84HnSa8ySWq3mNdDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjIxMDIxMTIyNzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNThmYjY4MTY2ZDI2MDc3ZWM0OTNiZmM5MDQ0MGFjMTBhOGZhMTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaI9VEDXnumlU4CaENJsccqFjGuh
pbt8OGQTasI62HzRwkTVz9pJO6p/RcSN1jrYKhZS0N2Q3C5/8kj0VLsuogLdxzcz
F1O3+5L2Mdw3I+wW9MHpsdnB7NDAx/zEts6Xo+4r8VGsKi7Y20uQlT97evrwl3XF
f9O7kH9JQ6uKssjkrXzT48p7GmMOqW6iaGzjZcr4ZnDnx0RGJIyPnms8aXrdhYYB
N64Ke24RdDQl0+aiMg8ovDfv+7aDs9gweyJhwhFawe1MdjxQEAGHqsa+j6/tb7uU
PenNnVdRLT0IUTF6/pAmMp4e+4VNSMV+e/cxHGP8mkGfPWJWy5nnvScswwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFOWPtoFm0mB37Ek7/JBECsEKj6E5MB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvNVktMmdXYlNZSGZzU1R2OGtFUUt3UXFQb1RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQDHxmwAwQA
LhygAwQCWShUAwQCW/KUAwQDbesQAwQFsDhAAwQCuQVUAwQCubBoAwQCueR8MAwD
BAHB9poDBAHB9pwwDQYJKoZIhvcNAQELBQADggEBAF/48bqoOZ2IzIs5us/PHedM
eHpZgKR9DBjD27n3DK/5ONGEr/YxrZoGhIlcW3r+YW32jWIRrHN4oIMq6WkZ9c5s
18CyPIU0c9t6nyYDSyIFiX9DVVcJTaS70gtJTQLpqP+NQsQm37ytdtN4q5dFpdY+
4D6NOfQ/ew+r8BeExceON9YyX2BFd4E/RkdZXPFQMKE+4gtskPZCLitEB07nzwLz
MHOBTAiPfjHnET63MjvxAnN4IIBmr3omy+2ud3fb4/akevjm750c/SbJh1ehfuQd
4gKLEWuVt69hzp60KWGWg0H2KfYI3tNF35imBfrD1p6uK5b70enDwNZdil1rcP4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:18 2024 by rpki-client on console-fra.rpki-client.org