Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/7NtSOKE2o1Zj6OK8Ug860wNakkk.roa
File: 7NtSOKE2o1Zj6OK8Ug860wNakkk.roa (raw, json)
Hash identifier: Ac+V2fBTOQ1Z9vwjWI3qwj2Xb2y0jJtc8OLckuSYKhQ=
Subject key identifier: EC:DB:52:38:A1:36:A3:56:63:E8:E2:BC:52:0F:3A:D3:03:5A:92:49
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 018405E125ABB0CA04BB08DB13A7760171FC
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/7NtSOKE2o1Zj6OK8Ug860wNakkk.roa
Signing time: Sun 23 Oct 2022 17:25:52 +0000
ROA not before: Sun 23 Oct 2022 17:25:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34471
IP address blocks: 185.228.124.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
46.28.160.0/21 maxlen: 24
185.10.248.0/22 maxlen: 24
91.242.148.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
176.56.64.0/19 maxlen: 24
193.246.154.0/23 maxlen: 24
193.246.156.0/23 maxlen: 24
89.40.84.0/22 maxlen: 24
185.4.32.0/22 maxlen: 24
31.25.176.0/21 maxlen: 24
185.239.163.0/24 maxlen: 24
185.239.160.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:05:e1:25:ab:b0:ca:04:bb:08:db:13:a7:76:01:71:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Oct 23 17:25:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ecdb5238a136a35663e8e2bc520f3ad3035a9249
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d1:59:17:91:a2:17:6f:cb:a5:d2:20:b7:6f:
9c:3e:0a:e6:02:6a:56:10:b1:47:10:47:7d:16:d3:
ae:71:4d:ac:f4:c6:75:65:06:24:95:2b:af:b7:49:
db:52:02:9c:e7:76:20:e9:b4:35:56:54:a4:ae:1f:
40:3b:d7:83:e3:f5:2b:85:4a:4b:24:36:fe:a2:21:
fe:68:e0:3f:9a:e4:97:35:3b:0d:dd:96:cb:39:f6:
01:db:99:7c:31:31:a6:7e:bb:53:9d:90:8a:18:5d:
44:52:96:d2:c3:0b:1c:32:44:e9:50:0c:f5:f1:22:
b5:7c:85:d1:de:00:b6:8d:05:df:dd:9d:3d:e3:3a:
a0:ab:0b:ed:1f:f4:9f:7c:29:f0:e2:36:2c:c9:d1:
96:52:9c:a6:2c:64:af:43:2c:54:7f:72:4d:19:29:
df:52:a6:18:b1:50:fa:c3:37:36:f0:67:74:85:cb:
12:15:38:bf:94:0d:4b:9f:8f:e1:f9:90:f4:d4:02:
ce:44:61:b5:a3:4b:e4:84:5d:fd:66:10:61:11:00:
7c:c4:81:7d:5c:0e:35:ac:0e:09:45:e8:32:af:22:
02:a0:74:11:6a:6e:1a:91:80:f1:47:81:a5:d4:20:
27:ad:c6:9b:68:53:af:a7:a4:c6:a8:12:88:1c:0e:
b1:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:DB:52:38:A1:36:A3:56:63:E8:E2:BC:52:0F:3A:D3:03:5A:92:49
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/7NtSOKE2o1Zj6OK8Ug860wNakkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.176.0/21
46.28.160.0/21
89.40.84.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.4.32.0/22
185.5.84.0/22
185.10.248.0/22
185.176.104.0/22
185.228.124.0/22
185.239.160.0/24
185.239.163.0/24
193.246.154.0-193.246.157.255
Signature Algorithm: sha256WithRSAEncryption
23:3c:71:c6:09:53:cb:ed:47:58:6c:b9:d2:ac:03:2a:d3:54:
bb:d1:de:b6:e1:a6:17:f8:09:de:c5:90:83:27:46:2f:8f:90:
12:be:ea:1c:1b:5f:22:97:71:65:7c:ff:b3:1f:aa:6b:64:24:
2c:54:91:af:7f:2b:93:75:2d:10:8e:9a:65:18:32:fc:7b:0b:
80:6c:35:66:59:f0:d7:24:de:39:2d:87:ec:e2:1a:a0:3e:02:
82:5d:64:cb:59:a9:bb:6a:6d:1c:3e:44:5d:1b:22:18:05:6e:
d0:f8:e4:64:40:93:d7:17:ce:9e:02:b7:a4:f1:12:a5:67:b4:
96:da:9d:24:c1:57:11:08:58:e9:34:49:e4:2a:81:6f:92:0a:
10:05:26:ee:32:c5:5a:53:11:3f:6b:8f:c3:fe:9c:67:e1:98:
7e:63:32:1f:83:ef:73:52:ef:64:cc:7d:e0:02:3f:b2:03:1d:
39:bf:9c:25:a5:84:87:c4:59:eb:d1:0f:b6:a4:c8:50:83:11:
90:6d:48:1c:fa:5c:1f:69:bb:7f:71:d6:98:8f:ea:60:4c:db:
90:39:44:c8:27:b9:5d:2f:48:bd:5c:3e:00:67:eb:eb:ec:59:
24:98:37:44:de:ab:2b:2f:e9:06:06:a7:cc:19:31:8b:a2:39:
f1:1b:e0:b9
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYQF4SWrsMoEuwjbE6d2AXH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjIxMDIzMTcyNTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2RiNTIzOGExMzZhMzU2NjNlOGUyYmM1MjBmM2FkMzAzNWE5MjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNFZF5GiF2/LpdIgt2+cPgrmAmpW
ELFHEEd9FtOucU2s9MZ1ZQYklSuvt0nbUgKc53Yg6bQ1VlSkrh9AO9eD4/UrhUpL
JDb+oiH+aOA/muSXNTsN3ZbLOfYB25l8MTGmfrtTnZCKGF1EUpbSwwscMkTpUAz1
8SK1fIXR3gC2jQXf3Z094zqgqwvtH/SffCnw4jYsydGWUpymLGSvQyxUf3JNGSnf
UqYYsVD6wzc28Gd0hcsSFTi/lA1Ln4/h+ZD01ALORGG1o0vkhF39ZhBhEQB8xIF9
XA41rA4JRegyryICoHQRam4akYDxR4Gl1CAnrcabaFOvp6TGqBKIHA6xlwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFOzbUjihNqNWY+jivFIPOtMDWpJJMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvN050U09LRTJvMVpqNk9LOFVnODYwd05ha2trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQDHxmwAwQD
LhygAwQCWShUAwQCW/KUAwQDbesQAwQFsDhAAwQCuQQgAwQCuQVUAwQCuQr4AwQC
ubBoAwQCueR8AwQAue+gAwQAue+jMAwDBAHB9poDBAHB9pwwDQYJKoZIhvcNAQEL
BQADggEBACM8ccYJU8vtR1hsudKsAyrTVLvR3rbhphf4Cd7FkIMnRi+PkBK+6hwb
XyKXcWV8/7MfqmtkJCxUka9/K5N1LRCOmmUYMvx7C4BsNWZZ8Nck3jkth+ziGqA+
AoJdZMtZqbtqbRw+RF0bIhgFbtD45GRAk9cXzp4Ct6TxEqVntJbanSTBVxEIWOk0
SeQqgW+SChAFJu4yxVpTET9rj8P+nGfhmH5jMh+D73NS72TMfeACP7IDHTm/nCWl
hIfEWevRD7akyFCDEZBtSBz6XB9pu39x1piP6mBM25A5RMgnuV0vSL1cPgBn6+vs
WSSYN0Teqysv6QYGp8wZMYuiOfEb4Lk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:47 2024 by rpki-client on console-ams.rpki-client.org