Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/_JjP3CyrSdN-GaTL_z1B1SyjH2o.roa
File: _JjP3CyrSdN-GaTL_z1B1SyjH2o.roa (raw, json)
Hash identifier: +5FzPtvgChG3QvqiDdfZOV7hx/jBg5P5tuCcN/KB+UE=
Subject key identifier: FC:98:CF:DC:2C:AB:49:D3:7E:19:A4:CB:FF:3D:41:D5:2C:A3:1F:6A
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 0184C9897CDB5F3541AA5F2D6E49D7BF0BD9
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/_JjP3CyrSdN-GaTL_z1B1SyjH2o.roa
Signing time: Wed 30 Nov 2022 17:15:41 +0000
ROA not before: Wed 30 Nov 2022 17:15:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34471
IP address blocks: 185.228.124.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
46.28.160.0/21 maxlen: 24
185.10.248.0/22 maxlen: 24
91.242.148.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
185.83.132.0/22 maxlen: 24
176.56.64.0/19 maxlen: 24
185.70.152.0/22 maxlen: 24
193.246.154.0/23 maxlen: 24
193.246.156.0/23 maxlen: 24
89.40.84.0/22 maxlen: 24
185.4.32.0/22 maxlen: 24
31.25.176.0/21 maxlen: 24
185.239.160.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c9:89:7c:db:5f:35:41:aa:5f:2d:6e:49:d7:bf:0b:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Nov 30 17:15:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc98cfdc2cab49d37e19a4cbff3d41d52ca31f6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:bf:f6:07:7b:dd:3f:cd:1d:65:db:e1:00:b8:
d7:99:fd:c0:35:cd:8b:8a:9e:fb:37:3b:b1:60:66:
fd:ee:67:9d:b4:ae:67:f0:bb:2a:0b:2e:0e:27:b5:
91:c8:c0:10:f1:3b:86:13:89:2b:f3:07:58:cc:f9:
85:e5:52:c3:01:70:f7:eb:e3:63:d3:76:30:a6:2f:
75:98:f8:c3:55:12:78:41:4a:5e:80:34:84:94:45:
1d:52:3e:b3:93:f9:05:fa:c4:86:bd:60:58:4b:cd:
c4:5d:9f:d7:2e:37:10:e5:ca:18:79:43:c1:52:83:
80:1a:df:df:a8:03:72:44:65:97:6b:9d:27:49:1a:
51:de:a4:e7:78:53:2c:d6:4c:c2:1b:01:04:cf:be:
c6:48:da:c2:29:66:85:c2:25:20:ef:f5:a9:40:9b:
9e:bf:b8:da:f0:d7:11:80:11:2b:eb:6c:de:ff:a0:
ef:ae:ed:64:7e:90:9c:c7:3c:79:92:bf:90:a4:c0:
a2:12:67:60:71:66:91:35:b1:27:09:a4:a4:ce:ce:
bd:5d:d6:44:43:cb:ed:62:47:42:de:56:fc:67:9d:
29:24:8d:ff:1a:66:19:15:eb:dc:83:92:1a:de:60:
c4:c6:b0:3b:10:d0:76:4c:02:96:b8:88:92:a4:62:
94:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:98:CF:DC:2C:AB:49:D3:7E:19:A4:CB:FF:3D:41:D5:2C:A3:1F:6A
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/_JjP3CyrSdN-GaTL_z1B1SyjH2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.176.0/21
46.28.160.0/21
89.40.84.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.4.32.0/22
185.5.84.0/22
185.10.248.0/22
185.70.152.0/22
185.83.132.0/22
185.176.104.0/22
185.228.124.0/22
185.239.160.0/22
193.246.154.0-193.246.157.255
Signature Algorithm: sha256WithRSAEncryption
8a:5b:94:95:e9:05:6b:79:f3:f6:0b:e0:86:82:53:09:a3:d9:
80:9d:9f:04:fc:25:17:c5:60:05:3f:d6:2b:1a:28:23:29:9f:
48:7a:e2:aa:a5:9e:d4:c4:4a:1b:fb:a4:6f:dc:29:ba:e3:5c:
51:c4:b4:ed:42:02:55:52:f7:13:af:44:59:dc:31:39:9a:bd:
9d:79:f6:0d:2b:7a:27:5f:c7:7d:e7:2b:89:48:7a:52:b2:c7:
1a:f1:7e:7d:fe:9c:08:e9:ee:5d:58:4c:c5:43:47:20:41:1a:
ac:e9:4e:91:b2:40:c5:54:5e:2d:cc:4e:ba:6a:32:40:da:57:
03:c3:6c:b1:2b:d4:47:07:6a:fd:11:d1:dc:83:e7:6f:e0:21:
a7:cc:de:cf:94:7c:92:c6:f0:2d:89:b0:69:ed:db:9b:50:4e:
c1:75:6e:98:24:fb:a1:bd:43:d7:b4:65:da:fc:4d:9e:aa:85:
53:72:42:f0:96:c0:24:50:92:c5:6f:cd:10:7a:31:7d:05:8b:
47:7a:de:60:cb:3c:63:11:f5:34:c1:e7:66:fd:b4:c9:fc:df:
ca:c0:13:79:44:81:52:6e:c9:98:e0:eb:d3:8f:63:7b:15:4b:
74:0c:86:13:73:df:ab:64:80:b5:54:a5:de:a1:b1:d2:fd:5d:
0a:f3:a5:ec
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYTJiXzbXzVBql8tbknXvwvZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjIxMTMwMTcxNTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzk4Y2ZkYzJjYWI0OWQzN2UxOWE0Y2JmZjNkNDFkNTJjYTMxZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAob/2B3vdP80dZdvhALjXmf3ANc2L
ip77NzuxYGb97medtK5n8LsqCy4OJ7WRyMAQ8TuGE4kr8wdYzPmF5VLDAXD36+Nj
03Ywpi91mPjDVRJ4QUpegDSElEUdUj6zk/kF+sSGvWBYS83EXZ/XLjcQ5coYeUPB
UoOAGt/fqANyRGWXa50nSRpR3qTneFMs1kzCGwEEz77GSNrCKWaFwiUg7/WpQJue
v7ja8NcRgBEr62ze/6Dvru1kfpCcxzx5kr+QpMCiEmdgcWaRNbEnCaSkzs69XdZE
Q8vtYkdC3lb8Z50pJI3/GmYZFevcg5Ia3mDExrA7ENB2TAKWuIiSpGKUTQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFPyYz9wsq0nTfhmky/89QdUsox9qMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvX0pqUDNDeXJTZE4tR2FUTF96MUIxU3lqSDJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQDHxmwAwQD
LhygAwQCWShUAwQCW/KUAwQDbesQAwQFsDhAAwQCuQQgAwQCuQVUAwQCuQr4AwQC
uUaYAwQCuVOEAwQCubBoAwQCueR8AwQCue+gMAwDBAHB9poDBAHB9pwwDQYJKoZI
hvcNAQELBQADggEBAIpblJXpBWt58/YL4IaCUwmj2YCdnwT8JRfFYAU/1isaKCMp
n0h64qqlntTEShv7pG/cKbrjXFHEtO1CAlVS9xOvRFncMTmavZ159g0reidfx33n
K4lIelKyxxrxfn3+nAjp7l1YTMVDRyBBGqzpTpGyQMVUXi3MTrpqMkDaVwPDbLEr
1EcHav0R0dyD52/gIafM3s+UfJLG8C2JsGnt25tQTsF1bpgk+6G9Q9e0Zdr8TZ6q
hVNyQvCWwCRQksVvzRB6MX0Fi0d63mDLPGMR9TTB52b9tMn838rAE3lEgVJuyZjg
69OPY3sVS3QMhhNz36tkgLVUpd6hsdL9XQrzpew=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:18 2024 by rpki-client on console-fra.rpki-client.org