Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/hEN5DPvBME3_KgJPdksR_Lg0g18.roa
File: hEN5DPvBME3_KgJPdksR_Lg0g18.roa (raw, json)
Hash identifier: hcKHWrHhQmigXrWlm+AIb6N660tiMApyw8Pg9u3jwnA=
Subject key identifier: 84:43:79:0C:FB:C1:30:4D:FF:2A:02:4F:76:4B:11:FC:B8:34:83:5F
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 0183FB14415CF7CBFCA459E52A40757E55CF
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/hEN5DPvBME3_KgJPdksR_Lg0g18.roa
Signing time: Fri 21 Oct 2022 15:05:52 +0000
ROA not before: Fri 21 Oct 2022 15:05:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34471
IP address blocks: 185.228.124.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
185.228.127.0/24 maxlen: 24
185.228.126.0/24 maxlen: 24
185.176.104.0/22 maxlen: 24
46.28.160.0/24 maxlen: 24
91.242.148.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
176.56.64.0/19 maxlen: 24
193.246.154.0/24 maxlen: 24
193.246.156.0/23 maxlen: 24
193.246.155.0/24 maxlen: 24
89.40.84.0/22 maxlen: 24
185.4.33.0/24 maxlen: 24
185.4.32.0/22 maxlen: 22
185.4.32.0/24 maxlen: 24
185.4.35.0/24 maxlen: 24
185.4.34.0/24 maxlen: 24
185.176.107.0/24 maxlen: 24
31.25.176.0/21 maxlen: 24
185.239.163.0/24 maxlen: 24
185.239.160.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fb:14:41:5c:f7:cb:fc:a4:59:e5:2a:40:75:7e:55:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Oct 21 15:05:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8443790cfbc1304dff2a024f764b11fcb834835f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a1:6e:32:05:7f:38:35:2a:d5:e1:cf:18:91:
8c:d7:42:d1:ae:ea:5e:66:e1:bb:eb:8c:6d:6a:49:
d4:94:e6:88:84:ac:d2:d6:1a:8c:4e:d4:ee:08:97:
37:0b:5d:82:5a:de:4e:cd:58:db:aa:90:cb:6d:d1:
e6:5d:e1:86:93:55:d3:a5:e9:a6:c6:0b:a9:75:f9:
cc:ae:3a:f7:39:67:a0:74:02:5b:6f:bb:d7:40:32:
d9:93:94:d8:87:d2:22:c5:03:81:20:95:f5:93:48:
ee:2b:8b:06:b6:2e:14:77:0a:4a:52:90:c9:bf:02:
b9:7b:0f:f0:4c:eb:f1:4d:8d:36:f0:a1:76:a6:62:
3f:8e:46:be:e9:f7:a1:a1:23:18:62:e3:13:07:dc:
f1:8e:c0:ae:a7:b1:6d:7e:bf:73:7b:5b:80:ea:aa:
44:e9:ef:ea:61:15:2c:66:d7:30:19:31:95:ce:ce:
82:6c:ee:d0:52:36:f5:c4:b4:da:c2:64:0c:aa:3d:
61:ba:02:ec:80:ed:c7:0b:b3:ad:9c:33:90:5e:63:
1f:c5:98:bb:97:ff:86:f8:9e:0c:65:e0:ad:30:ed:
63:c2:07:cc:2e:b8:8d:3a:1e:8b:91:fa:4e:12:83:
05:a2:eb:24:b9:98:d1:80:db:ce:f3:e0:8d:64:e4:
0b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:43:79:0C:FB:C1:30:4D:FF:2A:02:4F:76:4B:11:FC:B8:34:83:5F
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/hEN5DPvBME3_KgJPdksR_Lg0g18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.176.0/21
46.28.160.0/24
89.40.84.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.4.32.0/22
185.5.84.0/22
185.176.104.0/22
185.228.124.0/22
185.239.160.0/24
185.239.163.0/24
193.246.154.0-193.246.157.255
Signature Algorithm: sha256WithRSAEncryption
39:73:48:63:6c:5f:a7:a7:d3:fe:51:d0:c8:de:9e:e4:a7:87:
a3:bc:f3:eb:c1:d2:ae:d8:e3:11:79:fa:ea:47:ab:25:4e:6c:
32:9b:b9:92:66:23:46:5a:6b:32:9d:28:02:a0:5f:ee:a1:9f:
3f:c9:13:bb:5d:9c:c5:d0:8c:27:73:a1:60:0b:4f:95:9f:43:
7e:68:b1:57:47:ab:07:9a:a7:0c:ab:67:2c:d2:a5:e8:d6:4e:
a7:35:af:3a:e5:9e:d7:90:04:ae:4f:79:a0:92:e4:bd:59:e0:
0a:1b:34:44:be:a2:38:bf:42:5e:01:6e:e5:14:f8:b3:b9:25:
f9:b2:fd:3c:99:f3:bb:18:7a:95:49:16:5e:7b:54:40:5e:94:
a0:ad:75:17:7e:f4:dd:51:7a:52:21:23:7d:94:9c:c4:20:91:
34:12:3d:9f:70:6a:ee:61:25:c5:2e:96:be:95:93:89:07:af:
45:a6:cf:8a:00:94:e6:8f:39:b6:85:60:73:ff:e3:e5:ba:0e:
b8:f6:ce:c5:99:78:fa:68:d6:69:a4:98:03:1c:01:5f:43:42:
81:a0:97:76:4a:aa:91:82:3e:ed:40:30:ff:56:14:aa:c3:82:
31:73:99:f1:be:7e:82:a0:1b:e4:a4:dc:87:2a:35:a5:97:c4:
c1:d2:30:d8
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYP7FEFc98v8pFnlKkB1flXPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjIxMDIxMTUwNTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDQzNzkwY2ZiYzEzMDRkZmYyYTAyNGY3NjRiMTFmY2I4MzQ4MzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6FuMgV/ODUq1eHPGJGM10LRrupe
ZuG764xtaknUlOaIhKzS1hqMTtTuCJc3C12CWt5OzVjbqpDLbdHmXeGGk1XTpemm
xgupdfnMrjr3OWegdAJbb7vXQDLZk5TYh9IixQOBIJX1k0juK4sGti4UdwpKUpDJ
vwK5ew/wTOvxTY028KF2pmI/jka+6fehoSMYYuMTB9zxjsCup7Ftfr9ze1uA6qpE
6e/qYRUsZtcwGTGVzs6CbO7QUjb1xLTawmQMqj1hugLsgO3HC7OtnDOQXmMfxZi7
l/+G+J4MZeCtMO1jwgfMLriNOh6LkfpOEoMFouskuZjRgNvO8+CNZOQLvQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFIRDeQz7wTBN/yoCT3ZLEfy4NINfMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvaEVONURQdkJNRTNfS2dKUGRrc1JfTGcwZzE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQDHxmwAwQA
LhygAwQCWShUAwQCW/KUAwQDbesQAwQFsDhAAwQCuQQgAwQCuQVUAwQCubBoAwQC
ueR8AwQAue+gAwQAue+jMAwDBAHB9poDBAHB9pwwDQYJKoZIhvcNAQELBQADggEB
ADlzSGNsX6en0/5R0MjenuSnh6O88+vB0q7Y4xF5+upHqyVObDKbuZJmI0ZaazKd
KAKgX+6hnz/JE7tdnMXQjCdzoWALT5WfQ35osVdHqweapwyrZyzSpejWTqc1rzrl
nteQBK5PeaCS5L1Z4AobNES+oji/Ql4BbuUU+LO5Jfmy/TyZ87sYepVJFl57VEBe
lKCtdRd+9N1RelIhI32UnMQgkTQSPZ9wau5hJcUulr6Vk4kHr0Wmz4oAlOaPObaF
YHP/4+W6Drj2zsWZePpo1mmkmAMcAV9DQoGgl3ZKqpGCPu1AMP9WFKrDgjFzmfG+
foKgG+Sk3IcqNaWXxMHSMNg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:11 2023 by rpki-client on console-fra.rpki-client.org