Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/tHmRZoev4Tt6_S8CfuRuwv_qROo.roa
File: tHmRZoev4Tt6_S8CfuRuwv_qROo.roa (raw, json)
Hash identifier: CVh/k6icGFiaAqs16JwX+rANb7X/hGUXnsUQtBdjPXE=
Subject key identifier: B4:79:91:66:87:AF:E1:3B:7A:FD:2F:02:7E:E4:6E:C2:FF:EA:44:EA
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 01848D30AF2CFFE52917DF3B5B41C279F547
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/tHmRZoev4Tt6_S8CfuRuwv_qROo.roa
Signing time: Sat 19 Nov 2022 00:01:28 +0000
ROA not before: Sat 19 Nov 2022 00:01:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34471
IP address blocks: 185.228.124.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
46.28.160.0/21 maxlen: 24
185.10.248.0/22 maxlen: 24
91.242.148.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
185.83.132.0/22 maxlen: 24
176.56.64.0/19 maxlen: 24
193.246.154.0/23 maxlen: 24
193.246.156.0/23 maxlen: 24
89.40.84.0/22 maxlen: 24
185.4.32.0/22 maxlen: 24
31.25.176.0/21 maxlen: 24
185.239.160.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8d:30:af:2c:ff:e5:29:17:df:3b:5b:41:c2:79:f5:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Nov 19 00:01:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b479916687afe13b7afd2f027ee46ec2ffea44ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:da:b9:1d:98:d3:53:2e:a2:c6:f1:de:20:e7:
b8:d4:7d:2b:8b:55:0f:4a:d2:fa:56:ce:68:b8:c1:
fc:e0:a2:27:d0:cc:8d:f6:1e:83:72:83:fc:e1:98:
f7:18:32:ff:0b:26:49:6f:d6:2c:73:55:27:b9:84:
ed:9c:e5:b4:b8:df:a6:12:40:78:10:b4:96:04:bf:
eb:cc:be:96:74:64:fb:5a:dc:b3:0d:02:23:ca:08:
24:f5:24:3b:75:f6:87:4e:1c:60:45:27:6a:af:69:
ce:21:bc:1d:cb:b6:c9:e0:6c:28:1c:8e:9b:f6:65:
c2:83:c7:05:17:a4:26:7d:4d:b6:e9:7f:df:66:0f:
91:5c:83:ec:72:b0:5e:2f:a5:e3:39:67:ba:bd:b1:
33:e9:53:e9:ed:a5:cf:8e:f7:1f:bc:b9:c8:30:83:
f2:fe:74:18:62:4a:1d:b1:4d:28:15:e1:0b:95:f7:
5e:02:9b:b6:86:51:4a:57:0f:11:2a:56:27:3a:a2:
3e:6e:42:dc:c5:1a:77:2d:f9:d7:df:9c:9f:44:8d:
85:43:33:e0:de:ac:9b:14:be:8f:8f:17:b5:7d:9b:
10:5a:19:0a:b1:77:ee:2f:81:83:f7:f2:b0:cd:75:
15:c8:05:46:91:58:ab:6c:68:46:54:0f:ef:ba:06:
4c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:79:91:66:87:AF:E1:3B:7A:FD:2F:02:7E:E4:6E:C2:FF:EA:44:EA
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/tHmRZoev4Tt6_S8CfuRuwv_qROo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.176.0/21
46.28.160.0/21
89.40.84.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.4.32.0/22
185.5.84.0/22
185.10.248.0/22
185.83.132.0/22
185.176.104.0/22
185.228.124.0/22
185.239.160.0/22
193.246.154.0-193.246.157.255
Signature Algorithm: sha256WithRSAEncryption
82:6a:2c:11:04:86:d3:61:63:e3:da:f7:9a:76:ab:f6:72:02:
15:2f:db:72:22:9a:85:59:82:9b:cc:8d:50:62:f7:ef:a6:49:
c9:db:12:17:1a:b8:91:35:00:24:cd:12:d8:11:1c:44:0b:e4:
47:be:bc:93:7c:b4:18:d1:f9:1f:24:67:ca:2b:73:22:92:2a:
6a:2c:c6:c3:c8:87:31:d4:2e:c0:f1:e9:ad:2e:1f:ec:84:fa:
52:c3:f2:2e:46:88:93:5a:6b:6f:46:f3:eb:41:3d:e5:03:61:
be:02:ed:a7:ec:5f:cd:62:3e:2c:22:8d:d8:5e:cc:7a:8a:72:
a1:cb:ae:de:28:a7:c6:ec:67:a1:fa:ca:ce:3b:02:4a:ce:81:
18:65:9d:c4:64:fa:97:05:5d:0f:4c:97:25:36:e0:3c:16:a0:
67:c5:f4:ad:d0:8d:d2:29:54:08:07:14:12:0e:f6:f2:a5:70:
23:d7:89:f9:57:a4:9c:dc:e4:2c:f7:9d:08:4a:74:63:57:47:
76:43:2d:46:57:8b:3e:bb:75:d7:bc:2f:19:03:02:81:b2:27:
9a:b6:96:8e:6f:85:d9:cc:a7:4f:55:ce:f0:88:0e:6c:9d:09:
04:a2:80:b2:dc:48:3d:6f:cd:54:40:66:c8:48:8e:39:43:d7:
f5:54:de:d7
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYSNMK8s/+UpF987W0HCefVHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjIxMTE5MDAwMTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDc5OTE2Njg3YWZlMTNiN2FmZDJmMDI3ZWU0NmVjMmZmZWE0NGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9q5HZjTUy6ixvHeIOe41H0ri1UP
StL6Vs5ouMH84KIn0MyN9h6DcoP84Zj3GDL/CyZJb9Ysc1UnuYTtnOW0uN+mEkB4
ELSWBL/rzL6WdGT7WtyzDQIjyggk9SQ7dfaHThxgRSdqr2nOIbwdy7bJ4GwoHI6b
9mXCg8cFF6QmfU226X/fZg+RXIPscrBeL6XjOWe6vbEz6VPp7aXPjvcfvLnIMIPy
/nQYYkodsU0oFeELlfdeApu2hlFKVw8RKlYnOqI+bkLcxRp3LfnX35yfRI2FQzPg
3qybFL6Pjxe1fZsQWhkKsXfuL4GD9/KwzXUVyAVGkVirbGhGVA/vugZMfQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFLR5kWaHr+E7ev0vAn7kbsL/6kTqMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvdEhtUlpvZXY0VHQ2X1M4Q2Z1UnV3dl9xUk9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQDHxmwAwQD
LhygAwQCWShUAwQCW/KUAwQDbesQAwQFsDhAAwQCuQQgAwQCuQVUAwQCuQr4AwQC
uVOEAwQCubBoAwQCueR8AwQCue+gMAwDBAHB9poDBAHB9pwwDQYJKoZIhvcNAQEL
BQADggEBAIJqLBEEhtNhY+Pa95p2q/ZyAhUv23IimoVZgpvMjVBi9++mScnbEhca
uJE1ACTNEtgRHEQL5Ee+vJN8tBjR+R8kZ8orcyKSKmosxsPIhzHULsDx6a0uH+yE
+lLD8i5GiJNaa29G8+tBPeUDYb4C7afsX81iPiwijdhezHqKcqHLrt4op8bsZ6H6
ys47AkrOgRhlncRk+pcFXQ9MlyU24DwWoGfF9K3QjdIpVAgHFBIO9vKlcCPXiflX
pJzc5Cz3nQhKdGNXR3ZDLUZXiz67dde8LxkDAoGyJ5q2lo5vhdnMp09VzvCIDmyd
CQSigLLcSD1vzVRAZshIjjlD1/VU3tc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:18 2024 by rpki-client on console-fra.rpki-client.org