Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/w22638DergwdlSRfjs1tqkgTmdA.roa
File: w22638DergwdlSRfjs1tqkgTmdA.roa (raw, json)
Hash identifier: luaHh4x2ua3eyHHfIJqUHGamUPCtTOnq+TaGb/6QClg=
Subject key identifier: C3:6D:BA:DF:C0:DE:AE:0C:1D:95:24:5F:8E:CD:6D:AA:48:13:99:D0
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 0184010FED7302D929D41D7F822FB3FB6D6E
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/w22638DergwdlSRfjs1tqkgTmdA.roa
Signing time: Sat 22 Oct 2022 18:58:51 +0000
ROA not before: Sat 22 Oct 2022 18:58:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34471
IP address blocks: 185.228.124.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
46.28.160.0/24 maxlen: 24
91.242.148.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
176.56.64.0/19 maxlen: 24
193.246.154.0/23 maxlen: 24
193.246.156.0/23 maxlen: 24
89.40.84.0/22 maxlen: 24
185.4.32.0/22 maxlen: 24
185.176.107.0/24 maxlen: 24
31.25.176.0/21 maxlen: 24
185.239.163.0/24 maxlen: 24
185.239.160.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:01:0f:ed:73:02:d9:29:d4:1d:7f:82:2f:b3:fb:6d:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Oct 22 18:58:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c36dbadfc0deae0c1d95245f8ecd6daa481399d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2e:66:fb:3f:a3:2e:3e:a5:50:cf:f2:b5:e0:
aa:64:1e:51:e7:80:ce:8d:c0:26:bc:54:b3:98:c2:
42:b1:6d:95:bd:45:d7:3e:53:5a:24:85:f1:e9:fd:
09:fa:22:85:94:68:16:4d:cc:15:4c:5d:d5:51:65:
76:06:cb:15:0b:c3:a5:dc:ad:2a:7b:c3:85:2e:bb:
92:c3:08:17:01:32:db:ee:57:73:2a:36:d1:46:ca:
4b:4b:3c:98:19:bd:97:fe:35:fb:24:19:9f:80:c2:
3d:6f:4f:8b:1a:da:f2:f6:08:d4:de:cb:aa:53:1c:
5a:ff:40:03:c4:c4:99:d6:d0:93:22:ad:5d:d8:86:
4f:af:ac:17:12:ea:2a:13:46:51:41:e7:1d:c1:66:
34:88:cd:ae:2c:3b:4c:eb:bf:a2:15:11:29:3b:cf:
d9:9c:cf:79:50:a7:c0:ad:21:26:dd:af:da:02:f6:
ca:96:07:09:b2:ad:5f:7e:4d:cb:bb:00:74:db:7e:
f6:5e:20:8b:16:52:2d:e2:23:ff:a7:49:54:22:ef:
bb:81:fb:6d:52:bf:6b:56:de:dd:04:93:9a:e1:60:
9c:a4:44:9b:eb:6e:72:5b:5d:da:56:01:20:e2:f6:
13:d2:09:2c:9a:f2:45:f8:41:bd:65:e4:7b:29:c8:
b8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:6D:BA:DF:C0:DE:AE:0C:1D:95:24:5F:8E:CD:6D:AA:48:13:99:D0
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/w22638DergwdlSRfjs1tqkgTmdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.176.0/21
46.28.160.0/24
89.40.84.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.4.32.0/22
185.5.84.0/22
185.176.104.0/22
185.228.124.0/22
185.239.160.0/24
185.239.163.0/24
193.246.154.0-193.246.157.255
Signature Algorithm: sha256WithRSAEncryption
49:d0:89:34:f4:aa:7e:b8:6a:b8:87:d8:bd:26:03:eb:ce:3f:
44:1f:d9:35:a2:5a:d9:8e:01:0b:12:11:90:3d:28:39:80:e2:
29:bd:32:0e:7a:1a:c4:1f:ff:01:49:a3:a7:1b:fd:8e:d7:43:
81:ec:d2:f0:79:b3:a6:8b:21:76:a5:73:15:f4:3d:32:3c:43:
7e:2c:2e:1f:08:78:03:97:49:7f:5d:ab:a4:f2:63:3b:99:1c:
56:3e:e0:18:5f:0f:cd:e2:cc:28:52:24:d0:49:dc:9e:93:ef:
25:c8:e3:ed:a0:0f:f6:50:2d:93:20:60:9a:d0:4e:c4:d5:fb:
e9:2a:e3:9b:09:00:5c:08:0d:75:88:55:18:5f:4c:30:51:bc:
91:93:73:f1:e2:9b:84:36:84:ad:b9:61:b3:88:6a:b2:a1:0a:
52:4c:15:08:8b:04:5e:8e:03:bb:c3:5b:aa:7e:04:c8:b4:cb:
fe:5b:23:d3:2f:ef:fd:b3:fc:a8:0a:e7:9d:13:47:e5:8c:2b:
90:b6:71:2c:38:68:de:e5:64:70:95:ba:98:54:61:78:22:56:
d1:3f:61:ba:c9:57:c8:73:f5:52:2e:c5:d5:e1:6a:95:c5:42:
77:90:8b:95:6c:92:59:5a:14:55:dc:d0:d4:c0:80:39:6c:3d:
b3:4f:48:3d
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYQBD+1zAtkp1B1/gi+z+21uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjIxMDIyMTg1ODUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzZkYmFkZmMwZGVhZTBjMWQ5NTI0NWY4ZWNkNmRhYTQ4MTM5OWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApC5m+z+jLj6lUM/yteCqZB5R54DO
jcAmvFSzmMJCsW2VvUXXPlNaJIXx6f0J+iKFlGgWTcwVTF3VUWV2BssVC8Ol3K0q
e8OFLruSwwgXATLb7ldzKjbRRspLSzyYGb2X/jX7JBmfgMI9b0+LGtry9gjU3suq
Uxxa/0ADxMSZ1tCTIq1d2IZPr6wXEuoqE0ZRQecdwWY0iM2uLDtM67+iFREpO8/Z
nM95UKfArSEm3a/aAvbKlgcJsq1ffk3LuwB02372XiCLFlIt4iP/p0lUIu+7gftt
Ur9rVt7dBJOa4WCcpESb625yW13aVgEg4vYT0gksmvJF+EG9ZeR7Kci4iwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFMNtut/A3q4MHZUkX47NbapIE5nQMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvdzIyNjM4RGVyZ3dkbFNSZmpzMXRxa2dUbWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQDHxmwAwQA
LhygAwQCWShUAwQCW/KUAwQDbesQAwQFsDhAAwQCuQQgAwQCuQVUAwQCubBoAwQC
ueR8AwQAue+gAwQAue+jMAwDBAHB9poDBAHB9pwwDQYJKoZIhvcNAQELBQADggEB
AEnQiTT0qn64ariH2L0mA+vOP0Qf2TWiWtmOAQsSEZA9KDmA4im9Mg56GsQf/wFJ
o6cb/Y7XQ4Hs0vB5s6aLIXalcxX0PTI8Q34sLh8IeAOXSX9dq6TyYzuZHFY+4Bhf
D83izChSJNBJ3J6T7yXI4+2gD/ZQLZMgYJrQTsTV++kq45sJAFwIDXWIVRhfTDBR
vJGTc/Him4Q2hK25YbOIarKhClJMFQiLBF6OA7vDW6p+BMi0y/5bI9Mv7/2z/KgK
550TR+WMK5C2cSw4aN7lZHCVuphUYXgiVtE/YbrJV8hz9VIuxdXhapXFQneQi5Vs
kllaFFXc0NTAgDlsPbNPSD0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:47 2024 by rpki-client on console-ams.rpki-client.org