Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/iFNvG8V-C2k-sQo0q10oAsyFXoA.roa
File: iFNvG8V-C2k-sQo0q10oAsyFXoA.roa (raw, json)
Hash identifier: M1bH6xltYno/ULLr9K8m5RhKu0YtRksmaUY0GhzTt9A=
Subject key identifier: 88:53:6F:1B:C5:7E:0B:69:3E:B1:0A:34:AB:5D:28:02:CC:85:5E:80
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 1BD65DE1
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/iFNvG8V-C2k-sQo0q10oAsyFXoA.roa
Signing time: Tue 03 May 2022 09:11:19 +0000
ROA not before: Tue 03 May 2022 09:11:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198357
IP address blocks: 5.159.48.0/24 maxlen: 24
5.159.50.0/24 maxlen: 24
5.159.51.0/24 maxlen: 24
5.159.53.0/24 maxlen: 24
5.159.55.0/24 maxlen: 24
5.159.52.0/24 maxlen: 24
188.240.212.0/24 maxlen: 24
185.3.202.0/24 maxlen: 24
185.3.201.0/24 maxlen: 24
185.3.203.0/24 maxlen: 24
89.46.219.0/24 maxlen: 24
89.46.216.0/24 maxlen: 24
89.46.216.0/22 maxlen: 22
89.46.218.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 467033569 (0x1bd65de1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: May 3 09:11:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88536f1bc57e0b693eb10a34ab5d2802cc855e80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8c:a6:0e:bd:64:1e:f1:79:4c:28:3a:26:6e:
67:31:46:a9:3d:9c:58:7d:22:19:f1:63:d3:26:37:
69:e5:9a:94:52:ed:51:fa:98:87:75:ff:bb:a0:15:
8f:5f:7f:1f:9c:4b:e1:7e:1d:ee:5f:d8:5a:b7:7e:
a4:15:e1:3f:1b:65:58:5f:7a:9e:6b:e4:be:be:76:
5e:0d:78:94:32:3f:e0:69:7d:0b:ba:7d:c8:fd:50:
19:3a:71:48:98:51:50:75:55:ef:db:b9:89:84:c3:
36:48:18:a4:00:57:b2:13:fa:c9:58:bd:76:54:16:
d3:10:af:0b:88:c7:65:11:ad:ab:d9:c4:8b:83:68:
be:00:a7:49:21:4d:b7:93:db:6a:66:ae:8b:4e:f7:
27:1a:87:6a:5f:49:4d:f0:0f:b0:c3:74:66:59:53:
01:38:a2:be:ee:a6:a1:a8:00:7a:f5:5c:2e:b1:14:
39:ee:f4:ca:5a:e2:7d:b4:7f:23:53:ad:d1:34:bd:
62:99:94:ff:ea:cb:fa:b5:ec:3b:83:a4:80:13:3b:
5b:4a:c1:cb:9c:19:46:86:c8:65:90:ca:cc:8c:cd:
69:11:42:34:1b:9c:3e:08:f6:98:b1:22:36:00:6d:
fc:6f:de:29:10:dc:ff:da:34:69:55:08:4c:5c:bf:
85:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:53:6F:1B:C5:7E:0B:69:3E:B1:0A:34:AB:5D:28:02:CC:85:5E:80
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/iFNvG8V-C2k-sQo0q10oAsyFXoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.48.0/24
5.159.50.0-5.159.53.255
5.159.55.0/24
89.46.216.0/22
185.3.201.0-185.3.203.255
188.240.212.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:93:14:05:1b:63:83:a6:fb:98:ff:12:e5:bc:3c:12:10:fb:
f2:81:c8:8f:f8:db:6e:28:ce:66:8e:63:33:17:ac:ff:dc:8b:
79:bd:39:eb:aa:26:d6:6f:bb:54:16:c4:37:0d:97:e0:1f:09:
09:93:32:54:db:c9:16:99:a4:57:5c:12:09:e8:3f:63:76:4e:
e6:15:9f:11:c5:3a:4e:b9:1c:8f:d0:80:6f:43:9f:a1:d1:c6:
77:84:f0:14:c2:53:d6:ff:28:32:82:6c:36:fb:a0:d6:b7:8b:
85:4c:c8:c7:6c:55:47:f6:bd:d8:ed:d7:3d:54:4e:c0:f4:8a:
2c:14:aa:4b:76:a4:33:3e:09:f0:a3:76:33:e1:bc:ce:66:75:
17:68:f5:af:76:c9:22:c9:89:cd:67:cd:cd:b8:d6:80:2e:8f:
f8:11:ee:59:b1:f5:cc:fb:1d:d9:92:66:1d:84:12:a5:2f:46:
67:67:59:d1:2c:65:c2:44:85:c3:14:05:96:d7:4b:8a:f8:bf:
77:11:4d:b7:55:82:11:fb:74:df:c3:88:47:1e:01:65:ac:26:
b5:c3:bd:5c:a8:b3:a5:1a:40:5a:c5:2b:35:00:9a:c1:30:c0:
a4:ff:3f:61:dd:d1:c4:0b:3b:48:fc:ab:44:82:72:08:d3:c6:
a6:3c:d5:3c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEG9Zd4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZGRiMzhiMzQzZGEyZDExOTMwOWVkYWExOWM3YTc4ODcwMzI3ZWJlMB4XDTIyMDUw
MzA5MTExOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODg1MzZmMWJjNTdl
MGI2OTNlYjEwYTM0YWI1ZDI4MDJjYzg1NWU4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMGMpg69ZB7xeUwoOiZuZzFGqT2cWH0iGfFj0yY3aeWalFLt
UfqYh3X/u6AVj19/H5xL4X4d7l/YWrd+pBXhPxtlWF96nmvkvr52Xg14lDI/4Gl9
C7p9yP1QGTpxSJhRUHVV79u5iYTDNkgYpABXshP6yVi9dlQW0xCvC4jHZRGtq9nE
i4NovgCnSSFNt5Pbamaui073JxqHal9JTfAPsMN0ZllTATiivu6moagAevVcLrEU
Oe70ylrifbR/I1Ot0TS9YpmU/+rL+rXsO4OkgBM7W0rBy5wZRobIZZDKzIzNaRFC
NBucPgj2mLEiNgBt/G/eKRDc/9o0aVUITFy/hSMCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBSIU28bxX4LaT6xCjSrXSgCzIVegDAfBgNVHSMEGDAWgBRt2zizQ9otEZMJ
7aoZx6eIcDJ+vjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JkczRzMFBhTFJHVENlMnFHY2VuaUhBeWZyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvYzk2MWEwLTRmNTMtNDIyYS1iN2RkLTNkZmE1MTBkNmIxNi8x
L2lGTnZHOFYtQzJrLXNRbzBxMTBvQXN5RlhvQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
Yzk2MWEwLTRmNTMtNDIyYS1iN2RkLTNkZmE1MTBkNmIxNi8xL2JkczRzMFBhTFJH
VENlMnFHY2VuaUhBeWZyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwOgQCAAEwNAMEAAWfMDAMAwQBBZ8yAwQBBZ80AwQA
BZ83AwQCWS7YMAwDBAC5A8kDBAK5A8gDBAC88NQwDQYJKoZIhvcNAQELBQADggEB
ADyTFAUbY4Om+5j/EuW8PBIQ+/KByI/4224ozmaOYzMXrP/ci3m9OeuqJtZvu1QW
xDcNl+AfCQmTMlTbyRaZpFdcEgnoP2N2TuYVnxHFOk65HI/QgG9Dn6HRxneE8BTC
U9b/KDKCbDb7oNa3i4VMyMdsVUf2vdjt1z1UTsD0iiwUqkt2pDM+CfCjdjPhvM5m
dRdo9a92ySLJic1nzc241oAuj/gR7lmx9cz7HdmSZh2EEqUvRmdnWdEsZcJEhcMU
BZbXS4r4v3cRTbdVghH7dN/DiEceAWWsJrXDvVyos6UaQFrFKzUAmsEwwKT/P2Hd
0cQLO0j8q0SCcgjTxqY81Tw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:51 2024 by rpki-client on console-fra.rpki-client.org