Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/07d5eb-6211-4d7a-a96d-ee42745d8fd1/1/R-3vOVD46BUts1RUHdHZQ8KdGqA.roa
File: R-3vOVD46BUts1RUHdHZQ8KdGqA.roa (raw, json)
Hash identifier: FgHkE00MG3n/RaNBicnw4Q0KQpOLXYodAHSH1nWf1iA=
Subject key identifier: 47:ED:EF:39:50:F8:E8:15:2D:B3:54:54:1D:D1:D9:43:C2:9D:1A:A0
Certificate issuer: /CN=66ff1e6a5cc3c0697629f4afbb0b07ae79133c5c
Certificate serial: 105DEBF1
Authority key identifier: 66:FF:1E:6A:5C:C3:C0:69:76:29:F4:AF:BB:0B:07:AE:79:13:3C:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zv8ealzDwGl2KfSvuwsHrnkTPFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/07d5eb-6211-4d7a-a96d-ee42745d8fd1/1/R-3vOVD46BUts1RUHdHZQ8KdGqA.roa
Signing time: Sat 01 Jan 2022 11:55:14 +0000
ROA not before: Sat 01 Jan 2022 11:55:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50266
IP address blocks: 5.132.0.0/17 maxlen: 24
195.191.16.0/23 maxlen: 24
85.146.0.0/17 maxlen: 24
185.180.148.0/22 maxlen: 24
85.146.128.0/18 maxlen: 24
85.144.0.0/15 maxlen: 24
185.35.112.0/22 maxlen: 24
37.143.80.0/21 maxlen: 24
31.201.0.0/16 maxlen: 24
2a02:4240::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 274590705 (0x105debf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ff1e6a5cc3c0697629f4afbb0b07ae79133c5c
Validity
Not Before: Jan 1 11:55:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47edef3950f8e8152db354541dd1d943c29d1aa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:56:85:bf:2a:5e:6f:e3:a3:d5:53:a2:c4:d1:
ef:ab:ed:19:04:c3:54:a6:5a:06:be:73:9f:64:8f:
bf:d5:a4:25:37:4b:ce:02:a0:70:a5:4b:e8:7e:e9:
9a:8e:d2:25:5b:cb:79:64:9b:aa:7f:2e:fe:46:9d:
3e:f3:ea:ee:e8:a6:e2:81:52:1d:7e:37:c4:10:0b:
a1:3f:f5:08:4e:30:a8:2f:9a:18:ea:f1:f1:90:34:
dd:47:96:0b:c9:9c:03:18:fd:1a:58:8c:d1:b5:9f:
f2:95:60:5e:d4:e9:82:30:2e:7d:52:43:80:4a:a6:
7f:29:61:8a:15:6a:bf:ef:96:4d:d9:f1:f8:c6:0c:
86:c4:8a:49:52:e9:48:f7:ff:83:fa:52:6b:32:40:
f2:f0:4a:72:60:fd:7f:6b:a2:a9:1e:de:f6:bf:d2:
2d:58:d3:ad:2f:1e:ad:2c:eb:87:50:b3:13:4d:ad:
0d:33:b7:36:dd:90:d2:25:bf:c8:5c:5a:bb:f9:00:
33:df:80:07:48:2f:86:e3:b9:7e:dc:c8:30:71:1b:
fb:8e:71:88:9c:69:02:36:69:f7:58:b2:46:32:b3:
8a:be:54:40:fc:17:a5:a0:6d:79:f7:40:58:f6:a2:
0f:2b:17:e1:8c:fd:04:ce:98:d4:87:dc:be:6b:74:
3d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:ED:EF:39:50:F8:E8:15:2D:B3:54:54:1D:D1:D9:43:C2:9D:1A:A0
X509v3 Authority Key Identifier:
keyid:66:FF:1E:6A:5C:C3:C0:69:76:29:F4:AF:BB:0B:07:AE:79:13:3C:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zv8ealzDwGl2KfSvuwsHrnkTPFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/07d5eb-6211-4d7a-a96d-ee42745d8fd1/1/R-3vOVD46BUts1RUHdHZQ8KdGqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/07d5eb-6211-4d7a-a96d-ee42745d8fd1/1/Zv8ealzDwGl2KfSvuwsHrnkTPFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.132.0.0/17
31.201.0.0/16
37.143.80.0/21
85.144.0.0-85.146.191.255
185.35.112.0/22
185.180.148.0/22
195.191.16.0/23
IPv6:
2a02:4240::/32
Signature Algorithm: sha256WithRSAEncryption
7a:eb:b8:8c:5a:51:66:92:23:c7:24:bf:5f:9e:29:10:8a:66:
52:1e:3f:7d:1e:15:20:0e:1d:bd:7e:5c:a0:8a:08:e3:76:6a:
d9:69:31:8b:4c:78:92:98:a0:01:44:d8:62:e1:0e:31:91:01:
e4:1f:56:cb:9b:9f:df:fe:c4:6d:1b:be:c2:38:9b:63:69:67:
cc:ce:39:15:e7:7b:c5:8a:13:7c:ba:b5:c2:d6:25:4c:da:ee:
b8:2b:5e:4e:41:11:40:44:cb:e6:0d:a5:77:ca:f4:a4:bf:a3:
6a:b0:76:56:b7:72:5c:2d:a2:67:43:38:40:a5:92:19:5f:a7:
f2:fb:d7:db:7c:81:f9:8a:79:42:a1:f1:65:31:82:f4:d6:4a:
95:e3:86:ea:df:b1:f2:2f:88:8b:5c:ad:18:a1:eb:05:c4:20:
22:ac:03:26:2d:c9:0f:e8:fc:c8:f4:79:f6:b6:74:06:bf:c5:
5d:f3:7e:c9:8a:49:e4:ed:2f:1f:98:03:0c:e9:42:fd:81:ee:
50:b3:31:34:6a:6b:1c:9c:6c:2c:7c:4f:60:06:82:2b:74:60:
7d:49:d4:10:82:6a:cf:f3:3c:5b:46:8a:36:1a:36:11:52:f0:
33:e0:cf:c1:9a:da:47:e1:69:c6:c2:56:57:eb:10:ae:3a:cd:
d4:44:b8:ab
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEEF3r8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NmZmMWU2YTVjYzNjMDY5NzYyOWY0YWZiYjBiMDdhZTc5MTMzYzVjMB4XDTIyMDEw
MTExNTUxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDdlZGVmMzk1MGY4
ZTgxNTJkYjM1NDU0MWRkMWQ5NDNjMjlkMWFhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI5Whb8qXm/jo9VTosTR76vtGQTDVKZaBr5zn2SPv9WkJTdL
zgKgcKVL6H7pmo7SJVvLeWSbqn8u/kadPvPq7uim4oFSHX43xBALoT/1CE4wqC+a
GOrx8ZA03UeWC8mcAxj9GliM0bWf8pVgXtTpgjAufVJDgEqmfylhihVqv++WTdnx
+MYMhsSKSVLpSPf/g/pSazJA8vBKcmD9f2uiqR7e9r/SLVjTrS8erSzrh1CzE02t
DTO3Nt2Q0iW/yFxau/kAM9+AB0gvhuO5ftzIMHEb+45xiJxpAjZp91iyRjKzir5U
QPwXpaBtefdAWPaiDysX4Yz9BM6Y1Ifcvmt0PXUCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBRH7e85UPjoFS2zVFQd0dlDwp0aoDAfBgNVHSMEGDAWgBRm/x5qXMPAaXYp
9K+7CweueRM8XDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1p2OGVhbHpEd0dsMktmU3Z1d3NIcm5rVFBGdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvMDdkNWViLTYyMTEtNGQ3YS1hOTZkLWVlNDI3NDVkOGZkMS8x
L1ItM3ZPVkQ0NkJVdHMxUlVIZEhaUThLZEdxQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
MDdkNWViLTYyMTEtNGQ3YS1hOTZkLWVlNDI3NDVkOGZkMS8xL1p2OGVhbHpEd0ds
MktmU3Z1d3NIcm5rVFBGdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEBwWEAAMDAB/JAwQDJY9QMAsDAwRV
kAMEBlWSgAMEArkjcAMEArm0lAMEAcO/EDANBAIAAjAHAwUAKgJCQDANBgkqhkiG
9w0BAQsFAAOCAQEAeuu4jFpRZpIjxyS/X54pEIpmUh4/fR4VIA4dvX5coIoI43Zq
2Wkxi0x4kpigAUTYYuEOMZEB5B9Wy5uf3/7EbRu+wjibY2lnzM45Fed7xYoTfLq1
wtYlTNruuCteTkERQETL5g2ld8r0pL+jarB2VrdyXC2iZ0M4QKWSGV+n8vvX23yB
+Yp5QqHxZTGC9NZKleOG6t+x8i+Ii1ytGKHrBcQgIqwDJi3JD+j8yPR59rZ0Br/F
XfN+yYpJ5O0vH5gDDOlC/YHuULMxNGprHJxsLHxPYAaCK3RgfUnUEIJqz/M8W0aK
Nho2EVLwM+DPwZraR+FpxsJWV+sQrjrN1ES4qw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:46 2024 by rpki-client on console-ams.rpki-client.org