Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/330e4d-a9d9-4b7e-863c-6f3aa8943e68/1/L5eyTH30RYJPfuByDi07F5jd8a8.roa
File: L5eyTH30RYJPfuByDi07F5jd8a8.roa (raw, json)
Hash identifier: 6XJNXBJeR3LzhJA8WoHz71z7Qr+51TlUqvwBW/1HoOI=
Subject key identifier: 2F:97:B2:4C:7D:F4:45:82:4F:7E:E0:72:0E:2D:3B:17:98:DD:F1:AF
Certificate issuer: /CN=8d5f066af80d0e9f07ea87b24bdafa59d1f5f26f
Certificate serial: 372E2BFE
Authority key identifier: 8D:5F:06:6A:F8:0D:0E:9F:07:EA:87:B2:4B:DA:FA:59:D1:F5:F2:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jV8GavgNDp8H6oeyS9r6WdH18m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/330e4d-a9d9-4b7e-863c-6f3aa8943e68/1/L5eyTH30RYJPfuByDi07F5jd8a8.roa
Signing time: Mon 23 May 2022 08:23:31 +0000
ROA not before: Mon 23 May 2022 08:23:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57356
IP address blocks: 194.140.215.0/24 maxlen: 24
194.140.216.0/22 maxlen: 22
194.140.214.0/24 maxlen: 24
194.140.222.0/23 maxlen: 23
194.140.222.0/24 maxlen: 24
194.140.223.0/24 maxlen: 24
194.140.220.0/23 maxlen: 23
87.117.84.0/23 maxlen: 23
87.117.80.0/22 maxlen: 22
87.117.80.0/20 maxlen: 20
87.117.88.0/22 maxlen: 22
87.117.86.0/23 maxlen: 23
87.117.92.0/22 maxlen: 22
194.140.212.0/22 maxlen: 22
194.140.212.0/24 maxlen: 24
194.140.210.0/23 maxlen: 23
194.140.208.0/22 maxlen: 22
194.140.208.0/23 maxlen: 23
194.140.208.0/20 maxlen: 20
194.140.213.0/24 maxlen: 24
91.185.176.0/22 maxlen: 22
31.216.0.0/20 maxlen: 20
91.185.176.0/21 maxlen: 21
185.20.164.0/23 maxlen: 23
185.20.164.0/22 maxlen: 22
31.216.0.0/21 maxlen: 21
91.185.180.0/22 maxlen: 22
185.20.166.0/23 maxlen: 23
31.216.8.0/21 maxlen: 21
86.111.160.0/21 maxlen: 21
86.111.160.0/20 maxlen: 20
86.111.172.0/23 maxlen: 23
86.111.168.0/22 maxlen: 22
86.111.174.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 925772798 (0x372e2bfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d5f066af80d0e9f07ea87b24bdafa59d1f5f26f
Validity
Not Before: May 23 08:23:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f97b24c7df445824f7ee0720e2d3b1798ddf1af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9a:f9:d8:a5:39:22:df:0a:29:07:11:72:b3:
a2:0b:2c:72:a6:15:60:d5:f7:03:9b:8f:ac:12:c6:
57:70:3e:2f:32:f4:72:8d:3d:75:c7:91:f0:2c:e1:
82:eb:be:03:15:21:c2:5d:3c:b5:5a:39:a9:ba:c5:
b2:64:01:1c:d8:25:c8:a1:7a:e3:96:01:28:8d:fd:
f4:d2:9d:c1:3c:d0:ff:b4:78:a0:32:a6:d4:54:8a:
54:b1:b9:a6:f8:d5:d0:c7:61:51:1a:00:e8:80:ef:
d1:c6:29:5e:0d:50:e0:bf:7f:ac:f4:cb:09:a9:fe:
3a:14:80:e6:d6:49:73:6c:73:99:a0:19:95:68:f5:
36:da:87:8e:55:f7:cb:00:18:fb:06:4c:d1:4c:71:
72:9d:cf:69:70:f7:d2:c6:0d:f7:db:8a:92:5d:cb:
28:3c:fb:69:3b:37:93:c2:a1:69:13:d0:7b:49:36:
58:d8:cf:5a:60:f3:2c:fe:a3:10:0a:e1:68:ec:36:
e9:fb:30:16:10:69:de:64:31:1f:c8:bb:fd:a9:af:
89:1a:b8:ef:0f:70:76:e9:84:11:6b:c0:75:aa:79:
c2:90:ca:41:fc:33:74:c9:52:b8:17:12:c0:bd:92:
18:f5:ea:3d:40:ac:24:8e:2d:f0:a7:16:d0:fa:f2:
c3:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:97:B2:4C:7D:F4:45:82:4F:7E:E0:72:0E:2D:3B:17:98:DD:F1:AF
X509v3 Authority Key Identifier:
keyid:8D:5F:06:6A:F8:0D:0E:9F:07:EA:87:B2:4B:DA:FA:59:D1:F5:F2:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jV8GavgNDp8H6oeyS9r6WdH18m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/330e4d-a9d9-4b7e-863c-6f3aa8943e68/1/L5eyTH30RYJPfuByDi07F5jd8a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/330e4d-a9d9-4b7e-863c-6f3aa8943e68/1/jV8GavgNDp8H6oeyS9r6WdH18m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.0.0/20
86.111.160.0/20
87.117.80.0/20
91.185.176.0/21
185.20.164.0/22
194.140.208.0/20
Signature Algorithm: sha256WithRSAEncryption
54:e4:be:9e:b4:a5:7f:0f:95:25:79:d9:16:df:b1:0b:57:f0:
8f:ce:34:31:e1:81:cc:8b:80:f7:68:e0:27:ce:25:e1:c7:4e:
e6:d1:03:2c:9f:38:95:8c:85:4b:28:98:df:bf:03:5a:5f:40:
29:90:02:e9:d7:dd:24:42:c0:94:8c:17:bb:61:93:1a:d1:f5:
92:11:b7:a4:ad:7b:0d:f2:de:a0:77:e2:33:6d:98:e8:89:8c:
7f:57:94:7d:3d:de:04:7b:05:b1:ca:8d:c0:ee:d6:a5:44:c0:
a3:e3:08:54:75:a9:d2:08:5a:d7:5d:fc:26:c6:9a:43:5f:ae:
7a:64:80:c4:29:b8:42:39:42:40:e0:e0:1d:55:8e:cb:65:b8:
f8:c3:b5:f1:ea:94:96:77:7b:91:12:e8:f5:a0:a4:6c:95:4d:
1f:c8:08:f5:20:39:73:46:d9:a6:1f:2d:74:bf:56:8b:d4:15:
f4:e8:80:7c:f8:39:08:47:95:70:80:2f:7d:14:dc:b8:9d:1d:
0d:1e:d6:d8:4e:25:38:e3:89:18:49:04:8e:4c:6b:65:04:1e:
5c:4f:73:75:93:08:98:53:a8:34:05:db:7c:5e:0c:6e:25:b9:
c4:e1:5a:6b:79:39:c7:59:2e:86:6e:af:65:72:da:c6:08:fd:
5d:17:ff:c0
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIENy4r/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDVmMDY2YWY4MGQwZTlmMDdlYTg3YjI0YmRhZmE1OWQxZjVmMjZmMB4XDTIyMDUy
MzA4MjMzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmY5N2IyNGM3ZGY0
NDU4MjRmN2VlMDcyMGUyZDNiMTc5OGRkZjFhZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALea+dilOSLfCikHEXKzogsscqYVYNX3A5uPrBLGV3A+LzL0
co09dceR8Czhguu+AxUhwl08tVo5qbrFsmQBHNglyKF645YBKI399NKdwTzQ/7R4
oDKm1FSKVLG5pvjV0MdhURoA6IDv0cYpXg1Q4L9/rPTLCan+OhSA5tZJc2xzmaAZ
lWj1NtqHjlX3ywAY+wZM0Uxxcp3PaXD30sYN99uKkl3LKDz7aTs3k8KhaRPQe0k2
WNjPWmDzLP6jEArhaOw26fswFhBp3mQxH8i7/amviRq47w9wdumEEWvAdap5wpDK
QfwzdMlSuBcSwL2SGPXqPUCsJI4t8KcW0Pryw38CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQvl7JMffRFgk9+4HIOLTsXmN3xrzAfBgNVHSMEGDAWgBSNXwZq+A0Onwfq
h7JL2vpZ0fXybzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pWOEdhdmdORHA4SDZvZXlTOXI2V2RIMThtOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvMzMwZTRkLWE5ZDktNGI3ZS04NjNjLTZmM2FhODk0M2U2OC8x
L0w1ZXlUSDMwUllKUGZ1QnlEaTA3RjVqZDhhOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
MzMwZTRkLWE5ZDktNGI3ZS04NjNjLTZmM2FhODk0M2U2OC8xL2pWOEdhdmdORHA4
SDZvZXlTOXI2V2RIMThtOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEBB/YAAMEBFZvoAMEBFd1UAMEA1u5
sAMEArkUpAMEBMKM0DANBgkqhkiG9w0BAQsFAAOCAQEAVOS+nrSlfw+VJXnZFt+x
C1fwj840MeGBzIuA92jgJ84l4cdO5tEDLJ84lYyFSyiY378DWl9AKZAC6dfdJELA
lIwXu2GTGtH1khG3pK17DfLeoHfiM22Y6ImMf1eUfT3eBHsFscqNwO7WpUTAo+MI
VHWp0gha1138JsaaQ1+uemSAxCm4QjlCQODgHVWOy2W4+MO18eqUlnd7kRLo9aCk
bJVNH8gI9SA5c0bZph8tdL9Wi9QV9OiAfPg5CEeVcIAvfRTcuJ0dDR7W2E4lOOOJ
GEkEjkxrZQQeXE9zdZMImFOoNAXbfF4MbiW5xOFaa3k5x1kuhm6vZXLaxgj9XRf/
wA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:39 2023 by rpki-client on console-ams.rpki-client.org