Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/S_4-5KBL7KVwYKkWw-HBGv51D_E.roa
File: S_4-5KBL7KVwYKkWw-HBGv51D_E.roa (raw, json)
Hash identifier: 8fQ1LZEDoKYfJwYb2nLZ+YGjyVNOmljJJUmGXVcpFjI=
Subject key identifier: 4B:FE:3E:E4:A0:4B:EC:A5:70:60:A9:16:C3:E1:C1:1A:FE:75:0F:F1
Certificate issuer: /CN=d3592aac489522d5db18fd6391e035a9778ea3b1
Certificate serial: 0435E3E9
Authority key identifier: D3:59:2A:AC:48:95:22:D5:DB:18:FD:63:91:E0:35:A9:77:8E:A3:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/01kqrEiVItXbGP1jkeA1qXeOo7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/S_4-5KBL7KVwYKkWw-HBGv51D_E.roa
Signing time: Sat 12 Feb 2022 11:46:31 +0000
ROA not before: Sat 12 Feb 2022 11:46:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33876
IP address blocks: 185.76.4.0/22 maxlen: 24
176.111.104.0/21 maxlen: 24
185.12.116.0/22 maxlen: 24
185.11.164.0/22 maxlen: 24
91.198.47.0/24 maxlen: 24
94.126.168.0/21 maxlen: 24
176.61.144.0/21 maxlen: 24
194.8.30.0/24 maxlen: 24
2a03:8bc0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70640617 (0x435e3e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3592aac489522d5db18fd6391e035a9778ea3b1
Validity
Not Before: Feb 12 11:46:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4bfe3ee4a04beca57060a916c3e1c11afe750ff1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a8:25:36:5a:b4:20:71:26:88:d9:49:db:b9:
27:db:61:00:76:d6:7c:6d:1e:78:03:54:6a:e9:d3:
f4:36:42:b8:f5:5e:8a:76:b8:a0:38:a4:30:f2:05:
af:3c:bc:46:ec:ba:1b:c9:67:42:56:3b:91:76:5c:
dd:49:d5:23:78:36:30:11:6e:86:7b:2a:06:92:d7:
b1:8f:67:08:0d:f7:69:ec:95:89:24:61:15:7a:9a:
c5:15:27:da:4c:f7:36:64:cd:47:a2:62:f2:a4:8e:
31:33:c0:6f:e1:1d:37:ba:bf:9e:9e:3b:8e:6a:6e:
f0:7e:18:b1:aa:93:50:6b:68:b7:18:01:69:a3:9f:
85:93:ce:ed:57:f1:ee:26:92:22:e9:a8:32:28:9c:
a7:7a:bd:70:f2:a4:f2:f6:f0:32:80:26:ce:38:a6:
64:6f:8a:49:a4:d1:73:06:2a:b2:a3:ce:67:af:15:
81:ca:2c:7c:3a:3c:e5:42:d0:fb:e5:b8:da:07:fa:
7d:c9:14:dd:d4:a7:5e:44:32:39:b6:3b:f6:56:ea:
6f:2a:ea:b0:4a:fc:26:74:76:22:26:c1:b7:c0:07:
22:8d:42:48:64:fb:f7:1a:79:dc:ee:8e:6c:fe:3e:
dc:51:8c:60:e0:29:25:f9:31:f9:9b:f9:87:30:84:
83:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:FE:3E:E4:A0:4B:EC:A5:70:60:A9:16:C3:E1:C1:1A:FE:75:0F:F1
X509v3 Authority Key Identifier:
keyid:D3:59:2A:AC:48:95:22:D5:DB:18:FD:63:91:E0:35:A9:77:8E:A3:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01kqrEiVItXbGP1jkeA1qXeOo7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/S_4-5KBL7KVwYKkWw-HBGv51D_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/01kqrEiVItXbGP1jkeA1qXeOo7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.47.0/24
94.126.168.0/21
176.61.144.0/21
176.111.104.0/21
185.11.164.0/22
185.12.116.0/22
185.76.4.0/22
194.8.30.0/24
IPv6:
2a03:8bc0::/32
Signature Algorithm: sha256WithRSAEncryption
58:78:50:2d:cd:6a:0d:3f:a8:6e:98:be:0d:84:bd:9b:72:aa:
3b:94:58:86:7a:e1:93:cb:59:da:ea:84:ab:67:d4:1f:4a:e4:
9a:9f:5c:c6:62:a6:9b:41:93:d1:bf:45:61:c1:53:39:e5:60:
a0:10:ba:30:a5:ef:3b:c7:17:03:83:f9:94:25:61:aa:41:8e:
96:7e:ad:81:39:f0:e0:06:a5:32:36:97:63:11:da:c2:18:02:
48:26:27:56:be:a2:20:37:ab:4a:fd:88:21:b1:75:04:45:62:
86:1c:e8:5d:5a:2d:f5:3b:84:8e:85:7e:31:6b:07:4b:f4:9e:
15:c3:4b:17:44:a2:e1:96:e8:01:99:37:9a:61:1a:80:8d:cb:
88:08:26:0b:5a:ca:76:7f:2f:38:5d:e0:e7:fe:8f:68:a6:bd:
c2:c7:72:39:d3:bc:9d:d9:91:be:7a:8c:71:8a:eb:5b:e7:e6:
1f:b9:bb:e3:ca:6a:f3:c3:29:14:87:ab:86:84:c4:db:de:ca:
51:a1:60:db:20:de:80:66:d7:aa:3f:db:c6:fa:da:47:8d:3a:
29:01:06:3e:70:2d:71:9f:08:8a:4c:70:97:11:d1:be:74:bd:
9a:85:d9:46:4a:39:a5:b6:9c:96:04:e1:df:19:42:72:d1:48:
c0:41:36:42
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEBDXj6TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MzU5MmFhYzQ4OTUyMmQ1ZGIxOGZkNjM5MWUwMzVhOTc3OGVhM2IxMB4XDTIyMDIx
MjExNDYzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGJmZTNlZTRhMDRi
ZWNhNTcwNjBhOTE2YzNlMWMxMWFmZTc1MGZmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJCoJTZatCBxJojZSdu5J9thAHbWfG0eeANUaunT9DZCuPVe
ina4oDikMPIFrzy8Ruy6G8lnQlY7kXZc3UnVI3g2MBFuhnsqBpLXsY9nCA33aeyV
iSRhFXqaxRUn2kz3NmTNR6Ji8qSOMTPAb+EdN7q/np47jmpu8H4YsaqTUGtotxgB
aaOfhZPO7Vfx7iaSIumoMiicp3q9cPKk8vbwMoAmzjimZG+KSaTRcwYqsqPOZ68V
gcosfDo85ULQ++W42gf6fckU3dSnXkQyObY79lbqbyrqsEr8JnR2IibBt8AHIo1C
SGT79xp53O6ObP4+3FGMYOApJfkx+Zv5hzCEgzcCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBRL/j7koEvspXBgqRbD4cEa/nUP8TAfBgNVHSMEGDAWgBTTWSqsSJUi1dsY
/WOR4DWpd46jsTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzAxa3FyRWlWSXRYYkdQMWprZUExcVhlT283RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvN2IxM2ZlLWY2MmYtNGU5My04MjFlLWUzM2FlMTA2YjU0ZC8x
L1NfNC01S0JMN0tWd1lLa1d3LUhCR3Y1MURfRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
N2IxM2ZlLWY2MmYtNGU5My04MjFlLWUzM2FlMTA2YjU0ZC8xLzAxa3FyRWlWSXRY
YkdQMWprZUExcVhlT283RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAFvGLwMEA15+qAMEA7A9kAMEA7Bv
aAMEArkLpAMEArkMdAMEArlMBAMEAMIIHjANBAIAAjAHAwUAKgOLwDANBgkqhkiG
9w0BAQsFAAOCAQEAWHhQLc1qDT+obpi+DYS9m3KqO5RYhnrhk8tZ2uqEq2fUH0rk
mp9cxmKmm0GT0b9FYcFTOeVgoBC6MKXvO8cXA4P5lCVhqkGOln6tgTnw4AalMjaX
YxHawhgCSCYnVr6iIDerSv2IIbF1BEVihhzoXVot9TuEjoV+MWsHS/SeFcNLF0Si
4ZboAZk3mmEagI3LiAgmC1rKdn8vOF3g5/6PaKa9wsdyOdO8ndmRvnqMcYrrW+fm
H7m748pq88MpFIerhoTE297KUaFg2yDegGbXqj/bxvraR406KQEGPnAtcZ8Iikxw
lxHRvnS9moXZRko5pbaclgTh3xlCctFIwEE2Qg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:46 2023 by rpki-client on console-ams.rpki-client.org