Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/UnPTBOae5yTKpDe7HzTFoXkFjbk.roa
File: UnPTBOae5yTKpDe7HzTFoXkFjbk.roa (raw, json)
Hash identifier: drS/Xzp/C5QSrHqYZXz/K5SHRTtvQ0Uvc4yBcGq/+II=
Subject key identifier: 52:73:D3:04:E6:9E:E7:24:CA:A4:37:BB:1F:34:C5:A1:79:05:8D:B9
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 0184C9DDB5A0427CAD837A734A8A45647371
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/UnPTBOae5yTKpDe7HzTFoXkFjbk.roa
Signing time: Wed 30 Nov 2022 18:47:41 +0000
ROA not before: Wed 30 Nov 2022 18:47:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39150
IP address blocks: 95.85.85.0/24 maxlen: 24
95.85.83.0/24 maxlen: 24
95.85.83.128/25 maxlen: 25
95.85.83.0/25 maxlen: 25
91.196.139.0/24 maxlen: 24
91.196.138.0/24 maxlen: 24
91.196.137.0/24 maxlen: 24
91.196.136.0/24 maxlen: 24
109.196.133.0/24 maxlen: 24
93.179.121.0/24 maxlen: 24
195.182.8.0/24 maxlen: 24
93.179.69.0/24 maxlen: 24
93.179.68.0/23 maxlen: 23
93.179.66.0/24 maxlen: 24
95.181.213.0/24 maxlen: 24
95.181.212.0/23 maxlen: 23
2a04:8680::/32 maxlen: 32
2a09:d5c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c9:dd:b5:a0:42:7c:ad:83:7a:73:4a:8a:45:64:73:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Nov 30 18:47:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5273d304e69ee724caa437bb1f34c5a179058db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7e:33:82:31:b0:90:b8:a3:8b:d4:09:ae:67:
5e:09:0a:13:b1:5e:9c:61:b2:59:0e:fc:51:44:3a:
8e:8d:97:57:22:f8:28:2b:74:53:42:3a:ac:7e:58:
bf:68:08:1c:e0:ae:34:d9:0e:79:e9:82:49:45:68:
25:b6:dc:3a:3d:d4:ed:39:b8:c2:ae:2e:22:46:75:
ae:6c:44:e6:cc:f4:eb:07:8b:b9:2d:d8:2d:f4:66:
80:6f:88:85:85:af:87:3b:b2:21:e5:af:5e:8f:8c:
e6:29:d8:3f:27:4f:75:eb:ce:19:8a:f3:98:a8:28:
2c:8e:60:43:d8:f2:c0:46:ea:c3:66:a5:ef:97:73:
6e:6a:02:51:f7:f1:af:78:4b:9e:8b:44:bc:d0:f3:
06:58:de:a3:cf:71:f1:21:06:fd:2f:c0:b6:bc:b6:
a4:98:81:1b:6e:b4:c9:bb:57:06:9f:07:a0:bd:13:
01:8b:0d:e1:2b:c8:f8:5b:7c:12:a6:9e:46:63:9e:
87:bd:c5:7a:0a:37:5f:37:f8:30:32:2c:52:87:c2:
01:97:61:cd:ee:ce:8d:02:fb:26:83:00:3b:d6:12:
39:59:87:aa:10:32:d8:73:a7:bc:40:14:af:71:be:
cd:9c:8d:f5:08:27:8a:cc:5c:fc:b3:e2:47:1e:03:
cd:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:73:D3:04:E6:9E:E7:24:CA:A4:37:BB:1F:34:C5:A1:79:05:8D:B9
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/UnPTBOae5yTKpDe7HzTFoXkFjbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.136.0/22
93.179.66.0/24
93.179.68.0/23
93.179.121.0/24
95.85.83.0/24
95.85.85.0/24
95.181.212.0/23
109.196.133.0/24
195.182.8.0/24
IPv6:
2a04:8680::/32
2a09:d5c0::/32
Signature Algorithm: sha256WithRSAEncryption
39:37:11:41:fd:03:42:ac:ce:75:e5:9c:79:c9:14:58:09:c1:
88:60:2a:b7:21:34:0b:49:8a:a9:81:38:43:e5:29:2e:06:02:
6a:9e:f8:aa:07:31:88:0f:29:1e:da:d2:c8:5e:82:9e:ce:42:
51:d6:1f:3d:f6:a7:ae:b0:03:97:8c:65:5d:d5:52:e1:9d:e7:
37:0f:2e:b4:bb:a7:72:2b:d0:57:a8:1c:93:c5:61:1e:0b:61:
72:e5:23:27:bf:14:cd:9d:78:65:d4:a0:73:9c:2e:da:44:07:
cd:e8:f0:c8:40:53:93:32:fe:96:11:09:e5:ea:98:a7:ab:98:
27:79:09:80:e3:f9:6d:82:e0:21:06:55:a0:b5:0a:29:e7:8d:
bd:62:81:9a:1b:ee:36:e5:9f:97:37:be:6c:44:f3:5c:25:5c:
29:0d:b9:2b:6e:4c:aa:93:e1:fd:1b:eb:8f:68:f8:3d:92:92:
32:90:0d:33:96:aa:7d:5c:db:a6:33:89:92:04:54:89:ac:17:
71:29:b8:37:3e:d6:75:d5:62:44:19:3c:39:8d:d1:8f:f5:95:
5e:93:69:68:bc:6a:a6:06:d9:2f:62:f1:fc:7d:ce:71:32:48:
c1:d9:22:5d:18:f3:72:02:e2:e0:59:8b:70:34:8d:b4:17:33:
3d:5e:0d:0a
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYTJ3bWgQnytg3pzSopFZHNxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjIxMTMwMTg0NzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjczZDMwNGU2OWVlNzI0Y2FhNDM3YmIxZjM0YzVhMTc5MDU4ZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo34zgjGwkLiji9QJrmdeCQoTsV6c
YbJZDvxRRDqOjZdXIvgoK3RTQjqsfli/aAgc4K402Q556YJJRWglttw6PdTtObjC
ri4iRnWubETmzPTrB4u5Ldgt9GaAb4iFha+HO7Ih5a9ej4zmKdg/J091684ZivOY
qCgsjmBD2PLARurDZqXvl3NuagJR9/GveEuei0S80PMGWN6jz3HxIQb9L8C2vLak
mIEbbrTJu1cGnwegvRMBiw3hK8j4W3wSpp5GY56HvcV6CjdfN/gwMixSh8IBl2HN
7s6NAvsmgwA71hI5WYeqEDLYc6e8QBSvcb7NnI31CCeKzFz8s+JHHgPNCwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFFJz0wTmnuckyqQ3ux80xaF5BY25MB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvVW5QVEJPYWU1eVRLcERlN0h6VEZvWGtGamJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQCW8SIAwQA
XbNCAwQBXbNEAwQAXbN5AwQAX1VTAwQAX1VVAwQBX7XUAwQAbcSFAwQAw7YIMBQE
AgACMA4DBQAqBIaAAwUAKgnVwDANBgkqhkiG9w0BAQsFAAOCAQEAOTcRQf0DQqzO
deWceckUWAnBiGAqtyE0C0mKqYE4Q+UpLgYCap74qgcxiA8pHtrSyF6Cns5CUdYf
PfanrrADl4xlXdVS4Z3nNw8utLuncivQV6gck8VhHgthcuUjJ78UzZ14ZdSgc5wu
2kQHzejwyEBTkzL+lhEJ5eqYp6uYJ3kJgOP5bYLgIQZVoLUKKeeNvWKBmhvuNuWf
lze+bETzXCVcKQ25K25MqpPh/Rvrj2j4PZKSMpANM5aqfVzbpjOJkgRUiawXcSm4
Nz7WddViRBk8OY3Rj/WVXpNpaLxqpgbZL2Lx/H3OcTJIwdkiXRjzcgLi4FmLcDSN
tBczPV4NCg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:22 2024 by rpki-client on console-ams.rpki-client.org