Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/1-gNFjZodN8b9W1syNKUCuiV4YAA.roa
File: 1-gNFjZodN8b9W1syNKUCuiV4YAA.roa (raw, json)
Hash identifier: VAhgX8td3dxEsDxrz9ED2M/zdPhvzbG2D8PUrcGffic=
Subject key identifier: FA:03:45:8D:9A:1D:37:C6:FD:5B:5B:32:34:A5:02:BA:25:78:60:00
Certificate issuer: /CN=943e3f4856dac2a005c3a52347114dec453934b8
Certificate serial: 3DEC4AF9
Authority key identifier: 94:3E:3F:48:56:DA:C2:A0:05:C3:A5:23:47:11:4D:EC:45:39:34:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lD4_SFbawqAFw6UjRxFN7EU5NLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/1-gNFjZodN8b9W1syNKUCuiV4YAA.roa
Signing time: Sat 01 Jan 2022 06:58:04 +0000
ROA not before: Sat 01 Jan 2022 06:58:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3303
IP address blocks: 185.105.132.0/22 maxlen: 24
185.105.144.0/22 maxlen: 24
109.164.128.0/17 maxlen: 24
188.60.0.0/14 maxlen: 24
217.11.32.0/20 maxlen: 24
170.205.64.0/18 maxlen: 24
212.90.192.0/19 maxlen: 24
62.202.0.0/15 maxlen: 24
212.41.192.0/19 maxlen: 24
213.3.0.0/16 maxlen: 24
92.104.0.0/14 maxlen: 24
81.62.0.0/15 maxlen: 24
85.0.0.0/13 maxlen: 24
178.192.0.0/13 maxlen: 24
83.173.192.0/18 maxlen: 24
83.76.0.0/14 maxlen: 24
213.200.192.0/18 maxlen: 24
84.253.0.0/18 maxlen: 24
170.17.128.0/17 maxlen: 24
146.4.0.0/16 maxlen: 24
95.152.64.0/18 maxlen: 24
176.127.0.0/16 maxlen: 24
195.186.0.0/16 maxlen: 24
178.174.64.0/19 maxlen: 24
213.180.160.0/19 maxlen: 24
178.174.0.0/18 maxlen: 24
46.14.0.0/16 maxlen: 24
2001:4d98::/33 maxlen: 48
2a02:1200::/27 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1038895865 (0x3dec4af9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=943e3f4856dac2a005c3a52347114dec453934b8
Validity
Not Before: Jan 1 06:58:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa03458d9a1d37c6fd5b5b3234a502ba25786000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:12:a8:44:55:89:a3:17:3b:0a:df:4a:d8:a6:
82:64:cc:98:8e:22:bc:ee:fc:13:80:a3:a3:3e:e4:
0d:77:e9:e6:06:15:37:a8:23:15:f9:68:6a:16:a9:
a3:75:24:e7:70:ab:0c:86:e2:64:d6:52:b9:0f:07:
e0:d4:47:71:f0:0f:25:8a:73:be:5b:a2:8f:0c:05:
f0:6e:7c:41:c5:3c:be:2b:8a:f4:15:5e:3f:bb:0c:
ab:89:db:88:3b:14:2c:72:d0:14:74:cc:a2:a1:8f:
45:c8:8f:40:ab:17:e9:8d:34:92:65:aa:c5:a1:47:
f0:56:5e:36:a3:ca:83:a8:39:2d:e5:d8:71:80:21:
e6:f9:ab:63:da:b8:dc:54:c6:e6:f2:9d:64:cc:1b:
a0:84:9a:52:b5:ef:aa:80:09:5f:22:33:9b:d6:a1:
a8:0c:1e:a9:93:cb:ef:fd:e9:98:24:58:4b:7c:7e:
30:a6:33:91:67:06:1e:df:d7:42:77:66:cd:31:af:
f0:a7:b2:59:e0:03:2e:c5:09:13:85:38:84:7e:35:
0a:c8:cb:6c:c8:2b:a8:88:ab:e4:93:d7:9b:80:23:
33:0d:9a:07:90:11:94:90:52:7a:7a:19:12:ef:b5:
2f:70:1e:06:95:5e:80:a1:d0:c9:18:ec:44:06:e0:
af:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:03:45:8D:9A:1D:37:C6:FD:5B:5B:32:34:A5:02:BA:25:78:60:00
X509v3 Authority Key Identifier:
keyid:94:3E:3F:48:56:DA:C2:A0:05:C3:A5:23:47:11:4D:EC:45:39:34:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lD4_SFbawqAFw6UjRxFN7EU5NLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/1-gNFjZodN8b9W1syNKUCuiV4YAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/lD4_SFbawqAFw6UjRxFN7EU5NLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.14.0.0/16
62.202.0.0/15
81.62.0.0/15
83.76.0.0/14
83.173.192.0/18
84.253.0.0/18
85.0.0.0/13
92.104.0.0/14
95.152.64.0/18
109.164.128.0/17
146.4.0.0/16
170.17.128.0/17
170.205.64.0/18
176.127.0.0/16
178.174.0.0-178.174.95.255
178.192.0.0/13
185.105.132.0/22
185.105.144.0/22
188.60.0.0/14
195.186.0.0/16
212.41.192.0/19
212.90.192.0/19
213.3.0.0/16
213.180.160.0/19
213.200.192.0/18
217.11.32.0/20
IPv6:
2001:4d98::/33
2a02:1200::/27
Signature Algorithm: sha256WithRSAEncryption
8e:dc:63:8d:04:72:2c:56:7d:2d:02:e1:6e:a8:49:dc:8b:73:
84:ae:1b:78:0d:e6:2e:08:29:5f:64:bd:1d:f2:e2:f0:de:55:
77:18:f2:45:8b:50:23:e0:d6:e2:24:6e:9d:e7:9c:9e:5a:f0:
97:c4:70:e5:4c:e1:18:50:07:0e:71:00:5b:28:5d:c8:bb:dc:
86:78:68:ef:ff:5d:63:be:29:3d:ec:aa:e4:d1:15:d7:98:e4:
c4:d0:6a:c7:b6:39:9c:04:40:04:b0:0d:ee:78:3c:10:b8:02:
da:07:78:9b:d8:11:c2:0e:7c:a8:cc:20:fd:60:9d:b9:a4:41:
21:33:db:6f:b0:4d:77:73:cb:29:4f:33:3e:db:0b:c0:14:e0:
12:a6:e4:ec:aa:e5:8f:22:54:d1:4a:be:ec:73:bb:c6:b9:c2:
7d:a6:fe:70:fe:a5:ce:8a:e4:e7:59:93:ed:e8:83:8b:38:22:
45:19:50:bb:3d:ca:29:78:2c:7d:9e:11:db:f5:9c:51:84:c1:
19:fc:b3:ef:58:cd:26:e1:f6:ba:86:03:b1:8a:84:4e:8e:ce:
9d:37:55:3e:cb:a1:ce:94:5e:c3:18:6c:88:25:91:72:00:9a:
e8:db:ed:12:ad:fc:98:0a:96:d4:cf:db:18:e7:13:3c:f1:78:
9e:9d:84:27
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIEPexK+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDNlM2Y0ODU2ZGFjMmEwMDVjM2E1MjM0NzExNGRlYzQ1MzkzNGI4MB4XDTIyMDEw
MTA2NTgwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmEwMzQ1OGQ5YTFk
MzdjNmZkNWI1YjMyMzRhNTAyYmEyNTc4NjAwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN4SqERViaMXOwrfStimgmTMmI4ivO78E4Cjoz7kDXfp5gYV
N6gjFfloahapo3Uk53CrDIbiZNZSuQ8H4NRHcfAPJYpzvluijwwF8G58QcU8viuK
9BVeP7sMq4nbiDsULHLQFHTMoqGPRciPQKsX6Y00kmWqxaFH8FZeNqPKg6g5LeXY
cYAh5vmrY9q43FTG5vKdZMwboISaUrXvqoAJXyIzm9ahqAweqZPL7/3pmCRYS3x+
MKYzkWcGHt/XQndmzTGv8KeyWeADLsUJE4U4hH41CsjLbMgrqIir5JPXm4AjMw2a
B5ARlJBSenoZEu+1L3AeBpVegKHQyRjsRAbgr/0CAwEAAaOCArcwggKzMB0GA1Ud
DgQWBBT6A0WNmh03xv1bWzI0pQK6JXhgADAfBgNVHSMEGDAWgBSUPj9IVtrCoAXD
pSNHEU3sRTk0uDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xENF9TRmJhd3FBRnc2VWpSeEZON0VVNU5MZy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmMvOGMxNTQ0LTdjZjItNDg3MS1hMWRmLTAyNTNkMDRmYjhmZi8x
LzEtZ05GalpvZE44YjlXMXN5TktVQ3VpVjRZQUEucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZj
LzhjMTU0NC03Y2YyLTQ4NzEtYTFkZi0wMjUzZDA0ZmI4ZmYvMS9sRDRfU0ZiYXdx
QUZ3NlVqUnhGTjdFVTVOTGcuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
gcsGCCsGAQUFBwEHAQH/BIG7MIG4MIGeBAIAATCBlwMDAC4OAwMBPsoDAwFRPgMD
AlNMAwQGU63AAwQGVP0AAwMDVQADAwJcaAMEBl+YQAMEB22kgAMDAJIEAwQHqhGA
AwQGqs1AAwMAsH8wCwMDAbKuAwQFsq5AAwMDssADBAK5aYQDBAK5aZADAwK8PAMD
AMO6AwQF1CnAAwQF1FrAAwMA1QMDBAXVtKADBAbVyMADBATZCyAwFQQCAAIwDwMG
ByABTZgAAwUFKgISADANBgkqhkiG9w0BAQsFAAOCAQEAjtxjjQRyLFZ9LQLhbqhJ
3ItzhK4beA3mLggpX2S9HfLi8N5VdxjyRYtQI+DW4iRuneecnlrwl8Rw5UzhGFAH
DnEAWyhdyLvchnho7/9dY74pPeyq5NEV15jkxNBqx7Y5nARABLAN7ng8ELgC2gd4
m9gRwg58qMwg/WCduaRBITPbb7BNd3PLKU8zPtsLwBTgEqbk7KrljyJU0Uq+7HO7
xrnCfab+cP6lzork51mT7eiDizgiRRlQuz3KKXgsfZ4R2/WcUYTBGfyz71jNJuH2
uoYDsYqETo7OnTdVPsuhzpRewxhsiCWRcgCa6NvtEq38mAqW1M/bGOcTPPF4np2E
Jw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:32 2023 by rpki-client on console-fra.rpki-client.org