Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/1xTYSUEQYz9zsSXaUar817JrfvM.roa
File: 1xTYSUEQYz9zsSXaUar817JrfvM.roa (raw, json)
Hash identifier: 1WYhaG4W+1ooKgGlxX+xv1iZLHSWxQeDvgxlq0q31GM=
Subject key identifier: D7:14:D8:49:41:10:63:3F:73:B1:25:DA:51:AA:FC:D7:B2:6B:7E:F3
Certificate issuer: /CN=7ccd0cacfafa2e0d31495dd950f76af5f98ba5d7
Certificate serial: 273101C9
Authority key identifier: 7C:CD:0C:AC:FA:FA:2E:0D:31:49:5D:D9:50:F7:6A:F5:F9:8B:A5:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/1xTYSUEQYz9zsSXaUar817JrfvM.roa
Signing time: Sun 01 May 2022 08:04:49 +0000
ROA not before: Sun 01 May 2022 08:04:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42925
IP address blocks: 37.60.44.0/22 maxlen: 24
37.60.40.0/22 maxlen: 24
37.60.40.0/21 maxlen: 24
213.151.32.0/19 maxlen: 24
213.151.32.0/24 maxlen: 24
147.236.212.0/22 maxlen: 24
213.151.48.0/20 maxlen: 24
95.86.64.0/19 maxlen: 24
164.138.112.0/21 maxlen: 24
164.138.112.0/20 maxlen: 24
164.138.120.0/21 maxlen: 24
95.86.64.0/18 maxlen: 24
185.10.64.0/22 maxlen: 24
212.76.112.0/20 maxlen: 24
31.44.128.0/21 maxlen: 24
31.44.128.0/20 maxlen: 24
31.44.136.0/21 maxlen: 24
95.86.96.0/19 maxlen: 24
212.76.96.0/20 maxlen: 24
212.76.96.0/19 maxlen: 24
2a01:6507::/32 maxlen: 32
2a01:6500::/32 maxlen: 32
2a01:6506::/32 maxlen: 32
2a01:6500:a040::/46 maxlen: 46
2a01:6505::/32 maxlen: 32
2a01:6500:a044::/46 maxlen: 46
2a01:6502::/32 maxlen: 32
2a01:6503::/32 maxlen: 32
2a01:6500::/29 maxlen: 29
2a01:6500:a050::/46 maxlen: 46
2a01:6501::/32 maxlen: 32
2a01:6504::/32 maxlen: 32
2a01:6500:3::/48 maxlen: 48
2a01:6500:a048::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 657523145 (0x273101c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ccd0cacfafa2e0d31495dd950f76af5f98ba5d7
Validity
Not Before: May 1 08:04:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d714d8494110633f73b125da51aafcd7b26b7ef3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:66:40:86:d5:67:69:19:30:16:df:2d:e9:7a:
c2:f1:9e:c9:6a:1d:30:6b:7a:b9:55:4d:93:61:f2:
9a:25:62:ed:6f:d5:53:c1:f0:eb:3a:7a:cb:65:c1:
ac:30:19:d6:61:c5:08:40:c4:05:ab:fd:14:a1:60:
44:ec:eb:2a:81:22:3f:af:ca:dd:da:4c:7a:cf:35:
6d:eb:da:58:9e:ec:77:a1:06:e5:cc:72:a9:a4:ab:
c7:8b:6e:c6:47:ee:a6:4d:16:9b:5d:b6:25:b0:3f:
cb:cb:b4:0c:71:bd:d6:7f:35:a5:77:57:f8:1f:fc:
8a:38:48:49:d7:46:1a:20:26:a6:9a:d4:ca:cd:c2:
36:be:be:c8:2f:0b:96:16:c8:3f:79:14:9c:e9:d2:
16:a1:f4:53:ae:4f:7f:6f:45:5d:7d:b5:5f:e4:8f:
c4:49:09:83:6b:1c:29:01:6f:3e:e0:20:12:22:0a:
b7:77:fe:5f:31:23:0c:77:7e:45:10:6a:14:3a:cd:
d8:ab:60:19:bf:2c:f3:f7:e5:6b:fa:10:79:68:35:
9d:25:21:55:61:1f:93:fe:41:51:ae:a2:6c:87:fc:
41:70:94:e9:b1:7c:86:a3:c2:8b:11:ee:e1:4e:be:
c4:a4:8c:86:9c:1e:f3:b3:f5:91:be:5c:a4:83:83:
bf:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:14:D8:49:41:10:63:3F:73:B1:25:DA:51:AA:FC:D7:B2:6B:7E:F3
X509v3 Authority Key Identifier:
keyid:7C:CD:0C:AC:FA:FA:2E:0D:31:49:5D:D9:50:F7:6A:F5:F9:8B:A5:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/1xTYSUEQYz9zsSXaUar817JrfvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.128.0/20
37.60.40.0/21
95.86.64.0/18
147.236.212.0/22
164.138.112.0/20
185.10.64.0/22
212.76.96.0/19
213.151.32.0/19
IPv6:
2a01:6500::/29
Signature Algorithm: sha256WithRSAEncryption
60:4a:ea:ec:0d:1f:5b:62:96:51:bb:3d:ba:a4:4d:35:b9:c4:
3c:e4:37:76:60:d2:48:68:52:09:97:e5:50:a4:c0:d9:b4:f5:
78:71:e4:21:82:53:b5:d4:22:17:05:91:e8:f0:9c:e2:41:00:
05:af:96:12:fc:a2:48:e3:d8:8c:10:ce:26:20:4d:59:d3:69:
e8:17:5b:ca:33:77:ce:87:bd:75:89:f4:4b:a0:5a:36:0a:49:
77:08:f8:d6:0b:67:28:07:f1:53:46:9a:cf:60:8c:3b:bb:03:
a9:13:42:f9:94:2b:ee:b0:7e:c4:c2:d2:be:cd:be:7e:bd:f4:
b3:2c:59:e6:ee:a7:51:18:37:72:76:b1:a7:eb:73:40:b6:df:
81:31:44:26:0d:9a:31:0a:de:46:71:06:b3:ea:58:cd:dd:09:
01:b5:f2:66:27:80:a4:ef:25:36:de:f2:76:29:ec:53:ed:ce:
ca:43:49:61:24:7a:99:00:ae:fe:88:15:24:e2:81:43:e3:d7:
3e:20:a0:99:47:6b:ed:a3:2d:a4:f7:50:d8:0f:c4:90:bd:d6:
22:f0:8c:b0:a3:69:40:a0:86:e4:14:6d:46:64:97:e7:fc:04:
82:17:27:7c:c7:c2:3d:7e:bb:ff:35:da:ec:32:6c:fb:e2:79:
b4:92:72:54
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEJzEByTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Y2NkMGNhY2ZhZmEyZTBkMzE0OTVkZDk1MGY3NmFmNWY5OGJhNWQ3MB4XDTIyMDUw
MTA4MDQ0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDcxNGQ4NDk0MTEw
NjMzZjczYjEyNWRhNTFhYWZjZDdiMjZiN2VmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMRmQIbVZ2kZMBbfLel6wvGeyWodMGt6uVVNk2HymiVi7W/V
U8Hw6zp6y2XBrDAZ1mHFCEDEBav9FKFgROzrKoEiP6/K3dpMes81bevaWJ7sd6EG
5cxyqaSrx4tuxkfupk0Wm122JbA/y8u0DHG91n81pXdX+B/8ijhISddGGiAmpprU
ys3CNr6+yC8LlhbIP3kUnOnSFqH0U65Pf29FXX21X+SPxEkJg2scKQFvPuAgEiIK
t3f+XzEjDHd+RRBqFDrN2KtgGb8s8/fla/oQeWg1nSUhVWEfk/5BUa6ibIf8QXCU
6bF8hqPCixHu4U6+xKSMhpwe87P1kb5cpIODv/kCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBTXFNhJQRBjP3OxJdpRqvzXsmt+8zAfBgNVHSMEGDAWgBR8zQys+vouDTFJ
XdlQ92r1+Yul1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZNME1yUHI2TGcweFNWM1pVUGRxOWZtTHBkYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvYmU1ZGNmLWNiMDUtNDYxYS04NjhlLTQzOWZjOGY5YjM4Ni8x
LzF4VFlTVUVRWXo5enNTWGFVYXI4MTdKcmZ2TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
YmU1ZGNmLWNiMDUtNDYxYS04NjhlLTQzOWZjOGY5YjM4Ni8xL2ZNME1yUHI2TGcw
eFNWM1pVUGRxOWZtTHBkYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEBB8sgAMEAyU8KAMEBl9WQAMEApPs
1AMEBKSKcAMEArkKQAMEBdRMYAMEBdWXIDANBAIAAjAHAwUDKgFlADANBgkqhkiG
9w0BAQsFAAOCAQEAYErq7A0fW2KWUbs9uqRNNbnEPOQ3dmDSSGhSCZflUKTA2bT1
eHHkIYJTtdQiFwWR6PCc4kEABa+WEvyiSOPYjBDOJiBNWdNp6BdbyjN3zoe9dYn0
S6BaNgpJdwj41gtnKAfxU0aaz2CMO7sDqRNC+ZQr7rB+xMLSvs2+fr30syxZ5u6n
URg3cnaxp+tzQLbfgTFEJg2aMQreRnEGs+pYzd0JAbXyZieApO8lNt7ydinsU+3O
ykNJYSR6mQCu/ogVJOKBQ+PXPiCgmUdr7aMtpPdQ2A/EkL3WIvCMsKNpQKCG5BRt
RmSX5/wEghcnfMfCPX67/zXa7DJs++J5tJJyVA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:00 2024 by rpki-client on console-fra.rpki-client.org