Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/IoLHUqKe1h1UpErAvzPfeU4mHJg.roa
File: IoLHUqKe1h1UpErAvzPfeU4mHJg.roa (raw, json)
Hash identifier: RbKx7Sk2Z1D83xxgjKK284Mz+YGk+CBZIrpl8VkKM3A=
Subject key identifier: 22:82:C7:52:A2:9E:D6:1D:54:A4:4A:C0:BF:33:DF:79:4E:26:1C:98
Certificate issuer: /CN=7ccd0cacfafa2e0d31495dd950f76af5f98ba5d7
Certificate serial: 018429193FAF2B7411784EF842548226F14B
Authority key identifier: 7C:CD:0C:AC:FA:FA:2E:0D:31:49:5D:D9:50:F7:6A:F5:F9:8B:A5:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/IoLHUqKe1h1UpErAvzPfeU4mHJg.roa
Signing time: Sun 30 Oct 2022 13:33:51 +0000
ROA not before: Sun 30 Oct 2022 13:33:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42925
IP address blocks: 37.60.44.0/22 maxlen: 24
37.60.40.0/21 maxlen: 24
37.60.40.0/22 maxlen: 24
213.151.32.0/19 maxlen: 24
213.151.32.0/24 maxlen: 24
147.236.212.0/22 maxlen: 24
213.151.48.0/20 maxlen: 24
95.86.64.0/19 maxlen: 24
164.138.112.0/21 maxlen: 24
164.138.112.0/20 maxlen: 24
164.138.120.0/21 maxlen: 24
95.86.64.0/18 maxlen: 24
185.10.64.0/22 maxlen: 24
212.76.112.0/20 maxlen: 24
31.44.128.0/21 maxlen: 24
31.44.128.0/20 maxlen: 24
31.44.136.0/21 maxlen: 24
95.86.96.0/19 maxlen: 24
212.76.96.0/20 maxlen: 24
212.76.96.0/19 maxlen: 24
2a01:6507::/32 maxlen: 32
2a01:6502:a58::/46 maxlen: 46
2a01:6500::/32 maxlen: 32
2a01:6506::/32 maxlen: 32
2a01:6500:a040::/46 maxlen: 46
2a01:6505::/32 maxlen: 32
2a01:6500:a044::/46 maxlen: 46
2a01:6502::/32 maxlen: 32
2a01:6502:a54::/46 maxlen: 46
2a01:6500:a058::/46 maxlen: 46
2a01:6503::/32 maxlen: 32
2a01:6500::/29 maxlen: 29
2a01:6500:a050::/46 maxlen: 46
2a01:6501::/32 maxlen: 32
2a01:6500:a054::/46 maxlen: 46
2a01:6504::/32 maxlen: 32
2a01:6500:3::/48 maxlen: 48
2a01:6500:a048::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:29:19:3f:af:2b:74:11:78:4e:f8:42:54:82:26:f1:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ccd0cacfafa2e0d31495dd950f76af5f98ba5d7
Validity
Not Before: Oct 30 13:33:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2282c752a29ed61d54a44ac0bf33df794e261c98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:73:55:3d:00:de:69:09:4c:bf:34:e5:76:98:
f2:72:03:88:e9:71:90:8f:b2:67:c0:47:21:60:2d:
ca:ab:7e:29:f5:d7:9a:11:f0:5e:20:1b:1b:05:3a:
ee:3f:a3:15:e3:51:32:79:70:ec:a6:28:7c:d5:8d:
b4:e4:ad:7b:7e:9c:bb:7f:8e:86:fe:3e:53:77:17:
69:dd:b6:14:14:1f:f2:53:5e:29:a4:be:3d:db:61:
8d:17:b7:e7:69:5c:23:d8:b0:d1:9b:60:b1:3b:a4:
5a:f6:e3:ce:10:39:74:ce:d9:33:d8:d4:83:d4:35:
2d:d8:a9:65:e1:c0:6c:23:61:24:6b:5d:b5:5c:a2:
84:cc:0f:d7:a5:85:87:7f:85:ae:90:c4:32:05:e9:
e3:6f:51:0f:13:8f:4a:b2:7f:2b:97:54:07:0b:43:
4b:68:48:4e:a9:4f:b5:1f:a7:37:aa:3b:05:9d:ee:
16:5c:8c:e6:58:b7:50:45:34:e8:63:97:34:53:80:
55:6c:a2:3a:56:5c:a4:b1:6f:a4:a0:c0:63:e4:d6:
73:34:38:03:a5:e3:77:3c:ee:fd:98:1c:09:12:31:
fa:1e:af:3c:3a:13:23:dd:ac:4f:a2:e4:ea:e5:08:
4d:62:be:9b:6a:d8:ec:c9:b8:fb:2f:06:f2:5f:4e:
04:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:82:C7:52:A2:9E:D6:1D:54:A4:4A:C0:BF:33:DF:79:4E:26:1C:98
X509v3 Authority Key Identifier:
keyid:7C:CD:0C:AC:FA:FA:2E:0D:31:49:5D:D9:50:F7:6A:F5:F9:8B:A5:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/IoLHUqKe1h1UpErAvzPfeU4mHJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.128.0/20
37.60.40.0/21
95.86.64.0/18
147.236.212.0/22
164.138.112.0/20
185.10.64.0/22
212.76.96.0/19
213.151.32.0/19
IPv6:
2a01:6500::/29
Signature Algorithm: sha256WithRSAEncryption
49:67:2a:9a:e0:d8:4a:02:4e:5a:57:09:b9:6b:c1:f6:e0:16:
39:2f:75:3c:af:7a:15:6a:60:e6:27:ac:60:5d:27:f3:bf:72:
f4:72:a0:8a:83:52:8c:26:c5:25:9d:6f:1d:34:10:6f:de:16:
cd:09:46:d9:df:4e:13:79:ca:0b:35:5e:16:37:2f:d0:2f:30:
44:9f:a1:39:46:3a:d8:2d:e2:ec:3b:d3:34:ef:ca:f0:53:e9:
69:83:0d:f0:5e:27:4a:ed:6b:14:b0:ab:b0:25:d1:7a:b1:6e:
17:35:85:ff:66:f2:7b:4a:dd:d3:d3:22:84:98:ec:2d:59:8d:
40:fa:65:e4:e7:21:16:76:51:50:44:bf:76:35:d1:93:7e:a4:
54:3b:78:6b:8e:63:5b:55:4a:35:9b:9b:30:93:62:77:ee:f2:
7e:ac:01:79:78:d6:54:c2:5b:54:c2:d2:72:76:20:6f:86:53:
b1:98:8b:04:69:33:30:00:b2:72:89:66:35:46:11:a6:ae:65:
5f:f7:0e:2b:c5:a9:ab:84:16:18:f9:e5:46:17:46:b3:51:9b:
55:7d:3b:d5:b0:66:3a:01:0b:d6:2f:01:84:93:8a:cf:ee:01:
92:e1:e1:09:08:c8:0c:52:10:72:95:1f:82:73:af:ca:ac:df:
63:43:8e:f6
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYQpGT+vK3QReE74QlSCJvFLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjY2QwY2FjZmFmYTJlMGQzMTQ5NWRkOTUwZjc2YWY1Zjk4
YmE1ZDcwHhcNMjIxMDMwMTMzMzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjgyYzc1MmEyOWVkNjFkNTRhNDRhYzBiZjMzZGY3OTRlMjYxYzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7XNVPQDeaQlMvzTldpjycgOI6XGQ
j7JnwEchYC3Kq34p9deaEfBeIBsbBTruP6MV41EyeXDspih81Y205K17fpy7f46G
/j5Tdxdp3bYUFB/yU14ppL4922GNF7fnaVwj2LDRm2CxO6Ra9uPOEDl0ztkz2NSD
1DUt2Kll4cBsI2Eka121XKKEzA/XpYWHf4WukMQyBenjb1EPE49Ksn8rl1QHC0NL
aEhOqU+1H6c3qjsFne4WXIzmWLdQRTToY5c0U4BVbKI6VlyksW+koMBj5NZzNDgD
peN3PO79mBwJEjH6Hq88OhMj3axPouTq5QhNYr6batjsybj7LwbyX04EWQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFCKCx1KintYdVKRKwL8z33lOJhyYMB8GA1UdIwQY
MBaAFHzNDKz6+i4NMUld2VD3avX5i6XXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk0wTXJQcjZMZzB4U1YzWlVQZHE5Zm1McGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9iZTVkY2YtY2IwNS00NjFhLTg2OGUt
NDM5ZmM4ZjliMzg2LzEvSW9MSFVxS2UxaDFVcEVyQXZ6UGZlVTRtSEpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9iZTVkY2YtY2IwNS00NjFhLTg2OGUtNDM5ZmM4ZjliMzg2
LzEvZk0wTXJQcjZMZzB4U1YzWlVQZHE5Zm1McGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQEHyyAAwQD
JTwoAwQGX1ZAAwQCk+zUAwQEpIpwAwQCuQpAAwQF1ExgAwQF1ZcgMA0EAgACMAcD
BQMqAWUAMA0GCSqGSIb3DQEBCwUAA4IBAQBJZyqa4NhKAk5aVwm5a8H24BY5L3U8
r3oVamDmJ6xgXSfzv3L0cqCKg1KMJsUlnW8dNBBv3hbNCUbZ304TecoLNV4WNy/Q
LzBEn6E5RjrYLeLsO9M078rwU+lpgw3wXidK7WsUsKuwJdF6sW4XNYX/ZvJ7St3T
0yKEmOwtWY1A+mXk5yEWdlFQRL92NdGTfqRUO3hrjmNbVUo1m5swk2J37vJ+rAF5
eNZUwltUwtJydiBvhlOxmIsEaTMwALJyiWY1RhGmrmVf9w4rxamrhBYY+eVGF0az
UZtVfTvVsGY6AQvWLwGEk4rP7gGS4eEJCMgMUhBylR+Cc6/KrN9jQ472
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:00 2024 by rpki-client on console-fra.rpki-client.org