Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/5oXlmBGYQpQxttXCXMKb606e91M.roa
File: 5oXlmBGYQpQxttXCXMKb606e91M.roa (raw, json)
Hash identifier: +VI5NEvgWTl9M7yk/F4X2B1AGx/8UVIVx2xRpWNcA34=
Subject key identifier: E6:85:E5:98:11:98:42:94:31:B6:D5:C2:5C:C2:9B:EB:4E:9E:F7:53
Certificate issuer: /CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Certificate serial: 0184C397E0B0134EA14E75DC7683BE3C1B99
Authority key identifier: DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/5oXlmBGYQpQxttXCXMKb606e91M.roa
Signing time: Tue 29 Nov 2022 13:33:41 +0000
ROA not before: Tue 29 Nov 2022 13:33:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52145
IP address blocks: 185.21.120.0/24 maxlen: 24
185.21.121.0/24 maxlen: 24
185.21.122.0/24 maxlen: 24
185.21.123.0/24 maxlen: 24
185.21.120.0/22 maxlen: 22
46.253.82.0/24 maxlen: 24
46.253.84.0/23 maxlen: 23
46.253.85.0/24 maxlen: 24
46.253.84.0/24 maxlen: 24
46.253.82.0/23 maxlen: 23
46.253.83.0/24 maxlen: 24
46.253.80.0/20 maxlen: 20
46.253.80.0/23 maxlen: 23
46.253.80.0/21 maxlen: 21
46.253.80.0/24 maxlen: 24
46.253.81.0/24 maxlen: 24
46.253.86.0/24 maxlen: 24
46.253.87.0/24 maxlen: 24
46.253.88.0/24 maxlen: 24
46.253.89.0/24 maxlen: 24
46.253.90.0/24 maxlen: 24
46.253.91.0/24 maxlen: 24
46.253.88.0/21 maxlen: 21
46.253.86.0/23 maxlen: 23
46.253.92.0/24 maxlen: 24
46.253.93.0/24 maxlen: 24
46.253.94.0/24 maxlen: 24
46.253.95.0/24 maxlen: 24
185.71.140.0/24 maxlen: 24
185.71.141.0/24 maxlen: 24
185.71.142.0/24 maxlen: 24
185.71.143.0/24 maxlen: 24
185.71.140.0/22 maxlen: 22
2a04:19c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c3:97:e0:b0:13:4e:a1:4e:75:dc:76:83:be:3c:1b:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Validity
Not Before: Nov 29 13:33:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e685e5981198429431b6d5c25cc29beb4e9ef753
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8a:20:c7:d6:32:7e:ea:00:e7:3c:c5:a4:f8:
a4:42:2f:47:ac:09:d4:67:f1:e7:a8:7e:9e:11:cf:
5d:fc:48:2e:70:25:bd:8e:6e:af:8c:c7:aa:36:06:
31:54:ee:17:2b:6a:57:0c:93:2e:36:76:a5:0e:19:
cb:0a:af:5e:12:78:cb:c1:b0:e6:fc:fc:00:8c:51:
8f:de:64:50:d1:f0:f3:5b:71:12:a5:c7:f6:82:6b:
13:64:c7:a5:8f:0d:4c:85:7a:f8:75:2c:a5:94:7b:
62:52:3a:ac:03:86:eb:61:a4:de:2a:62:7e:fc:e9:
59:79:bc:4a:3c:04:69:12:1b:a5:a4:32:c2:ef:61:
16:56:85:f5:f1:03:a8:d4:36:c3:53:de:c7:ce:09:
02:a0:f4:12:6c:1f:13:1e:11:06:66:71:06:60:60:
9e:2e:1b:0b:59:30:eb:93:13:17:1e:c1:26:1f:6e:
a5:4b:81:72:a0:01:5e:c1:a9:3e:c4:f3:53:3b:38:
f2:ee:04:1e:db:a4:23:b7:a2:c7:86:b0:77:f0:11:
eb:a3:20:e1:8b:2e:7a:24:89:7f:8e:a9:19:e9:1e:
1c:d8:55:01:41:63:41:f1:bc:a6:52:ea:e0:1c:fd:
46:be:92:12:a7:4e:40:bd:8a:6b:e1:df:f6:0f:69:
2d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:85:E5:98:11:98:42:94:31:B6:D5:C2:5C:C2:9B:EB:4E:9E:F7:53
X509v3 Authority Key Identifier:
keyid:DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/5oXlmBGYQpQxttXCXMKb606e91M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.80.0/20
185.21.120.0/22
185.71.140.0/22
IPv6:
2a04:19c0::/29
Signature Algorithm: sha256WithRSAEncryption
18:62:ac:a7:8d:15:ef:2b:04:4e:b3:ca:66:3f:13:2a:51:e3:
45:0f:ed:5a:d9:7c:6c:a8:3f:44:7c:fe:ac:8a:d5:10:18:c0:
28:2e:d1:bc:ca:05:21:70:79:ba:a3:42:a2:fe:bc:24:27:cd:
75:20:58:a3:61:ad:db:b9:c0:1a:89:35:27:07:19:e3:d1:e7:
f4:77:27:21:a9:8e:31:19:92:4d:0e:c7:22:b9:9e:db:27:22:
bd:5d:1a:52:bb:55:b8:7e:f6:92:da:a3:b9:97:f2:65:68:dd:
1c:cd:f2:12:73:26:60:94:83:17:23:81:1d:99:e3:a1:e2:e3:
08:af:5c:0d:a5:4f:86:d8:f0:b5:8d:1e:f7:e6:55:74:0a:a7:
56:d9:ff:cf:94:1d:21:39:87:95:1b:36:2e:77:9f:28:2d:a2:
cb:cd:4f:4f:70:be:bc:4e:0e:45:24:3c:a5:76:fc:21:80:64:
dd:de:da:c6:10:8b:1e:98:20:be:59:90:a8:bf:db:6b:7b:6f:
4d:41:3b:b4:fc:f6:9e:a2:0f:54:0f:03:7c:11:9d:80:01:4f:
af:94:f3:c0:88:2f:e2:8b:d7:34:2a:21:ff:42:5b:ac:a4:ca:
f9:e6:27:83:53:b6:1a:bf:1a:3d:a1:93:9e:5f:1c:ed:e6:2a:
72:f3:ed:4b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYTDl+CwE06hTnXcdoO+PBuZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOTdjN2NhMDViY2MzZDZhMmFkMWJhMjM1YmVkOGZlYWI2
OTQ1NTAwHhcNMjIxMTI5MTMzMzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjg1ZTU5ODExOTg0Mjk0MzFiNmQ1YzI1Y2MyOWJlYjRlOWVmNzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIogx9YyfuoA5zzFpPikQi9HrAnU
Z/HnqH6eEc9d/EgucCW9jm6vjMeqNgYxVO4XK2pXDJMuNnalDhnLCq9eEnjLwbDm
/PwAjFGP3mRQ0fDzW3ESpcf2gmsTZMeljw1MhXr4dSyllHtiUjqsA4brYaTeKmJ+
/OlZebxKPARpEhulpDLC72EWVoX18QOo1DbDU97HzgkCoPQSbB8THhEGZnEGYGCe
LhsLWTDrkxMXHsEmH26lS4FyoAFewak+xPNTOzjy7gQe26Qjt6LHhrB38BHroyDh
iy56JIl/jqkZ6R4c2FUBQWNB8bymUurgHP1GvpISp05AvYpr4d/2D2kt0QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOaF5ZgRmEKUMbbVwlzCm+tOnvdTMB8GA1UdIwQY
MBaAFN2Xx8oFvMPWoq0bojW+2P6raUVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEt
NGQ0YjE2MTQ0ZDY4LzEvNW9YbG1CR1lRcFF4dHRYQ1hNS2I2MDZlOTFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEtNGQ0YjE2MTQ0ZDY4
LzEvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQELv1QAwQC
uRV4AwQCuUeMMA0EAgACMAcDBQMqBBnAMA0GCSqGSIb3DQEBCwUAA4IBAQAYYqyn
jRXvKwROs8pmPxMqUeNFD+1a2XxsqD9EfP6sitUQGMAoLtG8ygUhcHm6o0Ki/rwk
J811IFijYa3bucAaiTUnBxnj0ef0dychqY4xGZJNDsciuZ7bJyK9XRpSu1W4fvaS
2qO5l/JlaN0czfIScyZglIMXI4EdmeOh4uMIr1wNpU+G2PC1jR735lV0CqdW2f/P
lB0hOYeVGzYud58oLaLLzU9PcL68Tg5FJDyldvwhgGTd3trGEIsemCC+WZCov9tr
e29NQTu0/Paeog9UDwN8EZ2AAU+vlPPAiC/ii9c0KiH/QluspMr55ieDU7Yavxo9
oZOeXxzt5ipy8+1L
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:03 2023 by rpki-client on console-fra.rpki-client.org