Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/5zxLU5pcnAg1CepZrb-gw6B3mjc.roa
File: 5zxLU5pcnAg1CepZrb-gw6B3mjc.roa (raw, json)
Hash identifier: oA3Pzjxdo5+ZHydNuQFITwdmlQgD18WDSm6NAEFVHsQ=
Subject key identifier: E7:3C:4B:53:9A:5C:9C:08:35:09:EA:59:AD:BF:A0:C3:A0:77:9A:37
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 08825724
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/5zxLU5pcnAg1CepZrb-gw6B3mjc.roa
Signing time: Sat 01 Jan 2022 14:59:57 +0000
ROA not before: Sat 01 Jan 2022 14:59:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39529
IP address blocks: 194.50.9.0/24 maxlen: 24
91.214.83.0/24 maxlen: 24
91.214.82.0/24 maxlen: 24
91.214.81.0/24 maxlen: 24
31.40.144.0/24 maxlen: 24
31.40.152.0/24 maxlen: 24
31.40.148.0/24 maxlen: 24
31.40.149.0/24 maxlen: 24
31.40.147.0/24 maxlen: 24
31.40.155.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142759716 (0x8825724)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Jan 1 14:59:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e73c4b539a5c9c083509ea59adbfa0c3a0779a37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:76:17:01:ff:3f:48:b2:4e:12:12:2e:73:21:
fe:66:26:c9:7b:c3:27:4f:9d:24:9d:3d:48:74:c0:
a0:c3:99:35:97:41:d6:36:af:15:aa:7c:e0:5c:15:
d9:cd:51:49:95:3e:28:cf:20:2b:75:28:bf:c0:f9:
93:5c:a0:95:02:59:17:85:ff:e5:d0:20:e2:b5:28:
3d:8b:27:79:9c:32:7a:ec:95:c3:52:de:f2:98:8e:
2c:47:9c:c5:6b:82:2b:63:d2:6f:5a:85:b6:bd:d3:
2f:52:e8:43:d5:69:a3:9a:4a:9b:33:fe:95:8f:c1:
a3:f0:d5:3a:51:5c:66:b3:49:69:79:42:c4:72:67:
01:ba:e6:41:bb:1a:f3:be:41:d2:30:57:27:89:b4:
4e:24:60:34:32:c4:8c:a6:13:4e:b8:26:42:b6:a6:
10:8e:dc:59:27:1f:fd:de:d9:73:b0:2e:ea:2f:24:
80:7a:91:62:ec:c0:02:55:a2:34:54:33:8f:90:4e:
75:b4:f7:a6:e9:cb:1a:31:8a:b1:92:65:80:ac:4c:
90:18:5c:52:a6:aa:bb:b8:e7:37:ea:29:aa:59:7a:
eb:ef:03:6c:16:8a:ae:88:62:0b:3d:e5:9d:4f:1c:
51:7d:d5:85:b6:f0:f2:52:f4:c6:05:5e:7f:9b:99:
15:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:3C:4B:53:9A:5C:9C:08:35:09:EA:59:AD:BF:A0:C3:A0:77:9A:37
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/5zxLU5pcnAg1CepZrb-gw6B3mjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.144.0/24
31.40.147.0-31.40.149.255
31.40.152.0/24
31.40.155.0/24
91.214.81.0-91.214.83.255
194.50.9.0/24
Signature Algorithm: sha256WithRSAEncryption
32:c0:6b:b9:11:12:25:50:ce:ff:f7:9d:71:9b:9c:57:83:9d:
29:79:1d:2c:d6:53:0f:c4:82:54:72:97:82:a2:b2:a7:41:b8:
b7:ca:ce:c1:42:41:ce:c1:85:66:a4:b1:f5:a4:fb:60:28:4e:
d6:6a:b0:b6:6b:16:c0:07:a5:c9:36:cb:59:58:16:2a:a4:d1:
14:14:3e:c2:c0:51:26:d7:00:81:7b:46:91:35:87:27:83:40:
d0:f1:33:a6:c4:21:5f:38:1e:e1:fd:0b:c2:fc:d5:e6:b6:6a:
39:7a:3b:5e:38:c8:85:41:d4:8a:a2:f8:51:2d:ef:f4:44:e8:
e1:32:d7:e0:de:d7:62:06:9d:66:fd:8b:5f:a4:22:f0:fa:92:
2e:1f:2b:9a:75:dc:d0:27:4d:8e:4d:e0:3d:0c:08:d2:63:a9:
d7:af:fd:f4:e0:da:79:df:5b:62:9c:6f:35:ba:35:49:0a:25:
b4:46:9d:c5:77:f3:18:5d:d3:97:c5:41:f0:97:72:f0:fa:75:
55:8a:ef:08:b9:e5:2b:11:99:dc:42:a5:f0:15:dc:39:93:15:
4a:aa:28:fd:3b:d1:9f:19:8f:b1:de:d4:33:f4:41:02:f1:dd:
2a:e1:f4:97:e1:f9:91:f1:55:f8:c5:c4:49:d6:07:b3:5a:ee:
e3:83:9d:5f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIECIJXJDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZWFmNWMyZTVlZGMxOTc4MzRkMDdmMzQ1OTYyYjA3NDViZWU2NmQ3MB4XDTIyMDEw
MTE0NTk1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTczYzRiNTM5YTVj
OWMwODM1MDllYTU5YWRiZmEwYzNhMDc3OWEzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALN2FwH/P0iyThISLnMh/mYmyXvDJ0+dJJ09SHTAoMOZNZdB
1javFap84FwV2c1RSZU+KM8gK3Uov8D5k1yglQJZF4X/5dAg4rUoPYsneZwyeuyV
w1Le8piOLEecxWuCK2PSb1qFtr3TL1LoQ9Vpo5pKmzP+lY/Bo/DVOlFcZrNJaXlC
xHJnAbrmQbsa875B0jBXJ4m0TiRgNDLEjKYTTrgmQramEI7cWScf/d7Zc7Au6i8k
gHqRYuzAAlWiNFQzj5BOdbT3punLGjGKsZJlgKxMkBhcUqaqu7jnN+opqll66+8D
bBaKrohiCz3lnU8cUX3Vhbbw8lL0xgVef5uZFckCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBTnPEtTmlycCDUJ6lmtv6DDoHeaNzAfBgNVHSMEGDAWgBQer1wuXtwZeDTQ
fzRZYrB0W+5m1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hxOWNMbDdjR1hnMDBIODBXV0t3ZEZ2dVp0Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzYvMWNmYjkyLTljMzEtNDY0Zi05MzgyLTRhMzRjMWJiYWIyYi8x
LzV6eExVNXBjbkFnMUNlcFpyYi1ndzZCM21qYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYv
MWNmYjkyLTljMzEtNDY0Zi05MzgyLTRhMzRjMWJiYWIyYi8xL0hxOWNMbDdjR1hn
MDBIODBXV0t3ZEZ2dVp0Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwOgQCAAEwNAMEAB8okDAMAwQAHyiTAwQBHyiUAwQA
HyiYAwQAHyibMAwDBABb1lEDBAJb1lADBADCMgkwDQYJKoZIhvcNAQELBQADggEB
ADLAa7kREiVQzv/3nXGbnFeDnSl5HSzWUw/EglRyl4KisqdBuLfKzsFCQc7BhWak
sfWk+2AoTtZqsLZrFsAHpck2y1lYFiqk0RQUPsLAUSbXAIF7RpE1hyeDQNDxM6bE
IV84HuH9C8L81ea2ajl6O144yIVB1Iqi+FEt7/RE6OEy1+De12IGnWb9i1+kIvD6
ki4fK5p13NAnTY5N4D0MCNJjqdev/fTg2nnfW2KcbzW6NUkKJbRGncV38xhd05fF
QfCXcvD6dVWK7wi55SsRmdxCpfAV3DmTFUqqKP070Z8Zj7He1DP0QQLx3Srh9Jfh
+ZHxVfjFxEnWB7Na7uODnV8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:41 2023 by rpki-client on console-ams.rpki-client.org