Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/1uL3gwiS4UexsQa7Nsvqfpoh1qg.roa
File: 1uL3gwiS4UexsQa7Nsvqfpoh1qg.roa (raw, json)
Hash identifier: mXDlO2dd5Uh3WLJ3WU1mYdaojg0BygIRhdSQYxncklE=
Subject key identifier: D6:E2:F7:83:08:92:E1:47:B1:B1:06:BB:36:CB:EA:7E:9A:21:D6:A8
Certificate issuer: /CN=668e9b2eefb205342382b6072a903f9d9837071a
Certificate serial: 01845B42515F56B2B025974BE0641B78ED96
Authority key identifier: 66:8E:9B:2E:EF:B2:05:34:23:82:B6:07:2A:90:3F:9D:98:37:07:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/1uL3gwiS4UexsQa7Nsvqfpoh1qg.roa
Signing time: Wed 09 Nov 2022 07:19:43 +0000
ROA not before: Wed 09 Nov 2022 07:19:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44056
IP address blocks: 176.125.192.0/19 maxlen: 19
91.230.146.0/24 maxlen: 24
46.148.128.0/22 maxlen: 22
31.135.224.0/20 maxlen: 20
46.148.128.0/20 maxlen: 20
46.148.143.0/24 maxlen: 24
195.2.238.0/23 maxlen: 23
109.196.64.0/20 maxlen: 20
109.196.64.0/22 maxlen: 22
109.196.68.0/22 maxlen: 22
91.195.130.0/23 maxlen: 23
83.97.104.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5b:42:51:5f:56:b2:b0:25:97:4b:e0:64:1b:78:ed:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=668e9b2eefb205342382b6072a903f9d9837071a
Validity
Not Before: Nov 9 07:19:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d6e2f7830892e147b1b106bb36cbea7e9a21d6a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:2a:e8:9a:12:38:bd:0a:c2:19:27:3a:54:d4:
c1:71:2a:d8:4e:4d:17:aa:52:c8:75:2b:73:89:2e:
9c:a3:da:62:c8:78:cc:a0:3a:1b:e4:4e:ec:75:09:
2e:71:17:65:48:74:a6:2d:f6:71:5c:81:32:ed:39:
57:41:b3:24:38:8e:d0:24:a6:80:b2:cc:0e:b0:d2:
bc:2d:68:fb:cd:a6:9a:ee:ef:a4:44:b8:ad:9d:c5:
7e:59:8a:e2:b4:f5:7b:c5:08:1f:9a:a8:ca:af:9f:
21:42:c5:64:a5:d5:c6:dd:a2:0f:29:fd:90:d4:f5:
51:6b:24:4b:84:5d:48:1d:47:3d:60:3e:1f:0c:49:
4e:69:5f:e7:14:c9:ce:fd:de:ad:45:5e:ad:d2:b7:
ea:c6:89:23:a5:7e:35:37:3c:bd:7c:db:e3:fa:36:
3b:e4:83:ca:43:c9:1c:8e:9a:a9:31:93:b5:4f:85:
2d:73:16:c5:ed:cd:9e:d3:4e:92:98:d7:c8:ac:ce:
66:7b:b0:da:06:c3:03:99:ed:0a:0c:63:3d:56:3a:
83:1d:2a:8c:b8:33:01:9c:fc:5d:d5:46:7a:83:44:
ef:2b:38:5c:02:eb:f0:f0:55:cc:59:0e:bb:69:fd:
9b:2d:76:cf:f9:0a:49:89:88:40:8a:6f:df:fa:d0:
ae:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:E2:F7:83:08:92:E1:47:B1:B1:06:BB:36:CB:EA:7E:9A:21:D6:A8
X509v3 Authority Key Identifier:
keyid:66:8E:9B:2E:EF:B2:05:34:23:82:B6:07:2A:90:3F:9D:98:37:07:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/1uL3gwiS4UexsQa7Nsvqfpoh1qg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.224.0/20
46.148.128.0/20
83.97.104.0/21
91.195.130.0/23
91.230.146.0/24
109.196.64.0/20
176.125.192.0/19
195.2.238.0/23
Signature Algorithm: sha256WithRSAEncryption
50:72:b1:a0:6b:dc:b0:4b:d4:c3:ed:ba:e0:5e:63:f8:24:fe:
92:ee:21:e0:21:a0:70:a0:c0:5b:18:d0:c3:4e:68:89:08:93:
0f:8e:f6:47:2a:c0:ad:77:cf:d8:f2:4e:f6:ca:71:0e:fe:f4:
60:55:44:46:67:a1:33:4d:6c:7e:65:7b:4c:80:08:22:ba:bc:
a4:0f:27:88:9f:23:bc:8b:2b:6f:27:4a:ab:16:94:0d:e3:ae:
c2:1a:77:22:bc:24:4e:a5:84:50:30:a3:06:e2:2d:03:97:64:
da:f0:69:02:d7:e8:b1:19:e6:58:2a:f8:af:16:fb:bf:58:5b:
36:74:ac:62:5c:52:d2:5e:ea:5a:d9:e9:a9:e3:2c:a3:ab:ac:
91:09:5a:49:a0:7f:60:fe:e9:af:4a:3c:cc:53:bc:f5:04:49:
91:c2:0d:c5:2e:01:f4:da:db:e6:e2:7e:3b:73:9a:a0:e7:63:
99:76:49:95:3c:63:58:94:11:4b:0f:44:51:8a:d9:da:f4:25:
be:9f:eb:81:f7:94:d6:85:7b:de:11:5c:75:35:0d:b2:34:9a:
d6:f6:e8:ef:3d:7f:2a:08:ad:b7:b2:7b:ae:4b:ff:68:50:ca:
bc:44:78:1c:87:b3:9f:f8:d3:41:f7:5a:2d:ae:fa:5f:3f:3b:
16:2d:e9:ca
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYRbQlFfVrKwJZdL4GQbeO2WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OGU5YjJlZWZiMjA1MzQyMzgyYjYwNzJhOTAzZjlkOTgz
NzA3MWEwHhcNMjIxMTA5MDcxOTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmUyZjc4MzA4OTJlMTQ3YjFiMTA2YmIzNmNiZWE3ZTlhMjFkNmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyromhI4vQrCGSc6VNTBcSrYTk0X
qlLIdStziS6co9piyHjMoDob5E7sdQkucRdlSHSmLfZxXIEy7TlXQbMkOI7QJKaA
sswOsNK8LWj7zaaa7u+kRLitncV+WYritPV7xQgfmqjKr58hQsVkpdXG3aIPKf2Q
1PVRayRLhF1IHUc9YD4fDElOaV/nFMnO/d6tRV6t0rfqxokjpX41Nzy9fNvj+jY7
5IPKQ8kcjpqpMZO1T4UtcxbF7c2e006SmNfIrM5me7DaBsMDme0KDGM9VjqDHSqM
uDMBnPxd1UZ6g0TvKzhcAuvw8FXMWQ67af2bLXbP+QpJiYhAim/f+tCu1QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNbi94MIkuFHsbEGuzbL6n6aIdaoMB8GA1UdIwQY
MBaAFGaOmy7vsgU0I4K2ByqQP52YNwcaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm82Ykx1LXlCVFFqZ3JZSEtwQV9uWmczQnhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC80YTEzMDUtMzkxYy00NDZjLTlhMzMt
NGMwOGZmZTEwMDc2LzEvMXVMM2d3aVM0VWV4c1FhN05zdnFmcG9oMXFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC80YTEzMDUtMzkxYy00NDZjLTlhMzMtNGMwOGZmZTEwMDc2
LzEvWm82Ykx1LXlCVFFqZ3JZSEtwQV9uWmczQnhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQEH4fgAwQE
LpSAAwQDU2FoAwQBW8OCAwQAW+aSAwQEbcRAAwQFsH3AAwQBwwLuMA0GCSqGSIb3
DQEBCwUAA4IBAQBQcrGga9ywS9TD7brgXmP4JP6S7iHgIaBwoMBbGNDDTmiJCJMP
jvZHKsCtd8/Y8k72ynEO/vRgVURGZ6EzTWx+ZXtMgAgiurykDyeInyO8iytvJ0qr
FpQN467CGncivCROpYRQMKMG4i0Dl2Ta8GkC1+ixGeZYKvivFvu/WFs2dKxiXFLS
Xupa2emp4yyjq6yRCVpJoH9g/umvSjzMU7z1BEmRwg3FLgH02tvm4n47c5qg52OZ
dkmVPGNYlBFLD0RRitna9CW+n+uB95TWhXveEVx1NQ2yNJrW9ujvPX8qCK23snuu
S/9oUMq8RHgch7Of+NNB91otrvpfPzsWLenK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:45 2024 by rpki-client on console-ams.rpki-client.org