Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/P16_p0_C-1dG1EH3qqgmhFRIW4w.roa
File: P16_p0_C-1dG1EH3qqgmhFRIW4w.roa (raw, json)
Hash identifier: uBvmrqui2AmRN+0XQgt5tJgyzkfjpSTdksia7JXXpws=
Subject key identifier: 3F:5E:BF:A7:4F:C2:FB:57:46:D4:41:F7:AA:A8:26:84:54:48:5B:8C
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 0184F5DAFD7BBEC7C7FCCD4E0ABFA926646E
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/P16_p0_C-1dG1EH3qqgmhFRIW4w.roa
Signing time: Fri 09 Dec 2022 07:48:00 +0000
ROA not before: Fri 09 Dec 2022 07:48:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14576
IP address blocks: 213.108.3.0/24 maxlen: 24
213.108.1.0/24 maxlen: 24
213.108.0.0/24 maxlen: 24
5.183.252.0/24 maxlen: 24
185.77.220.0/22 maxlen: 24
83.171.225.0/24 maxlen: 24
77.220.192.0/24 maxlen: 24
77.220.195.0/24 maxlen: 24
141.98.84.0/24 maxlen: 24
194.104.9.0/24 maxlen: 24
194.104.8.0/24 maxlen: 24
45.10.165.0/24 maxlen: 24
45.10.164.0/24 maxlen: 24
45.10.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f5:da:fd:7b:be:c7:c7:fc:cd:4e:0a:bf:a9:26:64:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Dec 9 07:48:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f5ebfa74fc2fb5746d441f7aaa8268454485b8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:45:33:dd:36:0b:91:d1:c6:9c:ad:a8:e8:43:
8d:62:38:86:e6:f5:54:cd:44:6d:26:08:f8:10:7c:
d5:00:98:33:d7:e6:30:9d:1f:6a:b2:89:90:54:ab:
95:0c:22:75:4b:15:48:6b:77:4a:3f:20:ea:92:bd:
88:b1:34:e9:3e:7f:3d:a5:eb:8b:41:5f:57:03:ae:
a0:17:bf:db:17:de:b1:8c:77:98:49:f2:35:d8:eb:
0a:08:30:94:a6:45:8e:f7:4c:de:cb:40:5e:88:c7:
6d:b9:ae:d3:8e:38:bd:d8:1f:a8:56:c5:d4:16:f4:
33:72:0c:cd:dc:7f:7a:e6:98:1f:85:d6:be:26:60:
f2:56:85:1e:49:b8:78:89:9c:d1:44:2c:91:96:08:
d6:38:97:29:c5:2c:58:dc:7b:b6:93:14:88:3e:e3:
21:79:f0:16:ed:2c:c4:05:d1:27:eb:02:21:08:00:
ea:21:75:0f:9f:18:89:c2:8a:4f:f3:04:f4:f0:e8:
55:d8:37:9e:47:ce:ec:2a:9c:92:10:4c:f9:d0:9f:
e7:db:2e:87:c8:27:57:62:d2:80:d8:b7:a1:47:cd:
f3:f3:4c:c1:f6:80:af:98:24:ed:9c:84:42:f4:3b:
54:6f:1d:34:94:27:fe:72:d5:58:41:55:74:91:0e:
06:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:5E:BF:A7:4F:C2:FB:57:46:D4:41:F7:AA:A8:26:84:54:48:5B:8C
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/P16_p0_C-1dG1EH3qqgmhFRIW4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.252.0/24
45.10.164.0/23
45.10.167.0/24
77.220.192.0/24
77.220.195.0/24
83.171.225.0/24
141.98.84.0/24
185.77.220.0/22
194.104.8.0/23
213.108.0.0/23
213.108.3.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:b8:04:66:dd:b8:9a:94:7d:3d:ec:1b:b4:bc:9f:13:5b:85:
05:4e:fe:fa:55:97:1f:6d:a8:b9:72:c3:34:7f:18:bd:a3:6d:
d0:e9:86:90:3b:9f:64:0d:4c:5a:63:36:ad:a3:be:4a:1e:1d:
4e:8b:59:93:d6:d2:fc:9d:de:6e:6c:3c:32:74:84:c7:e9:18:
30:9e:ea:b2:db:48:ce:ac:66:d2:f4:fb:7a:01:13:d1:94:cb:
a2:44:98:a1:38:d0:f8:e6:0b:39:97:2a:98:dc:7e:38:98:28:
d3:2d:ed:fc:60:50:87:47:c3:c3:87:e6:3f:62:1a:ee:bf:28:
8a:57:7c:9d:22:c8:91:74:74:f6:25:61:f1:0f:5b:85:40:a6:
ea:15:4c:6b:7f:6f:d6:9d:9f:cf:87:02:22:c5:05:92:56:a4:
9a:bf:73:f8:0e:1b:49:d3:d0:e4:45:16:f0:8e:f5:ab:80:c6:
13:ca:8f:9a:c3:cb:6c:21:01:50:c5:c7:9f:fe:53:5f:5d:09:
48:a3:af:aa:ed:96:8f:23:69:3e:ad:55:cf:51:04:ec:27:ca:
94:65:0c:2d:4d:77:e6:9e:f5:1b:22:0f:18:f4:12:c5:fc:96:
16:66:55:c9:a5:56:1d:7c:2a:93:de:86:26:db:f3:04:66:38:
68:f8:92:0c
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYT12v17vsfH/M1OCr+pJmRuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjIxMjA5MDc0ODAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjVlYmZhNzRmYzJmYjU3NDZkNDQxZjdhYWE4MjY4NDU0NDg1YjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUUz3TYLkdHGnK2o6EONYjiG5vVU
zURtJgj4EHzVAJgz1+YwnR9qsomQVKuVDCJ1SxVIa3dKPyDqkr2IsTTpPn89peuL
QV9XA66gF7/bF96xjHeYSfI12OsKCDCUpkWO90zey0BeiMdtua7Tjji92B+oVsXU
FvQzcgzN3H965pgfhda+JmDyVoUeSbh4iZzRRCyRlgjWOJcpxSxY3Hu2kxSIPuMh
efAW7SzEBdEn6wIhCADqIXUPnxiJwopP8wT08OhV2DeeR87sKpySEEz50J/n2y6H
yCdXYtKA2LehR83z80zB9oCvmCTtnIRC9DtUbx00lCf+ctVYQVV0kQ4GpQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFD9ev6dPwvtXRtRB96qoJoRUSFuMMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvUDE2X3AwX0MtMWRHMUVIM3FxZ21oRlJJVzR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQABbf8AwQB
LQqkAwQALQqnAwQATdzAAwQATdzDAwQAU6vhAwQAjWJUAwQCuU3cAwQBwmgIAwQB
1WwAAwQA1WwDMA0GCSqGSIb3DQEBCwUAA4IBAQAruARm3bialH097Bu0vJ8TW4UF
Tv76VZcfbai5csM0fxi9o23Q6YaQO59kDUxaYzato75KHh1Oi1mT1tL8nd5ubDwy
dITH6Rgwnuqy20jOrGbS9Pt6ARPRlMuiRJihOND45gs5lyqY3H44mCjTLe38YFCH
R8PDh+Y/YhruvyiKV3ydIsiRdHT2JWHxD1uFQKbqFUxrf2/WnZ/PhwIixQWSVqSa
v3P4DhtJ09DkRRbwjvWrgMYTyo+aw8tsIQFQxcef/lNfXQlIo6+q7ZaPI2k+rVXP
UQTsJ8qUZQwtTXfmnvUbIg8Y9BLF/JYWZlXJpVYdfCqT3oYm2/MEZjho+JIM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org