Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/tP5gOE2e25xxy5CCGE_PcwRk_cA.roa
File: tP5gOE2e25xxy5CCGE_PcwRk_cA.roa (raw, json)
Hash identifier: ebS+5cMm0Wcz5B7cg0ruHIHzo+T6YnTMxGUsiLXxknk=
Subject key identifier: B4:FE:60:38:4D:9E:DB:9C:71:CB:90:82:18:4F:CF:73:04:64:FD:C0
Certificate issuer: /CN=33954330349f57502a76ae6e99987efc3e3b8109
Certificate serial: 40D7AB9B
Authority key identifier: 33:95:43:30:34:9F:57:50:2A:76:AE:6E:99:98:7E:FC:3E:3B:81:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M5VDMDSfV1Aqdq5umZh-_D47gQk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/tP5gOE2e25xxy5CCGE_PcwRk_cA.roa
Signing time: Thu 05 May 2022 05:22:10 +0000
ROA not before: Thu 05 May 2022 05:22:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198330
IP address blocks: 185.55.96.0/22 maxlen: 24
185.104.172.0/22 maxlen: 24
185.128.64.0/22 maxlen: 24
45.12.224.0/22 maxlen: 24
134.90.136.0/21 maxlen: 24
94.231.40.0/21 maxlen: 24
45.10.180.0/22 maxlen: 24
2a03:c280::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1087875995 (0x40d7ab9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33954330349f57502a76ae6e99987efc3e3b8109
Validity
Not Before: May 5 05:22:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4fe60384d9edb9c71cb9082184fcf730464fdc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b8:78:b0:33:f9:f3:43:49:1d:a8:f7:f8:4b:
96:be:09:8f:e4:1d:8a:01:2b:c4:77:8c:d2:24:3c:
0d:fa:79:27:a1:a3:c0:e1:ab:7e:9c:f1:65:02:67:
de:e4:6f:b8:7d:88:85:13:23:db:f4:26:b0:00:c9:
41:45:01:2d:b9:f2:94:5b:c6:a5:2d:cb:a5:93:93:
fa:d3:f5:37:0c:33:1f:0e:40:e4:87:11:d8:99:21:
b1:2a:5d:1c:c7:b9:35:00:af:c0:e0:a4:bc:10:a4:
30:f4:af:30:2f:18:7f:0a:18:52:7b:5f:10:64:06:
a0:fd:a4:dc:d0:9f:fd:7a:d3:a6:c3:d1:33:e7:94:
b8:d2:10:bd:eb:ba:4a:5f:28:d1:e5:e7:0e:f0:70:
13:bb:d7:5c:93:b5:98:91:e3:d4:f1:d7:87:50:08:
54:5e:ac:47:b0:f2:ab:d9:c3:f0:cb:09:24:0d:69:
64:01:ce:ff:0b:d3:49:79:39:90:df:c2:bf:a3:d2:
49:3a:af:11:cc:8d:ec:c7:f1:48:1a:17:83:32:da:
f9:41:e3:99:9b:15:63:7d:28:7a:e5:f2:15:7b:85:
68:77:ea:29:6d:81:43:37:58:22:1c:b3:94:c5:bf:
77:42:75:42:8e:00:fd:3e:c2:9e:0e:37:2e:1d:79:
96:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:FE:60:38:4D:9E:DB:9C:71:CB:90:82:18:4F:CF:73:04:64:FD:C0
X509v3 Authority Key Identifier:
keyid:33:95:43:30:34:9F:57:50:2A:76:AE:6E:99:98:7E:FC:3E:3B:81:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M5VDMDSfV1Aqdq5umZh-_D47gQk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/tP5gOE2e25xxy5CCGE_PcwRk_cA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/M5VDMDSfV1Aqdq5umZh-_D47gQk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.180.0/22
45.12.224.0/22
94.231.40.0/21
134.90.136.0/21
185.55.96.0/22
185.104.172.0/22
185.128.64.0/22
IPv6:
2a03:c280::/32
Signature Algorithm: sha256WithRSAEncryption
81:56:7e:a2:0a:bb:45:2d:07:02:bb:29:52:03:59:e0:94:30:
c4:66:51:04:36:d5:a0:e2:eb:b1:53:c3:7b:c5:13:35:04:49:
4e:fc:a2:3f:d9:a7:67:6b:97:9c:54:bd:cc:1a:a3:f5:db:e6:
fd:0d:39:64:bc:67:59:a7:ce:8a:40:78:ab:86:2d:d0:0e:94:
1f:e2:e5:47:a5:a0:d7:c1:12:e5:31:1c:b9:f1:56:c8:bd:0b:
f5:ae:ca:5c:92:b4:c8:76:4a:24:de:42:7c:47:12:2b:06:93:
48:07:e7:a0:fa:84:7f:de:7d:7f:41:ad:17:36:fc:14:76:3a:
5c:36:a4:9f:a8:00:73:1c:23:22:3c:d9:1c:f9:f5:82:d0:ca:
91:3b:4d:04:26:4f:12:14:c4:40:81:15:dc:0c:85:2d:bd:aa:
c9:9a:f9:2f:8e:88:6d:49:99:96:92:2a:9f:f2:e6:cb:18:83:
18:77:e1:23:3d:f9:03:36:88:7c:6f:5a:b8:56:14:ab:33:e9:
a7:f0:89:4d:e8:4a:0b:4d:87:32:fa:b0:1c:e0:f8:50:81:da:
81:e8:20:69:35:2b:60:ca:09:e9:72:b3:e5:8b:ba:ed:8a:f2:
22:31:85:a3:6a:e0:f9:40:03:c2:af:b4:0e:aa:45:87:94:bb:
ff:3c:12:7e
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEQNermzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
Mzk1NDMzMDM0OWY1NzUwMmE3NmFlNmU5OTk4N2VmYzNlM2I4MTA5MB4XDTIyMDUw
NTA1MjIxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjRmZTYwMzg0ZDll
ZGI5YzcxY2I5MDgyMTg0ZmNmNzMwNDY0ZmRjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALy4eLAz+fNDSR2o9/hLlr4Jj+QdigErxHeM0iQ8Dfp5J6Gj
wOGrfpzxZQJn3uRvuH2IhRMj2/QmsADJQUUBLbnylFvGpS3LpZOT+tP1NwwzHw5A
5IcR2JkhsSpdHMe5NQCvwOCkvBCkMPSvMC8YfwoYUntfEGQGoP2k3NCf/XrTpsPR
M+eUuNIQveu6Sl8o0eXnDvBwE7vXXJO1mJHj1PHXh1AIVF6sR7Dyq9nD8MsJJA1p
ZAHO/wvTSXk5kN/Cv6PSSTqvEcyN7MfxSBoXgzLa+UHjmZsVY30oeuXyFXuFaHfq
KW2BQzdYIhyzlMW/d0J1Qo4A/T7Cng43Lh15lgECAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBS0/mA4TZ7bnHHLkIIYT89zBGT9wDAfBgNVHSMEGDAWgBQzlUMwNJ9XUCp2
rm6ZmH78PjuBCTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L001VkRNRFNmVjFBcWRxNXVtWmgtX0Q0N2dRay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvMGYxOWU5LTFiMmItNDgxMi1hYjVhLWZkZjg0ZjgzYTI3NC8x
L3RQNWdPRTJlMjV4eHk1Q0NHRV9QY3dSa19jQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
MGYxOWU5LTFiMmItNDgxMi1hYjVhLWZkZjg0ZjgzYTI3NC8xL001VkRNRFNmVjFB
cWRxNXVtWmgtX0Q0N2dRay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAi0KtAMEAi0M4AMEA17nKAMEA4Za
iAMEArk3YAMEArlorAMEArmAQDANBAIAAjAHAwUAKgPCgDANBgkqhkiG9w0BAQsF
AAOCAQEAgVZ+ogq7RS0HArspUgNZ4JQwxGZRBDbVoOLrsVPDe8UTNQRJTvyiP9mn
Z2uXnFS9zBqj9dvm/Q05ZLxnWafOikB4q4Yt0A6UH+LlR6Wg18ES5TEcufFWyL0L
9a7KXJK0yHZKJN5CfEcSKwaTSAfnoPqEf959f0GtFzb8FHY6XDakn6gAcxwjIjzZ
HPn1gtDKkTtNBCZPEhTEQIEV3AyFLb2qyZr5L46IbUmZlpIqn/LmyxiDGHfhIz35
AzaIfG9auFYUqzPpp/CJTehKC02HMvqwHOD4UIHageggaTUrYMoJ6XKz5Yu67Yry
IjGFo2rg+UADwq+0DqpFh5S7/zwSfg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:25 2024 by rpki-client on console-fra.rpki-client.org