Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/TgLJd1hgo3DQLU25KZG-yUcNuV4.roa
File: TgLJd1hgo3DQLU25KZG-yUcNuV4.roa (raw, json)
Hash identifier: 5bt0X7vYsVhfAfrLObie0vLkih6bpYbGosUHErkkEXA=
Subject key identifier: 4E:02:C9:77:58:60:A3:70:D0:2D:4D:B9:29:91:BE:C9:47:0D:B9:5E
Certificate issuer: /CN=50f2d6b21660fad1f60e2df9d0bd7c6ccf95c311
Certificate serial: 105F515A
Authority key identifier: 50:F2:D6:B2:16:60:FA:D1:F6:0E:2D:F9:D0:BD:7C:6C:CF:95:C3:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UPLWshZg-tH2Di350L18bM-VwxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/TgLJd1hgo3DQLU25KZG-yUcNuV4.roa
Signing time: Thu 24 Mar 2022 08:12:56 +0000
ROA not before: Thu 24 Mar 2022 08:12:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41722
IP address blocks: 185.174.165.0/24 maxlen: 24
185.174.166.0/24 maxlen: 24
185.174.167.0/24 maxlen: 24
91.142.80.0/24 maxlen: 24
91.142.83.0/24 maxlen: 24
91.142.84.0/24 maxlen: 24
91.142.81.0/24 maxlen: 24
91.142.82.0/24 maxlen: 24
91.142.85.0/24 maxlen: 24
91.142.87.0/24 maxlen: 24
185.53.20.0/24 maxlen: 24
91.142.86.0/24 maxlen: 24
91.142.90.0/24 maxlen: 24
185.53.23.0/24 maxlen: 24
185.53.22.0/24 maxlen: 24
91.142.91.0/24 maxlen: 24
91.142.88.0/24 maxlen: 24
185.53.21.0/24 maxlen: 24
91.142.89.0/24 maxlen: 24
91.142.94.0/24 maxlen: 24
91.142.92.0/24 maxlen: 24
91.142.93.0/24 maxlen: 24
91.142.95.0/24 maxlen: 24
178.250.152.0/24 maxlen: 24
178.250.154.0/24 maxlen: 24
178.250.155.0/24 maxlen: 24
178.250.153.0/24 maxlen: 24
178.249.71.0/24 maxlen: 24
178.249.70.0/24 maxlen: 24
178.249.68.0/24 maxlen: 24
178.249.69.0/24 maxlen: 24
185.162.92.0/24 maxlen: 24
185.162.93.0/24 maxlen: 24
185.162.95.0/24 maxlen: 24
185.162.94.0/24 maxlen: 24
185.162.94.0/23 maxlen: 23
185.147.80.0/24 maxlen: 24
185.147.83.0/24 maxlen: 24
185.147.81.0/24 maxlen: 24
185.147.82.0/24 maxlen: 24
2a03:21c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 274682202 (0x105f515a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50f2d6b21660fad1f60e2df9d0bd7c6ccf95c311
Validity
Not Before: Mar 24 08:12:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e02c9775860a370d02d4db92991bec9470db95e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:13:bb:0e:90:d1:7a:b1:2f:19:b7:df:5e:88:
25:e8:b4:e1:63:61:0f:b7:e2:b2:11:d0:b0:5b:59:
e8:b0:e4:58:eb:ef:18:a6:d9:f2:eb:f5:a2:0e:87:
f1:a1:34:47:4e:8e:c1:30:b7:39:74:b0:f0:4e:df:
1a:88:0e:5d:43:60:80:10:13:69:7d:41:28:b6:cc:
c6:17:09:96:2c:e1:bb:55:a5:80:97:50:bf:5e:7f:
0c:38:aa:a7:50:31:01:12:61:57:d4:03:be:53:f7:
e8:be:56:41:29:fd:b2:b5:b3:7a:fd:b0:37:b3:f1:
f9:1f:ec:1d:e1:74:54:5d:50:69:fa:01:5d:a5:97:
b4:27:6e:40:1c:a5:df:25:ad:4f:41:1a:8a:19:e8:
39:bd:fb:42:cb:75:1e:92:52:30:7b:47:27:17:82:
c2:9a:28:b8:97:54:cf:d3:ab:89:ca:ea:e8:96:fd:
45:5b:f5:99:d3:00:ba:be:f4:0f:40:96:c5:10:8b:
13:da:0f:07:6e:64:77:9c:1d:25:d0:bd:79:e1:71:
80:db:c7:7b:c0:85:eb:04:33:ba:f2:bd:e1:c3:97:
28:83:96:d3:83:8b:6b:b9:6a:60:70:fd:0f:32:55:
11:7f:82:b9:db:2c:a3:f6:c2:f9:42:7f:fc:e3:90:
74:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:02:C9:77:58:60:A3:70:D0:2D:4D:B9:29:91:BE:C9:47:0D:B9:5E
X509v3 Authority Key Identifier:
keyid:50:F2:D6:B2:16:60:FA:D1:F6:0E:2D:F9:D0:BD:7C:6C:CF:95:C3:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UPLWshZg-tH2Di350L18bM-VwxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/TgLJd1hgo3DQLU25KZG-yUcNuV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/UPLWshZg-tH2Di350L18bM-VwxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.80.0/20
178.249.68.0/22
178.250.152.0/22
185.53.20.0/22
185.147.80.0/22
185.162.92.0/22
185.174.165.0-185.174.167.255
IPv6:
2a03:21c0::/32
Signature Algorithm: sha256WithRSAEncryption
4a:b1:75:5d:21:19:92:46:47:45:e9:d6:4a:0d:7c:dd:56:e4:
b1:65:03:29:23:3a:1d:b7:e6:61:4d:c7:6c:3f:c4:c8:0c:da:
6c:de:21:35:05:5d:e6:58:51:e0:23:ed:c7:39:41:27:41:fc:
1e:4f:bb:c9:a6:70:19:cf:fc:df:d7:d1:07:d9:a5:56:3e:c8:
49:47:14:2b:66:f0:dc:4b:9e:4f:73:67:2e:fc:90:de:27:9c:
98:56:cc:25:2e:db:d6:24:55:43:d7:b6:79:f6:46:7c:00:95:
ca:9a:38:ee:d6:f8:ee:24:73:fd:af:16:a1:39:a3:43:38:f1:
b2:9e:f3:3e:6c:6f:02:2f:ae:bc:c9:98:63:7f:a8:e5:43:c9:
87:60:22:d5:cc:c9:3d:89:a1:ab:c4:77:be:e0:b9:ac:b7:db:
03:67:2e:06:07:c7:8d:f3:7f:00:2d:db:1b:42:d4:7b:90:9b:
31:60:9f:59:7d:b2:92:52:9f:fa:68:97:37:93:3a:16:5c:44:
1d:58:b3:ac:7c:e3:8c:5a:f8:a9:8d:93:8c:17:b4:2f:bd:3f:
64:84:dd:d2:cf:4b:92:da:89:cd:e9:1b:4e:ab:2a:db:9a:8f:
f6:af:75:68:ee:28:93:de:4f:b1:98:1a:96:cb:b6:d9:95:ff:
77:4c:5c:0b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIEEF9RWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MGYyZDZiMjE2NjBmYWQxZjYwZTJkZjlkMGJkN2M2Y2NmOTVjMzExMB4XDTIyMDMy
NDA4MTI1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGUwMmM5Nzc1ODYw
YTM3MGQwMmQ0ZGI5Mjk5MWJlYzk0NzBkYjk1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJwTuw6Q0XqxLxm3316IJei04WNhD7fishHQsFtZ6LDkWOvv
GKbZ8uv1og6H8aE0R06OwTC3OXSw8E7fGogOXUNggBATaX1BKLbMxhcJlizhu1Wl
gJdQv15/DDiqp1AxARJhV9QDvlP36L5WQSn9srWzev2wN7Px+R/sHeF0VF1QafoB
XaWXtCduQByl3yWtT0EaihnoOb37Qst1HpJSMHtHJxeCwpoouJdUz9Oricrq6Jb9
RVv1mdMAur70D0CWxRCLE9oPB25kd5wdJdC9eeFxgNvHe8CF6wQzuvK94cOXKIOW
04OLa7lqYHD9DzJVEX+Cudsso/bC+UJ//OOQdPkCAwEAAaOCAkQwggJAMB0GA1Ud
DgQWBBROAsl3WGCjcNAtTbkpkb7JRw25XjAfBgNVHSMEGDAWgBRQ8tayFmD60fYO
LfnQvXxsz5XDETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VQTFdzaFpnLXRIMkRpMzUwTDE4Yk0tVnd4RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvZDBlZGQ1LTYwODctNGJlMS1iMzZmLWFiM2RkNWRjNjcwOS8x
L1RnTEpkMWhnbzNEUUxVMjVLWkcteVVjTnVWNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
ZDBlZGQ1LTYwODctNGJlMS1iMzZmLWFiM2RkNWRjNjcwOS8xL1VQTFdzaFpnLXRI
MkRpMzUwTDE4Yk0tVnd4RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBa
BggrBgEFBQcBBwEB/wRLMEkwOAQCAAEwMgMEBFuOUAMEArL5RAMEArL6mAMEArk1
FAMEArmTUAMEArmiXDAMAwQAua6lAwQDua6gMA0EAgACMAcDBQAqAyHAMA0GCSqG
SIb3DQEBCwUAA4IBAQBKsXVdIRmSRkdF6dZKDXzdVuSxZQMpIzodt+ZhTcdsP8TI
DNps3iE1BV3mWFHgI+3HOUEnQfweT7vJpnAZz/zf19EH2aVWPshJRxQrZvDcS55P
c2cu/JDeJ5yYVswlLtvWJFVD17Z59kZ8AJXKmjju1vjuJHP9rxahOaNDOPGynvM+
bG8CL668yZhjf6jlQ8mHYCLVzMk9iaGrxHe+4Lmst9sDZy4GB8eN838ALdsbQtR7
kJsxYJ9ZfbKSUp/6aJc3kzoWXEQdWLOsfOOMWvipjZOMF7QvvT9khN3Sz0uS2onN
6RtOqyrbmo/2r3Vo7iiT3k+xmBqWy7bZlf93TFwL
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:01 2023 by rpki-client on console-ams.rpki-client.org