Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/gR1c5GNhs_JvJZMo-Fj_1xaVzbk.roa
File: gR1c5GNhs_JvJZMo-Fj_1xaVzbk.roa (raw, json)
Hash identifier: An0eDdg1kfnlST+cwqhiBWAITPEHUW2MCZTYE0lq70g=
Subject key identifier: 81:1D:5C:E4:63:61:B3:F2:6F:25:93:28:F8:58:FF:D7:16:95:CD:B9
Certificate issuer: /CN=0d814a5f08fb47711d7160b027f996dfb612f045
Certificate serial: 0545D9EA
Authority key identifier: 0D:81:4A:5F:08:FB:47:71:1D:71:60:B0:27:F9:96:DF:B6:12:F0:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYFKXwj7R3EdcWCwJ_mW37YS8EU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/gR1c5GNhs_JvJZMo-Fj_1xaVzbk.roa
Signing time: Sat 01 Jan 2022 13:06:44 +0000
ROA not before: Sat 01 Jan 2022 13:06:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35132
IP address blocks: 178.249.120.0/21 maxlen: 21
185.243.176.0/22 maxlen: 22
217.149.112.0/20 maxlen: 20
185.186.132.0/22 maxlen: 22
62.50.160.0/19 maxlen: 19
185.141.156.0/22 maxlen: 22
185.214.16.0/22 maxlen: 22
37.32.48.0/21 maxlen: 21
89.20.224.0/19 maxlen: 19
93.89.32.0/20 maxlen: 20
185.197.220.0/22 maxlen: 22
95.111.160.0/19 maxlen: 19
2a02:1660::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88463850 (0x545d9ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d814a5f08fb47711d7160b027f996dfb612f045
Validity
Not Before: Jan 1 13:06:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=811d5ce46361b3f26f259328f858ffd71695cdb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:77:da:6a:00:62:a5:3f:ca:39:0c:99:b7:cb:
88:46:8b:33:b0:38:c3:4d:c1:38:79:46:ea:b8:6d:
15:a1:c5:96:c4:66:3b:a6:c4:12:cd:24:80:5e:4e:
dc:67:e0:84:25:69:69:d5:6f:6f:94:db:e6:7f:05:
0d:3f:e5:90:1e:fc:99:fc:a7:4b:36:aa:3c:5d:8e:
b0:82:43:d7:96:20:14:3e:c7:3d:d0:1c:b6:01:29:
9b:71:bf:5b:3c:aa:d4:b3:f1:90:7f:43:02:eb:a4:
21:69:b9:d1:9a:ea:b1:3c:1a:b2:62:67:79:48:cf:
90:17:b2:53:3b:ac:35:15:05:ac:2b:cf:1c:1d:ee:
73:6a:58:be:63:9c:c2:c7:49:bf:6f:3f:e0:17:3f:
7f:b9:27:f9:e7:7d:8d:67:b6:0f:c4:19:91:b0:79:
69:60:4b:77:89:44:f8:29:1c:0e:12:d9:3c:60:20:
52:5d:62:96:4e:df:96:59:0e:89:ed:82:7d:ff:ff:
17:cc:a5:b9:6c:45:42:ec:92:ae:8c:49:e7:60:4f:
6a:e2:0b:a7:26:b9:be:e1:80:e3:37:07:c3:ef:73:
0d:81:af:e3:b5:b5:b0:89:8c:00:71:6f:b1:f1:6d:
0a:dd:58:9c:27:f7:ba:ba:31:a2:d9:23:b9:f6:e8:
03:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:1D:5C:E4:63:61:B3:F2:6F:25:93:28:F8:58:FF:D7:16:95:CD:B9
X509v3 Authority Key Identifier:
keyid:0D:81:4A:5F:08:FB:47:71:1D:71:60:B0:27:F9:96:DF:B6:12:F0:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYFKXwj7R3EdcWCwJ_mW37YS8EU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/gR1c5GNhs_JvJZMo-Fj_1xaVzbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/DYFKXwj7R3EdcWCwJ_mW37YS8EU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.48.0/21
62.50.160.0/19
89.20.224.0/19
93.89.32.0/20
95.111.160.0/19
178.249.120.0/21
185.141.156.0/22
185.186.132.0/22
185.197.220.0/22
185.214.16.0/22
185.243.176.0/22
217.149.112.0/20
IPv6:
2a02:1660::/32
Signature Algorithm: sha256WithRSAEncryption
86:02:b3:70:86:a9:85:04:51:39:12:e7:ef:5f:d5:68:37:5f:
b7:36:fb:33:16:c6:58:95:0a:88:a0:4a:4c:5e:aa:dc:7a:b6:
ba:df:35:a0:a2:15:5b:ba:ba:87:19:ec:31:0b:93:30:d0:ed:
e3:32:ad:82:ea:a4:ca:04:8c:22:e2:4d:b4:75:5f:d0:71:6d:
57:00:86:6d:63:90:1b:11:81:36:ef:b8:b5:7a:35:dc:b4:2c:
e1:64:db:4f:32:93:77:77:39:cd:29:88:cb:96:7c:10:7f:dd:
14:87:57:11:55:6a:ac:85:41:5e:4c:4b:c2:91:86:ea:29:d7:
43:ad:52:a3:21:40:19:db:af:a9:65:21:d0:c1:a6:f4:78:cb:
5e:68:39:52:62:8f:a4:02:fa:73:bd:a2:db:9a:41:88:e8:c2:
ed:2b:9b:dd:48:36:09:ed:6e:a1:c6:f0:ba:bf:d0:36:08:74:
a8:65:ca:96:fa:1b:a2:8b:c2:9a:00:9c:9e:9c:84:f5:d9:dc:
dc:43:e5:ca:44:ee:0f:31:04:d2:62:aa:33:a1:57:66:ec:72:
68:a6:93:48:9a:ab:26:f7:2d:bc:3d:5b:d0:19:d4:6a:25:12:
75:03:c7:19:ab:b1:c1:a3:11:4a:98:a4:47:1a:6c:b7:84:87:
15:3b:71:0e
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIEBUXZ6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZDgxNGE1ZjA4ZmI0NzcxMWQ3MTYwYjAyN2Y5OTZkZmI2MTJmMDQ1MB4XDTIyMDEw
MTEzMDY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODExZDVjZTQ2MzYx
YjNmMjZmMjU5MzI4Zjg1OGZmZDcxNjk1Y2RiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOR32moAYqU/yjkMmbfLiEaLM7A4w03BOHlG6rhtFaHFlsRm
O6bEEs0kgF5O3GfghCVpadVvb5Tb5n8FDT/lkB78mfynSzaqPF2OsIJD15YgFD7H
PdActgEpm3G/Wzyq1LPxkH9DAuukIWm50ZrqsTwasmJneUjPkBeyUzusNRUFrCvP
HB3uc2pYvmOcwsdJv28/4Bc/f7kn+ed9jWe2D8QZkbB5aWBLd4lE+CkcDhLZPGAg
Ul1ilk7fllkOie2Cff//F8yluWxFQuySroxJ52BPauILpya5vuGA4zcHw+9zDYGv
47W1sImMAHFvsfFtCt1YnCf3uroxotkjufboA2ECAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBSBHVzkY2Gz8m8lkyj4WP/XFpXNuTAfBgNVHSMEGDAWgBQNgUpfCPtHcR1x
YLAn+ZbfthLwRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RZRktYd2o3UjNFZGNXQ3dKX21XMzdZUzhFVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTAvOGE2ODRiLTAzNzUtNDBlNS1iNzI2LWNlNzk4NWI1NjA5My8x
L2dSMWM1R05oc19KdkpaTW8tRmpfMXhhVnpiay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAv
OGE2ODRiLTAzNzUtNDBlNS1iNzI2LWNlNzk4NWI1NjA5My8xL0RZRktYd2o3UjNF
ZGNXQ3dKX21XMzdZUzhFVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSAMEAyUgMAMEBT4yoAMEBVkU4AMEBF1Z
IAMEBV9voAMEA7L5eAMEArmNnAMEArm6hAMEArnF3AMEArnWEAMEArnzsAMEBNmV
cDANBAIAAjAHAwUAKgIWYDANBgkqhkiG9w0BAQsFAAOCAQEAhgKzcIaphQRRORLn
71/VaDdftzb7MxbGWJUKiKBKTF6q3Hq2ut81oKIVW7q6hxnsMQuTMNDt4zKtguqk
ygSMIuJNtHVf0HFtVwCGbWOQGxGBNu+4tXo13LQs4WTbTzKTd3c5zSmIy5Z8EH/d
FIdXEVVqrIVBXkxLwpGG6inXQ61SoyFAGduvqWUh0MGm9HjLXmg5UmKPpAL6c72i
25pBiOjC7Sub3Ug2Ce1uocbwur/QNgh0qGXKlvoboovCmgCcnpyE9dnc3EPlykTu
DzEE0mKqM6FXZuxyaKaTSJqrJvctvD1b0BnUaiUSdQPHGauxwaMRSpikRxpst4SH
FTtxDg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:15 2024 by rpki-client on console-fra.rpki-client.org