Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/IUcw3DXAzJkbwbrYLTut-YQ8qMY.roa
File: IUcw3DXAzJkbwbrYLTut-YQ8qMY.roa (raw, json)
Hash identifier: g+PUBoAcR6iWdo84IBippLM95scoMRMLp2s56jp4T58=
Subject key identifier: 21:47:30:DC:35:C0:CC:99:1B:C1:BA:D8:2D:3B:AD:F9:84:3C:A8:C6
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 0184E8B0F00BA6D7B637D6434FFDB06D946C
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/IUcw3DXAzJkbwbrYLTut-YQ8qMY.roa
Signing time: Tue 06 Dec 2022 18:27:00 +0000
ROA not before: Tue 06 Dec 2022 18:27:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204650
IP address blocks: 185.243.48.0/23 maxlen: 23
185.243.48.0/22 maxlen: 22
5.57.32.0/24 maxlen: 24
185.215.231.0/24 maxlen: 24
185.124.172.0/22 maxlen: 24
185.26.34.0/23 maxlen: 24
185.124.173.0/24 maxlen: 24
185.124.174.0/24 maxlen: 24
185.124.175.0/24 maxlen: 24
37.32.44.0/24 maxlen: 24
37.32.44.0/22 maxlen: 22
37.32.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e8:b0:f0:0b:a6:d7:b6:37:d6:43:4f:fd:b0:6d:94:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Dec 6 18:27:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=214730dc35c0cc991bc1bad82d3badf9843ca8c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d4:6e:50:03:c3:2d:ba:82:78:0d:9b:d8:c2:
63:a6:05:52:be:e0:51:c0:90:57:50:c6:5a:a8:e0:
40:c4:b7:2c:53:10:df:02:d6:70:1e:e0:5c:2b:64:
b9:4f:3f:b2:db:07:f1:b7:e4:ee:99:40:07:fb:a6:
12:65:6c:ea:65:2a:75:78:72:18:e3:66:f4:f2:fb:
a6:a8:a5:13:22:67:c3:e8:bd:e5:11:3c:4d:25:bf:
0a:70:49:db:61:81:40:a0:13:04:93:13:e2:17:c8:
4e:dc:ca:35:09:e0:9b:84:8b:e3:d5:d3:94:c0:8a:
0a:a8:30:c1:06:e8:3d:95:17:55:7c:67:7d:29:f3:
8b:70:5e:a4:49:c8:23:34:9d:12:11:a8:50:66:da:
32:3e:0d:a1:4b:30:08:87:ce:bc:56:12:f2:f1:2b:
82:55:16:48:6e:9a:d9:4e:4b:68:8e:29:05:9b:06:
45:73:81:c4:d4:24:ce:23:67:2e:9f:53:5e:c1:70:
40:e1:ae:52:f3:17:19:4d:34:1f:8c:89:e4:fb:ee:
82:71:4f:9d:a4:08:34:00:97:22:0c:31:78:12:7d:
9a:a9:7e:01:a1:2a:a8:c6:b3:54:9c:26:4e:98:8d:
cf:48:b8:1c:50:b8:c8:52:5d:dc:71:ee:90:13:7f:
29:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:47:30:DC:35:C0:CC:99:1B:C1:BA:D8:2D:3B:AD:F9:84:3C:A8:C6
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/IUcw3DXAzJkbwbrYLTut-YQ8qMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.32.0/24
37.32.44.0/22
185.26.34.0/23
185.124.172.0/22
185.215.231.0/24
185.243.48.0/22
Signature Algorithm: sha256WithRSAEncryption
95:ea:e3:15:10:08:4a:7c:87:00:97:9c:3f:8f:aa:0e:e5:0a:
d0:0f:7f:b8:cc:cf:9f:6e:53:13:7f:7d:86:ec:1f:af:a9:d6:
f4:a3:df:2c:ca:17:d0:4b:64:0d:2c:b5:5d:57:b4:fa:c1:d5:
a1:44:b2:09:07:92:b4:48:bc:1d:7c:50:32:e1:3b:c3:bf:c7:
26:ed:04:1c:05:c9:d6:f2:11:a2:34:b2:ff:cd:78:ad:8e:a8:
28:4d:43:50:1f:6e:56:98:a1:46:3f:08:31:9e:25:ea:03:d8:
a7:4f:01:20:4c:b7:30:b8:a5:bc:a0:77:d2:28:4f:5f:17:de:
91:19:fc:d1:a0:51:ca:7f:86:eb:2a:91:0d:1d:b2:c3:26:b2:
e0:22:f9:df:48:e2:8b:98:12:c1:a4:d6:59:3e:31:7b:8b:52:
e8:ed:9b:0f:e1:e1:31:bf:b0:a6:3a:51:9e:15:60:27:3c:b0:
5b:87:80:1b:cc:d6:a4:d0:be:54:fe:5b:8c:e1:24:13:7f:f8:
d3:96:fc:a9:95:15:0e:0f:2e:e8:c3:87:a7:39:f1:26:d6:34:
bc:ed:ff:8e:ce:ac:f2:d9:1b:33:86:57:ea:19:e4:f8:b3:6c:
d0:04:96:25:04:ab:8b:95:f6:96:9d:30:08:cd:63:03:93:10:
7d:cf:72:66
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYTosPALpte2N9ZDT/2wbZRsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjIxMjA2MTgyNzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTQ3MzBkYzM1YzBjYzk5MWJjMWJhZDgyZDNiYWRmOTg0M2NhOGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNRuUAPDLbqCeA2b2MJjpgVSvuBR
wJBXUMZaqOBAxLcsUxDfAtZwHuBcK2S5Tz+y2wfxt+TumUAH+6YSZWzqZSp1eHIY
42b08vumqKUTImfD6L3lETxNJb8KcEnbYYFAoBMEkxPiF8hO3Mo1CeCbhIvj1dOU
wIoKqDDBBug9lRdVfGd9KfOLcF6kScgjNJ0SEahQZtoyPg2hSzAIh868VhLy8SuC
VRZIbprZTktojikFmwZFc4HE1CTOI2cun1NewXBA4a5S8xcZTTQfjInk++6CcU+d
pAg0AJciDDF4En2aqX4BoSqoxrNUnCZOmI3PSLgcULjIUl3cce6QE38p1wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCFHMNw1wMyZG8G62C07rfmEPKjGMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvSVVjdzNEWEF6Smtid2JyWUxUdXQtWVE4cU1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABTkgAwQC
JSAsAwQBuRoiAwQCuXysAwQAudfnAwQCufMwMA0GCSqGSIb3DQEBCwUAA4IBAQCV
6uMVEAhKfIcAl5w/j6oO5QrQD3+4zM+fblMTf32G7B+vqdb0o98syhfQS2QNLLVd
V7T6wdWhRLIJB5K0SLwdfFAy4TvDv8cm7QQcBcnW8hGiNLL/zXitjqgoTUNQH25W
mKFGPwgxniXqA9inTwEgTLcwuKW8oHfSKE9fF96RGfzRoFHKf4brKpENHbLDJrLg
IvnfSOKLmBLBpNZZPjF7i1Lo7ZsP4eExv7CmOlGeFWAnPLBbh4AbzNak0L5U/luM
4SQTf/jTlvyplRUODy7ow4enOfEm1jS87f+Ozqzy2RszhlfqGeT4s2zQBJYlBKuL
lfaWnTAIzWMDkxB9z3Jm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:09 2024 by rpki-client on console-ams.rpki-client.org