Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/umktSZR5J1-cL8HMiiove1AgJ0A.roa
File: umktSZR5J1-cL8HMiiove1AgJ0A.roa (raw, json)
Hash identifier: m7YYjFieT8n8MqGpbI4NerAzbcBqRHvicnewsEeyn5g=
Subject key identifier: BA:69:2D:49:94:79:27:5F:9C:2F:C1:CC:8A:2A:2F:7B:50:20:27:40
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 3514DCC1
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/umktSZR5J1-cL8HMiiove1AgJ0A.roa
Signing time: Sat 01 Jan 2022 01:59:57 +0000
ROA not before: Sat 01 Jan 2022 01:59:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48944
IP address blocks: 5.57.32.0/24 maxlen: 24
5.57.37.0/24 maxlen: 24
185.215.228.0/23 maxlen: 23
178.239.144.0/22 maxlen: 22
37.32.43.0/24 maxlen: 24
37.32.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 890559681 (0x3514dcc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jan 1 01:59:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba692d499479275f9c2fc1cc8a2a2f7b50202740
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:35:ef:4a:0c:dc:48:1c:a1:83:c3:a5:c0:54:
0a:e9:1e:e5:4f:af:a7:d9:a8:cf:8c:10:95:ad:0b:
c8:e4:15:2d:57:25:df:88:6f:03:6e:c6:f3:9e:f6:
07:55:fb:a9:b3:47:75:f2:3c:c4:cc:26:e7:bc:ae:
1a:8a:68:10:2c:d8:3d:d1:f4:ef:c0:d1:95:71:ec:
b5:81:d9:1d:12:03:76:9a:01:c0:2b:f0:d9:f9:24:
ae:46:20:0a:3f:e2:23:55:32:3a:f6:5b:d2:5a:3f:
d5:58:f6:da:46:7c:8e:eb:fb:29:9f:de:cc:b2:19:
e7:60:95:33:46:20:fb:6e:0a:2d:dc:c6:e0:41:79:
c0:c5:57:a0:db:ef:a6:55:42:9f:65:77:94:2d:09:
f4:6d:4f:15:1f:1a:ee:b6:d5:85:47:9f:a8:a7:4d:
ae:6f:bc:44:2c:45:94:3a:2e:eb:75:f2:36:5b:24:
a0:b0:b0:56:34:a7:d5:a5:90:df:0f:af:1a:d6:4c:
d2:0c:c3:90:0b:93:fa:de:9d:91:82:ce:39:aa:bf:
c5:ed:03:65:db:5f:e1:60:9f:1e:d7:fd:c2:11:55:
8d:f3:e3:c1:c1:49:bc:2f:c1:44:4f:5c:34:40:21:
d9:7a:03:47:d3:f6:d3:a5:f8:57:af:62:f2:e5:a6:
f3:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:69:2D:49:94:79:27:5F:9C:2F:C1:CC:8A:2A:2F:7B:50:20:27:40
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/umktSZR5J1-cL8HMiiove1AgJ0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.32.0/24
5.57.37.0/24
37.32.43.0/24
37.32.46.0/24
178.239.144.0/22
185.215.228.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:eb:a1:2c:6f:48:87:8e:40:ad:bc:45:eb:f9:f2:93:cf:66:
fb:3a:f7:8e:dd:b9:fd:20:27:65:40:36:0e:b0:0c:3e:1e:78:
81:08:2f:15:01:26:65:a9:22:ec:1e:d0:75:86:a5:2a:b4:cf:
44:3a:11:47:27:ae:02:08:93:9b:fe:a4:74:d2:8c:91:8d:fc:
09:a8:0c:c4:f6:9f:41:c4:65:c9:a4:9a:d1:63:92:e4:51:82:
8c:b5:15:17:34:e3:bc:a9:46:67:92:e3:82:83:54:ad:1c:60:
13:b0:52:f0:15:07:fb:21:5f:87:bb:d0:a2:59:ea:b6:e7:aa:
4c:4f:cb:84:16:cd:5c:8a:35:e1:ad:3f:4c:ec:14:75:4f:99:
9a:13:00:3a:e6:29:96:f1:f4:d9:3f:3f:0c:93:63:74:c7:4a:
a1:18:2a:6f:bb:73:d2:f7:56:61:6d:97:5e:dc:c5:85:26:d1:
f6:71:cf:10:53:14:93:2b:8d:40:04:f2:c4:18:30:8c:8e:d8:
ac:85:33:e1:bf:83:93:d9:9f:05:d5:5a:09:80:55:35:2e:78:
c9:b6:7f:c7:51:cc:b1:1a:99:e5:60:26:74:4f:88:2f:67:e2:
58:97:69:67:4a:82:a5:75:33:7d:5c:ea:e9:6c:f2:df:58:47:
62:06:54:6e
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIENRTcwTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MTM1MzMzOTlmNTVlYjUyZTZiMjIwMGM3Y2FlNDI3MmI3NGQ2NDY0MB4XDTIyMDEw
MTAxNTk1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmE2OTJkNDk5NDc5
Mjc1ZjljMmZjMWNjOGEyYTJmN2I1MDIwMjc0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0170oM3EgcoYPDpcBUCuke5U+vp9moz4wQla0LyOQVLVcl
34hvA27G8572B1X7qbNHdfI8xMwm57yuGopoECzYPdH078DRlXHstYHZHRIDdpoB
wCvw2fkkrkYgCj/iI1UyOvZb0lo/1Vj22kZ8juv7KZ/ezLIZ52CVM0Yg+24KLdzG
4EF5wMVXoNvvplVCn2V3lC0J9G1PFR8a7rbVhUefqKdNrm+8RCxFlDou63XyNlsk
oLCwVjSn1aWQ3w+vGtZM0gzDkAuT+t6dkYLOOaq/xe0DZdtf4WCfHtf9whFVjfPj
wcFJvC/BRE9cNEAh2XoDR9P206X4V69i8uWm86UCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBS6aS1JlHknX5wvwcyKKi97UCAnQDAfBgNVHSMEGDAWgBTxNTM5n1XrUuay
IAx8rkJyt01kZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhUVXpPWjlWNjFMbXNpQU1mSzVDY3JkTlpHUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTIvODQ0ZWViLWNkZjEtNDdmMS1iY2ZhLTk4OTE2Njg4MTk2OS8x
L3Vta3RTWlI1SjEtY0w4SE1paW92ZTFBZ0owQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIv
ODQ0ZWViLWNkZjEtNDdmMS1iY2ZhLTk4OTE2Njg4MTk2OS8xLzhUVXpPWjlWNjFM
bXNpQU1mSzVDY3JkTlpHUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAAU5IAMEAAU5JQMEACUgKwMEACUg
LgMEArLvkAMEAbnX5DANBgkqhkiG9w0BAQsFAAOCAQEAfeuhLG9Ih45ArbxF6/ny
k89m+zr3jt25/SAnZUA2DrAMPh54gQgvFQEmZaki7B7QdYalKrTPRDoRRyeuAgiT
m/6kdNKMkY38CagMxPafQcRlyaSa0WOS5FGCjLUVFzTjvKlGZ5LjgoNUrRxgE7BS
8BUH+yFfh7vQolnqtueqTE/LhBbNXIo14a0/TOwUdU+ZmhMAOuYplvH02T8/DJNj
dMdKoRgqb7tz0vdWYW2XXtzFhSbR9nHPEFMUkyuNQATyxBgwjI7YrIUz4b+Dk9mf
BdVaCYBVNS54ybZ/x1HMsRqZ5WAmdE+IL2fiWJdpZ0qCpXUzfVzq6Wzy31hHYgZU
bg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:33 2023 by rpki-client on console-fra.rpki-client.org