Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/af493f-41fe-406d-b3ff-ebb53c25307b/1/1-S3H1sXmmi5lkyQVQ9gTSw--mQo.roa
File: 1-S3H1sXmmi5lkyQVQ9gTSw--mQo.roa (raw, json)
Hash identifier: 1oeEukZ+7friBJ8W9l3OTRRzehAyfzmw40O5KZdVlKA=
Subject key identifier: F9:2D:C7:D6:C5:E6:9A:2E:65:93:24:15:43:D8:13:4B:0F:BE:99:0A
Certificate issuer: /CN=a95f638862529b6dafd440e172a22f0120b09aea
Certificate serial: 0ED93C11
Authority key identifier: A9:5F:63:88:62:52:9B:6D:AF:D4:40:E1:72:A2:2F:01:20:B0:9A:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qV9jiGJSm22v1EDhcqIvASCwmuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/af493f-41fe-406d-b3ff-ebb53c25307b/1/1-S3H1sXmmi5lkyQVQ9gTSw--mQo.roa
Signing time: Sat 01 Jan 2022 04:51:12 +0000
ROA not before: Sat 01 Jan 2022 04:51:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24954
IP address blocks: 194.5.76.0/24 maxlen: 24
194.5.77.0/24 maxlen: 24
194.5.74.0/24 maxlen: 24
194.5.75.0/24 maxlen: 24
193.57.12.0/24 maxlen: 24
193.57.13.0/24 maxlen: 24
193.57.34.0/24 maxlen: 24
193.57.176.0/24 maxlen: 24
193.57.179.0/24 maxlen: 24
193.57.177.0/24 maxlen: 24
193.57.178.0/24 maxlen: 24
193.57.180.0/24 maxlen: 24
194.5.150.0/24 maxlen: 24
194.5.151.0/24 maxlen: 24
194.5.166.0/24 maxlen: 24
194.5.167.0/24 maxlen: 24
2001:67c:8a0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 249117713 (0xed93c11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a95f638862529b6dafd440e172a22f0120b09aea
Validity
Not Before: Jan 1 04:51:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f92dc7d6c5e69a2e6593241543d8134b0fbe990a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2f:ac:92:de:fb:cb:0d:86:1c:bb:fe:15:19:
81:b3:81:34:7a:cb:c1:3f:ea:40:1b:c2:83:23:43:
75:e3:c3:83:3b:de:af:08:1f:1f:fb:dd:e3:41:36:
d7:ba:27:26:fb:76:90:a9:c7:08:40:b9:bf:87:95:
64:d0:5d:5b:f9:af:f6:d3:91:c0:9a:f3:36:fb:41:
6d:9f:f7:65:f9:2d:3d:9c:50:ac:89:eb:16:15:49:
ea:14:16:cb:80:92:9f:1d:4d:a9:85:03:2a:24:fc:
17:14:76:7b:7f:85:2f:73:41:f7:9c:d0:87:8f:ff:
8f:d2:33:c2:3a:c0:46:0e:ef:44:95:d7:62:f8:0d:
0d:bc:d0:fc:5e:c5:06:98:51:66:cb:bd:98:84:2d:
18:59:d7:f4:62:80:79:35:be:ef:08:94:28:1a:82:
c0:c8:0c:61:b4:aa:b8:8c:74:5e:a4:2b:d8:1e:23:
18:fc:8e:38:b8:ce:21:31:d9:9f:b4:24:89:ed:72:
f5:18:b2:ee:6e:2b:88:1d:18:fc:08:25:27:c4:bb:
6f:54:f7:02:0e:6f:95:cd:da:89:e1:a5:a9:c0:f9:
51:fb:65:ed:31:63:27:52:3b:fa:59:be:ee:76:b4:
66:f0:d9:4a:fb:5c:5e:ed:db:5e:bc:61:d6:44:63:
bc:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:2D:C7:D6:C5:E6:9A:2E:65:93:24:15:43:D8:13:4B:0F:BE:99:0A
X509v3 Authority Key Identifier:
keyid:A9:5F:63:88:62:52:9B:6D:AF:D4:40:E1:72:A2:2F:01:20:B0:9A:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qV9jiGJSm22v1EDhcqIvASCwmuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/af493f-41fe-406d-b3ff-ebb53c25307b/1/1-S3H1sXmmi5lkyQVQ9gTSw--mQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/af493f-41fe-406d-b3ff-ebb53c25307b/1/qV9jiGJSm22v1EDhcqIvASCwmuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.12.0/23
193.57.34.0/24
193.57.176.0-193.57.180.255
194.5.74.0-194.5.77.255
194.5.150.0/23
194.5.166.0/23
IPv6:
2001:67c:8a0::/48
Signature Algorithm: sha256WithRSAEncryption
45:f5:38:a0:1b:15:ac:e3:66:f4:97:a5:68:89:d0:8f:8c:a8:
b5:26:0c:24:97:6f:b4:be:64:3c:20:12:05:3e:1f:b3:94:a7:
d1:3b:12:96:17:04:5b:20:67:eb:3e:cb:3a:bd:dc:fb:e3:cd:
b1:4a:86:01:f0:35:77:45:42:d7:ce:80:ab:65:d8:11:38:4e:
a1:00:17:23:e3:8e:ae:db:f6:5b:9c:18:19:d2:50:b5:51:27:
a2:ea:13:a2:d0:ac:86:eb:47:f7:60:7e:fa:75:a9:4a:5d:00:
5c:c5:ff:0d:a9:45:c3:95:c3:10:3a:7f:0e:dc:f7:81:34:25:
4b:d3:a4:ab:bd:7a:20:18:f0:98:45:23:d8:7c:23:d6:85:40:
a2:24:67:fb:96:ec:46:9e:02:50:b2:79:1e:8e:c5:b7:83:42:
73:9f:fb:d8:65:82:67:99:82:42:17:6b:3f:25:c4:fc:81:9d:
2d:32:4b:d8:ef:f7:ba:35:dc:c3:18:db:33:17:41:8d:e8:6d:
c3:81:8d:04:29:c6:d8:b0:52:db:99:27:35:94:3b:8c:98:8c:
1e:b9:3b:7e:3b:17:9a:46:0f:84:02:4f:48:b4:09:00:89:91:
03:b8:30:5c:5d:54:8a:d7:15:53:3d:00:c9:c1:b8:9b:b3:fc:
a8:fa:d1:ba
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIEDtk8ETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
OTVmNjM4ODYyNTI5YjZkYWZkNDQwZTE3MmEyMmYwMTIwYjA5YWVhMB4XDTIyMDEw
MTA0NTExMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjkyZGM3ZDZjNWU2
OWEyZTY1OTMyNDE1NDNkODEzNGIwZmJlOTkwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALkvrJLe+8sNhhy7/hUZgbOBNHrLwT/qQBvCgyNDdePDgzve
rwgfH/vd40E217onJvt2kKnHCEC5v4eVZNBdW/mv9tORwJrzNvtBbZ/3ZfktPZxQ
rInrFhVJ6hQWy4CSnx1NqYUDKiT8FxR2e3+FL3NB95zQh4//j9IzwjrARg7vRJXX
YvgNDbzQ/F7FBphRZsu9mIQtGFnX9GKAeTW+7wiUKBqCwMgMYbSquIx0XqQr2B4j
GPyOOLjOITHZn7Qkie1y9Riy7m4riB0Y/AglJ8S7b1T3Ag5vlc3aieGlqcD5Uftl
7TFjJ1I7+lm+7na0ZvDZSvtcXu3bXrxh1kRjvIUCAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBT5LcfWxeaaLmWTJBVD2BNLD76ZCjAfBgNVHSMEGDAWgBSpX2OIYlKbba/U
QOFyoi8BILCa6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FWOWppR0pTbTIydjFFRGhjcUl2QVNDd211by5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTQvYWY0OTNmLTQxZmUtNDA2ZC1iM2ZmLWViYjUzYzI1MzA3Yi8x
LzEtUzNIMXNYbW1pNWxreVFWUTlnVFN3LS1tUW8ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk0
L2FmNDkzZi00MWZlLTQwNmQtYjNmZi1lYmI1M2MyNTMwN2IvMS9xVjlqaUdKU20y
MnYxRURoY3FJdkFTQ3dtdW8uY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
XgYIKwYBBQUHAQcBAf8ETzBNMDoEAgABMDQDBAHBOQwDBADBOSIwDAMEBME5sAME
AME5tDAMAwQBwgVKAwQBwgVMAwQBwgWWAwQBwgWmMA8EAgACMAkDBwAgAQZ8CKAw
DQYJKoZIhvcNAQELBQADggEBAEX1OKAbFazjZvSXpWiJ0I+MqLUmDCSXb7S+ZDwg
EgU+H7OUp9E7EpYXBFsgZ+s+yzq93PvjzbFKhgHwNXdFQtfOgKtl2BE4TqEAFyPj
jq7b9lucGBnSULVRJ6LqE6LQrIbrR/dgfvp1qUpdAFzF/w2pRcOVwxA6fw7c94E0
JUvTpKu9eiAY8JhFI9h8I9aFQKIkZ/uW7EaeAlCyeR6OxbeDQnOf+9hlgmeZgkIX
az8lxPyBnS0yS9jv97o13MMY2zMXQY3obcOBjQQpxtiwUtuZJzWUO4yYjB65O347
F5pGD4QCT0i0CQCJkQO4MFxdVIrXFVM9AMnBuJuz/Kj60bo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:42 2024 by rpki-client on console-fra.rpki-client.org