Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/3b45b3-18a4-47f8-8264-f708bc70e6ee/1/I5pNoFsn6UOFQKL1dpGu-69V4WQ.roa
File: I5pNoFsn6UOFQKL1dpGu-69V4WQ.roa (raw, json)
Hash identifier: Tw+pKROAmjaRWT14nApvmpfDkx7qeOaPjgrKiJTFMnM=
Subject key identifier: 23:9A:4D:A0:5B:27:E9:43:85:40:A2:F5:76:91:AE:FB:AF:55:E1:64
Certificate issuer: /CN=707f7ee6ab9cf448f9949367fb7c0ede1073f97f
Certificate serial: 1035ED26
Authority key identifier: 70:7F:7E:E6:AB:9C:F4:48:F9:94:93:67:FB:7C:0E:DE:10:73:F9:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cH9-5quc9Ej5lJNn-3wO3hBz-X8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/3b45b3-18a4-47f8-8264-f708bc70e6ee/1/I5pNoFsn6UOFQKL1dpGu-69V4WQ.roa
Signing time: Wed 29 Jun 2022 11:13:02 +0000
ROA not before: Wed 29 Jun 2022 11:13:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20810
IP address blocks: 80.69.192.0/20 maxlen: 20
188.74.0.0/19 maxlen: 20
188.74.0.0/20 maxlen: 20
188.74.16.0/20 maxlen: 20
185.158.180.0/22 maxlen: 22
212.102.118.0/24 maxlen: 24
2a03:7500::/32 maxlen: 32
2a03:7500::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 271969574 (0x1035ed26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=707f7ee6ab9cf448f9949367fb7c0ede1073f97f
Validity
Not Before: Jun 29 11:13:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=239a4da05b27e9438540a2f57691aefbaf55e164
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:2a:8f:9b:cc:c0:fc:dd:a9:65:46:65:a2:63:
bc:17:03:d1:dd:ee:3a:3c:93:d1:3e:8b:46:74:db:
9b:2f:32:e8:f8:e1:af:ad:d2:1e:58:31:8f:ae:7e:
98:30:d0:97:7b:81:0a:61:af:cb:b7:c7:18:5f:a3:
0f:76:9a:f7:df:e0:11:b3:1b:69:11:78:98:f4:c5:
f0:e6:69:66:77:e7:45:6c:81:b3:cb:8f:cc:f7:99:
1f:5a:c6:d0:c1:61:36:9a:0b:02:64:78:60:5b:1d:
8d:5f:1e:44:a5:79:b2:22:ba:2d:16:37:c5:7f:ae:
2d:22:43:27:6b:50:3a:29:4c:34:9e:60:d1:71:fe:
66:ad:f2:8d:2a:d6:e2:55:61:e2:b4:93:f7:0b:88:
8d:ac:9f:8b:f3:f9:8f:80:ab:0c:b0:f9:ab:a9:bb:
5b:5a:4a:62:61:3a:d1:3b:57:13:28:eb:ac:60:c2:
1d:3f:ce:74:d6:1f:ff:b5:b0:ea:df:ff:d8:8f:4d:
67:2f:9a:ba:2f:e6:7d:76:15:da:20:9e:5d:6c:2b:
e1:4c:a5:0f:70:fd:b8:1b:41:aa:7e:6b:74:ea:4c:
4a:c0:0b:9d:d9:be:2c:64:d1:33:59:33:f8:2e:59:
58:99:64:f6:2c:78:c0:88:31:ff:54:4d:e0:32:85:
95:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:9A:4D:A0:5B:27:E9:43:85:40:A2:F5:76:91:AE:FB:AF:55:E1:64
X509v3 Authority Key Identifier:
keyid:70:7F:7E:E6:AB:9C:F4:48:F9:94:93:67:FB:7C:0E:DE:10:73:F9:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cH9-5quc9Ej5lJNn-3wO3hBz-X8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/3b45b3-18a4-47f8-8264-f708bc70e6ee/1/I5pNoFsn6UOFQKL1dpGu-69V4WQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/3b45b3-18a4-47f8-8264-f708bc70e6ee/1/cH9-5quc9Ej5lJNn-3wO3hBz-X8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.69.192.0/20
185.158.180.0/22
188.74.0.0/19
212.102.118.0/24
IPv6:
2a03:7500::/29
Signature Algorithm: sha256WithRSAEncryption
31:f4:60:95:5c:8c:1e:d7:5a:5e:3e:f0:a9:05:50:54:de:09:
20:4a:c3:ea:2c:02:c9:a9:19:55:94:8d:38:6a:4d:6a:f2:53:
a7:08:f8:a3:50:36:d0:ad:fd:9c:e8:f3:20:42:76:c7:87:65:
e5:5b:64:0c:a0:92:50:09:7a:08:59:ba:4c:42:5b:4d:49:59:
d0:3c:42:7b:4e:72:1a:2c:7d:e8:48:a6:52:24:0b:9a:5f:e0:
49:a6:11:54:29:4e:98:e8:c3:e7:a6:a3:f4:83:77:84:0a:7c:
eb:ad:ca:be:d7:d2:0e:8c:d6:73:15:0a:d9:16:f1:06:0f:d7:
55:5c:89:c4:cb:21:8b:23:01:02:f9:b8:04:c7:4b:6e:64:41:
c8:67:55:86:b9:e6:07:b5:60:86:98:40:cb:12:65:c2:2b:f8:
ea:27:7b:ad:41:6b:43:ea:37:61:a8:ba:47:50:f6:d2:e4:52:
89:84:89:a3:1e:3d:07:32:7b:13:f3:76:04:cd:d2:d0:58:e9:
c5:a1:a8:6b:c0:0e:9c:4a:55:d3:d8:f5:e0:cb:dd:ed:b3:aa:
ee:98:bb:55:09:e3:82:e5:68:40:f7:c8:61:9a:b1:c0:34:84:
29:ff:69:2b:5c:85:85:19:e6:c2:37:8c:4d:2e:88:9a:4f:79:
2c:6d:9d:25
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEEDXtJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDdmN2VlNmFiOWNmNDQ4Zjk5NDkzNjdmYjdjMGVkZTEwNzNmOTdmMB4XDTIyMDYy
OTExMTMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjM5YTRkYTA1YjI3
ZTk0Mzg1NDBhMmY1NzY5MWFlZmJhZjU1ZTE2NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJMqj5vMwPzdqWVGZaJjvBcD0d3uOjyT0T6LRnTbmy8y6Pjh
r63SHlgxj65+mDDQl3uBCmGvy7fHGF+jD3aa99/gEbMbaRF4mPTF8OZpZnfnRWyB
s8uPzPeZH1rG0MFhNpoLAmR4YFsdjV8eRKV5siK6LRY3xX+uLSJDJ2tQOilMNJ5g
0XH+Zq3yjSrW4lVh4rST9wuIjayfi/P5j4CrDLD5q6m7W1pKYmE60TtXEyjrrGDC
HT/OdNYf/7Ww6t//2I9NZy+aui/mfXYV2iCeXWwr4UylD3D9uBtBqn5rdOpMSsAL
ndm+LGTRM1kz+C5ZWJlk9ix4wIgx/1RN4DKFlWcCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQjmk2gWyfpQ4VAovV2ka77r1XhZDAfBgNVHSMEGDAWgBRwf37mq5z0SPmU
k2f7fA7eEHP5fzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NIOS01cXVjOUVqNWxKTm4tM3dPM2hCei1YOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTYvM2I0NWIzLTE4YTQtNDdmOC04MjY0LWY3MDhiYzcwZTZlZS8x
L0k1cE5vRnNuNlVPRlFLTDFkcEd1LTY5VjRXUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTYv
M2I0NWIzLTE4YTQtNDdmOC04MjY0LWY3MDhiYzcwZTZlZS8xL2NIOS01cXVjOUVq
NWxKTm4tM3dPM2hCei1YOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBFBFwAMEArmetAMEBbxKAAMEANRm
djANBAIAAjAHAwUDKgN1ADANBgkqhkiG9w0BAQsFAAOCAQEAMfRglVyMHtdaXj7w
qQVQVN4JIErD6iwCyakZVZSNOGpNavJTpwj4o1A20K39nOjzIEJ2x4dl5VtkDKCS
UAl6CFm6TEJbTUlZ0DxCe05yGix96EimUiQLml/gSaYRVClOmOjD56aj9IN3hAp8
663KvtfSDozWcxUK2RbxBg/XVVyJxMshiyMBAvm4BMdLbmRByGdVhrnmB7VghphA
yxJlwiv46id7rUFrQ+o3Yai6R1D20uRSiYSJox49BzJ7E/N2BM3S0FjpxaGoa8AO
nEpV09j14Mvd7bOq7pi7VQnjguVoQPfIYZqxwDSEKf9pK1yFhRnmwjeMTS6Imk95
LG2dJQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:43 2024 by rpki-client on console-ams.rpki-client.org