Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/4sfGe41Zj--mEMWkyHT0cP_CJyc.roa
File: 4sfGe41Zj--mEMWkyHT0cP_CJyc.roa (raw, json)
Hash identifier: Ug+3ucbOMVX3Lghatno/h0Q8NfYM/tA00RPsnqfr2so=
Subject key identifier: E2:C7:C6:7B:8D:59:8F:EF:A6:10:C5:A4:C8:74:F4:70:FF:C2:27:27
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 0895130D
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/4sfGe41Zj--mEMWkyHT0cP_CJyc.roa
Signing time: Mon 21 Mar 2022 13:24:09 +0000
ROA not before: Mon 21 Mar 2022 13:24:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48282
IP address blocks: 185.197.74.0/24 maxlen: 24
185.230.143.0/24 maxlen: 24
193.188.21.0/24 maxlen: 24
193.188.22.0/24 maxlen: 24
193.188.20.0/24 maxlen: 24
194.113.106.0/24 maxlen: 24
193.38.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143987469 (0x895130d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Mar 21 13:24:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2c7c67b8d598fefa610c5a4c874f470ffc22727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6c:4b:fc:08:e6:b7:4b:30:2a:94:67:f3:42:
07:d3:79:ed:37:52:7e:30:43:1e:de:4f:02:83:1a:
c7:94:5f:62:f5:2f:be:4c:b0:30:01:69:f6:a7:a1:
41:91:e1:49:70:56:2a:0d:c8:9c:21:bc:f7:d9:0f:
4d:f0:6c:16:11:59:a3:b1:da:1c:92:5b:29:55:42:
3f:79:4b:a3:84:de:21:5f:bf:49:8e:f1:66:87:81:
dd:fc:1f:2d:36:09:e9:5b:6f:e6:91:39:28:26:e0:
75:58:cf:db:ae:97:d9:5f:7b:8c:c1:d1:eb:ed:11:
66:c4:f8:58:e4:c1:c2:65:2a:43:28:2d:7a:05:4d:
c8:d1:8c:ef:61:d7:57:d6:3d:72:f8:29:54:ad:b9:
38:97:82:0f:2a:e2:24:71:15:98:ce:b7:67:46:dc:
04:d5:0e:98:b7:87:30:eb:3a:b6:35:e4:e4:eb:81:
d5:27:b5:ff:89:01:d7:09:53:aa:9d:c8:4e:db:b3:
b7:e2:ad:ed:17:04:98:f3:96:ca:e5:7b:74:9a:db:
b5:af:0d:7e:94:cd:ce:c3:78:45:c3:18:e6:0d:15:
42:84:c1:5b:89:20:88:7a:dc:91:d0:70:36:e6:9d:
98:08:98:a4:c5:8a:04:3b:91:3c:0b:d3:17:d7:12:
77:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:C7:C6:7B:8D:59:8F:EF:A6:10:C5:A4:C8:74:F4:70:FF:C2:27:27
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/4sfGe41Zj--mEMWkyHT0cP_CJyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.74.0/24
185.230.143.0/24
193.38.235.0/24
193.188.20.0-193.188.22.255
194.113.106.0/24
Signature Algorithm: sha256WithRSAEncryption
95:3d:11:fe:57:df:52:25:7f:26:5b:28:e2:0b:00:3d:a7:f6:
aa:aa:b7:50:0f:13:fe:f9:62:ae:38:27:ed:5f:a9:de:27:c0:
36:72:4d:9c:8d:f6:c0:36:30:3a:06:80:d4:b0:a5:dc:a1:ad:
5c:27:39:c5:08:fb:5a:8c:dc:da:0c:f0:3e:fd:31:7c:33:ad:
4e:7d:47:1f:10:ec:16:5c:ae:99:62:60:47:68:84:e7:57:7f:
4d:ea:69:b8:f1:6a:ea:14:7c:9b:cf:95:8b:a1:d8:38:3b:f7:
6d:c9:9a:e2:5a:eb:6b:93:cb:32:54:03:e1:f2:10:95:b5:95:
12:b1:41:ea:8f:dc:93:29:bb:76:f3:fe:28:97:94:5c:7b:04:
c1:86:ce:f5:ed:ca:6c:8f:8d:53:df:9b:ec:80:ce:0e:0b:f4:
56:04:5a:f1:70:38:ba:e7:96:63:54:db:74:f8:f3:24:75:fd:
c2:c6:d0:95:03:41:16:cd:dc:f1:dd:42:6e:f2:18:5b:60:7b:
d7:20:3e:44:07:50:7c:1f:8f:54:b1:e0:0c:86:5d:eb:bf:97:
7c:a5:39:dd:39:00:01:e0:e3:35:b3:99:e2:46:bc:27:bb:c1:
03:50:2d:ea:3c:dd:02:fd:74:34:db:81:b8:bb:d0:00:52:fa:
29:13:43:bd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIECJUTDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NDU5ZWMyYTVmZDUzOTA5YzUyMzlmNGNjOGQ2ZDMyOWEyNzc5YmIxMB4XDTIyMDMy
MTEzMjQwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJjN2M2N2I4ZDU5
OGZlZmE2MTBjNWE0Yzg3NGY0NzBmZmMyMjcyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtsS/wI5rdLMCqUZ/NCB9N57TdSfjBDHt5PAoMax5RfYvUv
vkywMAFp9qehQZHhSXBWKg3InCG899kPTfBsFhFZo7HaHJJbKVVCP3lLo4TeIV+/
SY7xZoeB3fwfLTYJ6Vtv5pE5KCbgdVjP266X2V97jMHR6+0RZsT4WOTBwmUqQygt
egVNyNGM72HXV9Y9cvgpVK25OJeCDyriJHEVmM63Z0bcBNUOmLeHMOs6tjXk5OuB
1Se1/4kB1wlTqp3ITtuzt+Kt7RcEmPOWyuV7dJrbta8NfpTNzsN4RcMY5g0VQoTB
W4kgiHrckdBwNuadmAiYpMWKBDuRPAvTF9cSdzcCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBTix8Z7jVmP76YQxaTIdPRw/8InJzAfBgNVHSMEGDAWgBREWewqX9U5CcUj
n0zI1tMponebsTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JGbnNLbF9WT1FuRkk1OU15TmJUS2FKM203RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTcvZjBhZTYyLWMxMDctNDNjZS1hOGE5LTZiNDM3MjYwMjA5Ni8x
LzRzZkdlNDFaai0tbUVNV2t5SFQwY1BfQ0p5Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcv
ZjBhZTYyLWMxMDctNDNjZS1hOGE5LTZiNDM3MjYwMjA5Ni8xL1JGbnNLbF9WT1Fu
Rkk1OU15TmJUS2FKM203RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJgMEALnFSgMEALnmjwMEAMEm6zAMAwQC
wbwUAwQAwbwWAwQAwnFqMA0GCSqGSIb3DQEBCwUAA4IBAQCVPRH+V99SJX8mWyji
CwA9p/aqqrdQDxP++WKuOCftX6neJ8A2ck2cjfbANjA6BoDUsKXcoa1cJznFCPta
jNzaDPA+/TF8M61OfUcfEOwWXK6ZYmBHaITnV39N6mm48WrqFHybz5WLodg4O/dt
yZriWutrk8syVAPh8hCVtZUSsUHqj9yTKbt28/4ol5RcewTBhs717cpsj41T35vs
gM4OC/RWBFrxcDi655ZjVNt0+PMkdf3CxtCVA0EWzdzx3UJu8hhbYHvXID5EB1B8
H49UseAMhl3rv5d8pTndOQAB4OM1s5niRrwnu8EDUC3qPN0C/XQ024G4u9AAUvop
E0O9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org