Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/3-u1I_NA2_TfLqCUojQqflsCckU.roa
File: 3-u1I_NA2_TfLqCUojQqflsCckU.roa (raw, json)
Hash identifier: yIkFu5a/yk1AaCulCHHtKEL0MNILPNb7UfUxVNxr+fo=
Subject key identifier: DF:EB:B5:23:F3:40:DB:F4:DF:2E:A0:94:A2:34:2A:7E:5B:02:72:45
Certificate issuer: /CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Certificate serial: 0181F1069AE8B450FF7B080626646FDDE405
Authority key identifier: A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/3-u1I_NA2_TfLqCUojQqflsCckU.roa
Signing time: Tue 12 Jul 2022 06:09:10 +0000
ROA not before: Tue 12 Jul 2022 06:09:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15440
IP address blocks: 195.14.160.0/19 maxlen: 19
185.65.48.0/22 maxlen: 22
185.65.48.0/24 maxlen: 24
185.216.209.0/24 maxlen: 24
217.117.16.0/20 maxlen: 20
77.241.192.0/20 maxlen: 20
79.142.112.0/20 maxlen: 20
185.11.26.0/24 maxlen: 24
45.82.32.0/22 maxlen: 24
5.133.66.0/24 maxlen: 24
5.133.65.0/24 maxlen: 24
92.62.139.0/24 maxlen: 24
92.62.138.0/24 maxlen: 24
92.62.137.0/24 maxlen: 24
92.62.136.0/24 maxlen: 24
92.62.135.0/24 maxlen: 24
92.62.143.0/24 maxlen: 24
92.62.142.0/24 maxlen: 24
92.62.141.0/24 maxlen: 24
92.62.140.0/24 maxlen: 24
89.249.80.0/20 maxlen: 20
92.62.132.0/23 maxlen: 23
92.62.131.0/24 maxlen: 24
92.62.130.0/24 maxlen: 24
92.62.128.0/20 maxlen: 20
92.62.129.0/24 maxlen: 24
92.62.128.0/24 maxlen: 24
213.197.128.0/18 maxlen: 18
2a0d:5000:2::/48 maxlen: 48
2001:1ab8::/32 maxlen: 32
2001:1ab9::/32 maxlen: 32
2001:1ab8::/31 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f1:06:9a:e8:b4:50:ff:7b:08:06:26:64:6f:dd:e4:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Validity
Not Before: Jul 12 06:09:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dfebb523f340dbf4df2ea094a2342a7e5b027245
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7f:75:8e:f0:f1:d2:31:96:2f:af:39:a1:5e:
48:c0:59:b9:ea:2f:2d:cb:5b:ae:0c:12:3f:f1:ce:
c7:10:ec:ed:b7:ec:f4:4c:60:e5:23:13:a3:c9:9c:
29:f9:2a:b1:61:37:98:5e:14:12:f9:14:bc:3a:e0:
97:ac:e0:cd:5b:6e:47:70:15:8e:64:3c:3e:ec:60:
66:5b:74:5c:26:e8:06:d4:20:5a:b7:2d:61:c0:b2:
f4:7e:91:74:0c:c1:21:36:d2:fe:e2:a4:f0:d5:50:
26:1e:7b:2b:e8:dd:49:b5:45:14:6e:a1:ef:76:65:
79:4b:31:49:ad:c8:77:d4:3d:33:6f:dd:fc:96:c4:
38:c2:23:fb:79:ae:81:84:b7:02:a3:35:ed:9b:d6:
f3:1b:35:19:be:4d:6b:2b:70:2c:5e:a8:d3:db:e5:
df:c9:cc:7c:c4:4a:a7:a5:5a:03:f3:4c:f7:be:4a:
c1:86:6d:c3:ca:07:07:84:e1:c1:ac:42:8b:7f:ff:
9d:c2:e0:58:53:a8:62:59:bd:9d:fa:aa:ab:c4:7c:
59:c1:82:a5:3e:23:e6:98:b0:5b:2e:17:36:18:2a:
b4:81:f1:ad:cb:cb:b6:4c:4b:fa:31:0b:68:4a:9a:
31:3f:28:b7:0c:5f:44:ab:1f:d5:bc:4a:c5:38:74:
d2:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:EB:B5:23:F3:40:DB:F4:DF:2E:A0:94:A2:34:2A:7E:5B:02:72:45
X509v3 Authority Key Identifier:
keyid:A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/3-u1I_NA2_TfLqCUojQqflsCckU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.65.0-5.133.66.255
45.82.32.0/22
77.241.192.0/20
79.142.112.0/20
89.249.80.0/20
92.62.128.0/20
185.11.26.0/24
185.65.48.0/22
185.216.209.0/24
195.14.160.0/19
213.197.128.0/18
217.117.16.0/20
IPv6:
2001:1ab8::/31
2a0d:5000:2::/48
Signature Algorithm: sha256WithRSAEncryption
52:1f:85:64:8c:ba:fa:1a:d3:f6:1f:cb:40:6b:4e:8b:92:d6:
e6:f5:eb:8b:86:5c:cf:00:20:39:0c:cd:83:8d:b0:cb:d5:39:
e8:a6:2d:72:cc:42:77:a5:79:59:75:1a:47:1a:a8:19:02:96:
12:1e:a3:d7:0f:d2:b9:ee:a2:18:65:0f:91:b4:9e:fd:84:9b:
1c:20:4c:43:df:c2:d4:b6:97:82:fc:c5:14:c7:5d:5d:a8:82:
34:11:41:e3:41:91:40:ea:ac:50:fd:3d:2b:d1:a7:1b:8e:76:
6d:07:84:c8:33:30:15:ad:bc:07:e5:a2:58:b5:03:b0:07:d8:
04:b1:fc:f4:ce:76:ab:46:79:c9:07:9a:d2:8c:78:1e:98:24:
bf:0c:43:76:ee:1d:18:b0:f1:3f:46:5f:43:64:1b:05:4c:5c:
b0:f0:1e:28:f0:df:e5:82:72:15:ee:ae:7e:63:96:a7:89:24:
bf:91:d9:37:12:dc:2a:de:c8:72:0e:c0:1d:b0:2b:cf:08:cd:
05:8b:2f:8b:0f:06:8d:92:3f:39:00:6a:7e:f9:08:1d:d1:35:
eb:59:b3:68:8a:fa:7c:78:44:97:68:85:99:2e:75:e9:04:e1:
f2:67:30:c5:f2:6e:f1:6a:73:95:5a:05:62:c3:5d:42:97:8f:
5a:20:4d:93
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYHxBprotFD/ewgGJmRv3eQFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNTRhOWYzYTI2NjUxM2RkYzY5MzVkOGJlMDIyZTdlNTIz
MGVhMTAwHhcNMjIwNzEyMDYwOTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmViYjUyM2YzNDBkYmY0ZGYyZWEwOTRhMjM0MmE3ZTViMDI3MjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyH91jvDx0jGWL685oV5IwFm56i8t
y1uuDBI/8c7HEOztt+z0TGDlIxOjyZwp+SqxYTeYXhQS+RS8OuCXrODNW25HcBWO
ZDw+7GBmW3RcJugG1CBaty1hwLL0fpF0DMEhNtL+4qTw1VAmHnsr6N1JtUUUbqHv
dmV5SzFJrch31D0zb938lsQ4wiP7ea6BhLcCozXtm9bzGzUZvk1rK3AsXqjT2+Xf
ycx8xEqnpVoD80z3vkrBhm3DygcHhOHBrEKLf/+dwuBYU6hiWb2d+qqrxHxZwYKl
PiPmmLBbLhc2GCq0gfGty8u2TEv6MQtoSpoxPyi3DF9Eqx/VvErFOHTSXwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFN/rtSPzQNv03y6glKI0Kn5bAnJFMB8GA1UdIwQY
MBaAFKJUqfOiZlE93Gk12L4CLn5SMOoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTkt
YWRkZjBlMTg0OWViLzEvMy11MUlfTkEyX1RmTHFDVW9qUXFmbHNDY2tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTktYWRkZjBlMTg0OWVi
LzEvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwVgQCAAEwUDAMAwQABYVB
AwQABYVCAwQCLVIgAwQETfHAAwQET45wAwQEWflQAwQEXD6AAwQAuQsaAwQCuUEw
AwQAudjRAwQFww6gAwQG1cWAAwQE2XUQMBYEAgACMBADBQEgARq4AwcAKg1QAAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQBSH4VkjLr6GtP2H8tAa06Lktbm9euLhlzPACA5
DM2DjbDL1Tnopi1yzEJ3pXlZdRpHGqgZApYSHqPXD9K57qIYZQ+RtJ79hJscIExD
38LUtpeC/MUUx11dqII0EUHjQZFA6qxQ/T0r0acbjnZtB4TIMzAVrbwH5aJYtQOw
B9gEsfz0znarRnnJB5rSjHgemCS/DEN27h0YsPE/Rl9DZBsFTFyw8B4o8N/lgnIV
7q5+Y5aniSS/kdk3Etwq3shyDsAdsCvPCM0Fiy+LDwaNkj85AGp++Qgd0TXrWbNo
ivp8eESXaIWZLnXpBOHyZzDF8m7xanOVWgViw11Cl49aIE2T
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:50 2024 by rpki-client on console-fra.rpki-client.org