Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/1OranpvKxNKGRup3-9eL7gJWo80.roa
File: 1OranpvKxNKGRup3-9eL7gJWo80.roa (raw, json)
Hash identifier: tXczNCMk7/6vLrt9e+xIjG9d4FG15s7jsTyaXd+keA8=
Subject key identifier: D4:EA:DA:9E:9B:CA:C4:D2:86:46:EA:77:FB:D7:8B:EE:02:56:A3:CD
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 44CED35F
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/1OranpvKxNKGRup3-9eL7gJWo80.roa
Signing time: Sat 01 Jan 2022 14:06:47 +0000
ROA not before: Sat 01 Jan 2022 14:06:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5524
IP address blocks: 185.89.152.0/22 maxlen: 24
185.65.52.0/22 maxlen: 24
94.142.208.0/21 maxlen: 24
31.3.8.0/21 maxlen: 24
46.226.56.0/21 maxlen: 24
85.10.172.0/22 maxlen: 24
2a03:4f00::/32 maxlen: 32
2a03:5700::/32 maxlen: 32
2a00:c080::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1154405215 (0x44ced35f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jan 1 14:06:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4eada9e9bcac4d28646ea77fbd78bee0256a3cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f5:40:ab:82:fd:f6:fe:a6:a4:a0:d1:03:79:
77:a1:a2:6d:00:f9:89:ea:7a:c1:e8:90:62:c7:fb:
cd:1e:b7:17:cd:5a:2b:8b:00:f7:ff:58:11:4b:ff:
24:a5:76:63:21:07:dd:a8:be:62:cf:60:0a:73:19:
a3:17:72:1d:88:b7:c0:db:94:c6:a0:76:85:5f:bd:
02:b7:ce:69:6a:75:be:a4:9a:17:a0:62:81:36:89:
61:51:02:2b:2a:1e:5a:9c:9e:74:0b:a5:e9:55:26:
d5:34:95:16:57:63:10:cb:b1:89:c0:c9:af:32:ca:
24:91:ce:7b:93:21:bf:ef:f0:9e:b4:d4:6d:10:d4:
6f:38:10:7e:c8:64:c2:ee:74:8a:39:70:82:c7:98:
f6:6d:e2:19:15:2d:8b:7c:ed:26:4a:7b:93:fa:aa:
6d:4e:bf:c8:b3:3e:c0:58:4f:63:93:cf:24:12:f3:
77:39:00:29:5f:e0:0c:3a:c2:1e:25:57:30:ef:82:
78:88:6d:ab:ee:55:f7:fb:9e:b1:25:10:8e:4d:8c:
31:d8:d2:f3:32:34:05:48:38:75:e2:d4:7e:f1:ed:
c2:bf:26:90:70:2e:fe:96:90:0d:62:26:dd:61:98:
9c:38:88:f0:df:48:52:2e:7f:cc:07:6a:a4:13:23:
06:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:EA:DA:9E:9B:CA:C4:D2:86:46:EA:77:FB:D7:8B:EE:02:56:A3:CD
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/1OranpvKxNKGRup3-9eL7gJWo80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.8.0/21
46.226.56.0/21
85.10.172.0/22
94.142.208.0/21
185.65.52.0/22
185.89.152.0/22
IPv6:
2a00:c080::/32
2a03:4f00::/32
2a03:5700::/32
Signature Algorithm: sha256WithRSAEncryption
9c:11:92:2e:22:77:8a:f8:77:ab:b0:a6:70:8e:04:24:43:b9:
96:52:64:7c:eb:28:10:f9:98:37:8e:d6:d5:0b:4d:26:b1:f0:
c0:03:a0:b9:f4:89:bf:12:81:0f:7e:f9:13:d1:de:1d:8e:34:
e9:f1:7d:63:5d:36:21:36:10:c1:46:16:f8:f3:1e:a6:8b:11:
f5:7a:73:53:ea:ee:c4:10:9d:0c:e5:bf:57:55:23:67:26:ba:
0a:5e:27:09:ea:6e:4b:3f:24:7d:23:b4:1e:c0:04:e2:f2:db:
8d:bd:bd:83:3f:c8:a1:ec:20:12:40:8e:c5:b4:b3:de:07:2a:
bb:42:6e:c0:a0:0c:4a:e7:c8:a6:91:ef:7c:e4:91:39:ad:1e:
80:4c:e1:87:70:61:23:54:72:ee:1f:42:34:a9:fb:f3:20:73:
48:ee:a6:d8:9d:1c:41:35:f2:36:a9:89:e6:12:81:6d:ce:7b:
37:26:96:a0:ae:02:da:ee:2b:c3:f9:74:30:9b:5b:2a:fc:41:
8c:1a:cc:93:2d:86:08:e9:02:61:19:db:90:39:8c:50:dd:24:
27:c7:b6:cb:87:43:77:b6:8c:98:9d:ec:d1:eb:7c:7a:fe:1b:
b1:b1:44:9d:01:62:e2:a2:fa:e3:dc:6e:99:77:fa:7c:af:de:
51:3a:ab:42
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIERM7TXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NTEzNjljY2JmODZiMWU4NGUxYWViNDZlNmQzMzZkMzlmNzUyYWU3MB4XDTIyMDEw
MTE0MDY0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDRlYWRhOWU5YmNh
YzRkMjg2NDZlYTc3ZmJkNzhiZWUwMjU2YTNjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ31QKuC/fb+pqSg0QN5d6GibQD5iep6weiQYsf7zR63F81a
K4sA9/9YEUv/JKV2YyEH3ai+Ys9gCnMZoxdyHYi3wNuUxqB2hV+9ArfOaWp1vqSa
F6BigTaJYVECKyoeWpyedAul6VUm1TSVFldjEMuxicDJrzLKJJHOe5Mhv+/wnrTU
bRDUbzgQfshkwu50ijlwgseY9m3iGRUti3ztJkp7k/qqbU6/yLM+wFhPY5PPJBLz
dzkAKV/gDDrCHiVXMO+CeIhtq+5V9/uesSUQjk2MMdjS8zI0BUg4deLUfvHtwr8m
kHAu/paQDWIm3WGYnDiI8N9IUi5/zAdqpBMjBgMCAwEAAaOCAkQwggJAMB0GA1Ud
DgQWBBTU6tqem8rE0oZG6nf714vuAlajzTAfBgNVHSMEGDAWgBT1E2nMv4ax6E4a
60bm0zbTn3Uq5zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlSTnB6TC1Hc2VoT0d1dEc1dE0yMDU5MUt1Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvMmQ1YmRmLTUyNjUtNDliOC04YWZlLTJiOTIwYmRlMzk5MC8x
LzFPcmFucHZLeE5LR1J1cDMtOWVMN2dKV284MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
MmQ1YmRmLTUyNjUtNDliOC04YWZlLTJiOTIwYmRlMzk5MC8xLzlSTnB6TC1Hc2Vo
T0d1dEc1dE0yMDU5MUt1Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBa
BggrBgEFBQcBBwEB/wRLMEkwKgQCAAEwJAMEAx8DCAMEAy7iOAMEAlUKrAMEA16O
0AMEArlBNAMEArlZmDAbBAIAAjAVAwUAKgDAgAMFACoDTwADBQAqA1cAMA0GCSqG
SIb3DQEBCwUAA4IBAQCcEZIuIneK+HersKZwjgQkQ7mWUmR86ygQ+Zg3jtbVC00m
sfDAA6C59Im/EoEPfvkT0d4djjTp8X1jXTYhNhDBRhb48x6mixH1enNT6u7EEJ0M
5b9XVSNnJroKXicJ6m5LPyR9I7QewATi8tuNvb2DP8ih7CASQI7FtLPeByq7Qm7A
oAxK58imke985JE5rR6ATOGHcGEjVHLuH0I0qfvzIHNI7qbYnRxBNfI2qYnmEoFt
zns3JpagrgLa7ivD+XQwm1sq/EGMGsyTLYYI6QJhGduQOYxQ3SQnx7bLh0N3toyY
nezR63x6/huxsUSdAWLiovrj3G6Zd/p8r95ROqtC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:04 2024 by rpki-client on console-ams.rpki-client.org