Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/3z54wTPB7xM-ab4xUYnB75HrglQ.roa
File: 3z54wTPB7xM-ab4xUYnB75HrglQ.roa (raw, json)
Hash identifier: 4V/K8o4CG52TgAwmZMw4IVEqQYA/GpDDizeK/xl1mDo=
Subject key identifier: DF:3E:78:C1:33:C1:EF:13:3E:69:BE:31:51:89:C1:EF:91:EB:82:54
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 01849AE07B4D869B4759BC3C2B38090D0355
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/3z54wTPB7xM-ab4xUYnB75HrglQ.roa
Signing time: Mon 21 Nov 2022 15:48:33 +0000
ROA not before: Mon 21 Nov 2022 15:48:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20857
IP address blocks: 188.240.52.0/22 maxlen: 22
93.119.0.0/20 maxlen: 24
84.247.8.0/21 maxlen: 24
195.8.195.0/24 maxlen: 24
85.10.128.0/19 maxlen: 24
89.41.168.0/22 maxlen: 24
87.253.128.0/19 maxlen: 24
31.14.96.0/22 maxlen: 24
185.10.48.0/22 maxlen: 24
77.72.144.0/21 maxlen: 24
95.170.64.0/19 maxlen: 24
80.69.64.0/19 maxlen: 24
195.135.195.0/24 maxlen: 24
185.108.112.0/22 maxlen: 24
37.97.128.0/17 maxlen: 24
86.105.244.0/22 maxlen: 24
188.241.148.0/22 maxlen: 22
149.210.128.0/17 maxlen: 24
141.138.136.0/21 maxlen: 24
37.34.56.0/21 maxlen: 24
2a01:7c8::/32 maxlen: 32
2a01:7c8:e000::/36 maxlen: 36
2a01:7c8:d000::/36 maxlen: 36
2a01:7c8:7000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9a:e0:7b:4d:86:9b:47:59:bc:3c:2b:38:09:0d:03:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Nov 21 15:48:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df3e78c133c1ef133e69be315189c1ef91eb8254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:48:cc:d5:a2:34:b3:25:50:37:a6:9e:fb:e4:
db:72:89:db:d7:86:17:7a:9a:16:cf:58:db:e9:42:
c8:f9:2e:71:e9:f4:fe:e3:04:ae:f2:4b:d0:d9:16:
83:b5:13:c7:12:ce:50:60:2d:dc:da:29:8f:ae:bb:
aa:06:c6:20:bd:ea:06:3a:bb:96:d1:c7:e3:43:3f:
ee:b9:63:4a:b3:6c:38:e5:02:cd:9d:93:eb:45:d9:
f0:7b:16:c3:5d:8d:e1:f5:b3:45:fd:99:5a:ae:6a:
8a:92:e5:04:7e:95:3f:ce:62:57:34:af:71:e7:8d:
15:ab:51:cd:c3:ec:ce:fa:a7:a0:2d:00:57:f0:8b:
d1:17:49:bf:f3:60:46:3a:33:c2:8a:21:0a:5a:e8:
7e:76:cf:7c:9e:26:35:58:5b:f4:2c:ba:a0:df:38:
61:71:c4:8c:70:5e:0c:8c:10:ba:74:47:0a:7d:21:
c6:1a:33:69:41:18:0b:b9:3e:20:80:05:90:6a:60:
52:5d:a9:4e:16:47:22:5f:da:f9:75:16:ad:d4:f0:
cb:c9:8e:c5:d4:3e:84:08:c8:84:ae:ea:9e:5e:d8:
51:75:c1:de:97:59:50:a7:cc:ef:11:08:9d:65:c3:
41:25:62:c7:eb:a0:9c:d3:78:1d:99:b6:87:c8:cb:
95:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:3E:78:C1:33:C1:EF:13:3E:69:BE:31:51:89:C1:EF:91:EB:82:54
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/3z54wTPB7xM-ab4xUYnB75HrglQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.96.0/22
37.34.56.0/21
37.97.128.0/17
77.72.144.0/21
80.69.64.0/19
84.247.8.0/21
85.10.128.0/19
86.105.244.0/22
87.253.128.0/19
89.41.168.0/22
93.119.0.0/20
95.170.64.0/19
141.138.136.0/21
149.210.128.0/17
185.10.48.0/22
185.108.112.0/22
188.240.52.0/22
188.241.148.0/22
195.8.195.0/24
195.135.195.0/24
IPv6:
2a01:7c8::/32
Signature Algorithm: sha256WithRSAEncryption
4a:29:f3:6d:40:dc:c5:d1:ce:50:af:69:b2:58:b4:af:26:a2:
25:67:c8:64:ed:16:e0:88:60:6d:b8:61:2c:52:e3:92:3e:4d:
3b:e5:51:41:0a:e8:6f:9f:6d:28:e8:5b:95:0d:30:3f:9e:3e:
c4:a2:5f:5d:6b:e2:96:f5:51:92:af:72:09:99:8a:4e:7a:04:
6e:5c:88:7f:33:86:26:2f:9c:72:e2:c4:03:2d:26:4e:b0:25:
20:2a:be:f9:3a:f4:b5:cc:b4:f6:c5:1d:c4:88:d1:d4:2d:64:
af:2a:f0:46:1d:13:68:56:88:d1:c3:49:c4:76:90:74:e8:03:
c3:2a:4a:b1:d6:48:78:15:16:a5:a8:1f:9c:e2:c7:62:57:13:
37:76:cf:87:21:64:c7:63:15:7a:5f:43:ea:9c:d9:e0:23:6c:
86:80:f8:f3:48:17:f9:89:cf:d4:ee:43:fd:20:24:ed:3b:6e:
72:3e:14:39:af:17:61:01:0f:4c:97:e1:14:a8:b7:eb:18:6c:
7c:d9:25:9c:61:3b:65:b9:15:88:77:84:44:c5:37:aa:87:51:
61:13:c4:35:ef:cb:32:e8:2e:ff:d8:be:54:a9:36:9b:6e:86:
42:e8:d2:a1:f7:6e:ec:71:72:de:84:19:80:b5:79:73:ac:13:
7d:9e:cb:4f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAYSa4HtNhptHWbw8KzgJDQNVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjIxMTIxMTU0ODMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjNlNzhjMTMzYzFlZjEzM2U2OWJlMzE1MTg5YzFlZjkxZWI4MjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0jM1aI0syVQN6ae++Tbconb14YX
epoWz1jb6ULI+S5x6fT+4wSu8kvQ2RaDtRPHEs5QYC3c2imPrruqBsYgveoGOruW
0cfjQz/uuWNKs2w45QLNnZPrRdnwexbDXY3h9bNF/ZlarmqKkuUEfpU/zmJXNK9x
540Vq1HNw+zO+qegLQBX8IvRF0m/82BGOjPCiiEKWuh+ds98niY1WFv0LLqg3zhh
ccSMcF4MjBC6dEcKfSHGGjNpQRgLuT4ggAWQamBSXalOFkciX9r5dRat1PDLyY7F
1D6ECMiEruqeXthRdcHel1lQp8zvEQidZcNBJWLH66Cc03gdmbaHyMuVVwIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFN8+eMEzwe8TPmm+MVGJwe+R64JUMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvM3o1NHdUUEI3eE0tYWI0eFVZbkI3NUhyZ2xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzB+BAIAATB4AwQCHw5g
AwQDJSI4AwQHJWGAAwQDTUiQAwQFUEVAAwQDVPcIAwQFVQqAAwQCVmn0AwQFV/2A
AwQCWSmoAwQEXXcAAwQFX6pAAwQDjYqIAwQHldKAAwQCuQowAwQCuWxwAwQCvPA0
AwQCvPGUAwQAwwjDAwQAw4fDMA0EAgACMAcDBQAqAQfIMA0GCSqGSIb3DQEBCwUA
A4IBAQBKKfNtQNzF0c5Qr2myWLSvJqIlZ8hk7RbgiGBtuGEsUuOSPk075VFBCuhv
n20o6FuVDTA/nj7Eol9da+KW9VGSr3IJmYpOegRuXIh/M4YmL5xy4sQDLSZOsCUg
Kr75OvS1zLT2xR3EiNHULWSvKvBGHRNoVojRw0nEdpB06APDKkqx1kh4FRalqB+c
4sdiVxM3ds+HIWTHYxV6X0PqnNngI2yGgPjzSBf5ic/U7kP9ICTtO25yPhQ5rxdh
AQ9Ml+EUqLfrGGx82SWcYTtluRWId4RExTeqh1FhE8Q178sy6C7/2L5UqTabboZC
6NKh927scXLehBmAtXlzrBN9nstP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:04 2024 by rpki-client on console-ams.rpki-client.org