Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/CPvyM3BAUNiAsmRh6eUcbFUbUWk.roa
File: CPvyM3BAUNiAsmRh6eUcbFUbUWk.roa (raw, json)
Hash identifier: fmDbB0ImOfULxn5oOPcgj+w+T4wp1w0DOWCwjIjakR0=
Subject key identifier: 08:FB:F2:33:70:40:50:D8:80:B2:64:61:E9:E5:1C:6C:55:1B:51:69
Certificate issuer: /CN=05bfdbb6a4b1663369da407db97b021f73284a28
Certificate serial: 031C1739
Authority key identifier: 05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/CPvyM3BAUNiAsmRh6eUcbFUbUWk.roa
Signing time: Sat 01 Jan 2022 06:00:44 +0000
ROA not before: Sat 01 Jan 2022 06:00:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42831
IP address blocks: 185.17.24.0/22 maxlen: 22
78.157.192.0/19 maxlen: 19
78.110.160.0/20 maxlen: 20
94.229.64.0/20 maxlen: 20
77.74.192.0/21 maxlen: 21
185.103.96.0/22 maxlen: 22
31.132.0.0/21 maxlen: 21
178.159.0.0/20 maxlen: 20
37.9.56.0/21 maxlen: 21
5.101.136.0/21 maxlen: 21
5.101.144.0/21 maxlen: 21
77.75.120.0/21 maxlen: 21
5.101.168.0/21 maxlen: 21
2a01:a500::/32 maxlen: 32
2a01:a500:2566::/48 maxlen: 48
2a01:a500:1228::/48 maxlen: 48
2a01:a500:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52172601 (0x31c1739)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05bfdbb6a4b1663369da407db97b021f73284a28
Validity
Not Before: Jan 1 06:00:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=08fbf233704050d880b26461e9e51c6c551b5169
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8d:8c:ba:ca:72:3c:46:46:b6:7b:91:9e:f9:
64:4d:69:df:8e:f1:60:07:c5:67:57:b9:f5:2b:01:
ed:b5:ce:b0:50:e1:c6:aa:75:dd:5a:c8:8b:ec:44:
c2:bd:56:7f:05:db:d2:3e:6a:86:cc:e6:9a:02:68:
98:6a:a9:88:1c:00:e7:67:74:fc:78:80:fe:c2:b1:
eb:c7:90:11:fd:17:b4:02:47:15:6c:84:c8:09:f0:
35:db:1f:48:6e:fd:83:2f:81:86:03:c8:10:21:b6:
e6:b2:9e:2e:2d:51:fd:66:b7:98:be:43:a8:ab:4a:
3c:8b:2e:ba:05:6a:bf:42:ee:fb:ec:bd:2f:9d:8b:
f9:cd:0d:c4:1e:56:77:cd:0a:e3:cb:5f:6a:3e:18:
f0:bd:8e:d1:42:98:13:40:e6:c3:a8:db:85:d7:c9:
37:b8:80:ee:20:d4:d3:bb:b9:76:4a:af:8c:c2:60:
1f:f6:91:1f:36:72:b1:63:a3:35:8a:04:f7:66:cc:
dc:4d:19:9c:80:5c:23:c6:7d:83:da:90:80:45:e8:
7c:7b:e4:da:7a:23:f5:b6:7b:c4:f4:ae:4c:6f:18:
75:1b:ff:6c:9e:18:cd:23:d2:7e:f9:4e:03:02:d4:
5a:a7:f4:8e:88:d8:5e:87:ec:d7:21:28:e4:b1:a6:
07:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:FB:F2:33:70:40:50:D8:80:B2:64:61:E9:E5:1C:6C:55:1B:51:69
X509v3 Authority Key Identifier:
keyid:05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/CPvyM3BAUNiAsmRh6eUcbFUbUWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/Bb_btqSxZjNp2kB9uXsCH3MoSig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.136.0-5.101.151.255
5.101.168.0/21
31.132.0.0/21
37.9.56.0/21
77.74.192.0/21
77.75.120.0/21
78.110.160.0/20
78.157.192.0/19
94.229.64.0/20
178.159.0.0/20
185.17.24.0/22
185.103.96.0/22
IPv6:
2a01:a500::/32
Signature Algorithm: sha256WithRSAEncryption
0a:a3:e8:e5:50:31:cb:3c:e6:e6:e0:bc:e9:09:4c:d7:84:e5:
86:aa:ea:06:d4:1c:6a:41:32:98:60:1f:a1:1f:1c:c9:04:d7:
47:9c:cf:5a:7e:9b:5f:91:66:d6:ae:f4:ed:92:62:72:00:5e:
f6:6b:07:06:b0:69:c4:36:76:99:3b:22:c4:88:2d:20:22:10:
9f:a4:4c:ea:13:35:ef:99:4e:ad:97:64:0f:56:19:34:90:0a:
69:bc:e7:ab:1f:29:38:6e:10:bd:e0:d4:e0:68:ca:bf:48:03:
7f:c1:20:d2:f2:e6:68:cf:14:a4:51:c4:3b:b7:aa:1c:d7:65:
7d:d1:25:6f:61:26:bd:8b:19:dc:24:6b:f9:02:f4:71:2a:be:
c3:41:90:6a:6f:52:0d:2b:e2:8e:f4:d0:e1:c4:ad:c1:87:f5:
c8:f5:21:82:80:64:b5:f2:47:c4:6b:46:79:8f:2c:a9:6f:3c:
fc:75:a5:4c:5c:fc:ff:ea:93:8d:bb:0f:fc:ba:65:bb:69:ba:
ea:07:b6:4f:67:14:3b:4c:36:3c:4d:73:84:1b:7a:4e:85:d7:
c7:a2:89:99:29:d2:ec:f3:8c:ef:49:4e:ed:36:e2:4b:5e:20:
c8:73:5e:8a:fc:2a:0d:fd:d5:16:98:68:74:3c:fa:ec:fc:e6:
5a:32:2b:09
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIEAxwXOTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWJmZGJiNmE0YjE2NjMzNjlkYTQwN2RiOTdiMDIxZjczMjg0YTI4MB4XDTIyMDEw
MTA2MDA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDhmYmYyMzM3MDQw
NTBkODgwYjI2NDYxZTllNTFjNmM1NTFiNTE2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKGNjLrKcjxGRrZ7kZ75ZE1p347xYAfFZ1e59SsB7bXOsFDh
xqp13VrIi+xEwr1WfwXb0j5qhszmmgJomGqpiBwA52d0/HiA/sKx68eQEf0XtAJH
FWyEyAnwNdsfSG79gy+BhgPIECG25rKeLi1R/Wa3mL5DqKtKPIsuugVqv0Lu++y9
L52L+c0NxB5Wd80K48tfaj4Y8L2O0UKYE0Dmw6jbhdfJN7iA7iDU07u5dkqvjMJg
H/aRHzZysWOjNYoE92bM3E0ZnIBcI8Z9g9qQgEXofHvk2noj9bZ7xPSuTG8YdRv/
bJ4YzSPSfvlOAwLUWqf0jojYXofs1yEo5LGmB0sCAwEAAaOCAmIwggJeMB0GA1Ud
DgQWBBQI+/IzcEBQ2ICyZGHp5RxsVRtRaTAfBgNVHSMEGDAWgBQFv9u2pLFmM2na
QH25ewIfcyhKKDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JiX2J0cVN4WmpOcDJrQjl1WHNDSDNNb1NpZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTYvNDYwYzAwLTNlOTUtNDI3NC1iYzljLTA2MGRhY2ZlYmUwZi8x
L0NQdnlNM0JBVU5pQXNtUmg2ZVVjYkZVYlVXay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYv
NDYwYzAwLTNlOTUtNDI3NC1iYzljLTA2MGRhY2ZlYmUwZi8xL0JiX2J0cVN4WmpO
cDJrQjl1WHNDSDNNb1NpZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB4
BggrBgEFBQcBBwEB/wRpMGcwVgQCAAEwUDAMAwQDBWWIAwQDBWWQAwQDBWWoAwQD
H4QAAwQDJQk4AwQDTUrAAwQDTUt4AwQETm6gAwQFTp3AAwQEXuVAAwQEsp8AAwQC
uREYAwQCuWdgMA0EAgACMAcDBQAqAaUAMA0GCSqGSIb3DQEBCwUAA4IBAQAKo+jl
UDHLPObm4LzpCUzXhOWGquoG1BxqQTKYYB+hHxzJBNdHnM9afptfkWbWrvTtkmJy
AF72awcGsGnENnaZOyLEiC0gIhCfpEzqEzXvmU6tl2QPVhk0kAppvOerHyk4bhC9
4NTgaMq/SAN/wSDS8uZozxSkUcQ7t6oc12V90SVvYSa9ixncJGv5AvRxKr7DQZBq
b1INK+KO9NDhxK3Bh/XI9SGCgGS18kfEa0Z5jyypbzz8daVMXPz/6pONuw/8umW7
abrqB7ZPZxQ7TDY8TXOEG3pOhdfHoomZKdLs84zvSU7tNuJLXiDIc16K/CoN/dUW
mGh0PPrs/OZaMisJ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:47 2023 by rpki-client on console-fra.rpki-client.org