Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/23742f-1d70-4f31-a9ca-7acb21ba773f/1/4T8qU37efT-zKZ7RQ2uz6RONnKI.roa
File: 4T8qU37efT-zKZ7RQ2uz6RONnKI.roa (raw, json)
Hash identifier: Y0YsOfinpah3CeNc37zxUbBCh5QjHLTwpryfXHWC1ek=
Subject key identifier: E1:3F:2A:53:7E:DE:7D:3F:B3:29:9E:D1:43:6B:B3:E9:13:8D:9C:A2
Certificate issuer: /CN=8bdc53cc2263f6fdea170d3282a20b8e71607386
Certificate serial: 0EB6993B
Authority key identifier: 8B:DC:53:CC:22:63:F6:FD:EA:17:0D:32:82:A2:0B:8E:71:60:73:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i9xTzCJj9v3qFw0ygqILjnFgc4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/23742f-1d70-4f31-a9ca-7acb21ba773f/1/4T8qU37efT-zKZ7RQ2uz6RONnKI.roa
Signing time: Sat 01 Jan 2022 14:05:38 +0000
ROA not before: Sat 01 Jan 2022 14:05:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51110
IP address blocks: 5.102.77.0/24 maxlen: 24
5.102.76.0/24 maxlen: 24
5.102.78.0/24 maxlen: 24
5.102.73.0/24 maxlen: 24
5.102.72.0/24 maxlen: 24
5.102.75.0/24 maxlen: 24
5.102.74.0/24 maxlen: 24
185.91.233.0/24 maxlen: 24
185.91.232.0/24 maxlen: 24
185.91.234.0/24 maxlen: 24
94.124.152.0/24 maxlen: 24
94.124.154.0/24 maxlen: 24
94.124.153.0/24 maxlen: 24
94.124.156.0/24 maxlen: 24
94.124.155.0/24 maxlen: 24
94.124.157.0/24 maxlen: 24
94.124.159.0/24 maxlen: 24
94.124.158.0/24 maxlen: 24
5.102.79.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 246847803 (0xeb6993b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdc53cc2263f6fdea170d3282a20b8e71607386
Validity
Not Before: Jan 1 14:05:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e13f2a537ede7d3fb3299ed1436bb3e9138d9ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:50:ef:11:48:d2:d2:4e:18:37:88:45:ed:97:
23:99:93:00:79:c0:73:51:6f:2f:46:d7:da:1f:07:
3e:88:84:b1:ef:4e:91:b3:f3:c2:9e:7d:cc:f3:96:
5d:8f:aa:a0:51:97:e0:49:f1:1f:33:23:78:fd:6a:
ec:fb:94:19:48:08:85:ab:45:5f:d3:60:b3:f9:9f:
9b:91:08:ce:f4:a3:ae:87:11:c5:7f:14:55:6b:e9:
a6:27:f9:76:6b:e6:45:e3:cb:7d:ae:cc:8f:cb:81:
e8:da:1d:a6:96:4a:9b:cd:65:11:83:7c:ea:91:20:
5d:29:1b:da:cf:21:ed:ef:fd:77:a9:ac:f3:f7:fe:
a4:36:5f:d9:bb:60:d2:41:99:e0:c4:2a:a9:de:9c:
a5:0f:2d:ba:21:4d:45:03:89:8c:fc:73:e5:5c:6f:
92:68:fb:3c:8d:26:e8:b5:00:86:ac:ec:f8:2b:56:
72:da:99:08:a5:5f:de:9a:df:1c:47:2c:49:d5:38:
06:8d:d3:63:b6:27:49:ae:69:90:7c:d7:30:cd:cc:
25:6c:a4:3a:8e:aa:d0:6a:c6:81:fe:4f:c6:ac:f1:
a0:68:b7:bf:d9:f0:c9:c4:78:a7:aa:55:a2:5e:4b:
e8:6b:0a:7b:bb:64:27:35:10:7e:97:1b:cb:90:ad:
c2:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:3F:2A:53:7E:DE:7D:3F:B3:29:9E:D1:43:6B:B3:E9:13:8D:9C:A2
X509v3 Authority Key Identifier:
keyid:8B:DC:53:CC:22:63:F6:FD:EA:17:0D:32:82:A2:0B:8E:71:60:73:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i9xTzCJj9v3qFw0ygqILjnFgc4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/23742f-1d70-4f31-a9ca-7acb21ba773f/1/4T8qU37efT-zKZ7RQ2uz6RONnKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/23742f-1d70-4f31-a9ca-7acb21ba773f/1/i9xTzCJj9v3qFw0ygqILjnFgc4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.72.0/21
94.124.152.0/21
185.91.232.0-185.91.234.255
Signature Algorithm: sha256WithRSAEncryption
36:e2:05:d5:f3:08:50:5a:fb:88:f6:39:4e:40:7e:a2:dc:d8:
50:1e:82:43:fc:70:93:df:e1:c6:c8:3c:e0:34:a9:0e:1b:2b:
b3:a0:e2:db:3b:b2:42:e2:ab:9e:18:ee:2d:a4:57:ca:ec:67:
e0:b1:e8:51:20:61:19:13:95:a2:57:f1:82:84:cf:03:7d:38:
74:12:ac:29:e9:b9:d7:a9:93:f5:14:df:bb:b8:c9:e2:2c:b5:
35:cf:b2:76:bc:0b:81:6d:75:8e:ae:1c:ec:f3:e8:17:cd:c6:
b2:44:b4:48:5b:19:7a:49:db:79:24:a3:c6:67:23:3c:3f:7b:
01:93:fa:e0:3e:a7:e6:8d:ab:d0:5e:dd:5e:c3:2b:bf:85:66:
87:ac:52:9d:28:7a:5d:f1:33:f6:96:c5:29:81:a9:15:58:a8:
71:e3:a2:18:9a:a0:e8:8f:8b:51:5f:54:27:df:f6:11:e5:9a:
b4:9a:8e:43:d2:f0:03:16:e1:b5:83:02:23:89:d7:fb:93:a6:
0e:f6:07:87:d2:31:01:b9:36:2f:ba:7b:08:53:fa:55:78:86:
04:2d:2c:e0:41:85:19:3e:80:8f:c1:5e:c6:1e:27:0f:76:29:
c4:96:da:68:ee:84:df:b5:35:57:c0:3b:c4:2f:26:b4:fc:de:
a2:54:c1:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEDraZOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmRjNTNjYzIyNjNmNmZkZWExNzBkMzI4MmEyMGI4ZTcxNjA3Mzg2MB4XDTIyMDEw
MTE0MDUzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTEzZjJhNTM3ZWRl
N2QzZmIzMjk5ZWQxNDM2YmIzZTkxMzhkOWNhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM9Q7xFI0tJOGDeIRe2XI5mTAHnAc1FvL0bX2h8HPoiEse9O
kbPzwp59zPOWXY+qoFGX4EnxHzMjeP1q7PuUGUgIhatFX9Ngs/mfm5EIzvSjrocR
xX8UVWvppif5dmvmRePLfa7Mj8uB6NodppZKm81lEYN86pEgXSkb2s8h7e/9d6ms
8/f+pDZf2btg0kGZ4MQqqd6cpQ8tuiFNRQOJjPxz5Vxvkmj7PI0m6LUAhqzs+CtW
ctqZCKVf3prfHEcsSdU4Bo3TY7YnSa5pkHzXMM3MJWykOo6q0GrGgf5PxqzxoGi3
v9nwycR4p6pVol5L6GsKe7tkJzUQfpcby5CtwikCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBThPypTft59P7MpntFDa7PpE42cojAfBgNVHSMEGDAWgBSL3FPMImP2/eoX
DTKCoguOcWBzhjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k5eFR6Q0pqOXYzcUZ3MHlncUlMam5GZ2M0WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvMjM3NDJmLTFkNzAtNGYzMS1hOWNhLTdhY2IyMWJhNzczZi8x
LzRUOHFVMzdlZlQtektaN1JRMnV6NlJPTm5LSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
MjM3NDJmLTFkNzAtNGYzMS1hOWNhLTdhY2IyMWJhNzczZi8xL2k5eFR6Q0pqOXYz
cUZ3MHlncUlMam5GZ2M0WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAwVmSAMEA158mDAMAwQDuVvoAwQA
uVvqMA0GCSqGSIb3DQEBCwUAA4IBAQA24gXV8whQWvuI9jlOQH6i3NhQHoJD/HCT
3+HGyDzgNKkOGyuzoOLbO7JC4queGO4tpFfK7GfgsehRIGEZE5WiV/GChM8DfTh0
Eqwp6bnXqZP1FN+7uMniLLU1z7J2vAuBbXWOrhzs8+gXzcayRLRIWxl6Sdt5JKPG
ZyM8P3sBk/rgPqfmjavQXt1ewyu/hWaHrFKdKHpd8TP2lsUpgakVWKhx46IYmqDo
j4tRX1Qn3/YR5Zq0mo5D0vADFuG1gwIjidf7k6YO9geH0jEBuTYvunsIU/pVeIYE
LSzgQYUZPoCPwV7GHicPdinEltpo7oTftTVXwDvELya0/N6iVMFp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:42 2024 by rpki-client on console-fra.rpki-client.org