Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/P5-9EVIVad4i92kLYpS2VlN9zoY.roa
File: P5-9EVIVad4i92kLYpS2VlN9zoY.roa (raw, json)
Hash identifier: C/Y+UsyzG9SqLL30z71XDO2An4wzbL0Rs45SFoNLec4=
Subject key identifier: 3F:9F:BD:11:52:15:69:DE:22:F7:69:0B:62:94:B6:56:53:7D:CE:86
Certificate issuer: /CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df
Certificate serial: 0553333E
Authority key identifier: D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/P5-9EVIVad4i92kLYpS2VlN9zoY.roa
Signing time: Mon 23 May 2022 09:06:29 +0000
ROA not before: Mon 23 May 2022 09:06:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40994
IP address blocks: 46.102.157.0/24 maxlen: 24
46.102.156.0/24 maxlen: 24
31.14.17.0/24 maxlen: 24
94.177.8.0/23 maxlen: 24
86.106.182.0/24 maxlen: 24
2a0d:f302::/32 maxlen: 32
2a0d:f301::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89338686 (0x553333e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df
Validity
Not Before: May 23 09:06:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f9fbd11521569de22f7690b6294b656537dce86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f6:b2:f9:35:53:9e:72:d3:3f:9e:73:f0:00:
72:b2:8b:69:91:b5:dd:7d:b9:b3:c3:d2:41:fd:e1:
ab:15:75:3c:45:4f:dd:f0:a2:41:69:b1:3f:f8:f8:
39:4e:e5:d3:56:69:f8:07:49:b2:2c:cb:fa:7e:8d:
24:9d:10:72:65:5e:6f:9a:82:bb:56:53:7c:a5:eb:
5a:58:ba:94:33:ae:b5:8a:80:aa:bd:95:a9:e6:9e:
8e:f0:9f:dd:85:12:6a:7b:60:d2:87:37:25:21:c9:
6d:a7:05:cb:1f:56:43:5b:b4:a7:ed:56:84:21:d0:
ea:a9:c5:60:bc:a0:8f:ce:61:da:26:d4:7d:4b:5c:
1d:b6:c2:5c:5b:3e:aa:b2:c4:ff:95:9c:04:95:6c:
51:0a:ff:f8:1c:0d:06:5d:85:f8:22:12:ef:7f:ac:
39:09:a2:97:53:b7:33:a5:18:9b:41:74:3d:71:be:
8a:19:99:fd:ca:fa:ba:c1:ee:2f:19:c3:77:d9:50:
fe:3f:51:b7:15:1a:50:e2:7e:fd:31:cb:fc:a8:07:
39:0c:60:c7:ef:7f:0b:3f:d3:61:26:2a:e9:3e:b5:
7a:a7:c5:ec:91:b3:36:76:a3:9c:b8:fd:c6:f4:5c:
81:9b:c3:54:27:f6:8c:16:bb:d2:47:96:f8:1a:e2:
c4:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:9F:BD:11:52:15:69:DE:22:F7:69:0B:62:94:B6:56:53:7D:CE:86
X509v3 Authority Key Identifier:
keyid:D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/P5-9EVIVad4i92kLYpS2VlN9zoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/1M8PvV9uF1mQPMad4NxOokwfg98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.17.0/24
46.102.156.0/23
86.106.182.0/24
94.177.8.0/23
IPv6:
2a0d:f301::/48
2a0d:f302::/32
Signature Algorithm: sha256WithRSAEncryption
39:9b:e9:65:4d:d1:ab:2c:63:0c:ee:24:07:29:e3:d7:9a:81:
3d:0d:73:21:76:8e:29:79:5f:62:16:de:ca:72:1a:5a:53:a4:
1a:34:57:9d:00:bf:70:b5:89:bb:fd:fa:11:98:43:bd:cb:a8:
56:27:28:ef:b6:d9:d2:08:6a:7a:df:fd:8b:d2:15:9d:78:e4:
3e:1b:c5:a4:c7:93:64:3f:68:b7:4d:4e:d6:68:5e:6e:16:31:
63:f5:91:fc:85:fc:fc:84:49:7e:57:dd:61:d0:5e:ad:43:24:
9d:c1:bc:c2:22:df:11:d9:70:a9:84:74:a1:b0:e5:86:0c:2d:
77:64:40:4e:45:70:1e:60:be:db:1f:4d:9a:3f:c3:56:8f:fb:
5b:27:4e:e9:69:d5:33:1e:7e:4d:1e:78:5f:a0:6a:b8:3b:2f:
15:de:68:c4:2f:ee:82:1a:cf:a7:ff:6e:21:77:06:44:c4:37:
07:ee:40:d7:98:b1:98:90:3e:38:b5:c1:26:88:e4:b5:26:a5:
8c:d4:b4:34:cc:b9:ae:c3:0a:f2:d8:66:4e:69:57:72:1d:5d:
29:0d:c0:1f:5e:7a:c3:fe:69:1f:a5:f8:3d:a1:54:c2:17:dd:
80:de:d6:5e:49:a1:2c:d2:e0:c9:8f:d5:87:74:1b:8e:fa:89:
a1:ab:58:46
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEBVMzPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGNmMGZiZDVmNmUxNzU5OTAzY2M2OWRlMGRjNGVhMjRjMWY4M2RmMB4XDTIyMDUy
MzA5MDYyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2Y5ZmJkMTE1MjE1
NjlkZTIyZjc2OTBiNjI5NGI2NTY1MzdkY2U4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALr2svk1U55y0z+ec/AAcrKLaZG13X25s8PSQf3hqxV1PEVP
3fCiQWmxP/j4OU7l01Zp+AdJsizL+n6NJJ0QcmVeb5qCu1ZTfKXrWli6lDOutYqA
qr2VqeaejvCf3YUSantg0oc3JSHJbacFyx9WQ1u0p+1WhCHQ6qnFYLygj85h2ibU
fUtcHbbCXFs+qrLE/5WcBJVsUQr/+BwNBl2F+CIS73+sOQmil1O3M6UYm0F0PXG+
ihmZ/cr6usHuLxnDd9lQ/j9RtxUaUOJ+/THL/KgHOQxgx+9/Cz/TYSYq6T61eqfF
7JGzNnajnLj9xvRcgZvDVCf2jBa70keW+BrixBMCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBQ/n70RUhVp3iL3aQtilLZWU33OhjAfBgNVHSMEGDAWgBTUzw+9X24XWZA8
xp3g3E6iTB+D3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFNOFB2Vjl1RjFtUVBNYWQ0TnhPb2t3Zmc5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvZDM0ZmEyLTNhMzctNDMwOC1iNzgzLTU4NTdmMWMxNzYyNC8x
L1A1LTlFVklWYWQ0aTkya0xZcFMyVmxOOXpvWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
ZDM0ZmEyLTNhMzctNDMwOC1iNzgzLTU4NTdmMWMxNzYyNC8xLzFNOFB2Vjl1RjFt
UVBNYWQ0TnhPb2t3Zmc5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwHgQCAAEwGAMEAB8OEQMEAS5mnAMEAFZqtgMEAV6x
CDAWBAIAAjAQAwcAKg3zAQAAAwUAKg3zAjANBgkqhkiG9w0BAQsFAAOCAQEAOZvp
ZU3RqyxjDO4kBynj15qBPQ1zIXaOKXlfYhbeynIaWlOkGjRXnQC/cLWJu/36EZhD
vcuoVico77bZ0ghqet/9i9IVnXjkPhvFpMeTZD9ot01O1mhebhYxY/WR/IX8/IRJ
flfdYdBerUMkncG8wiLfEdlwqYR0obDlhgwtd2RATkVwHmC+2x9Nmj/DVo/7WydO
6WnVMx5+TR54X6BquDsvFd5oxC/ughrPp/9uIXcGRMQ3B+5A15ixmJA+OLXBJojk
tSaljNS0NMy5rsMK8thmTmlXch1dKQ3AH156w/5pH6X4PaFUwhfdgN7WXkmhLNLg
yY/Vh3QbjvqJoatYRg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:50 2023 by rpki-client on console-ams.rpki-client.org