Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/I2mNG05X4NyqnbUgY3LOxZL0VBo.roa
File: I2mNG05X4NyqnbUgY3LOxZL0VBo.roa (raw, json)
Hash identifier: VXMQOHk+31gErUvQr0Do0ImJtRQfb3QISteHhLzbqNo=
Subject key identifier: 23:69:8D:1B:4E:57:E0:DC:AA:9D:B5:20:63:72:CE:C5:92:F4:54:1A
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 01852B8E546FEDB937BED4FB4FC60911C826
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/I2mNG05X4NyqnbUgY3LOxZL0VBo.roa
Signing time: Mon 19 Dec 2022 18:03:46 +0000
ROA not before: Mon 19 Dec 2022 18:03:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31034
IP address blocks: 5.249.128.0/19 maxlen: 24
185.58.116.0/22 maxlen: 24
217.61.0.0/18 maxlen: 24
94.177.192.0/18 maxlen: 24
89.46.104.0/21 maxlen: 24
95.110.128.0/17 maxlen: 24
31.14.128.0/20 maxlen: 24
31.11.32.0/21 maxlen: 24
77.81.224.0/20 maxlen: 24
89.46.64.0/20 maxlen: 24
46.37.0.0/19 maxlen: 24
94.177.160.0/19 maxlen: 24
89.46.192.0/21 maxlen: 24
62.149.128.0/17 maxlen: 24
185.56.8.0/22 maxlen: 24
80.211.0.0/16 maxlen: 24
194.182.110.0/23 maxlen: 24
188.213.160.0/20 maxlen: 24
176.107.144.0/21 maxlen: 24
80.73.224.0/21 maxlen: 24
195.231.88.0/21 maxlen: 24
89.36.208.0/22 maxlen: 24
217.198.128.0/20 maxlen: 24
2a00:6d40::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2b:8e:54:6f:ed:b9:37:be:d4:fb:4f:c6:09:11:c8:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Dec 19 18:03:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=23698d1b4e57e0dcaa9db5206372cec592f4541a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d3:ae:b9:d8:66:45:57:54:69:b1:1d:ab:15:
d1:e6:40:3c:53:5d:1e:02:25:71:16:2e:12:28:4e:
15:e2:34:37:b7:e3:f0:a7:b7:e5:c7:24:38:b4:16:
c4:5e:95:1e:24:81:8d:e9:07:20:0f:32:d3:48:ac:
bf:c1:9a:59:93:80:b1:55:05:4f:16:70:18:49:f5:
29:fb:73:45:30:ba:e6:f7:7f:87:2d:12:24:4f:32:
5d:cb:dc:a1:e2:a6:66:74:9f:39:b2:e8:16:4a:4f:
ed:00:4d:e1:3a:ed:4e:0e:15:1b:4e:7c:7b:f9:fa:
35:d0:b3:d4:39:bb:08:2f:56:6e:d0:03:5e:0d:64:
2b:03:21:6e:38:9e:4a:cf:8d:9c:dc:fd:d4:0c:de:
8a:0a:25:93:53:9f:b7:6b:0a:2a:1a:cb:29:6c:01:
03:57:bc:d8:d1:6d:0a:aa:86:92:8b:66:b1:e3:82:
0f:59:f5:d4:61:79:12:29:97:ea:ad:55:23:5c:4e:
50:6e:b3:c7:0e:37:dc:90:2e:3f:d5:14:60:54:dd:
65:f0:55:c2:fe:3e:ea:75:62:a4:2f:b0:91:bb:98:
8d:b0:6a:e4:22:e0:e4:af:c8:22:6f:b2:53:8f:5b:
a8:88:46:4e:51:98:58:f7:2f:0c:d9:c8:db:f0:92:
8d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:69:8D:1B:4E:57:E0:DC:AA:9D:B5:20:63:72:CE:C5:92:F4:54:1A
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/I2mNG05X4NyqnbUgY3LOxZL0VBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.128.0/19
31.11.32.0/21
31.14.128.0/20
46.37.0.0/19
62.149.128.0/17
77.81.224.0/20
80.73.224.0/21
80.211.0.0/16
89.36.208.0/22
89.46.64.0/20
89.46.104.0/21
89.46.192.0/21
94.177.160.0-94.177.255.255
95.110.128.0/17
176.107.144.0/21
185.56.8.0/22
185.58.116.0/22
188.213.160.0/20
194.182.110.0/23
195.231.88.0/21
217.61.0.0/18
217.198.128.0/20
IPv6:
2a00:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
85:a7:fa:77:58:ee:87:27:fc:ad:1d:d9:44:56:9b:5c:30:40:
d7:56:26:eb:3e:d0:6f:97:c7:8d:8e:6f:0b:df:6a:97:b2:5e:
be:28:47:27:28:33:63:89:0a:15:6a:1b:3e:7e:91:72:3e:46:
de:0c:21:3d:d3:90:3e:95:06:1b:93:39:af:c9:83:cc:92:e0:
64:f7:6d:b3:be:f1:e1:e6:0e:c8:f7:ec:6b:81:85:87:b1:4d:
d0:13:55:b0:b2:55:e9:86:99:85:40:42:e2:da:16:b1:67:97:
21:31:aa:bd:a8:e0:3d:2e:07:7a:fa:0b:5a:9d:9f:8a:52:11:
f7:f2:e1:8b:e8:e8:e1:77:5c:c8:19:85:b4:23:b7:8d:8f:53:
b9:fb:01:87:b6:55:ac:46:4e:b7:a4:8f:d2:8b:84:00:fa:7a:
37:43:79:17:a7:5d:30:0d:b5:ce:9a:31:7a:6a:41:79:16:f2:
7a:4d:12:e9:09:b3:5e:c8:7f:0b:c3:22:13:e3:8a:87:ea:64:
59:44:7a:3c:5c:88:5a:0f:89:d7:dc:d1:94:08:d7:d1:ce:05:
12:92:80:5d:5d:0e:32:0d:df:89:df:e6:8e:56:90:49:20:fd:
c2:6e:45:d5:14:94:9c:15:e8:98:c7:b6:20:32:95:94:25:4e:
d4:2f:bd:31
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgISAYUrjlRv7bk3vtT7T8YJEcgmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjIxMjE5MTgwMzQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzY5OGQxYjRlNTdlMGRjYWE5ZGI1MjA2MzcyY2VjNTkyZjQ1NDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNOuudhmRVdUabEdqxXR5kA8U10e
AiVxFi4SKE4V4jQ3t+Pwp7flxyQ4tBbEXpUeJIGN6QcgDzLTSKy/wZpZk4CxVQVP
FnAYSfUp+3NFMLrm93+HLRIkTzJdy9yh4qZmdJ85sugWSk/tAE3hOu1ODhUbTnx7
+fo10LPUObsIL1Zu0ANeDWQrAyFuOJ5Kz42c3P3UDN6KCiWTU5+3awoqGsspbAED
V7zY0W0KqoaSi2ax44IPWfXUYXkSKZfqrVUjXE5QbrPHDjfckC4/1RRgVN1l8FXC
/j7qdWKkL7CRu5iNsGrkIuDkr8gib7JTj1uoiEZOUZhY9y8M2cjb8JKNoQIDAQAB
o4ICoTCCAp0wHQYDVR0OBBYEFCNpjRtOV+Dcqp21IGNyzsWS9FQaMB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvSTJtTkcwNVg0TnlxbmJVZ1kzTE94WkwwVkJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG2BggrBgEFBQcBBwEB/wSBpjCBozCBkQQCAAEwgYoDBAUF
+YADBAMfCyADBAQfDoADBAUuJQADBAc+lYADBARNUeADBANQSeADAwBQ0wMEAlkk
0AMEBFkuQAMEA1kuaAMEA1kuwDALAwQFXrGgAwMBXrADBAdfboADBAOwa5ADBAK5
OAgDBAK5OnQDBAS81aADBAHCtm4DBAPD51gDBAbZPQADBATZxoAwDQQCAAIwBwMF
AyoAbUAwDQYJKoZIhvcNAQELBQADggEBAIWn+ndY7ocn/K0d2URWm1wwQNdWJus+
0G+Xx42ObwvfapeyXr4oRycoM2OJChVqGz5+kXI+Rt4MIT3TkD6VBhuTOa/Jg8yS
4GT3bbO+8eHmDsj37GuBhYexTdATVbCyVemGmYVAQuLaFrFnlyExqr2o4D0uB3r6
C1qdn4pSEffy4Yvo6OF3XMgZhbQjt42PU7n7AYe2VaxGTrekj9KLhAD6ejdDeRen
XTANtc6aMXpqQXkW8npNEukJs17IfwvDIhPjiofqZFlEejxciFoPidfc0ZQI19HO
BRKSgF1dDjIN34nf5o5WkEkg/cJuRdUUlJwV6JjHtiAylZQlTtQvvTE=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:07 2023 by rpki-client on console-fra.rpki-client.org