Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/RPOL_BrFrvrex5V8CCRsPQPtQXY.roa
File: RPOL_BrFrvrex5V8CCRsPQPtQXY.roa (raw, json)
Hash identifier: MDLJO03zpaTXZNzjZxCM2vdbMtD697YcnDNcK27Bnzc=
Subject key identifier: 44:F3:8B:FC:1A:C5:AE:FA:DE:C7:95:7C:08:24:6C:3D:03:ED:41:76
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 018443B4C1A3E672CF6934E891088AA991CE
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/RPOL_BrFrvrex5V8CCRsPQPtQXY.roa
Signing time: Fri 04 Nov 2022 17:33:50 +0000
ROA not before: Fri 04 Nov 2022 17:33:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31034
IP address blocks: 5.249.128.0/19 maxlen: 24
185.58.116.0/22 maxlen: 24
217.61.0.0/18 maxlen: 24
94.177.192.0/18 maxlen: 24
89.46.104.0/21 maxlen: 24
95.110.128.0/17 maxlen: 24
31.14.128.0/20 maxlen: 24
31.11.32.0/21 maxlen: 24
77.81.224.0/20 maxlen: 24
217.198.140.0/24 maxlen: 24
89.46.64.0/20 maxlen: 24
46.37.0.0/19 maxlen: 24
94.177.160.0/19 maxlen: 24
89.46.192.0/21 maxlen: 24
62.149.128.0/17 maxlen: 24
185.56.8.0/22 maxlen: 24
80.211.0.0/16 maxlen: 24
194.182.110.0/23 maxlen: 24
188.213.160.0/20 maxlen: 24
176.107.144.0/21 maxlen: 24
80.73.224.0/21 maxlen: 24
195.231.88.0/21 maxlen: 24
89.36.208.0/22 maxlen: 24
2a00:6d40::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:43:b4:c1:a3:e6:72:cf:69:34:e8:91:08:8a:a9:91:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Nov 4 17:33:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44f38bfc1ac5aefadec7957c08246c3d03ed4176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3c:19:db:49:4a:d3:21:49:ac:27:40:90:c7:
9b:cb:ed:bc:e7:89:75:00:c5:8c:5f:a2:10:3e:81:
72:42:14:60:f6:17:e1:d2:e1:57:19:ef:0d:4c:f4:
c4:fe:44:3e:18:53:e4:c5:ad:49:33:95:75:fa:48:
68:46:60:a4:88:fd:d4:a1:96:86:9b:7a:86:eb:a4:
cc:3a:39:5a:2b:29:9b:00:04:a6:da:48:c9:c3:14:
29:9b:93:5d:51:d5:63:b2:ed:fb:d2:84:21:5c:c5:
98:51:88:0c:94:91:7e:8c:37:1a:b5:a1:3d:7f:1f:
74:f3:3f:9f:4a:f5:2f:39:3b:11:2c:d9:28:c2:41:
ed:c6:80:fe:65:11:fa:ed:7d:60:04:bd:40:03:16:
db:e6:3b:00:67:ad:37:50:34:02:fa:35:70:df:7b:
b1:15:60:44:97:f7:b6:70:b7:12:42:4f:01:f1:ba:
3e:98:5f:ca:7e:68:53:53:3c:1e:96:7a:ef:26:15:
df:d6:30:72:10:c5:a0:e3:11:f1:a1:e9:ce:ef:b0:
5c:05:72:5f:1c:19:a1:8b:df:11:f6:4f:3c:ab:5f:
df:e1:64:94:ea:5d:07:61:05:68:2a:a1:d7:ad:53:
41:2f:48:6e:b7:db:d6:ba:4b:9f:77:91:93:54:cf:
c9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:F3:8B:FC:1A:C5:AE:FA:DE:C7:95:7C:08:24:6C:3D:03:ED:41:76
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/RPOL_BrFrvrex5V8CCRsPQPtQXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.128.0/19
31.11.32.0/21
31.14.128.0/20
46.37.0.0/19
62.149.128.0/17
77.81.224.0/20
80.73.224.0/21
80.211.0.0/16
89.36.208.0/22
89.46.64.0/20
89.46.104.0/21
89.46.192.0/21
94.177.160.0-94.177.255.255
95.110.128.0/17
176.107.144.0/21
185.56.8.0/22
185.58.116.0/22
188.213.160.0/20
194.182.110.0/23
195.231.88.0/21
217.61.0.0/18
217.198.140.0/24
IPv6:
2a00:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
1f:38:61:86:8f:c8:de:55:7d:39:93:a1:e4:d8:b5:1a:b8:ba:
25:22:c9:fe:d6:94:d4:09:76:9c:7a:c8:85:e4:31:2f:56:b0:
f6:87:5b:73:e1:6f:1d:71:5e:63:a5:f1:42:ad:86:67:3a:01:
ff:c4:ef:7e:7b:b0:10:4e:49:4e:e2:9b:25:33:ae:7b:98:8f:
51:78:9e:27:65:78:6d:3b:a4:a0:5d:8f:f1:57:fa:71:f8:1e:
68:b6:01:bf:1c:97:53:e4:91:dd:72:3a:b2:1b:02:59:48:1f:
a1:56:4d:5f:83:0b:d8:48:a1:c8:17:94:69:8e:5f:6c:46:c9:
ed:a6:a4:9d:6e:e5:0a:0c:94:f0:93:99:35:c1:6c:8f:23:dc:
3d:0e:3e:90:7e:db:59:37:f3:05:ad:65:96:1d:31:6c:29:79:
8c:71:a8:8c:ae:a5:3c:8e:c2:1b:f5:05:19:cd:58:55:b0:b1:
69:88:d7:3f:0d:dc:f4:0e:6c:84:95:7e:e3:66:f4:2f:cf:13:
3d:6a:4e:82:75:c9:2b:e3:34:52:8c:20:a4:22:1d:98:de:0c:
4e:e4:f3:3f:ea:77:73:f9:d6:9e:d2:0b:eb:64:ca:ec:11:7c:
33:f7:c0:fb:16:9b:43:12:e9:76:ec:14:52:06:33:f8:47:1e:
92:fc:86:38
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgISAYRDtMGj5nLPaTTokQiKqZHOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjIxMTA0MTczMzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGYzOGJmYzFhYzVhZWZhZGVjNzk1N2MwODI0NmMzZDAzZWQ0MTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDwZ20lK0yFJrCdAkMeby+2854l1
AMWMX6IQPoFyQhRg9hfh0uFXGe8NTPTE/kQ+GFPkxa1JM5V1+khoRmCkiP3UoZaG
m3qG66TMOjlaKymbAASm2kjJwxQpm5NdUdVjsu370oQhXMWYUYgMlJF+jDcataE9
fx908z+fSvUvOTsRLNkowkHtxoD+ZRH67X1gBL1AAxbb5jsAZ603UDQC+jVw33ux
FWBEl/e2cLcSQk8B8bo+mF/KfmhTUzwelnrvJhXf1jByEMWg4xHxoenO77BcBXJf
HBmhi98R9k88q1/f4WSU6l0HYQVoKqHXrVNBL0hut9vWukufd5GTVM/JoQIDAQAB
o4ICoTCCAp0wHQYDVR0OBBYEFETzi/waxa763seVfAgkbD0D7UF2MB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvUlBPTF9CckZydnJleDVWOENDUnNQUVB0UVhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG2BggrBgEFBQcBBwEB/wSBpjCBozCBkQQCAAEwgYoDBAUF
+YADBAMfCyADBAQfDoADBAUuJQADBAc+lYADBARNUeADBANQSeADAwBQ0wMEAlkk
0AMEBFkuQAMEA1kuaAMEA1kuwDALAwQFXrGgAwMBXrADBAdfboADBAOwa5ADBAK5
OAgDBAK5OnQDBAS81aADBAHCtm4DBAPD51gDBAbZPQADBADZxowwDQQCAAIwBwMF
AyoAbUAwDQYJKoZIhvcNAQELBQADggEBAB84YYaPyN5VfTmToeTYtRq4uiUiyf7W
lNQJdpx6yIXkMS9WsPaHW3Phbx1xXmOl8UKthmc6Af/E7357sBBOSU7imyUzrnuY
j1F4nidleG07pKBdj/FX+nH4Hmi2Ab8cl1Pkkd1yOrIbAllIH6FWTV+DC9hIocgX
lGmOX2xGye2mpJ1u5QoMlPCTmTXBbI8j3D0OPpB+21k38wWtZZYdMWwpeYxxqIyu
pTyOwhv1BRnNWFWwsWmI1z8N3PQObISVfuNm9C/PEz1qToJ1ySvjNFKMIKQiHZje
DE7k8z/qd3P51p7SC+tkyuwRfDP3wPsWm0MS6XbsFFIGM/hHHpL8hjg=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:07 2023 by rpki-client on console-fra.rpki-client.org