Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/I4cxaGUmFZOq5aAwxSF4TCLHuSw.roa
File: I4cxaGUmFZOq5aAwxSF4TCLHuSw.roa (raw, json)
Hash identifier: D9gDktO886CmQRfwdKYF/LIqjvZIlAAd/8ofA9brV7U=
Subject key identifier: 23:87:31:68:65:26:15:93:AA:E5:A0:30:C5:21:78:4C:22:C7:B9:2C
Certificate issuer: /CN=2e6b33413faa5e5e1d279a2a25ff81d8d15325df
Certificate serial: 37B95635
Authority key identifier: 2E:6B:33:41:3F:AA:5E:5E:1D:27:9A:2A:25:FF:81:D8:D1:53:25:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmszQT-qXl4dJ5oqJf-B2NFTJd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/I4cxaGUmFZOq5aAwxSF4TCLHuSw.roa
Signing time: Sat 01 Jan 2022 05:56:57 +0000
ROA not before: Sat 01 Jan 2022 05:56:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2614
IP address blocks: 217.73.160.0/20 maxlen: 20
37.128.224.0/20 maxlen: 20
185.118.200.0/22 maxlen: 22
46.243.112.0/21 maxlen: 24
176.126.208.0/21 maxlen: 21
178.23.64.0/21 maxlen: 21
2001:b30::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 934893109 (0x37b95635)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6b33413faa5e5e1d279a2a25ff81d8d15325df
Validity
Not Before: Jan 1 05:56:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2387316865261593aae5a030c521784c22c7b92c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f8:d2:4f:0d:3e:56:06:fe:f4:4d:e0:2d:3b:
3a:57:75:c9:c0:8c:16:64:e2:86:b0:d9:09:9a:f3:
b2:f5:03:72:da:59:06:67:cd:c5:0d:54:e7:a4:9e:
db:e5:ea:c0:05:4a:c5:96:c0:56:87:ed:e2:55:43:
90:1e:22:e6:1b:db:b9:6e:cf:d9:97:eb:d3:56:1f:
c0:ca:a8:99:63:e7:63:a6:ba:10:9d:c8:00:15:c0:
be:4d:b7:0c:c6:65:f7:bc:80:02:63:4e:5f:3d:3e:
66:d7:d7:fe:db:d6:78:a0:be:99:5c:0d:41:88:dc:
b0:c3:ec:7c:5f:b2:df:6e:91:32:97:d8:21:34:2b:
61:d2:b7:72:9f:ae:cb:10:f5:17:3c:44:33:85:d4:
c5:69:d6:af:7e:58:65:6a:b0:07:65:af:77:0b:d9:
39:2b:0f:9b:1a:3f:f1:10:4c:8e:b5:8a:eb:4d:f0:
a4:b2:5c:55:f3:a5:b1:9d:d2:6d:17:6d:96:ff:2e:
e3:db:9d:7f:f5:09:0b:76:f8:98:33:b2:84:25:39:
99:2c:24:9a:b6:85:88:14:b1:c8:67:c6:01:31:85:
44:32:17:55:c1:d2:78:41:c0:58:49:a9:6b:1b:45:
b0:b7:76:a2:ec:82:c0:3e:de:45:c2:94:b5:75:36:
ff:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:87:31:68:65:26:15:93:AA:E5:A0:30:C5:21:78:4C:22:C7:B9:2C
X509v3 Authority Key Identifier:
keyid:2E:6B:33:41:3F:AA:5E:5E:1D:27:9A:2A:25:FF:81:D8:D1:53:25:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmszQT-qXl4dJ5oqJf-B2NFTJd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/I4cxaGUmFZOq5aAwxSF4TCLHuSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/LmszQT-qXl4dJ5oqJf-B2NFTJd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.224.0/20
46.243.112.0/21
176.126.208.0/21
178.23.64.0/21
185.118.200.0/22
217.73.160.0/20
IPv6:
2001:b30::/29
Signature Algorithm: sha256WithRSAEncryption
37:9a:f0:79:d9:b8:89:ff:75:6b:37:76:24:66:fe:06:66:36:
d1:08:75:ae:5b:ea:54:1c:de:41:1e:5e:37:68:03:ff:13:51:
9b:9c:bf:e7:7a:75:ac:aa:32:16:4e:95:93:9c:de:ce:3d:6d:
3e:26:3e:cc:04:c0:35:1a:75:dd:e9:4a:68:7b:a4:fb:14:e9:
c9:a2:36:ce:e8:93:cf:6d:65:ac:23:52:b5:f5:fa:f9:df:11:
b3:e7:61:2e:aa:fd:b1:b4:6f:9a:a9:20:ce:c5:d4:c2:83:22:
c2:99:bb:4c:75:58:fa:95:90:d7:57:bd:d8:80:da:6c:b9:3a:
ea:4f:6d:b8:3c:8d:d7:c2:88:eb:b1:d4:ed:b6:bc:ea:39:6e:
74:c2:ec:db:e4:db:77:c3:8d:f0:fa:41:0c:8e:9c:d1:68:fd:
b9:88:f2:2f:f9:ae:c6:7d:53:e5:44:17:f7:66:8b:c5:a1:ff:
9e:d9:88:30:d8:c9:6b:81:2e:84:1d:e4:b8:46:08:c4:c9:dd:
27:d8:f3:ee:32:bb:b0:06:f1:b3:3c:bc:6a:fe:82:3b:30:df:
37:70:2f:40:ac:8c:6f:ff:72:ad:aa:63:2c:53:98:53:b9:bf:
bb:75:70:0d:fe:55:60:bf:cb:12:54:36:4a:b6:59:6c:35:62:
36:b1:23:0b
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEN7lWNTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZTZiMzM0MTNmYWE1ZTVlMWQyNzlhMmEyNWZmODFkOGQxNTMyNWRmMB4XDTIyMDEw
MTA1NTY1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjM4NzMxNjg2NTI2
MTU5M2FhZTVhMDMwYzUyMTc4NGMyMmM3YjkyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMD40k8NPlYG/vRN4C07Old1ycCMFmTihrDZCZrzsvUDctpZ
BmfNxQ1U56Se2+XqwAVKxZbAVoft4lVDkB4i5hvbuW7P2Zfr01YfwMqomWPnY6a6
EJ3IABXAvk23DMZl97yAAmNOXz0+ZtfX/tvWeKC+mVwNQYjcsMPsfF+y326RMpfY
ITQrYdK3cp+uyxD1FzxEM4XUxWnWr35YZWqwB2WvdwvZOSsPmxo/8RBMjrWK603w
pLJcVfOlsZ3SbRdtlv8u49udf/UJC3b4mDOyhCU5mSwkmraFiBSxyGfGATGFRDIX
VcHSeEHAWEmpaxtFsLd2ouyCwD7eRcKUtXU2/98CAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQjhzFoZSYVk6rloDDFIXhMIse5LDAfBgNVHSMEGDAWgBQuazNBP6peXh0n
miol/4HY0VMl3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xtc3pRVC1xWGw0ZEo1b3FKZi1CMk5GVEpkOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvYWNjZGU4LWY0NmYtNGVmOS05NGFmLThkZDgxZTRiM2UzMy8x
L0k0Y3hhR1VtRlpPcTVhQXd4U0Y0VENMSHVTdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
YWNjZGU4LWY0NmYtNGVmOS05NGFmLThkZDgxZTRiM2UzMy8xL0xtc3pRVC1xWGw0
ZEo1b3FKZi1CMk5GVEpkOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEBCWA4AMEAy7zcAMEA7B+0AMEA7IX
QAMEArl2yAMEBNlJoDANBAIAAjAHAwUDIAELMDANBgkqhkiG9w0BAQsFAAOCAQEA
N5rwedm4if91azd2JGb+BmY20Qh1rlvqVBzeQR5eN2gD/xNRm5y/53p1rKoyFk6V
k5zezj1tPiY+zATANRp13elKaHuk+xTpyaI2zuiTz21lrCNStfX6+d8Rs+dhLqr9
sbRvmqkgzsXUwoMiwpm7THVY+pWQ11e92IDabLk66k9tuDyN18KI67HU7ba86jlu
dMLs2+Tbd8ON8PpBDI6c0Wj9uYjyL/muxn1T5UQX92aLxaH/ntmIMNjJa4EuhB3k
uEYIxMndJ9jz7jK7sAbxszy8av6COzDfN3AvQKyMb/9yrapjLFOYU7m/u3VwDf5V
YL/LElQ2SrZZbDViNrEjCw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:52 2024 by rpki-client on console-fra.rpki-client.org