Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/69984a-29bf-4d76-9561-62ba3a6884c8/1/AUHIL7kvL-FwdKgNNDKT9HOFv9E.roa
File: AUHIL7kvL-FwdKgNNDKT9HOFv9E.roa (raw, json)
Hash identifier: tLJVcA6c2mqo2KMTmdsGmQVzxVPrmWtdbpJ9CfpItCo=
Subject key identifier: 01:41:C8:2F:B9:2F:2F:E1:70:74:A8:0D:34:32:93:F4:73:85:BF:D1
Certificate issuer: /CN=e21df6a8aaa7041d725285d0dd0e180a649bc213
Certificate serial: 03F43F91
Authority key identifier: E2:1D:F6:A8:AA:A7:04:1D:72:52:85:D0:DD:0E:18:0A:64:9B:C2:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4h32qKqnBB1yUoXQ3Q4YCmSbwhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/69984a-29bf-4d76-9561-62ba3a6884c8/1/AUHIL7kvL-FwdKgNNDKT9HOFv9E.roa
Signing time: Sat 01 Jan 2022 05:54:43 +0000
ROA not before: Sat 01 Jan 2022 05:54:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39087
IP address blocks: 194.39.99.0/24 maxlen: 32
194.39.101.0/24 maxlen: 32
91.223.28.0/24 maxlen: 32
194.37.1.0/24 maxlen: 32
91.223.70.0/24 maxlen: 32
185.97.200.0/22 maxlen: 32
194.37.254.0/24 maxlen: 32
91.223.75.0/24 maxlen: 32
5.8.36.0/22 maxlen: 32
91.223.89.0/24 maxlen: 32
2a00:1b78::/29 maxlen: 64
2a0f:a3c0::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66338705 (0x3f43f91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e21df6a8aaa7041d725285d0dd0e180a649bc213
Validity
Not Before: Jan 1 05:54:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0141c82fb92f2fe17074a80d343293f47385bfd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7f:bf:4c:7c:9b:0c:e1:ac:2a:e1:d5:4c:7c:
27:60:e3:7a:4a:0f:b1:79:5a:4a:45:90:18:f4:45:
ec:10:5d:1c:8e:fe:1b:23:45:b1:78:e8:df:4f:a6:
92:40:e1:ae:2d:13:2e:15:21:d9:80:c7:16:e1:45:
09:74:c3:85:50:2d:4e:69:26:fc:26:3f:c3:63:1c:
73:88:50:35:ef:e8:ca:47:7c:d2:36:9b:6d:61:b1:
f1:44:9b:6e:eb:f0:47:e8:77:5b:6c:de:96:44:89:
07:78:07:82:b3:64:88:29:4e:b3:33:fe:99:c7:ec:
15:1c:29:c3:69:09:b1:cb:85:91:d4:ab:45:79:be:
67:8b:6d:cf:61:06:13:fe:7d:47:94:6a:78:d6:90:
d1:11:6f:d6:2f:2d:fc:c4:3f:fb:4a:97:e9:ac:d5:
bb:23:94:f8:8d:55:34:ad:a2:e9:70:ea:c4:f1:33:
af:23:2b:2f:85:7a:0e:4b:5b:5f:2c:b3:fd:ab:d4:
e8:74:ad:7b:66:82:3e:a5:e4:99:b0:0c:e1:40:d4:
ec:7b:74:9d:47:8e:34:a6:f5:e2:d9:af:7d:aa:f3:
a0:d5:f9:90:49:fa:9a:15:a7:30:7f:eb:6c:d5:60:
04:79:c2:e3:59:b5:62:ce:fe:08:3a:9e:f2:6e:23:
e8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:41:C8:2F:B9:2F:2F:E1:70:74:A8:0D:34:32:93:F4:73:85:BF:D1
X509v3 Authority Key Identifier:
keyid:E2:1D:F6:A8:AA:A7:04:1D:72:52:85:D0:DD:0E:18:0A:64:9B:C2:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4h32qKqnBB1yUoXQ3Q4YCmSbwhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/69984a-29bf-4d76-9561-62ba3a6884c8/1/AUHIL7kvL-FwdKgNNDKT9HOFv9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/69984a-29bf-4d76-9561-62ba3a6884c8/1/4h32qKqnBB1yUoXQ3Q4YCmSbwhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.36.0/22
91.223.28.0/24
91.223.70.0/24
91.223.75.0/24
91.223.89.0/24
185.97.200.0/22
194.37.1.0/24
194.37.254.0/24
194.39.99.0/24
194.39.101.0/24
IPv6:
2a00:1b78::/29
2a0f:a3c0::/29
Signature Algorithm: sha256WithRSAEncryption
39:f4:26:30:8c:d1:d5:32:10:6f:b6:1b:96:b0:69:dc:5e:92:
91:28:cc:64:1e:8a:e0:4c:4f:fd:c1:90:1a:0d:99:41:51:6d:
eb:8f:db:dc:ee:c5:93:d2:de:cc:00:ae:ab:d6:79:30:46:58:
8f:67:47:73:46:fb:a6:cc:d6:d6:6b:f4:aa:ff:a2:2f:0c:65:
9c:5d:37:61:cd:e9:41:ae:9f:4f:4d:af:a2:4b:17:02:2b:a4:
c9:0d:45:d0:3c:e0:13:c0:47:b2:2f:7f:3f:fa:7d:5f:2a:e4:
ee:b5:7d:0e:b3:d1:50:9b:7c:8c:0d:34:2f:5d:cd:8b:bc:cf:
08:58:ec:42:db:53:6a:ae:c8:fd:55:f9:14:7c:6c:00:c0:fe:
de:1e:fd:0f:19:bf:80:2a:b7:b8:08:db:57:05:1d:43:14:25:
90:95:2c:52:88:a6:62:2c:e1:a1:ea:ae:32:a7:47:0d:95:c6:
f1:9e:24:1e:4a:65:13:e2:5e:15:33:1f:b2:01:e1:45:28:59:
7f:cd:26:a8:ea:2a:3f:e0:a8:96:2f:3c:64:7c:28:38:88:d9:
51:ec:df:02:6f:a8:4d:bd:10:53:d8:c6:27:68:3a:d3:8b:4f:
90:e3:17:7c:5c:21:29:ad:57:50:df:31:aa:fe:72:cb:7e:38:
4e:d6:d9:76
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIEA/Q/kTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MjFkZjZhOGFhYTcwNDFkNzI1Mjg1ZDBkZDBlMTgwYTY0OWJjMjEzMB4XDTIyMDEw
MTA1NTQ0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDE0MWM4MmZiOTJm
MmZlMTcwNzRhODBkMzQzMjkzZjQ3Mzg1YmZkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALN/v0x8mwzhrCrh1Ux8J2DjekoPsXlaSkWQGPRF7BBdHI7+
GyNFsXjo30+mkkDhri0TLhUh2YDHFuFFCXTDhVAtTmkm/CY/w2Mcc4hQNe/oykd8
0jabbWGx8USbbuvwR+h3W2zelkSJB3gHgrNkiClOszP+mcfsFRwpw2kJscuFkdSr
RXm+Z4ttz2EGE/59R5RqeNaQ0RFv1i8t/MQ/+0qX6azVuyOU+I1VNK2i6XDqxPEz
ryMrL4V6DktbXyyz/avU6HSte2aCPqXkmbAM4UDU7Ht0nUeONKb14tmvfarzoNX5
kEn6mhWnMH/rbNVgBHnC41m1Ys7+CDqe8m4j6DkCAwEAAaOCAlUwggJRMB0GA1Ud
DgQWBBQBQcgvuS8v4XB0qA00MpP0c4W/0TAfBgNVHSMEGDAWgBTiHfaoqqcEHXJS
hdDdDhgKZJvCEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRoMzJxS3FuQkIxeVVvWFEzUTRZQ21TYndoTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjMvNjk5ODRhLTI5YmYtNGQ3Ni05NTYxLTYyYmEzYTY4ODRjOC8x
L0FVSElMN2t2TC1Gd2RLZ05OREtUOUhPRnY5RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMv
Njk5ODRhLTI5YmYtNGQ3Ni05NTYxLTYyYmEzYTY4ODRjOC8xLzRoMzJxS3FuQkIx
eVVvWFEzUTRZQ21TYndoTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBr
BggrBgEFBQcBBwEB/wRcMFowQgQCAAEwPAMEAgUIJAMEAFvfHAMEAFvfRgMEAFvf
SwMEAFvfWQMEArlhyAMEAMIlAQMEAMIl/gMEAMInYwMEAMInZTAUBAIAAjAOAwUD
KgAbeAMFAyoPo8AwDQYJKoZIhvcNAQELBQADggEBADn0JjCM0dUyEG+2G5awadxe
kpEozGQeiuBMT/3BkBoNmUFRbeuP29zuxZPS3swArqvWeTBGWI9nR3NG+6bM1tZr
9Kr/oi8MZZxdN2HN6UGun09Nr6JLFwIrpMkNRdA84BPAR7Ivfz/6fV8q5O61fQ6z
0VCbfIwNNC9dzYu8zwhY7ELbU2quyP1V+RR8bADA/t4e/Q8Zv4Aqt7gI21cFHUMU
JZCVLFKIpmIs4aHqrjKnRw2VxvGeJB5KZRPiXhUzH7IB4UUoWX/NJqjqKj/gqJYv
PGR8KDiI2VHs3wJvqE29EFPYxidoOtOLT5DjF3xcISmtV1DfMar+cst+OE7W2XY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:30 2024 by rpki-client on console-ams.rpki-client.org