Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/H3dQhErbWO690PAg2uMnfCQxJpY.roa
File: H3dQhErbWO690PAg2uMnfCQxJpY.roa (raw, json)
Hash identifier: AI715DS6k/MibjKWMA7TV07/DKriBbdHmlgqC3Xcet4=
Subject key identifier: 1F:77:50:84:4A:DB:58:EE:BD:D0:F0:20:DA:E3:27:7C:24:31:26:96
Certificate issuer: /CN=6ff362c0765afb7b9804b6d819470007b01f262e
Certificate serial: 046547B5
Authority key identifier: 6F:F3:62:C0:76:5A:FB:7B:98:04:B6:D8:19:47:00:07:B0:1F:26:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/H3dQhErbWO690PAg2uMnfCQxJpY.roa
Signing time: Fri 22 Apr 2022 09:34:56 +0000
ROA not before: Fri 22 Apr 2022 09:34:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31399
IP address blocks: 141.113.232.0/21 maxlen: 21
141.113.240.0/21 maxlen: 21
141.113.248.0/21 maxlen: 21
141.113.192.0/21 maxlen: 21
141.113.204.0/22 maxlen: 22
141.113.200.0/22 maxlen: 22
141.113.208.0/21 maxlen: 21
141.113.216.0/21 maxlen: 21
141.113.224.0/21 maxlen: 21
141.113.16.0/21 maxlen: 21
141.113.24.0/22 maxlen: 22
141.113.36.0/22 maxlen: 22
141.113.32.0/22 maxlen: 22
141.113.32.0/21 maxlen: 21
141.113.40.0/21 maxlen: 21
141.113.48.0/21 maxlen: 21
141.113.56.0/21 maxlen: 21
141.113.64.0/21 maxlen: 21
53.0.0.0/8 maxlen: 8
141.113.0.0/21 maxlen: 21
141.113.8.0/21 maxlen: 21
53.3.144.0/21 maxlen: 21
141.113.120.0/21 maxlen: 21
141.113.72.0/21 maxlen: 21
141.113.88.0/22 maxlen: 22
141.113.96.0/21 maxlen: 21
141.113.104.0/21 maxlen: 21
141.113.112.0/21 maxlen: 21
2a03:9e40::/29 maxlen: 29
2a03:9e42::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73746357 (0x46547b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ff362c0765afb7b9804b6d819470007b01f262e
Validity
Not Before: Apr 22 09:34:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f7750844adb58eebdd0f020dae3277c24312696
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:31:42:ef:87:7e:99:65:1c:0d:db:fd:79:d1:
1f:f9:4c:21:b6:e1:2d:67:a9:ee:f7:d5:1d:d0:4a:
e5:d7:e9:6e:fc:a9:a5:7f:c6:3b:7e:51:f2:e5:dd:
51:21:f9:ec:bc:5a:3f:75:1b:bc:9c:5e:d7:c0:59:
d1:bd:fe:be:39:f1:9b:72:17:e6:0a:c3:ff:e5:96:
e8:d3:c8:15:35:82:cc:12:6e:74:3d:ba:1f:1a:5e:
a7:aa:06:c4:48:6a:a2:b3:0a:60:5a:47:53:3a:5f:
f6:46:89:9b:d4:f4:3b:a8:f7:12:6b:37:bc:c2:ef:
a5:3e:5a:60:32:90:d7:da:6c:79:1d:30:4c:39:70:
9f:92:5b:70:fd:dc:4e:70:42:24:d1:fb:60:cf:20:
55:54:ab:04:e5:20:79:c0:76:b8:6c:a5:0d:4b:f5:
da:fd:6d:33:87:61:29:1a:5b:51:25:b0:7b:9b:b5:
81:bf:92:0d:d9:82:06:47:1e:5b:fb:b0:d1:ff:81:
6e:1b:ea:8e:c2:95:69:b2:32:4c:92:aa:98:9e:1a:
7f:10:13:8a:87:d9:af:74:0d:a2:33:48:25:2f:fb:
5f:f4:2a:81:a5:71:ea:72:78:df:ac:7b:29:45:9e:
5e:67:d6:c8:68:fe:5a:08:27:e0:61:2f:6f:b0:d5:
15:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:77:50:84:4A:DB:58:EE:BD:D0:F0:20:DA:E3:27:7C:24:31:26:96
X509v3 Authority Key Identifier:
keyid:6F:F3:62:C0:76:5A:FB:7B:98:04:B6:D8:19:47:00:07:B0:1F:26:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/H3dQhErbWO690PAg2uMnfCQxJpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/b_NiwHZa-3uYBLbYGUcAB7AfJi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
53.0.0.0/8
141.113.0.0-141.113.27.255
141.113.32.0-141.113.79.255
141.113.88.0/22
141.113.96.0/19
141.113.192.0/18
IPv6:
2a03:9e40::/29
Signature Algorithm: sha256WithRSAEncryption
2a:67:d8:77:aa:ec:2a:94:9a:5b:d4:d1:3c:fa:be:9b:04:9f:
15:1b:74:b2:58:33:2b:38:18:fd:6c:13:31:f2:65:2c:10:51:
73:ad:ea:f6:9c:9d:6c:48:f7:f0:05:d9:b0:2b:0f:30:71:3e:
71:10:23:7f:84:65:c8:44:64:36:46:ed:71:ea:1f:23:92:a4:
c9:2d:2f:48:76:dc:f3:1b:d2:c9:25:4c:93:a9:76:f2:f0:bf:
3f:93:e8:1c:3c:3c:0d:ee:3f:44:1c:37:7c:36:e6:60:e8:87:
c3:b9:4a:60:e6:c2:5e:78:d9:a8:f3:38:12:53:fb:b4:cb:77:
25:a5:52:51:e6:43:bf:3b:30:09:2f:ba:55:03:20:53:97:75:
f0:7d:e1:c8:57:ac:2d:80:10:78:ec:28:76:c8:89:e3:37:a8:
9e:2c:e0:f7:05:17:82:62:fe:87:a4:7d:ee:12:3a:24:3d:d6:
2b:c6:f6:8a:5b:97:14:62:91:3c:ed:16:04:c9:e5:78:48:8a:
a3:fa:f9:4a:c9:db:6b:e1:47:71:3b:21:60:c9:4c:24:79:80:
75:55:a7:33:37:33:23:7b:44:b4:64:9e:01:77:8c:56:99:6e:
6d:68:b3:f1:3f:98:4d:e7:e8:bb:fc:50:01:da:5f:08:27:8f:
ab:24:2b:19
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIEBGVHtTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZmYzNjJjMDc2NWFmYjdiOTgwNGI2ZDgxOTQ3MDAwN2IwMWYyNjJlMB4XDTIyMDQy
MjA5MzQ1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWY3NzUwODQ0YWRi
NThlZWJkZDBmMDIwZGFlMzI3N2MyNDMxMjY5NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMYxQu+HfpllHA3b/XnRH/lMIbbhLWep7vfVHdBK5dfpbvyp
pX/GO35R8uXdUSH57LxaP3UbvJxe18BZ0b3+vjnxm3IX5grD/+WW6NPIFTWCzBJu
dD26Hxpep6oGxEhqorMKYFpHUzpf9kaJm9T0O6j3Ems3vMLvpT5aYDKQ19pseR0w
TDlwn5JbcP3cTnBCJNH7YM8gVVSrBOUgecB2uGylDUv12v1tM4dhKRpbUSWwe5u1
gb+SDdmCBkceW/uw0f+BbhvqjsKVabIyTJKqmJ4afxATiofZr3QNojNIJS/7X/Qq
gaVx6nJ436x7KUWeXmfWyGj+Wggn4GEvb7DVFU8CAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBQfd1CESttY7r3Q8CDa4yd8JDEmljAfBgNVHSMEGDAWgBRv82LAdlr7e5gE
ttgZRwAHsB8mLjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JfTml3SFphLTN1WUJMYllHVWNBQjdBZkppNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjcvZTAxMTkwLTUyMDQtNDRjNS1hMTFhLWRhZmQ3NDc2M2QyMy8x
L0gzZFFoRXJiV082OTBQQWcydU1uZkNReEpwWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjcv
ZTAxMTkwLTUyMDQtNDRjNS1hMTFhLWRhZmQ3NDc2M2QyMy8xL2JfTml3SFphLTN1
WUJMYllHVWNBQjdBZkppNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwNwQCAAEwMQMCADUwCwMDAI1xAwQCjXEYMAwDBAWN
cSADBASNcUADBAKNcVgDBAWNcWADBAaNccAwDQQCAAIwBwMFAyoDnkAwDQYJKoZI
hvcNAQELBQADggEBACpn2Heq7CqUmlvU0Tz6vpsEnxUbdLJYMys4GP1sEzHyZSwQ
UXOt6vacnWxI9/AF2bArDzBxPnEQI3+EZchEZDZG7XHqHyOSpMktL0h23PMb0skl
TJOpdvLwvz+T6Bw8PA3uP0QcN3w25mDoh8O5SmDmwl542ajzOBJT+7TLdyWlUlHm
Q787MAkvulUDIFOXdfB94chXrC2AEHjsKHbIieM3qJ4s4PcFF4Ji/oekfe4SOiQ9
1ivG9opblxRikTztFgTJ5XhIiqP6+UrJ22vhR3E7IWDJTCR5gHVVpzM3MyN7RLRk
ngF3jFaZbm1os/E/mE3n6Lv8UAHaXwgnj6skKxk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:43 2023 by rpki-client on console-fra.rpki-client.org