Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/IShw6vseKzFBObMQIOQYagr5Ybg.roa
File: IShw6vseKzFBObMQIOQYagr5Ybg.roa (raw, json)
Hash identifier: THQTY+4uBxerMgb2CteoiXyUpAZRV8UVY+MdEn7T40o=
Subject key identifier: 21:28:70:EA:FB:1E:2B:31:41:39:B3:10:20:E4:18:6A:0A:F9:61:B8
Certificate issuer: /CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Certificate serial: 05D9B28B
Authority key identifier: C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/IShw6vseKzFBObMQIOQYagr5Ybg.roa
Signing time: Wed 09 Feb 2022 09:41:19 +0000
ROA not before: Wed 09 Feb 2022 09:41:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35745
IP address blocks: 37.131.160.0/20 maxlen: 20
93.175.128.0/20 maxlen: 20
93.175.129.0/24 maxlen: 24
188.125.224.0/19 maxlen: 19
46.20.58.0/24 maxlen: 24
91.206.108.0/23 maxlen: 23
128.127.80.0/21 maxlen: 21
128.127.80.0/20 maxlen: 20
91.208.50.0/24 maxlen: 24
185.15.232.0/22 maxlen: 22
46.20.48.0/20 maxlen: 20
188.125.244.0/22 maxlen: 22
188.125.242.0/23 maxlen: 23
213.109.32.0/20 maxlen: 20
213.109.40.0/24 maxlen: 24
213.109.39.0/24 maxlen: 24
2a00:10a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98153099 (0x5d9b28b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Validity
Not Before: Feb 9 09:41:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=212870eafb1e2b314139b31020e4186a0af961b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a9:a2:af:5d:b7:04:a5:36:88:ee:4f:a7:ce:
ce:73:a9:c3:dc:ba:86:d0:6f:cb:42:0b:fc:f2:52:
01:ab:bc:b0:e7:87:76:da:08:16:64:90:4c:cc:c4:
93:ba:41:9e:80:7e:8a:0b:14:c3:85:18:7f:1d:43:
9d:9e:66:4e:9a:a4:30:6d:02:70:63:a9:04:ba:a2:
7e:d1:00:8c:76:e5:16:78:45:10:a7:b3:a0:41:62:
c4:81:e7:cb:f9:e4:d8:d5:bb:45:af:be:73:12:ec:
85:f2:8d:f3:0c:09:e3:ac:21:2e:78:e0:56:0d:43:
68:03:e1:f1:3f:77:f8:3a:f7:dc:3d:ff:ab:86:ce:
05:4d:af:aa:57:32:ee:66:ff:ce:a3:b9:39:a7:79:
38:9f:09:21:b6:a7:dd:33:dd:64:58:b3:a6:64:65:
90:2d:36:78:60:a0:26:ec:5c:65:fd:89:5c:b4:aa:
0c:ab:9e:f5:e5:c7:30:df:63:4c:88:07:8c:f4:f5:
85:bb:13:20:f5:34:40:bb:fc:95:05:ea:37:ea:72:
ae:12:3d:74:c7:7c:64:98:26:54:89:7d:85:6e:c5:
07:39:13:30:37:8f:38:50:b8:03:70:87:35:9b:e2:
25:a9:1a:be:b5:ff:00:b1:fe:85:fa:49:e7:da:ad:
ad:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:28:70:EA:FB:1E:2B:31:41:39:B3:10:20:E4:18:6A:0A:F9:61:B8
X509v3 Authority Key Identifier:
keyid:C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/IShw6vseKzFBObMQIOQYagr5Ybg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.131.160.0/20
46.20.48.0/20
91.206.108.0/23
91.208.50.0/24
93.175.128.0/20
128.127.80.0/20
185.15.232.0/22
188.125.224.0/19
213.109.32.0/20
IPv6:
2a00:10a0::/32
Signature Algorithm: sha256WithRSAEncryption
0e:41:9d:eb:35:88:16:8e:ba:dc:6a:5f:7c:ce:50:6f:bb:dd:
38:0e:af:01:36:1b:73:0b:d7:07:6c:2e:75:45:1f:ad:07:0e:
36:1a:6c:1a:cc:d3:de:d4:66:da:14:7e:2f:1e:32:46:99:6e:
d0:a8:60:0a:bb:24:29:ef:39:fd:e5:11:37:87:58:f3:33:f2:
dc:bc:cc:cd:71:c2:d0:84:89:e5:7f:b5:4e:8a:9b:d8:84:23:
ff:b1:be:96:b0:50:e3:aa:c0:e0:61:65:72:ad:c0:1b:5f:b0:
42:1d:d3:dd:7f:3e:0d:c4:ce:0a:4c:2c:96:e2:79:e5:22:20:
ee:ed:ba:14:77:4b:76:8e:72:2a:70:2d:fa:43:23:a8:15:22:
bc:f5:88:c4:13:21:93:88:4f:91:0d:97:1b:99:9f:79:30:ba:
16:73:13:89:38:8a:c0:55:00:cc:f3:72:fb:2c:6c:1b:d1:e8:
6b:1e:a4:41:ea:7f:86:6b:f6:fb:bd:78:8a:6c:1c:94:84:10:
39:38:89:67:96:99:f8:a5:10:0e:6d:c7:7e:56:c1:7d:8e:39:
dc:5f:f9:64:3a:3c:66:fc:62:21:3d:7f:fc:6d:54:a2:8a:e0:
36:8a:92:4f:fb:6e:11:69:32:08:1c:76:35:d7:ca:1b:d3:68:
11:63:6b:27
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEBdmyizANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDFjNzIyMWVkZTNhZjVlZTkyZTMyMDZhZjJmMThiZDAxMGQ1ZGQ5MB4XDTIyMDIw
OTA5NDExOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjEyODcwZWFmYjFl
MmIzMTQxMzliMzEwMjBlNDE4NmEwYWY5NjFiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK+poq9dtwSlNojuT6fOznOpw9y6htBvy0IL/PJSAau8sOeH
dtoIFmSQTMzEk7pBnoB+igsUw4UYfx1DnZ5mTpqkMG0CcGOpBLqiftEAjHblFnhF
EKezoEFixIHny/nk2NW7Ra++cxLshfKN8wwJ46whLnjgVg1DaAPh8T93+Dr33D3/
q4bOBU2vqlcy7mb/zqO5Oad5OJ8JIban3TPdZFizpmRlkC02eGCgJuxcZf2JXLSq
DKue9eXHMN9jTIgHjPT1hbsTIPU0QLv8lQXqN+pyrhI9dMd8ZJgmVIl9hW7FBzkT
MDePOFC4A3CHNZviJakavrX/ALH+hfpJ59qtrdkCAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBQhKHDq+x4rMUE5sxAg5BhqCvlhuDAfBgNVHSMEGDAWgBTEHHIh7eOvXuku
MgavLxi9AQ1d2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hCeHlJZTNqcjE3cExqSUdyeThZdlFFTlhkay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvZTk5YjM1LThjZjYtNDkzNC1hNTkxLTk5MzBmMjE5NGEwZS8x
L0lTaHc2dnNlS3pGQk9iTVFJT1FZYWdyNVliZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
ZTk5YjM1LThjZjYtNDkzNC1hNTkxLTk5MzBmMjE5NGEwZS8xL3hCeHlJZTNqcjE3
cExqSUdyeThZdlFFTlhkay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEBCWDoAMEBC4UMAMEAVvObAMEAFvQ
MgMEBF2vgAMEBIB/UAMEArkP6AMEBbx94AMEBNVtIDANBAIAAjAHAwUAKgAQoDAN
BgkqhkiG9w0BAQsFAAOCAQEADkGd6zWIFo663GpffM5Qb7vdOA6vATYbcwvXB2wu
dUUfrQcONhpsGszT3tRm2hR+Lx4yRplu0KhgCrskKe85/eURN4dY8zPy3LzMzXHC
0ISJ5X+1Toqb2IQj/7G+lrBQ46rA4GFlcq3AG1+wQh3T3X8+DcTOCkwsluJ55SIg
7u26FHdLdo5yKnAt+kMjqBUivPWIxBMhk4hPkQ2XG5mfeTC6FnMTiTiKwFUAzPNy
+yxsG9Hoax6kQep/hmv2+714imwclIQQOTiJZ5aZ+KUQDm3HflbBfY453F/5ZDo8
ZvxiIT1//G1UoorgNoqST/tuEWkyCBx2NdfKG9NoEWNrJw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:26 2024 by rpki-client on console-ams.rpki-client.org