Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/124dd5-cab0-46ec-be67-42040df3b6af/1/4wXIo8S6lA9bew3Y3xtg9CJl6Io.roa
File: 4wXIo8S6lA9bew3Y3xtg9CJl6Io.roa (raw, json)
Hash identifier: +MPF6Y3wU77YQc6lCSRrxWp5YwkOTY+EK47zA8MW0JQ=
Subject key identifier: E3:05:C8:A3:C4:BA:94:0F:5B:7B:0D:D8:DF:1B:60:F4:22:65:E8:8A
Certificate issuer: /CN=9532b4f2b47bbe1934a224081cc37f170d7248d2
Certificate serial: 34B86F07
Authority key identifier: 95:32:B4:F2:B4:7B:BE:19:34:A2:24:08:1C:C3:7F:17:0D:72:48:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lTK08rR7vhk0oiQIHMN_Fw1ySNI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/124dd5-cab0-46ec-be67-42040df3b6af/1/4wXIo8S6lA9bew3Y3xtg9CJl6Io.roa
Signing time: Sat 01 Jan 2022 10:04:28 +0000
ROA not before: Sat 01 Jan 2022 10:04:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12355
IP address blocks: 212.37.32.0/19 maxlen: 32
185.166.176.0/22 maxlen: 32
188.136.0.0/17 maxlen: 32
83.216.224.0/19 maxlen: 32
88.208.128.0/18 maxlen: 32
2001:14f7::/32 maxlen: 128
2001:14f0::/29 maxlen: 128
2001:14f6::/32 maxlen: 128
2001:14f0::/32 maxlen: 128
2001:14f3::/32 maxlen: 128
2001:14f2::/32 maxlen: 128
2001:14f1::/32 maxlen: 128
2001:14f5::/32 maxlen: 128
2001:14f4::/32 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 884502279 (0x34b86f07)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9532b4f2b47bbe1934a224081cc37f170d7248d2
Validity
Not Before: Jan 1 10:04:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e305c8a3c4ba940f5b7b0dd8df1b60f42265e88a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:63:ac:7a:98:33:8b:47:b7:2d:fa:f4:95:8c:
23:e3:a9:be:f7:9d:da:ac:77:f5:78:e1:15:20:3b:
c5:4e:3d:1a:c6:e0:be:f9:1f:fe:0f:df:26:7e:9e:
04:c3:b5:64:52:50:60:80:4d:e2:63:0f:6c:46:a9:
23:bb:23:08:41:32:09:df:01:f7:c9:90:d4:7f:aa:
34:e4:27:9e:b0:4f:b5:32:02:49:8b:bb:41:4f:4e:
77:64:26:15:62:eb:88:3e:39:ef:dc:d5:89:4f:ac:
46:3f:97:e8:c7:b0:0b:93:86:3a:ab:2e:35:73:74:
19:12:66:31:0b:3f:8d:e4:de:eb:45:31:41:eb:38:
63:2f:29:77:fc:af:be:43:98:cb:b3:98:7c:3f:3c:
5c:24:0c:ee:1d:de:5f:27:e2:69:2f:1f:b8:c9:11:
15:5c:7e:2c:be:55:62:e2:9a:eb:fa:13:26:36:41:
6a:75:a0:16:f3:8e:77:d1:a1:d2:4e:2a:51:df:34:
7c:c6:88:e4:8d:32:90:1a:63:b9:87:1e:44:08:be:
14:88:1d:48:be:31:3e:aa:fe:c1:9d:1a:c5:b8:51:
e7:ca:b1:44:4f:1f:7e:7c:72:11:11:2d:f6:42:2c:
d7:7a:7b:1e:8e:f1:7b:09:35:7e:6a:9d:73:9a:7b:
0a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:05:C8:A3:C4:BA:94:0F:5B:7B:0D:D8:DF:1B:60:F4:22:65:E8:8A
X509v3 Authority Key Identifier:
keyid:95:32:B4:F2:B4:7B:BE:19:34:A2:24:08:1C:C3:7F:17:0D:72:48:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lTK08rR7vhk0oiQIHMN_Fw1ySNI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/124dd5-cab0-46ec-be67-42040df3b6af/1/4wXIo8S6lA9bew3Y3xtg9CJl6Io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/124dd5-cab0-46ec-be67-42040df3b6af/1/lTK08rR7vhk0oiQIHMN_Fw1ySNI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.216.224.0/19
88.208.128.0/18
185.166.176.0/22
188.136.0.0/17
212.37.32.0/19
IPv6:
2001:14f0::/29
Signature Algorithm: sha256WithRSAEncryption
43:e8:f6:d9:60:74:81:c8:a4:f1:f7:b4:50:2a:9c:83:6d:b5:
1a:29:ee:31:98:77:97:40:a8:aa:1c:ac:07:18:52:41:a3:f3:
7d:f0:c5:89:36:33:b8:06:86:bc:6a:0a:62:b1:19:1b:0c:9b:
a1:30:ca:36:56:8c:e7:d7:2d:32:b0:47:9d:87:a8:35:c9:ea:
02:d9:9c:5a:6a:2f:c4:0c:79:cc:e0:7b:94:f8:39:b8:70:04:
52:d4:3b:df:da:4c:02:c1:54:79:b8:d1:7a:0d:0f:6d:a6:a6:
f7:c8:f4:6c:bb:6c:06:9b:f8:0b:ae:e6:57:39:5a:21:59:d0:
92:77:19:12:67:bc:d6:ed:27:1e:5a:40:55:97:24:3f:26:7d:
c0:54:6a:c5:77:46:56:07:9d:5e:59:95:5e:c2:03:03:7b:41:
9e:a8:a1:bb:03:8d:51:1b:28:39:5c:d5:e5:3a:65:8b:75:d6:
7d:28:1c:cf:f3:6f:31:d4:2d:d9:70:90:de:98:26:01:c4:1b:
18:53:3b:df:aa:ae:e7:b4:cf:58:d4:d0:a3:d4:af:df:3a:9c:
9d:20:d9:d0:a5:81:c0:68:4f:13:f2:4d:9f:63:3a:db:44:a9:
87:6d:c9:02:5a:56:4d:fa:7a:94:14:6c:e9:8b:e6:00:f6:50:
aa:03:0b:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIENLhvBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NTMyYjRmMmI0N2JiZTE5MzRhMjI0MDgxY2MzN2YxNzBkNzI0OGQyMB4XDTIyMDEw
MTEwMDQyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTMwNWM4YTNjNGJh
OTQwZjViN2IwZGQ4ZGYxYjYwZjQyMjY1ZTg4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMtjrHqYM4tHty369JWMI+Opvved2qx39XjhFSA7xU49Gsbg
vvkf/g/fJn6eBMO1ZFJQYIBN4mMPbEapI7sjCEEyCd8B98mQ1H+qNOQnnrBPtTIC
SYu7QU9Od2QmFWLriD4579zViU+sRj+X6MewC5OGOqsuNXN0GRJmMQs/jeTe60Ux
Qes4Yy8pd/yvvkOYy7OYfD88XCQM7h3eXyfiaS8fuMkRFVx+LL5VYuKa6/oTJjZB
anWgFvOOd9Gh0k4qUd80fMaI5I0ykBpjuYceRAi+FIgdSL4xPqr+wZ0axbhR58qx
RE8ffnxyEREt9kIs13p7Ho7xewk1fmqdc5p7ClECAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTjBcijxLqUD1t7DdjfG2D0ImXoijAfBgNVHSMEGDAWgBSVMrTytHu+GTSi
JAgcw38XDXJI0jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xUSzA4clI3dmhrMG9pUUlITU5fRncxeVNOSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvMTI0ZGQ1LWNhYjAtNDZlYy1iZTY3LTQyMDQwZGYzYjZhZi8x
LzR3WElvOFM2bEE5YmV3M1kzeHRnOUNKbDZJby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
MTI0ZGQ1LWNhYjAtNDZlYy1iZTY3LTQyMDQwZGYzYjZhZi8xL2xUSzA4clI3dmhr
MG9pUUlITU5fRncxeVNOSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBVPY4AMEBljQgAMEArmmsAMEB7yI
AAMEBdQlIDANBAIAAjAHAwUDIAEU8DANBgkqhkiG9w0BAQsFAAOCAQEAQ+j22WB0
gcik8fe0UCqcg221GinuMZh3l0CoqhysBxhSQaPzffDFiTYzuAaGvGoKYrEZGwyb
oTDKNlaM59ctMrBHnYeoNcnqAtmcWmovxAx5zOB7lPg5uHAEUtQ739pMAsFUebjR
eg0Pbaam98j0bLtsBpv4C67mVzlaIVnQkncZEme81u0nHlpAVZckPyZ9wFRqxXdG
VgedXlmVXsIDA3tBnqihuwONURsoOVzV5Tpli3XWfSgcz/NvMdQt2XCQ3pgmAcQb
GFM736qu57TPWNTQo9Sv3zqcnSDZ0KWBwGhPE/JNn2M620Sph23JAlpWTfp6lBRs
6YvmAPZQqgMLGg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:53 2024 by rpki-client on console-ams.rpki-client.org