Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/33IzTVeuBbNFNMXoupgi6FoGfsA.roa
File: 33IzTVeuBbNFNMXoupgi6FoGfsA.roa (raw, json)
Hash identifier: YIB1IwErUWPelN9JX9NjYq1UrccDA03UQavgW/krgK8=
Subject key identifier: DF:72:33:4D:57:AE:05:B3:45:34:C5:E8:BA:98:22:E8:5A:06:7E:C0
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0325674D
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/33IzTVeuBbNFNMXoupgi6FoGfsA.roa
Signing time: Sat 01 Jan 2022 16:04:22 +0000
ROA not before: Sat 01 Jan 2022 16:04:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51765
IP address blocks: 185.204.1.0/24 maxlen: 24
185.112.82.0/24 maxlen: 24
185.212.149.0/24 maxlen: 24
91.103.253.0/24 maxlen: 24
185.117.118.0/24 maxlen: 24
185.221.162.0/24 maxlen: 24
185.221.163.0/24 maxlen: 24
194.53.52.0/24 maxlen: 24
194.53.54.0/24 maxlen: 24
185.103.110.0/24 maxlen: 24
185.217.196.0/23 maxlen: 23
82.115.220.0/24 maxlen: 24
185.125.51.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52782925 (0x325674d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 16:04:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df72334d57ae05b34534c5e8ba9822e85a067ec0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c1:13:9b:ac:60:c3:08:35:92:40:9e:e1:47:
18:3e:83:aa:dc:31:ac:23:67:bc:0f:09:3e:71:56:
32:7c:ff:ec:d2:6f:e4:cb:fd:17:52:d3:97:44:b0:
77:41:45:96:a2:7e:3d:c8:d1:31:4c:c3:20:8d:3b:
51:f9:bd:67:d5:c7:34:52:20:2a:35:d9:3b:d2:88:
12:6f:8d:76:ed:52:b8:d2:ae:a4:3e:3e:4b:17:96:
8f:d3:18:d1:a8:92:ab:31:d0:c9:0e:9e:a9:3d:87:
65:57:83:2d:a9:dc:ae:0e:41:e6:a1:49:81:50:1d:
45:25:ce:35:86:b0:88:1f:63:6d:eb:b7:6c:34:c6:
09:0f:4b:08:f1:a5:5b:b4:bc:2a:4d:f2:76:6d:88:
08:bf:0e:eb:6a:70:66:75:d5:ab:bd:40:d7:20:36:
9d:ed:41:3f:61:75:3c:70:dd:f5:bb:b0:3e:30:1c:
2c:e7:45:ad:8a:cc:b4:26:3e:62:40:85:1b:e3:89:
e9:56:9d:f8:19:c0:17:0a:f9:07:bc:66:10:aa:9a:
5e:37:72:5f:5f:c4:a8:e5:6e:3c:bd:54:e5:ad:2b:
f4:36:bf:ff:62:be:e1:eb:fd:93:ca:7f:64:d6:f1:
9f:f9:94:8e:db:08:0a:8c:84:04:79:1c:34:5f:f5:
f9:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:72:33:4D:57:AE:05:B3:45:34:C5:E8:BA:98:22:E8:5A:06:7E:C0
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/33IzTVeuBbNFNMXoupgi6FoGfsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.220.0/24
91.103.253.0/24
185.103.110.0/24
185.112.82.0/24
185.117.118.0/24
185.125.51.0/24
185.204.1.0/24
185.212.149.0/24
185.217.196.0/23
185.221.162.0/23
194.53.52.0/24
194.53.54.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:50:3a:4b:72:be:ab:bf:8f:77:20:5f:0b:ed:4b:8d:fd:41:
ff:f7:4c:51:69:0d:85:9a:d9:40:1d:39:23:8c:37:ba:fa:18:
a1:52:ca:fb:f3:12:ec:02:90:4f:2f:2d:5d:08:a7:24:9d:58:
d7:73:f3:f8:60:e5:38:75:16:ac:b8:89:02:8e:9d:8a:be:8e:
c6:77:04:b0:20:e8:a0:e5:ba:75:ea:82:ef:f8:02:0f:29:4d:
25:c3:76:af:be:99:34:ff:d4:d7:90:c2:8e:c7:33:10:f6:75:
2f:f6:88:94:f0:6d:e0:86:3a:9f:6b:dc:e1:f1:75:81:81:e8:
99:77:4d:10:e0:bf:22:2f:d3:a8:f8:8d:bf:61:e9:27:bd:e6:
8a:41:4a:26:ad:ea:93:99:c8:eb:7f:26:21:6f:18:59:29:c7:
cd:6b:dd:a3:86:ea:f3:5f:a0:87:a8:9f:8e:bd:97:f9:42:93:
02:bf:a5:45:48:41:f3:fb:d9:c0:36:91:9b:d7:96:a3:5f:ca:
7d:65:c9:c4:8e:f3:57:e9:c5:eb:54:7c:78:42:0e:cf:12:49:
d9:d8:49:db:e1:c5:4c:3c:35:13:f5:5d:b5:02:fe:75:54:2c:
f0:47:b0:8d:05:41:41:ff:1b:72:f6:4c:aa:93:03:4a:8f:60:
d0:7d:e5:b2
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEAyVnTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDEw
MTE2MDQyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGY3MjMzNGQ1N2Fl
MDViMzQ1MzRjNWU4YmE5ODIyZTg1YTA2N2VjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHBE5usYMMINZJAnuFHGD6DqtwxrCNnvA8JPnFWMnz/7NJv
5Mv9F1LTl0Swd0FFlqJ+PcjRMUzDII07Ufm9Z9XHNFIgKjXZO9KIEm+Ndu1SuNKu
pD4+SxeWj9MY0aiSqzHQyQ6eqT2HZVeDLancrg5B5qFJgVAdRSXONYawiB9jbeu3
bDTGCQ9LCPGlW7S8Kk3ydm2ICL8O62pwZnXVq71A1yA2ne1BP2F1PHDd9buwPjAc
LOdFrYrMtCY+YkCFG+OJ6Vad+BnAFwr5B7xmEKqaXjdyX1/EqOVuPL1U5a0r9Da/
/2K+4ev9k8p/ZNbxn/mUjtsICoyEBHkcNF/1+YcCAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBTfcjNNV64Fs0U0xei6mCLoWgZ+wDAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
LzMzSXpUVmV1QmJORk5NWG91cGdpNkZvR2ZzQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEAFJz3AMEAFtn/QMEALlnbgMEALlw
UgMEALl1dgMEALl9MwMEALnMAQMEALnUlQMEAbnZxAMEAbndogMEAMI1NAMEAMI1
NjANBgkqhkiG9w0BAQsFAAOCAQEAbVA6S3K+q7+PdyBfC+1Ljf1B//dMUWkNhZrZ
QB05I4w3uvoYoVLK+/MS7AKQTy8tXQinJJ1Y13Pz+GDlOHUWrLiJAo6dir6OxncE
sCDooOW6deqC7/gCDylNJcN2r76ZNP/U15DCjsczEPZ1L/aIlPBt4IY6n2vc4fF1
gYHomXdNEOC/Ii/TqPiNv2HpJ73mikFKJq3qk5nI638mIW8YWSnHzWvdo4bq81+g
h6ifjr2X+UKTAr+lRUhB8/vZwDaRm9eWo1/KfWXJxI7zV+nF61R8eEIOzxJJ2dhJ
2+HFTDw1E/VdtQL+dVQs8EewjQVBQf8bcvZMqpMDSo9g0H3lsg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org