Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/5LFs1lGm9EyNPx3RBywdvLxnUdM.roa
File: 5LFs1lGm9EyNPx3RBywdvLxnUdM.roa (raw, json)
Hash identifier: aFDcc5yeS6VXh+P/oDLwgmtximPRtkMwtUc418GX0vE=
Subject key identifier: E4:B1:6C:D6:51:A6:F4:4C:8D:3F:1D:D1:07:2C:1D:BC:BC:67:51:D3
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505A42E725E2F62330F4EA8DBB1AB982C
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/5LFs1lGm9EyNPx3RBywdvLxnUdM.roa
Signing time: Mon 12 Dec 2022 09:22:03 +0000
ROA not before: Mon 12 Dec 2022 09:22:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50928
IP address blocks: 46.29.192.0/21 maxlen: 21
46.29.199.0/24 maxlen: 24
46.29.194.0/24 maxlen: 24
46.29.196.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
188.170.244.0/23 maxlen: 23
188.170.244.0/24 maxlen: 24
188.170.245.0/24 maxlen: 24
188.170.250.0/24 maxlen: 24
188.170.251.0/24 maxlen: 24
188.170.252.0/24 maxlen: 24
188.170.248.0/24 maxlen: 24
188.170.249.0/24 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 21
188.162.0.0/16 maxlen: 24
178.23.149.0/24 maxlen: 24
178.23.148.0/24 maxlen: 24
178.23.151.0/24 maxlen: 24
178.23.150.0/24 maxlen: 24
178.176.250.0/24 maxlen: 24
178.176.251.0/24 maxlen: 24
178.176.252.0/24 maxlen: 24
178.176.248.0/24 maxlen: 24
178.176.253.0/24 maxlen: 24
178.176.249.0/24 maxlen: 24
37.29.81.0/24 maxlen: 24
37.29.80.0/24 maxlen: 24
37.29.83.0/24 maxlen: 24
37.29.80.0/22 maxlen: 22
37.29.82.0/24 maxlen: 24
195.5.128.0/19 maxlen: 24
31.173.248.0/21 maxlen: 21
31.173.248.0/24 maxlen: 24
31.173.252.0/24 maxlen: 24
31.173.253.0/24 maxlen: 24
31.173.249.0/24 maxlen: 24
31.173.250.0/24 maxlen: 24
31.173.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:a4:2e:72:5e:2f:62:33:0f:4e:a8:db:b1:ab:98:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 09:22:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e4b16cd651a6f44c8d3f1dd1072c1dbcbc6751d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:78:6a:41:48:f9:d0:8c:e4:18:ed:f4:04:df:
dc:1d:a4:ac:ac:9b:20:20:ee:b6:df:9a:56:ef:f6:
2f:a7:1c:9a:59:76:12:f4:d8:8e:fd:2d:36:77:99:
f9:bb:f3:38:a2:a0:a1:88:a8:94:c3:b2:94:d8:bb:
83:e5:c5:55:4e:cb:5a:f4:ee:66:33:ae:cd:8e:9a:
39:9a:15:9c:0d:8d:9a:a7:f2:3a:48:44:d9:fb:15:
ab:0c:9b:91:b1:62:ce:aa:cb:50:c2:da:bd:65:fd:
03:e3:0b:75:2d:7f:ae:71:c2:15:9e:7e:10:27:16:
2f:c5:35:6a:26:7c:a8:69:42:ba:2f:27:cf:67:c5:
db:f8:bf:92:cc:d4:99:fd:ac:ea:66:53:db:2b:e1:
95:27:37:e3:51:48:16:e2:24:6c:48:05:d8:bd:91:
8d:44:00:e6:4b:92:50:01:b6:92:ed:7d:83:1e:06:
49:bd:66:a7:41:ec:30:37:20:c1:5f:b8:ad:7d:99:
b5:69:66:ee:01:4d:9a:4b:78:0b:de:ce:14:db:13:
db:13:f2:16:ff:03:ba:6c:f4:35:4b:ae:65:92:a4:
56:9b:3b:22:d0:c7:8c:6e:15:4d:75:51:01:7d:5e:
c4:9a:88:c4:6e:9e:01:5a:3c:74:2a:40:01:5f:6b:
28:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:B1:6C:D6:51:A6:F4:4C:8D:3F:1D:D1:07:2C:1D:BC:BC:67:51:D3
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/5LFs1lGm9EyNPx3RBywdvLxnUdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.248.0/21
37.29.80.0/22
46.29.192.0/21
178.23.144.0/21
178.176.248.0-178.176.253.255
188.162.0.0/16
188.170.244.0/23
188.170.248.0-188.170.252.255
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:2c:43:6f:e7:cb:ac:95:68:7f:0e:e5:ff:c3:40:a6:e4:94:
2e:b0:0a:9c:2f:9f:f3:95:ec:9f:fa:29:c7:90:e2:ab:5f:f6:
c2:4d:69:e2:95:59:bf:a0:f3:b8:50:90:ee:39:c7:47:4f:5c:
21:88:a5:6c:6f:74:38:44:74:eb:e1:b8:09:11:fc:58:63:cf:
8c:8f:26:35:1d:1e:d2:f7:c9:9a:b0:92:3d:55:f1:65:bb:33:
68:a5:99:43:d7:6a:2a:28:57:77:f8:b2:be:5c:e5:b9:a5:b4:
b9:16:f7:2c:03:f9:b8:65:53:1a:86:62:e2:aa:59:f2:5f:a6:
0d:d0:2e:87:90:ae:49:04:15:7a:74:e3:64:6f:5c:d6:c3:54:
4a:c0:a2:29:ad:d1:9c:8d:55:92:3a:e3:62:5f:25:18:ce:27:
22:58:4b:ac:61:3b:0c:65:a7:56:95:d3:3f:5c:5d:be:fd:c1:
8c:90:13:6b:4e:d0:ce:d3:1b:51:0a:5a:45:4c:da:6b:37:79:
b3:40:79:a3:af:4d:f7:21:00:6e:ad:a0:3b:37:a0:4a:fe:11:
44:66:4a:fe:11:21:92:e3:b2:05:3f:c7:13:f8:52:3a:63:b8:
5e:11:31:c5:a4:c1:eb:52:d4:e1:3d:2e:b9:78:5b:fe:b4:96:
fd:30:21:74
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYUFpC5yXi9iMw9OqNuxq5gsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDkyMjAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGIxNmNkNjUxYTZmNDRjOGQzZjFkZDEwNzJjMWRiY2JjNjc1MWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknhqQUj50IzkGO30BN/cHaSsrJsg
IO6235pW7/YvpxyaWXYS9NiO/S02d5n5u/M4oqChiKiUw7KU2LuD5cVVTsta9O5m
M67Njpo5mhWcDY2ap/I6SETZ+xWrDJuRsWLOqstQwtq9Zf0D4wt1LX+uccIVnn4Q
JxYvxTVqJnyoaUK6LyfPZ8Xb+L+SzNSZ/azqZlPbK+GVJzfjUUgW4iRsSAXYvZGN
RADmS5JQAbaS7X2DHgZJvWanQewwNyDBX7itfZm1aWbuAU2aS3gL3s4U2xPbE/IW
/wO6bPQ1S65lkqRWmzsi0MeMbhVNdVEBfV7EmojEbp4BWjx0KkABX2so9wIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFOSxbNZRpvRMjT8d0QcsHby8Z1HTMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvNUxGczFsR205RXlOUHgzUkJ5d2R2THhuVWRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBdBAIAATBXAwQDH634AwQC
JR1QAwQDLh3AAwQDsheQMAwDBAOysPgDBAGysPwDAwC8ogMEAbyq9DAMAwQDvKr4
AwQAvKr8AwQCwcnkAwQFwwWAAwQFwxBgAwQBw050MA0GCSqGSIb3DQEBCwUAA4IB
AQA+LENv58uslWh/DuX/w0Cm5JQusAqcL5/zleyf+inHkOKrX/bCTWnilVm/oPO4
UJDuOcdHT1whiKVsb3Q4RHTr4bgJEfxYY8+MjyY1HR7S98masJI9VfFluzNopZlD
12oqKFd3+LK+XOW5pbS5FvcsA/m4ZVMahmLiqlnyX6YN0C6HkK5JBBV6dONkb1zW
w1RKwKIprdGcjVWSOuNiXyUYziciWEusYTsMZadWldM/XF2+/cGMkBNrTtDO0xtR
ClpFTNprN3mzQHmjr033IQBuraA7N6BK/hFEZkr+ESGS47IFP8cT+FI6Y7heETHF
pMHrUtThPS65eFv+tJb9MCF0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:24 2024 by rpki-client on console-fra.rpki-client.org