Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/4330fe-dbfc-481f-8fd9-1e4fcb1c60cb/1/Ppn0UkJ7psYL14oN2egZ938mBSI.roa
File: Ppn0UkJ7psYL14oN2egZ938mBSI.roa (raw, json)
Hash identifier: 5EadUyltg+D3wpElOSMsx0O+aM6NoN0hyjX9eGUMDus=
Subject key identifier: 3E:99:F4:52:42:7B:A6:C6:0B:D7:8A:0D:D9:E8:19:F7:7F:26:05:22
Certificate issuer: /CN=056ad2f4ffc5872e35a429e53ef179925ff4215e
Certificate serial: 1868C915
Authority key identifier: 05:6A:D2:F4:FF:C5:87:2E:35:A4:29:E5:3E:F1:79:92:5F:F4:21:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWrS9P_Fhy41pCnlPvF5kl_0IV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/4330fe-dbfc-481f-8fd9-1e4fcb1c60cb/1/Ppn0UkJ7psYL14oN2egZ938mBSI.roa
Signing time: Sat 01 Jan 2022 03:59:28 +0000
ROA not before: Sat 01 Jan 2022 03:59:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5605
IP address blocks: 195.244.234.0/24 maxlen: 24
195.244.246.0/24 maxlen: 24
195.244.245.0/24 maxlen: 24
195.244.244.0/24 maxlen: 24
193.98.110.0/24 maxlen: 24
193.102.227.0/24 maxlen: 24
193.101.58.0/24 maxlen: 24
2a00:fa8::/32 maxlen: 32
2a00:fa8:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 409520405 (0x1868c915)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=056ad2f4ffc5872e35a429e53ef179925ff4215e
Validity
Not Before: Jan 1 03:59:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e99f452427ba6c60bd78a0dd9e819f77f260522
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8d:d9:6e:fa:fc:59:08:94:f6:14:c9:57:c1:
51:b6:7c:cb:15:9c:23:fc:e8:29:cf:cb:81:5d:b9:
08:60:23:d2:34:7f:1e:68:7b:2b:2c:9a:17:5b:99:
c9:ec:08:f0:7b:1f:e1:1f:31:d4:16:8a:e6:f8:15:
85:4d:52:bb:50:9c:60:35:13:73:a7:d3:b4:7a:d5:
32:13:56:c1:f0:47:02:13:e4:90:14:48:a8:48:06:
b4:06:c9:73:8b:b0:48:d8:22:28:ef:14:27:0c:eb:
0d:6e:2f:26:59:1d:79:47:22:34:be:f9:39:d8:e3:
df:c0:f9:2e:fc:c6:be:59:7a:5c:0b:54:6e:a4:17:
c2:6f:ca:4b:59:c4:af:05:65:f1:e1:2b:72:2d:e8:
04:f0:90:50:aa:7f:43:97:26:9f:06:e6:d2:a9:38:
f7:f2:b6:7b:88:9a:7d:6d:f1:a5:41:0c:14:58:6c:
70:3e:a3:dd:c7:40:57:80:ef:aa:bf:0d:2c:17:36:
fd:ec:f6:55:57:c0:33:6e:22:3b:9e:9e:a2:d0:e7:
71:04:b3:54:4e:67:a3:b3:63:5e:5c:cc:5d:ca:b5:
13:2f:b9:1b:e8:09:65:2a:0a:7c:e0:50:4c:e9:e1:
55:c8:04:37:48:8a:d6:ae:3d:77:78:13:ce:4b:e6:
08:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:99:F4:52:42:7B:A6:C6:0B:D7:8A:0D:D9:E8:19:F7:7F:26:05:22
X509v3 Authority Key Identifier:
keyid:05:6A:D2:F4:FF:C5:87:2E:35:A4:29:E5:3E:F1:79:92:5F:F4:21:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWrS9P_Fhy41pCnlPvF5kl_0IV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/4330fe-dbfc-481f-8fd9-1e4fcb1c60cb/1/Ppn0UkJ7psYL14oN2egZ938mBSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/4330fe-dbfc-481f-8fd9-1e4fcb1c60cb/1/BWrS9P_Fhy41pCnlPvF5kl_0IV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.98.110.0/24
193.101.58.0/24
193.102.227.0/24
195.244.234.0/24
195.244.244.0-195.244.246.255
IPv6:
2a00:fa8::/32
Signature Algorithm: sha256WithRSAEncryption
29:f8:16:bc:6d:84:4d:fe:31:55:64:5c:58:4c:53:b6:49:2d:
d7:7d:d7:d3:0a:ae:e6:49:9a:2e:18:5a:1e:01:cf:75:59:d2:
65:44:e1:52:44:ae:b9:14:c9:e3:74:20:a7:86:0a:f0:df:9b:
a9:d8:21:e8:06:17:21:52:02:2d:7d:5a:0c:b2:34:30:25:f1:
38:46:cd:57:12:dd:b4:40:59:b5:58:9c:7b:47:d2:e8:9e:8b:
13:5d:33:4a:32:7a:86:ed:01:20:1c:a6:3d:96:09:72:d7:45:
4c:ac:78:27:ad:a2:8e:80:31:b3:21:9f:5c:ba:0f:c6:1f:09:
d0:9c:8d:f6:14:ad:31:cb:d7:12:c8:bf:22:94:3f:61:57:4f:
fe:59:45:59:9a:79:89:f1:48:76:77:42:cd:93:9c:ad:5f:aa:
31:5a:99:8a:c9:1b:cd:e1:31:9c:3a:cd:84:57:6c:32:e8:af:
3a:55:6f:9c:2c:5b:64:29:c1:1c:07:c7:3f:d6:96:7a:27:c0:
c1:b6:b5:aa:0a:4c:f1:29:9f:47:9e:6d:3b:76:76:6d:98:61:
28:3f:fd:e8:7e:d7:ab:5f:d8:0d:f8:62:8d:2b:41:7f:ae:e1:
12:cf:47:ed:2c:f6:0a:5b:2d:4f:a2:9b:54:c6:35:c0:13:6b:
6d:1c:f2:b4
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEGGjJFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTZhZDJmNGZmYzU4NzJlMzVhNDI5ZTUzZWYxNzk5MjVmZjQyMTVlMB4XDTIyMDEw
MTAzNTkyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2U5OWY0NTI0Mjdi
YTZjNjBiZDc4YTBkZDllODE5Zjc3ZjI2MDUyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANSN2W76/FkIlPYUyVfBUbZ8yxWcI/zoKc/LgV25CGAj0jR/
Hmh7KyyaF1uZyewI8Hsf4R8x1BaK5vgVhU1Su1CcYDUTc6fTtHrVMhNWwfBHAhPk
kBRIqEgGtAbJc4uwSNgiKO8UJwzrDW4vJlkdeUciNL75Odjj38D5LvzGvll6XAtU
bqQXwm/KS1nErwVl8eErci3oBPCQUKp/Q5cmnwbm0qk49/K2e4iafW3xpUEMFFhs
cD6j3cdAV4Dvqr8NLBc2/ez2VVfAM24iO56eotDncQSzVE5no7NjXlzMXcq1Ey+5
G+gJZSoKfOBQTOnhVcgEN0iK1q49d3gTzkvmCEUCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBQ+mfRSQnumxgvXig3Z6Bn3fyYFIjAfBgNVHSMEGDAWgBQFatL0/8WHLjWk
KeU+8XmSX/QhXjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JXclM5UF9GaHk0MXBDbmxQdkY1a2xfMElWNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvNDMzMGZlLWRiZmMtNDgxZi04ZmQ5LTFlNGZjYjFjNjBjYi8x
L1BwbjBVa0o3cHNZTDE0b04yZWdaOTM4bUJTSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
NDMzMGZlLWRiZmMtNDgxZi04ZmQ5LTFlNGZjYjFjNjBjYi8xL0JXclM5UF9GaHk0
MXBDbmxQdkY1a2xfMElWNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wLAQCAAEwJgMEAMFibgMEAMFlOgMEAMFm4wMEAMP0
6jAMAwQCw/T0AwQAw/T2MA0EAgACMAcDBQAqAA+oMA0GCSqGSIb3DQEBCwUAA4IB
AQAp+Ba8bYRN/jFVZFxYTFO2SS3XfdfTCq7mSZouGFoeAc91WdJlROFSRK65FMnj
dCCnhgrw35up2CHoBhchUgItfVoMsjQwJfE4Rs1XEt20QFm1WJx7R9LonosTXTNK
MnqG7QEgHKY9lgly10VMrHgnraKOgDGzIZ9cug/GHwnQnI32FK0xy9cSyL8ilD9h
V0/+WUVZmnmJ8Uh2d0LNk5ytX6oxWpmKyRvN4TGcOs2EV2wy6K86VW+cLFtkKcEc
B8c/1pZ6J8DBtrWqCkzxKZ9Hnm07dnZtmGEoP/3ofterX9gN+GKNK0F/ruESz0ft
LPYKWy1PoptUxjXAE2ttHPK0
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:52 2023 by rpki-client on console-fra.rpki-client.org