Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/U5JbMUaqh5twxqTYw2AoI6NzOwg.roa
File: U5JbMUaqh5twxqTYw2AoI6NzOwg.roa (raw, json)
Hash identifier: 1dYsVe1DNyLorsRj1MzMBKIHM7zOt2drZjQXzr46I+M=
Subject key identifier: 53:92:5B:31:46:AA:87:9B:70:C6:A4:D8:C3:60:28:23:A3:73:3B:08
Certificate issuer: /CN=9f5ff3de10a31bbf5701c0bdb26c6508017da2ca
Certificate serial: 0182250AE3EE3176E79CB607510228EFB6F9
Authority key identifier: 9F:5F:F3:DE:10:A3:1B:BF:57:01:C0:BD:B2:6C:65:08:01:7D:A2:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n1_z3hCjG79XAcC9smxlCAF9oso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/U5JbMUaqh5twxqTYw2AoI6NzOwg.roa
Signing time: Fri 22 Jul 2022 08:34:06 +0000
ROA not before: Fri 22 Jul 2022 08:34:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39431
IP address blocks: 176.108.109.0/24 maxlen: 24
176.108.112.0/24 maxlen: 24
176.108.112.0/22 maxlen: 24
176.108.118.0/24 maxlen: 24
176.108.119.0/24 maxlen: 24
193.93.17.0/24 maxlen: 24
193.93.16.0/22 maxlen: 24
193.93.16.0/23 maxlen: 24
193.93.16.0/24 maxlen: 24
193.93.19.0/24 maxlen: 24
193.93.18.0/23 maxlen: 24
193.93.18.0/24 maxlen: 24
176.108.103.0/24 maxlen: 24
176.108.102.0/24 maxlen: 24
176.108.104.0/24 maxlen: 24
2001:678:468::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:25:0a:e3:ee:31:76:e7:9c:b6:07:51:02:28:ef:b6:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f5ff3de10a31bbf5701c0bdb26c6508017da2ca
Validity
Not Before: Jul 22 08:34:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53925b3146aa879b70c6a4d8c3602823a3733b08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d3:5a:8d:65:41:01:a6:6b:e9:fa:6d:71:00:
2e:6a:f6:01:bd:a8:9b:a8:6d:95:65:70:2f:df:26:
0b:1d:1b:1d:e5:02:46:fe:39:a4:e7:c2:67:0f:05:
42:48:77:2d:81:f8:29:ba:c1:07:d1:e2:42:ae:3d:
40:2c:06:79:02:d7:32:c5:d4:c8:2f:44:9f:32:ab:
05:41:a9:f8:29:09:85:17:3a:67:07:39:c9:4a:b4:
7a:1d:9f:6f:4b:dd:df:c7:8c:90:31:71:de:f9:d3:
23:5a:a9:e0:b2:40:c6:21:59:a3:95:ac:db:36:82:
bb:d7:e8:17:be:ab:90:7e:08:22:26:ab:91:df:a3:
cd:75:4a:8a:4a:77:4d:1d:84:b4:76:e7:e8:d2:4c:
f1:ba:26:60:0b:a7:6b:f9:ce:c3:6c:98:c7:51:fc:
62:48:c9:06:68:bc:5b:8b:01:88:f5:38:b4:5d:c5:
80:58:0f:21:5f:d1:63:b4:92:d9:41:47:0c:c7:d1:
17:f7:b0:e2:28:83:2b:ec:2c:8b:a9:63:83:9d:c5:
5a:01:60:bb:91:50:1a:04:e4:0b:68:62:30:2a:36:
4e:68:51:18:ae:e1:a7:47:cc:15:38:fa:0f:0b:70:
f0:d8:5c:68:8b:ca:7f:05:1b:0f:2b:83:1a:c8:20:
5f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:92:5B:31:46:AA:87:9B:70:C6:A4:D8:C3:60:28:23:A3:73:3B:08
X509v3 Authority Key Identifier:
keyid:9F:5F:F3:DE:10:A3:1B:BF:57:01:C0:BD:B2:6C:65:08:01:7D:A2:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n1_z3hCjG79XAcC9smxlCAF9oso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/U5JbMUaqh5twxqTYw2AoI6NzOwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/n1_z3hCjG79XAcC9smxlCAF9oso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.108.102.0-176.108.104.255
176.108.109.0/24
176.108.112.0/22
176.108.118.0/23
193.93.16.0/22
IPv6:
2001:678:468::/48
Signature Algorithm: sha256WithRSAEncryption
a0:79:fd:4d:63:6b:cc:ab:f0:ed:b0:aa:46:48:c0:35:3a:1a:
ea:b1:86:ae:5b:1b:0d:91:e2:bb:08:a7:ff:3b:31:28:60:52:
49:8b:9d:1a:b4:94:ac:db:bd:76:21:f7:61:a5:16:d9:b2:ee:
6e:52:2c:cf:d6:b0:04:26:26:0a:93:71:00:25:e3:24:d7:25:
d5:4a:42:6f:8d:82:2a:9a:11:90:f1:62:95:8b:13:c9:c0:0a:
44:cd:83:13:36:e4:c9:1e:d8:52:0e:e3:c6:9d:1b:d0:6c:35:
d1:7f:c7:69:c5:8d:8d:e3:20:de:7f:11:7b:8d:1d:c7:5f:73:
7e:40:e8:df:e6:be:1a:22:51:56:8b:33:ee:68:52:2a:38:e7:
24:41:ee:8b:e4:69:fa:73:bd:64:c0:73:3c:55:df:04:dd:6a:
55:bb:2b:bb:ae:e2:ec:f2:89:5e:9e:84:e7:f9:ed:87:6a:bc:
4e:66:ae:69:97:61:65:0d:ee:21:f1:1d:cd:0f:e9:d2:ca:4c:
62:bf:0e:da:02:c5:51:35:cd:dc:11:3f:2d:6b:d7:fe:98:3b:
cf:91:de:be:13:3f:6f:2e:f7:0d:4c:9d:e0:03:a8:b8:c2:fb:
e0:bd:c9:6f:7a:c4:44:35:e2:ed:46:67:3c:ec:15:61:fd:c0:
ac:5b:51:9d
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYIlCuPuMXbnnLYHUQIo77b5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNWZmM2RlMTBhMzFiYmY1NzAxYzBiZGIyNmM2NTA4MDE3
ZGEyY2EwHhcNMjIwNzIyMDgzNDA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzkyNWIzMTQ2YWE4NzliNzBjNmE0ZDhjMzYwMjgyM2EzNzMzYjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9NajWVBAaZr6fptcQAuavYBvaib
qG2VZXAv3yYLHRsd5QJG/jmk58JnDwVCSHctgfgpusEH0eJCrj1ALAZ5AtcyxdTI
L0SfMqsFQan4KQmFFzpnBznJSrR6HZ9vS93fx4yQMXHe+dMjWqngskDGIVmjlazb
NoK71+gXvquQfggiJquR36PNdUqKSndNHYS0dufo0kzxuiZgC6dr+c7DbJjHUfxi
SMkGaLxbiwGI9Ti0XcWAWA8hX9FjtJLZQUcMx9EX97DiKIMr7CyLqWODncVaAWC7
kVAaBOQLaGIwKjZOaFEYruGnR8wVOPoPC3Dw2Fxoi8p/BRsPK4MayCBfGwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFFOSWzFGqoebcMak2MNgKCOjczsIMB8GA1UdIwQY
MBaAFJ9f894Qoxu/VwHAvbJsZQgBfaLKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjFfejNoQ2pHNzlYQWNDOXNteGxDQUY5b3NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi80Y2FlMTAtMzdhNS00MGVmLTg5ZDUt
NTcwMWQwMWMxZTg3LzEvVTVKYk1VYXFoNXR3eHFUWXcyQW9JNk56T3dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi80Y2FlMTAtMzdhNS00MGVmLTg5ZDUtNTcwMWQwMWMxZTg3
LzEvbjFfejNoQ2pHNzlYQWNDOXNteGxDQUY5b3NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAsBAIAATAmMAwDBAGwbGYD
BACwbGgDBACwbG0DBAKwbHADBAGwbHYDBALBXRAwDwQCAAIwCQMHACABBngEaDAN
BgkqhkiG9w0BAQsFAAOCAQEAoHn9TWNrzKvw7bCqRkjANToa6rGGrlsbDZHiuwin
/zsxKGBSSYudGrSUrNu9diH3YaUW2bLublIsz9awBCYmCpNxACXjJNcl1UpCb42C
KpoRkPFilYsTycAKRM2DEzbkyR7YUg7jxp0b0Gw10X/HacWNjeMg3n8Re40dx19z
fkDo3+a+GiJRVosz7mhSKjjnJEHui+Rp+nO9ZMBzPFXfBN1qVbsru67i7PKJXp6E
5/nth2q8TmauaZdhZQ3uIfEdzQ/p0spMYr8O2gLFUTXN3BE/LWvX/pg7z5HevhM/
by73DUyd4AOouML74L3Jb3rERDXi7UZnPOwVYf3ArFtRnQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:00 2024 by rpki-client on console-fra.rpki-client.org