Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/kFlizsQ_KZjpE8ldGSg086JSnss.roa
File: kFlizsQ_KZjpE8ldGSg086JSnss.roa (raw, json)
Hash identifier: CREsjbaBDPGIeSQnfYHS7KJplkgd17/hmI9mzaUBXC8=
Subject key identifier: 90:59:62:CE:C4:3F:29:98:E9:13:C9:5D:19:28:34:F3:A2:52:9E:CB
Certificate issuer: /CN=27f5180f9b93ae7573c08a894bd452bd77ce56cd
Certificate serial: 11506D03
Authority key identifier: 27:F5:18:0F:9B:93:AE:75:73:C0:8A:89:4B:D4:52:BD:77:CE:56:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J_UYD5uTrnVzwIqJS9RSvXfOVs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/kFlizsQ_KZjpE8ldGSg086JSnss.roa
Signing time: Sat 01 Jan 2022 05:02:05 +0000
ROA not before: Sat 01 Jan 2022 05:02:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15623
IP address blocks: 193.247.205.0/24 maxlen: 24
193.246.253.0/24 maxlen: 24
212.45.192.0/19 maxlen: 19
195.226.0.0/19 maxlen: 19
213.189.128.0/19 maxlen: 19
217.75.16.0/21 maxlen: 21
217.75.24.0/21 maxlen: 21
212.55.192.0/19 maxlen: 19
213.158.128.0/19 maxlen: 19
195.144.160.0/19 maxlen: 19
62.12.128.0/17 maxlen: 17
5.252.136.0/22 maxlen: 24
217.14.64.0/20 maxlen: 20
193.5.123.0/24 maxlen: 24
2001:8a8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 290483459 (0x11506d03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27f5180f9b93ae7573c08a894bd452bd77ce56cd
Validity
Not Before: Jan 1 05:02:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=905962cec43f2998e913c95d192834f3a2529ecb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:18:cf:e7:6c:bd:fd:b8:d1:31:76:55:c3:fc:
de:7f:e8:c8:82:91:35:0e:52:35:70:48:4d:36:3f:
71:02:a9:32:3e:2f:74:12:15:32:60:82:c4:ad:49:
87:87:29:57:b8:59:9a:40:32:aa:82:97:80:e0:fb:
71:2b:89:b4:02:64:ab:a5:b2:4c:95:08:83:c3:b5:
ca:ea:96:fd:60:e3:06:2b:38:f5:cf:04:af:61:29:
f0:01:8f:ff:94:3d:05:d7:20:db:d7:36:95:2d:7a:
72:05:65:be:06:f9:bc:9e:6a:5e:69:21:6d:98:0b:
0e:f6:59:c6:e9:f0:f5:67:34:29:2c:c5:2e:d0:38:
f2:58:86:18:93:7a:ea:09:6c:41:49:0c:d6:86:9c:
7a:c7:1f:f6:cc:71:4d:4e:7d:48:49:48:24:07:77:
73:80:ec:f8:c8:ba:fd:50:f6:81:9d:39:4d:02:19:
24:c1:fa:c9:60:3b:86:f6:4f:a9:7e:8c:cc:6e:98:
4e:b0:e0:9f:70:cd:a5:7f:87:a9:14:69:42:b2:e7:
dc:c9:1d:f1:3a:6e:4d:ef:93:b9:9f:4f:cc:e3:b8:
15:22:74:87:cf:2d:d4:6c:78:b7:ec:c6:fa:c8:8c:
00:81:12:fd:d2:bd:0b:4b:8e:74:ba:c7:b2:c6:f8:
d7:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:59:62:CE:C4:3F:29:98:E9:13:C9:5D:19:28:34:F3:A2:52:9E:CB
X509v3 Authority Key Identifier:
keyid:27:F5:18:0F:9B:93:AE:75:73:C0:8A:89:4B:D4:52:BD:77:CE:56:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J_UYD5uTrnVzwIqJS9RSvXfOVs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/kFlizsQ_KZjpE8ldGSg086JSnss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/J_UYD5uTrnVzwIqJS9RSvXfOVs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.136.0/22
62.12.128.0/17
193.5.123.0/24
193.246.253.0/24
193.247.205.0/24
195.144.160.0/19
195.226.0.0/19
212.45.192.0/19
212.55.192.0/19
213.158.128.0/19
213.189.128.0/19
217.14.64.0/20
217.75.16.0/20
IPv6:
2001:8a8::/32
Signature Algorithm: sha256WithRSAEncryption
67:57:ae:d5:a3:c7:43:ee:2b:86:3b:d4:6b:09:de:79:34:8a:
25:51:3a:01:ff:c4:ee:a4:9f:6d:11:68:f2:52:30:35:ef:1b:
12:aa:66:66:87:4a:9a:39:58:e9:d4:69:fb:3c:db:0f:22:10:
84:ab:47:2a:bf:3e:ab:7f:25:74:37:f4:1e:67:a3:3f:32:7e:
44:d4:2f:e4:68:f4:45:41:ee:4c:23:ee:e0:be:0b:44:bc:d7:
f8:56:4e:86:4a:c5:ac:85:d7:44:26:66:0b:f0:41:69:af:c4:
b3:02:ee:79:47:0d:47:b9:ad:8c:88:7a:4d:4c:3b:58:8a:07:
be:2e:28:c5:1c:bf:bc:f5:bb:7c:bb:fd:30:27:fe:5c:d7:46:
72:4e:e7:28:73:a0:9c:9e:59:85:4c:5a:7a:36:e0:7c:3e:e4:
bd:5b:5a:ee:ab:6e:f6:52:b9:1b:c7:65:3a:80:29:d2:9a:ff:
f4:5b:d2:07:47:d8:d3:23:0a:48:9c:ad:fa:1e:7b:a5:e2:4b:
e8:a4:1e:16:6b:bb:7d:f0:87:e8:21:79:49:1c:e2:ec:7f:04:
42:04:49:43:a1:bb:15:93:58:56:b7:b2:66:c0:9c:63:b2:37:
91:31:60:71:5d:cf:49:f1:53:3e:4e:9d:db:29:9a:b6:78:08:
da:0b:86:e9
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIEEVBtAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
N2Y1MTgwZjliOTNhZTc1NzNjMDhhODk0YmQ0NTJiZDc3Y2U1NmNkMB4XDTIyMDEw
MTA1MDIwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTA1OTYyY2VjNDNm
Mjk5OGU5MTNjOTVkMTkyODM0ZjNhMjUyOWVjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcYz+dsvf240TF2VcP83n/oyIKRNQ5SNXBITTY/cQKpMj4v
dBIVMmCCxK1Jh4cpV7hZmkAyqoKXgOD7cSuJtAJkq6WyTJUIg8O1yuqW/WDjBis4
9c8Er2Ep8AGP/5Q9Bdcg29c2lS16cgVlvgb5vJ5qXmkhbZgLDvZZxunw9Wc0KSzF
LtA48liGGJN66glsQUkM1oacescf9sxxTU59SElIJAd3c4Ds+Mi6/VD2gZ05TQIZ
JMH6yWA7hvZPqX6MzG6YTrDgn3DNpX+HqRRpQrLn3Mkd8TpuTe+TuZ9PzOO4FSJ0
h88t1Gx4t+zG+siMAIES/dK9C0uOdLrHssb41/UCAwEAAaOCAmAwggJcMB0GA1Ud
DgQWBBSQWWLOxD8pmOkTyV0ZKDTzolKeyzAfBgNVHSMEGDAWgBQn9RgPm5OudXPA
iolL1FK9d85WzTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pfVVlENXVUcm5WendJcUpTOVJTdlhmT1ZzMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDIvZTFiODRiLTM5YTYtNGFjOC1iZTYzLTMwZmVlMjdlODRjYi8x
L2tGbGl6c1FfS1pqcEU4bGRHU2cwODZKU25zcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIv
ZTFiODRiLTM5YTYtNGFjOC1iZTYzLTMwZmVlMjdlODRjYi8xL0pfVVlENXVUcm5W
endJcUpTOVJTdlhmT1ZzMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB2
BggrBgEFBQcBBwEB/wRnMGUwVAQCAAEwTgMEAgX8iAMEBz4MgAMEAMEFewMEAMH2
/QMEAMH3zQMEBcOQoAMEBcPiAAMEBdQtwAMEBdQ3wAMEBdWegAMEBdW9gAMEBNkO
QAMEBNlLEDANBAIAAjAHAwUAIAEIqDANBgkqhkiG9w0BAQsFAAOCAQEAZ1eu1aPH
Q+4rhjvUawneeTSKJVE6Af/E7qSfbRFo8lIwNe8bEqpmZodKmjlY6dRp+zzbDyIQ
hKtHKr8+q38ldDf0HmejPzJ+RNQv5Gj0RUHuTCPu4L4LRLzX+FZOhkrFrIXXRCZm
C/BBaa/EswLueUcNR7mtjIh6TUw7WIoHvi4oxRy/vPW7fLv9MCf+XNdGck7nKHOg
nJ5ZhUxaejbgfD7kvVta7qtu9lK5G8dlOoAp0pr/9FvSB0fY0yMKSJyt+h57peJL
6KQeFmu7ffCH6CF5SRzi7H8EQgRJQ6G7FZNYVreyZsCcY7I3kTFgcV3PSfFTPk6d
2ymatngI2guG6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:00 2024 by rpki-client on console-ams.rpki-client.org