Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/38rZ22LMTgyXZFhakvVJEs1thR4.roa
File: 38rZ22LMTgyXZFhakvVJEs1thR4.roa (raw, json)
Hash identifier: ELSVsl5xm6/ViJ9EoqiPbREmwhL+cSti0j4dBGnAfsQ=
Subject key identifier: DF:CA:D9:DB:62:CC:4E:0C:97:64:58:5A:92:F5:49:12:CD:6D:85:1E
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 42860186
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/38rZ22LMTgyXZFhakvVJEs1thR4.roa
Signing time: Sat 01 Jan 2022 14:03:25 +0000
ROA not before: Sat 01 Jan 2022 14:03:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200881
IP address blocks: 194.68.138.0/23 maxlen: 23
194.68.140.0/22 maxlen: 22
194.68.144.0/22 maxlen: 22
194.68.148.0/23 maxlen: 23
193.235.88.0/23 maxlen: 23
193.235.86.0/23 maxlen: 23
193.235.91.0/24 maxlen: 24
193.235.90.0/24 maxlen: 24
193.235.94.0/23 maxlen: 23
193.235.92.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1116078470 (0x42860186)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dfcad9db62cc4e0c9764585a92f54912cd6d851e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7a:45:28:3e:39:5d:c4:c7:7d:e5:5a:bb:27:
63:f1:17:e0:4e:12:b9:5a:f2:0b:e1:46:bb:3f:e2:
b3:f3:ec:42:67:9a:a5:ea:a4:fb:4a:82:29:fd:65:
ec:30:71:8c:d0:a4:1c:cf:bf:12:51:c7:f3:f5:7d:
6a:38:6f:ef:5f:39:c8:67:13:f7:d5:7a:80:29:28:
11:0a:ea:55:84:00:d8:d1:7c:cf:40:44:17:09:db:
86:bd:64:0f:6b:29:62:8c:62:40:b3:46:d0:cf:73:
19:20:9d:0b:9a:01:e9:e1:30:0a:02:f6:d7:1d:7b:
bb:7a:7d:e3:44:8f:f1:a6:5e:59:68:a7:2c:3b:60:
e7:5b:c3:2a:3f:85:62:e0:16:88:0d:fd:79:3e:91:
04:9c:d7:c9:82:9c:37:8d:1e:b8:98:23:9a:39:3c:
79:10:f9:d8:2f:3c:86:bc:da:c7:bc:de:cc:b3:c7:
03:b7:b2:b8:cf:49:3a:4f:d3:0a:8b:1d:78:40:05:
b0:6a:0d:18:77:5c:17:87:f3:01:37:98:e1:87:e2:
99:48:e2:49:e9:ef:fe:77:9c:3f:8e:29:3c:a1:53:
2d:f3:02:f3:ac:87:bd:d9:4d:d0:42:9f:c6:7c:89:
78:0d:66:b2:11:95:fb:77:52:ae:0d:da:8b:a6:78:
5a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:CA:D9:DB:62:CC:4E:0C:97:64:58:5A:92:F5:49:12:CD:6D:85:1E
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/38rZ22LMTgyXZFhakvVJEs1thR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.235.86.0-193.235.95.255
194.68.138.0-194.68.149.255
Signature Algorithm: sha256WithRSAEncryption
ba:98:54:12:a7:8e:13:90:98:b6:dd:47:0b:55:a0:72:dc:a1:
56:48:84:6f:85:48:9b:dc:fe:93:92:cf:09:98:d6:33:c8:69:
46:e5:ed:4f:56:ae:44:c4:14:92:fc:4b:8a:fc:75:b9:f3:c4:
7b:32:98:8d:9a:95:93:1a:db:48:d8:fc:d2:9b:4b:58:b2:1b:
bb:b1:57:a9:aa:b9:4b:0e:46:4e:a2:1a:86:58:9c:9b:96:5c:
f9:65:ce:6d:00:2f:34:49:7a:54:1b:04:37:8d:44:c1:cc:8c:
63:61:f4:89:f2:9d:2e:3c:83:b2:64:fd:23:e3:74:02:a0:ad:
82:db:fd:b5:e3:18:f7:98:6a:4c:00:89:08:a2:d3:39:61:34:
53:b8:99:23:1a:e5:87:db:1e:70:2a:7f:fc:e8:db:83:a8:6a:
5d:e5:b2:78:4c:1b:6c:a1:f2:9c:c6:13:38:28:df:13:3c:d9:
5b:01:25:ae:6d:20:ae:fa:2a:0a:de:24:59:ce:0a:9e:ab:bd:
b6:da:12:3e:7a:b2:84:71:89:6e:7b:11:2a:73:e9:7d:71:d1:
4d:bc:a2:f0:73:4f:41:b7:6c:6e:b5:3d:31:dd:ad:71:8d:85:
66:5f:34:f0:49:02:e2:ce:74:34:c4:bd:a5:1e:92:37:ee:b2:
7e:d3:27:04
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEQoYBhjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGZjYWQ5ZGI2MmNj
NGUwYzk3NjQ1ODVhOTJmNTQ5MTJjZDZkODUxZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMB6RSg+OV3Ex33lWrsnY/EX4E4SuVryC+FGuz/is/PsQmea
peqk+0qCKf1l7DBxjNCkHM+/ElHH8/V9ajhv7185yGcT99V6gCkoEQrqVYQA2NF8
z0BEFwnbhr1kD2spYoxiQLNG0M9zGSCdC5oB6eEwCgL21x17u3p940SP8aZeWWin
LDtg51vDKj+FYuAWiA39eT6RBJzXyYKcN40euJgjmjk8eRD52C88hrzax7zezLPH
A7eyuM9JOk/TCosdeEAFsGoNGHdcF4fzATeY4YfimUjiSenv/necP44pPKFTLfMC
86yHvdlN0EKfxnyJeA1mshGV+3dSrg3ai6Z4WlECAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBTfytnbYsxODJdkWFqS9UkSzW2FHjAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
LzM4cloyMkxNVGd5WFpGaGFrdlZKRXMxdGhSNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwIgQCAAEwHDAMAwQBwetWAwQFwetAMAwDBAHCRIoD
BAHCRJQwDQYJKoZIhvcNAQELBQADggEBALqYVBKnjhOQmLbdRwtVoHLcoVZIhG+F
SJvc/pOSzwmY1jPIaUbl7U9WrkTEFJL8S4r8dbnzxHsymI2alZMa20jY/NKbS1iy
G7uxV6mquUsORk6iGoZYnJuWXPllzm0ALzRJelQbBDeNRMHMjGNh9InynS48g7Jk
/SPjdAKgrYLb/bXjGPeYakwAiQii0zlhNFO4mSMa5YfbHnAqf/zo24Ooal3lsnhM
G2yh8pzGEzgo3xM82VsBJa5tIK76KgreJFnOCp6rvbbaEj56soRxiW57ESpz6X1x
0U28ovBzT0G3bG61PTHdrXGNhWZfNPBJAuLOdDTEvaUekjfusn7TJwQ=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org