Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/S3pydUgc3iwskCU0VXxFFsaptT4.roa
File: S3pydUgc3iwskCU0VXxFFsaptT4.roa (raw, json)
Hash identifier: 731ch5GIlJJFtgznjKX11XR/9j9hdxKtKgT75vIxhnM=
Subject key identifier: 4B:7A:72:75:48:1C:DE:2C:2C:90:25:34:55:7C:45:16:C6:A9:B5:3E
Certificate issuer: /CN=75e05bc21b2a6f1033711ffca6491c6c30ce5a4a
Certificate serial: 1ABCCDA6
Authority key identifier: 75:E0:5B:C2:1B:2A:6F:10:33:71:1F:FC:A6:49:1C:6C:30:CE:5A:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/deBbwhsqbxAzcR_8pkkcbDDOWko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/S3pydUgc3iwskCU0VXxFFsaptT4.roa
Signing time: Tue 18 Jan 2022 12:27:25 +0000
ROA not before: Tue 18 Jan 2022 12:27:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12956
IP address blocks: 80.76.8.0/21 maxlen: 21
193.36.134.0/23 maxlen: 23
213.140.32.0/19 maxlen: 19
5.255.144.0/21 maxlen: 21
185.153.168.0/22 maxlen: 22
84.16.0.0/19 maxlen: 19
94.142.96.0/19 maxlen: 19
84.16.29.0/24 maxlen: 24
188.214.148.0/23 maxlen: 23
89.32.176.0/21 maxlen: 21
103.244.236.0/22 maxlen: 22
185.43.180.0/22 maxlen: 22
176.52.248.0/21 maxlen: 21
81.173.104.0/21 maxlen: 21
5.53.0.0/21 maxlen: 21
185.210.28.0/22 maxlen: 22
213.140.61.0/24 maxlen: 24
213.140.60.0/24 maxlen: 24
45.135.52.0/22 maxlen: 22
185.190.8.0/22 maxlen: 22
2001:1498::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 448581030 (0x1abccda6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75e05bc21b2a6f1033711ffca6491c6c30ce5a4a
Validity
Not Before: Jan 18 12:27:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b7a7275481cde2c2c902534557c4516c6a9b53e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:cc:fe:4b:9c:21:b2:ee:43:76:ba:a5:f8:71:
c7:de:43:85:06:f3:1d:29:61:44:20:d6:42:c5:97:
8c:d9:16:d9:94:64:46:f8:78:b6:82:1e:a1:a9:2c:
3f:84:96:31:05:5d:93:ef:ee:4e:cc:37:a9:42:79:
f1:7c:65:ff:79:4c:77:8f:34:41:b5:3c:5f:4a:5c:
3a:e6:91:d9:64:b6:ef:2b:1f:04:48:cb:a4:0c:0d:
96:f4:c6:17:9b:74:7f:b2:54:3d:bd:e3:a8:5d:a6:
1d:42:c0:c2:81:e5:23:5d:24:3f:53:9a:84:08:c7:
28:4f:f1:cd:f3:aa:e6:21:87:01:63:d4:96:42:e8:
4d:b4:89:4e:68:37:2c:89:a3:e1:4c:86:19:eb:c8:
2a:b8:cc:9f:b0:9b:72:82:7a:da:44:64:ea:e1:b1:
30:bd:12:44:73:00:ee:84:8b:65:24:15:82:33:b6:
32:67:85:04:bc:f4:d5:40:36:b9:75:26:5f:b8:2e:
ba:81:c2:5b:40:02:98:cb:db:a7:f9:69:93:2b:68:
8f:06:ee:25:00:b8:e7:ac:c6:93:70:46:d0:65:4d:
dc:e9:81:b3:22:6e:a3:9e:ce:e5:b4:36:19:e5:a5:
b2:3f:91:5c:20:cc:0d:2a:32:9e:66:3d:79:04:a3:
cf:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:7A:72:75:48:1C:DE:2C:2C:90:25:34:55:7C:45:16:C6:A9:B5:3E
X509v3 Authority Key Identifier:
keyid:75:E0:5B:C2:1B:2A:6F:10:33:71:1F:FC:A6:49:1C:6C:30:CE:5A:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/deBbwhsqbxAzcR_8pkkcbDDOWko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/S3pydUgc3iwskCU0VXxFFsaptT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/deBbwhsqbxAzcR_8pkkcbDDOWko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.53.0.0/21
5.255.144.0/21
45.135.52.0/22
80.76.8.0/21
81.173.104.0/21
84.16.0.0/19
89.32.176.0/21
94.142.96.0/19
103.244.236.0/22
176.52.248.0/21
185.43.180.0/22
185.153.168.0/22
185.190.8.0/22
185.210.28.0/22
188.214.148.0/23
193.36.134.0/23
213.140.32.0/19
IPv6:
2001:1498::/32
Signature Algorithm: sha256WithRSAEncryption
a8:32:73:9e:76:59:a4:2f:74:9c:b7:03:00:39:94:74:29:b9:
fa:d8:35:3f:c3:53:cd:56:4e:8f:a3:a2:de:81:b8:73:6d:b2:
b9:12:93:07:9d:77:d2:f4:bd:35:32:5c:7a:15:d9:5f:9b:ca:
b0:7b:7c:dc:44:39:eb:50:0f:b3:24:e9:1e:0b:7d:90:85:6a:
6e:0d:14:da:19:fc:ce:0c:58:10:6d:32:ca:5b:75:06:01:ff:
dd:7c:8d:97:fa:40:6f:25:7d:2d:be:51:98:e8:b9:c0:eb:38:
ea:56:af:23:5b:fb:d3:a6:94:a4:5a:be:82:f4:8d:85:f4:f4:
8e:2b:9a:8d:f7:7a:76:2d:94:b2:98:e3:39:42:cc:bb:b3:d3:
04:4f:39:d9:40:f9:fa:9d:cf:af:37:fd:a0:df:2e:3a:9f:e2:
6a:f2:e3:be:67:22:16:bc:5c:7c:eb:72:80:ff:1f:b5:db:82:
6e:01:48:5b:32:7b:12:aa:49:a8:6b:6b:b7:f5:16:71:09:1b:
ad:dc:a7:a3:a3:fc:68:4d:75:b8:c1:c2:ce:36:da:4c:6c:03:
0b:94:6d:da:21:63:0c:5b:f2:17:56:11:29:c7:1c:68:b9:44:
87:c3:f1:f7:37:94:93:cf:16:78:e2:b9:6f:cf:e9:8e:4d:4e:
8a:b8:ae:89
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIEGrzNpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NWUwNWJjMjFiMmE2ZjEwMzM3MTFmZmNhNjQ5MWM2YzMwY2U1YTRhMB4XDTIyMDEx
ODEyMjcyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGI3YTcyNzU0ODFj
ZGUyYzJjOTAyNTM0NTU3YzQ1MTZjNmE5YjUzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAInM/kucIbLuQ3a6pfhxx95DhQbzHSlhRCDWQsWXjNkW2ZRk
Rvh4toIeoaksP4SWMQVdk+/uTsw3qUJ58Xxl/3lMd480QbU8X0pcOuaR2WS27ysf
BEjLpAwNlvTGF5t0f7JUPb3jqF2mHULAwoHlI10kP1OahAjHKE/xzfOq5iGHAWPU
lkLoTbSJTmg3LImj4UyGGevIKrjMn7CbcoJ62kRk6uGxML0SRHMA7oSLZSQVgjO2
MmeFBLz01UA2uXUmX7guuoHCW0ACmMvbp/lpkytojwbuJQC456zGk3BG0GVN3OmB
syJuo57O5bQ2GeWlsj+RXCDMDSoynmY9eQSjzz0CAwEAAaOCAnkwggJ1MB0GA1Ud
DgQWBBRLenJ1SBzeLCyQJTRVfEUWxqm1PjAfBgNVHSMEGDAWgBR14FvCGypvEDNx
H/ymSRxsMM5aSjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RlQmJ3aHNxYnhBemNSXzhwa2tjYkRET1drby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTIvMmI0OTM0LTRlYTItNDVjMS1hZTA3LWQ0NWFiN2RmMmRlMS8x
L1MzcHlkVWdjM2l3c2tDVTBWWHhGRnNhcHRUNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIv
MmI0OTM0LTRlYTItNDVjMS1hZTA3LWQ0NWFiN2RmMmRlMS8xL2RlQmJ3aHNxYnhB
emNSXzhwa2tjYkRET1drby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
jgYIKwYBBQUHAQcBAf8EfzB9MGwEAgABMGYDBAMFNQADBAMF/5ADBAIthzQDBANQ
TAgDBANRrWgDBAVUEAADBANZILADBAVejmADBAJn9OwDBAOwNPgDBAK5K7QDBAK5
magDBAK5vggDBAK50hwDBAG81pQDBAHBJIYDBAXVjCAwDQQCAAIwBwMFACABFJgw
DQYJKoZIhvcNAQELBQADggEBAKgyc552WaQvdJy3AwA5lHQpufrYNT/DU81WTo+j
ot6BuHNtsrkSkwedd9L0vTUyXHoV2V+byrB7fNxEOetQD7Mk6R4LfZCFam4NFNoZ
/M4MWBBtMspbdQYB/918jZf6QG8lfS2+UZjoucDrOOpWryNb+9OmlKRavoL0jYX0
9I4rmo33enYtlLKY4zlCzLuz0wRPOdlA+fqdz683/aDfLjqf4mry475nIha8XHzr
coD/H7Xbgm4BSFsyexKqSahra7f1FnEJG63cp6Oj/GhNdbjBws422kxsAwuUbdoh
Ywxb8hdWESnHHGi5RIfD8fc3lJPPFnjiuW/P6Y5NToq4rok=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:05 2024 by rpki-client on console-fra.rpki-client.org