Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/195427-4425-4556-9ea6-53cca81e9224/1/5Apb6I71GB81z11CG6HtsKkVues.roa
File: 5Apb6I71GB81z11CG6HtsKkVues.roa (raw, json)
Hash identifier: u0oK8H8pYpcisWy11Xh+1DxFr81GGkfAZ2+0eG1AFLA=
Subject key identifier: E4:0A:5B:E8:8E:F5:18:1F:35:CF:5D:42:1B:A1:ED:B0:A9:15:B9:EB
Certificate issuer: /CN=bfd070b0c9add92972fefc566c112d93717c4d6c
Certificate serial: 1802BF89
Authority key identifier: BF:D0:70:B0:C9:AD:D9:29:72:FE:FC:56:6C:11:2D:93:71:7C:4D:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v9BwsMmt2Sly_vxWbBEtk3F8TWw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/195427-4425-4556-9ea6-53cca81e9224/1/5Apb6I71GB81z11CG6HtsKkVues.roa
Signing time: Wed 30 Mar 2022 11:03:43 +0000
ROA not before: Wed 30 Mar 2022 11:03:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49586
IP address blocks: 185.7.132.0/22 maxlen: 22
188.95.240.0/21 maxlen: 21
188.95.240.64/26 maxlen: 26
137.221.24.0/21 maxlen: 21
137.221.25.64/27 maxlen: 27
188.95.240.208/29 maxlen: 29
188.95.240.216/29 maxlen: 29
188.95.240.248/29 maxlen: 29
2a00:10b0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 402833289 (0x1802bf89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfd070b0c9add92972fefc566c112d93717c4d6c
Validity
Not Before: Mar 30 11:03:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e40a5be88ef5181f35cf5d421ba1edb0a915b9eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:70:9a:a3:be:c5:46:14:8d:18:7f:e4:f0:1c:
ef:e9:ec:7b:15:86:08:e6:18:09:fd:95:c9:11:7e:
56:9d:57:1e:9a:a2:c3:bc:25:82:82:7f:2d:a6:44:
f6:b0:47:6a:ff:68:6f:94:57:d0:d4:9a:e4:cc:1c:
80:ed:25:6f:51:94:d7:a3:78:e3:5e:07:bd:e8:82:
a1:cf:d4:3f:0e:50:f7:06:bd:46:d5:c4:be:49:07:
4e:78:4b:93:b7:69:8d:e6:6f:1a:44:7d:0b:cd:09:
2d:a9:90:64:b0:84:3f:49:01:aa:dd:f6:e3:c8:7e:
4c:4b:7d:35:83:90:44:95:46:5f:54:5b:e5:3c:8f:
4c:09:1c:75:10:11:cc:c2:c2:e3:05:9e:ff:85:28:
22:91:e8:b2:db:a3:4a:0f:a6:12:d4:53:ce:f4:d0:
51:a3:12:c6:2b:be:5f:8c:3d:51:25:8a:3f:ae:72:
25:65:ba:7c:dd:c1:b3:1b:b0:62:0f:59:34:d4:40:
bc:09:7b:07:5d:ce:9a:4a:c4:27:dd:c3:c1:8b:35:
f8:0a:e9:b0:49:48:da:fc:c4:d7:6a:43:f8:ea:80:
5d:12:ee:53:bb:4b:b1:a0:97:fa:8b:77:32:c9:1a:
6b:cc:4c:75:40:cb:69:19:5d:8f:80:a4:d8:ba:14:
50:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:0A:5B:E8:8E:F5:18:1F:35:CF:5D:42:1B:A1:ED:B0:A9:15:B9:EB
X509v3 Authority Key Identifier:
keyid:BF:D0:70:B0:C9:AD:D9:29:72:FE:FC:56:6C:11:2D:93:71:7C:4D:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v9BwsMmt2Sly_vxWbBEtk3F8TWw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/195427-4425-4556-9ea6-53cca81e9224/1/5Apb6I71GB81z11CG6HtsKkVues.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/195427-4425-4556-9ea6-53cca81e9224/1/v9BwsMmt2Sly_vxWbBEtk3F8TWw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.221.24.0/21
185.7.132.0/22
188.95.240.0/21
IPv6:
2a00:10b0::/29
Signature Algorithm: sha256WithRSAEncryption
0c:58:0c:64:c8:2d:bb:ac:a2:79:a0:67:b3:03:0a:47:c9:ab:
60:c3:e9:68:24:2b:c8:b3:e0:c6:6f:2d:c7:ec:15:5a:80:db:
6d:96:f0:0b:1b:16:70:61:85:ca:00:cc:6b:9c:b4:cf:de:d7:
1c:c0:2c:5b:09:2a:61:99:d8:9f:3f:9e:39:70:06:c3:4c:0f:
46:39:a8:bb:9b:64:8a:c0:cf:73:f9:ec:d2:3f:bd:e0:7b:e2:
60:84:c3:64:53:02:2c:d9:96:b5:3b:ea:cf:12:0c:ee:d6:49:
80:1c:65:0f:c7:bd:72:48:69:16:ff:43:00:94:8e:46:8f:f9:
cd:29:7e:2a:02:e9:4d:5d:e8:79:4d:5a:d9:51:24:92:cc:99:
2d:46:ef:09:2e:ad:a7:a9:b8:f8:99:a8:63:b7:36:9b:cd:cc:
9f:3a:e5:3e:46:44:ea:52:be:8c:61:8e:a7:7b:b5:8e:af:27:
52:fb:41:da:db:58:2f:29:74:d8:84:7c:d5:6f:d6:d0:e1:a6:
e2:4a:cf:3a:d9:51:b9:f2:0b:59:c5:d3:c0:58:01:5f:d8:f8:
b3:53:7d:b6:16:c6:4b:23:aa:52:b6:30:37:e0:48:ba:88:f9:
5e:d8:a3:b3:43:81:73:c1:72:f4:46:3d:3d:57:6a:a3:89:d5:
3b:d4:53:19
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEGAK/iTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZmQwNzBiMGM5YWRkOTI5NzJmZWZjNTY2YzExMmQ5MzcxN2M0ZDZjMB4XDTIyMDMz
MDExMDM0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTQwYTViZTg4ZWY1
MTgxZjM1Y2Y1ZDQyMWJhMWVkYjBhOTE1YjllYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVwmqO+xUYUjRh/5PAc7+nsexWGCOYYCf2VyRF+Vp1XHpqi
w7wlgoJ/LaZE9rBHav9ob5RX0NSa5MwcgO0lb1GU16N4414HveiCoc/UPw5Q9wa9
RtXEvkkHTnhLk7dpjeZvGkR9C80JLamQZLCEP0kBqt3248h+TEt9NYOQRJVGX1Rb
5TyPTAkcdRARzMLC4wWe/4UoIpHostujSg+mEtRTzvTQUaMSxiu+X4w9USWKP65y
JWW6fN3BsxuwYg9ZNNRAvAl7B13OmkrEJ93DwYs1+ArpsElI2vzE12pD+OqAXRLu
U7tLsaCX+ot3Mskaa8xMdUDLaRldj4Ck2LoUUDUCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTkClvojvUYHzXPXUIboe2wqRW56zAfBgNVHSMEGDAWgBS/0HCwya3ZKXL+
/FZsES2TcXxNbDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Y5QndzTW10MlNseV92eFdiQkV0azNGOFRXdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvMTk1NDI3LTQ0MjUtNDU1Ni05ZWE2LTUzY2NhODFlOTIyNC8x
LzVBcGI2STcxR0I4MXoxMUNHNkh0c0trVnVlcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
MTk1NDI3LTQ0MjUtNDU1Ni05ZWE2LTUzY2NhODFlOTIyNC8xL3Y5QndzTW10MlNs
eV92eFdiQkV0azNGOFRXdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA4ndGAMEArkHhAMEA7xf8DANBAIA
AjAHAwUDKgAQsDANBgkqhkiG9w0BAQsFAAOCAQEADFgMZMgtu6yieaBnswMKR8mr
YMPpaCQryLPgxm8tx+wVWoDbbZbwCxsWcGGFygDMa5y0z97XHMAsWwkqYZnYnz+e
OXAGw0wPRjmou5tkisDPc/ns0j+94HviYITDZFMCLNmWtTvqzxIM7tZJgBxlD8e9
ckhpFv9DAJSORo/5zSl+KgLpTV3oeU1a2VEkksyZLUbvCS6tp6m4+JmoY7c2m83M
nzrlPkZE6lK+jGGOp3u1jq8nUvtB2ttYLyl02IR81W/W0OGm4krPOtlRufILWcXT
wFgBX9j4s1N9thbGSyOqUrYwN+BIuoj5Xtijs0OBc8Fy9EY9PVdqo4nVO9RTGQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:23 2024 by rpki-client on console-ams.rpki-client.org