Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/438PPTppb0V42HwSbd479TR1icQ.roa
File: 438PPTppb0V42HwSbd479TR1icQ.roa (raw, json)
Hash identifier: ka+mv/C7Hpot48W9GT/8kNjIgV5zkk1L5/PZs2RupU0=
Subject key identifier: E3:7F:0F:3D:3A:69:6F:45:78:D8:7C:12:6D:DE:3B:F5:34:75:89:C4
Certificate issuer: /CN=cfde85bbd478f5e842f4c4f8d85225d100e0f4df
Certificate serial: 048DB5C4
Authority key identifier: CF:DE:85:BB:D4:78:F5:E8:42:F4:C4:F8:D8:52:25:D1:00:E0:F4:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z96Fu9R49ehC9MT42FIl0QDg9N8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/438PPTppb0V42HwSbd479TR1icQ.roa
Signing time: Sat 01 Jan 2022 06:58:49 +0000
ROA not before: Sat 01 Jan 2022 06:58:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 212.104.208.0/24 maxlen: 24
185.83.20.0/22 maxlen: 22
31.25.8.0/23 maxlen: 23
185.175.91.0/24 maxlen: 24
2a11:bd80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76395972 (0x48db5c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfde85bbd478f5e842f4c4f8d85225d100e0f4df
Validity
Not Before: Jan 1 06:58:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e37f0f3d3a696f4578d87c126dde3bf5347589c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e3:9a:d9:6d:9e:08:b9:c3:bb:9e:87:f5:a5:
1b:39:c4:e0:b0:7c:28:19:5d:88:e5:53:63:88:18:
16:cb:25:fc:0c:b3:c3:8b:0c:9a:1e:10:bf:30:fb:
a9:eb:76:03:5c:71:78:15:fd:a2:e1:36:80:37:b6:
bb:85:31:b2:f1:0b:ee:c2:37:18:d3:97:1a:fb:e3:
ab:39:78:1e:e6:7e:da:5c:ce:aa:8b:fa:bc:3a:24:
38:5f:0c:d1:b3:57:d1:9e:ea:a9:6c:d6:d9:49:9a:
0b:ec:7d:57:cb:05:97:fc:46:ac:37:8c:b9:aa:e2:
f6:2a:0d:a0:5c:9e:42:4e:48:26:49:fd:2b:3e:be:
10:30:72:92:4f:d3:10:ba:d2:c1:b9:42:81:36:e8:
a3:34:3d:0c:b1:03:5b:b8:8e:ad:8f:a2:bb:b1:c0:
60:b1:51:3f:35:ac:5d:89:7d:7a:e4:36:27:b2:fa:
97:a8:b6:73:25:8a:7d:1f:bc:4f:fd:94:62:4b:ce:
6b:84:ba:0c:22:92:c2:5c:13:4a:1e:9e:16:71:59:
42:3d:66:55:59:e5:fa:52:e2:b9:a9:99:6b:8a:3d:
9e:6e:2a:11:9f:0b:f1:a6:b1:44:b1:00:5b:90:7e:
64:e1:3a:9e:86:52:15:63:17:c0:c8:58:c8:23:2f:
de:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:7F:0F:3D:3A:69:6F:45:78:D8:7C:12:6D:DE:3B:F5:34:75:89:C4
X509v3 Authority Key Identifier:
keyid:CF:DE:85:BB:D4:78:F5:E8:42:F4:C4:F8:D8:52:25:D1:00:E0:F4:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z96Fu9R49ehC9MT42FIl0QDg9N8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/438PPTppb0V42HwSbd479TR1icQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/z96Fu9R49ehC9MT42FIl0QDg9N8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.8.0/23
185.83.20.0/22
185.175.91.0/24
212.104.208.0/24
IPv6:
2a11:bd80::/32
Signature Algorithm: sha256WithRSAEncryption
72:44:0f:92:50:d4:a7:a3:1e:39:49:5d:7a:d0:30:d5:d0:53:
0a:e4:0d:a4:5f:ca:1c:46:f9:a4:c4:c7:a1:79:d0:a8:4e:23:
46:92:c9:d8:f7:42:c7:f5:7f:08:55:f5:a3:93:86:71:05:67:
bc:4d:9b:80:f0:5c:5f:c0:d1:cc:c7:5a:1d:90:91:ec:68:b2:
f6:74:06:4e:c7:9f:99:14:51:bf:c0:03:fd:a5:d1:fd:1c:d8:
a4:9f:89:f0:2e:46:a9:e7:7b:e1:fb:bb:05:5f:78:60:22:3c:
59:82:d3:02:48:5e:fe:67:ff:b8:be:b3:e7:0d:06:19:8c:ea:
06:39:01:1f:55:68:35:be:a8:ff:69:fc:41:c1:0e:f3:4c:c1:
0f:e0:2f:b0:93:74:db:ef:47:35:b1:cd:1d:fc:19:81:d2:0e:
f8:1c:47:3f:45:1b:86:25:68:3a:f9:0c:59:74:4f:9e:9e:33:
90:2a:af:a6:f4:e0:1f:6d:35:2e:8f:a3:8f:33:3d:e8:40:c4:
6e:e0:ca:20:80:ad:40:41:8f:00:f6:e4:25:19:65:64:6d:cd:
bf:6f:72:53:4b:7e:bc:ba:95:57:f0:52:9d:2f:ed:da:a3:0e:
a4:9f:d2:47:1f:81:bc:f3:ca:e4:03:7c:d7:f9:53:ba:c5:bd:
cf:a8:08:e4
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBI21xDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZmRlODViYmQ0NzhmNWU4NDJmNGM0ZjhkODUyMjVkMTAwZTBmNGRmMB4XDTIyMDEw
MTA2NTg0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTM3ZjBmM2QzYTY5
NmY0NTc4ZDg3YzEyNmRkZTNiZjUzNDc1ODljNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJPjmtltngi5w7ueh/WlGznE4LB8KBldiOVTY4gYFssl/Ayz
w4sMmh4QvzD7qet2A1xxeBX9ouE2gDe2u4UxsvEL7sI3GNOXGvvjqzl4HuZ+2lzO
qov6vDokOF8M0bNX0Z7qqWzW2UmaC+x9V8sFl/xGrDeMuari9ioNoFyeQk5IJkn9
Kz6+EDBykk/TELrSwblCgTboozQ9DLEDW7iOrY+iu7HAYLFRPzWsXYl9euQ2J7L6
l6i2cyWKfR+8T/2UYkvOa4S6DCKSwlwTSh6eFnFZQj1mVVnl+lLiuamZa4o9nm4q
EZ8L8aaxRLEAW5B+ZOE6noZSFWMXwMhYyCMv3lMCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBTjfw89OmlvRXjYfBJt3jv1NHWJxDAfBgNVHSMEGDAWgBTP3oW71Hj16EL0
xPjYUiXRAOD03zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3o5NkZ1OVI0OWVoQzlNVDQyRklsMFFEZzlOOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvNWUyNjE5LWQ3MmItNDEwYi1iOWU4LWY5M2QxZjgxNWI3ZC8x
LzQzOFBQVHBwYjBWNDJId1NiZDQ3OVRSMWljUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
NWUyNjE5LWQ3MmItNDEwYi1iOWU4LWY5M2QxZjgxNWI3ZC8xL3o5NkZ1OVI0OWVo
QzlNVDQyRklsMFFEZzlOOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAR8ZCAMEArlTFAMEALmvWwMEANRo
0DANBAIAAjAHAwUAKhG9gDANBgkqhkiG9w0BAQsFAAOCAQEAckQPklDUp6MeOUld
etAw1dBTCuQNpF/KHEb5pMTHoXnQqE4jRpLJ2PdCx/V/CFX1o5OGcQVnvE2bgPBc
X8DRzMdaHZCR7Giy9nQGTsefmRRRv8AD/aXR/RzYpJ+J8C5Gqed74fu7BV94YCI8
WYLTAkhe/mf/uL6z5w0GGYzqBjkBH1VoNb6o/2n8QcEO80zBD+AvsJN02+9HNbHN
HfwZgdIO+BxHP0UbhiVoOvkMWXRPnp4zkCqvpvTgH201Lo+jjzM96EDEbuDKIICt
QEGPAPbkJRllZG3Nv29yU0t+vLqVV/BSnS/t2qMOpJ/SRx+BvPPK5AN81/lTusW9
z6gI5A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:00 2023 by rpki-client on console-fra.rpki-client.org