Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/5xWU89mgynY8C6rFgkygvaC_zkc.roa
File: 5xWU89mgynY8C6rFgkygvaC_zkc.roa (raw, json)
Hash identifier: ZuhV9ap/rdPRY0H2gLVzC4O5eH3lZZkgyOzG0LB3oWE=
Subject key identifier: E7:15:94:F3:D9:A0:CA:76:3C:0B:AA:C5:82:4C:A0:BD:A0:BF:CE:47
Certificate issuer: /CN=a4b18f96aaa03567f22fc02c42a6935708655aa9
Certificate serial: 02AB117A
Authority key identifier: A4:B1:8F:96:AA:A0:35:67:F2:2F:C0:2C:42:A6:93:57:08:65:5A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pLGPlqqgNWfyL8AsQqaTVwhlWqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/5xWU89mgynY8C6rFgkygvaC_zkc.roa
Signing time: Sat 01 Jan 2022 12:00:51 +0000
ROA not before: Sat 01 Jan 2022 12:00:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21245
IP address blocks: 185.87.172.0/24 maxlen: 24
185.87.175.0/24 maxlen: 24
185.87.174.0/24 maxlen: 24
185.87.173.0/24 maxlen: 24
185.230.17.0/24 maxlen: 24
185.230.16.0/24 maxlen: 24
185.230.19.0/24 maxlen: 24
185.21.183.0/24 maxlen: 24
185.21.182.0/24 maxlen: 24
185.21.181.0/24 maxlen: 24
185.21.180.0/24 maxlen: 24
185.22.163.0/24 maxlen: 24
185.22.162.0/24 maxlen: 24
185.22.161.0/24 maxlen: 24
185.22.160.0/24 maxlen: 24
31.3.4.0/24 maxlen: 24
31.3.3.0/24 maxlen: 24
31.3.2.0/24 maxlen: 24
31.3.1.0/24 maxlen: 24
31.3.0.0/24 maxlen: 24
31.3.6.0/24 maxlen: 24
31.3.5.0/24 maxlen: 24
31.3.7.0/24 maxlen: 24
2a03:3f00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44765562 (0x2ab117a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4b18f96aaa03567f22fc02c42a6935708655aa9
Validity
Not Before: Jan 1 12:00:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e71594f3d9a0ca763c0baac5824ca0bda0bfce47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ad:bc:09:40:cf:47:7f:f1:9c:55:b2:42:50:
6a:11:ff:1a:50:fd:08:bb:9b:b5:ed:a7:9c:6b:bf:
0b:5c:6b:ac:e7:ac:7b:44:a0:07:4b:72:b2:c3:ad:
47:96:48:58:23:32:95:8c:20:1b:5e:12:ae:ed:53:
73:f5:e1:8e:5e:4c:0a:f5:7d:65:99:b2:1b:cf:4b:
df:bd:5a:c3:62:80:2a:57:4b:d1:e0:66:2b:4f:9f:
75:46:c8:54:85:db:5c:69:4e:4e:65:f0:a1:09:68:
bb:fc:01:82:86:e9:d2:5b:0f:31:ab:b0:43:e8:4f:
30:98:1f:81:83:bd:e2:68:a3:5c:80:d5:d2:3d:10:
8a:27:19:13:59:56:57:4d:d9:9a:04:a7:ef:22:cd:
51:12:11:96:a6:73:04:76:1b:38:07:19:8b:93:6c:
70:60:2d:fb:de:c7:22:5d:41:d8:58:dd:6d:ed:c9:
8c:94:95:ff:87:24:0d:4b:0b:39:c7:84:65:ec:76:
e8:60:8f:91:d2:6d:3b:9e:02:90:8a:22:c7:4a:3c:
a3:76:e2:90:25:0c:14:de:a0:d3:5c:40:7e:fc:19:
2d:29:cb:89:0b:90:2d:b8:ab:f7:14:fa:68:61:c1:
96:2d:23:5e:f3:00:6a:19:42:7b:69:eb:aa:53:f6:
1f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:15:94:F3:D9:A0:CA:76:3C:0B:AA:C5:82:4C:A0:BD:A0:BF:CE:47
X509v3 Authority Key Identifier:
keyid:A4:B1:8F:96:AA:A0:35:67:F2:2F:C0:2C:42:A6:93:57:08:65:5A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pLGPlqqgNWfyL8AsQqaTVwhlWqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/5xWU89mgynY8C6rFgkygvaC_zkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/pLGPlqqgNWfyL8AsQqaTVwhlWqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.0.0/21
185.21.180.0/22
185.22.160.0/22
185.87.172.0/22
185.230.16.0/23
185.230.19.0/24
IPv6:
2a03:3f00::/48
Signature Algorithm: sha256WithRSAEncryption
5c:2f:31:84:5d:7e:42:c7:98:ef:cd:a3:dd:39:fa:e1:4d:5f:
3f:72:0d:66:b7:2e:d8:bd:b5:a7:cf:08:6d:49:de:3d:ce:e6:
4d:79:4b:48:f2:8f:76:02:37:e8:fe:67:cb:05:1a:3a:d3:43:
0c:2c:ce:7e:4a:af:43:96:13:1c:59:3b:5d:94:84:24:07:8f:
1f:e8:84:ae:8c:75:4f:64:5b:21:ff:d6:17:31:38:8b:ac:bb:
c1:5e:c6:e1:27:d6:ea:36:86:8d:6b:37:60:2d:75:c1:65:9c:
d7:f2:c8:6f:e3:46:85:b5:bb:88:4e:f0:63:6c:fd:bb:77:5c:
db:ef:99:a7:09:d8:3d:66:7e:b0:b0:b1:f3:94:77:2a:d0:33:
5c:00:c5:0c:27:47:54:60:57:8b:6e:de:ff:ae:82:8d:2f:cc:
c6:61:fd:15:40:dc:d7:7c:7f:ee:85:7b:a4:84:ab:39:75:29:
ac:9d:1d:2b:87:0b:fc:00:b5:a1:dc:8c:0b:f4:ed:98:c4:ed:
4d:77:f2:33:c9:01:79:36:ff:33:0d:f0:5c:a6:65:fe:40:da:
fd:77:49:75:10:21:4d:8d:96:9b:a7:93:9d:fe:64:b8:14:e8:
63:35:63:89:a3:5e:4c:4a:d4:9e:4a:f0:9d:fd:30:ef:3c:f8:
b6:e3:d8:f2
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEAqsRejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NGIxOGY5NmFhYTAzNTY3ZjIyZmMwMmM0MmE2OTM1NzA4NjU1YWE5MB4XDTIyMDEw
MTEyMDA1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTcxNTk0ZjNkOWEw
Y2E3NjNjMGJhYWM1ODI0Y2EwYmRhMGJmY2U0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL6tvAlAz0d/8ZxVskJQahH/GlD9CLubte2nnGu/C1xrrOes
e0SgB0tyssOtR5ZIWCMylYwgG14Sru1Tc/Xhjl5MCvV9ZZmyG89L371aw2KAKldL
0eBmK0+fdUbIVIXbXGlOTmXwoQlou/wBgobp0lsPMauwQ+hPMJgfgYO94mijXIDV
0j0QiicZE1lWV03ZmgSn7yLNURIRlqZzBHYbOAcZi5NscGAt+97HIl1B2Fjdbe3J
jJSV/4ckDUsLOceEZex26GCPkdJtO54CkIoix0o8o3bikCUMFN6g01xAfvwZLSnL
iQuQLbir9xT6aGHBli0jXvMAahlCe2nrqlP2HwsCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBTnFZTz2aDKdjwLqsWCTKC9oL/ORzAfBgNVHSMEGDAWgBSksY+WqqA1Z/Iv
wCxCppNXCGVaqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BMR1BscXFnTldmeUw4QXNRcWFUVndobFdxay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjQvNjgyMGY5LTQ0NTktNDg1OC05OGNlLWM2OTRmMGVhY2JhNi8x
LzV4V1U4OW1neW5ZOEM2ckZna3lndmFDX3prYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjQv
NjgyMGY5LTQ0NTktNDg1OC05OGNlLWM2OTRmMGVhY2JhNi8xL3BMR1BscXFnTldm
eUw4QXNRcWFUVndobFdxay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wKgQCAAEwJAMEAx8DAAMEArkVtAMEArkWoAMEArlX
rAMEAbnmEAMEALnmEzAPBAIAAjAJAwcAKgM/AAAAMA0GCSqGSIb3DQEBCwUAA4IB
AQBcLzGEXX5Cx5jvzaPdOfrhTV8/cg1mty7YvbWnzwhtSd49zuZNeUtI8o92Ajfo
/mfLBRo600MMLM5+Sq9DlhMcWTtdlIQkB48f6ISujHVPZFsh/9YXMTiLrLvBXsbh
J9bqNoaNazdgLXXBZZzX8shv40aFtbuITvBjbP27d1zb75mnCdg9Zn6wsLHzlHcq
0DNcAMUMJ0dUYFeLbt7/roKNL8zGYf0VQNzXfH/uhXukhKs5dSmsnR0rhwv8ALWh
3IwL9O2YxO1Nd/IzyQF5Nv8zDfBcpmX+QNr9d0l1ECFNjZabp5Od/mS4FOhjNWOJ
o15MStSeSvCd/TDvPPi249jy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:38 2024 by rpki-client on console-ams.rpki-client.org