Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/At3URRFSXz_kgGWhkFgCjm2FQlI.roa
File: At3URRFSXz_kgGWhkFgCjm2FQlI.roa (raw, json)
Hash identifier: is1lBL7uQkUsrfSk7r2Pk9ooaHdbguwL1hnZNg2J+MI=
Subject key identifier: 02:DD:D4:45:11:52:5F:3F:E4:80:65:A1:90:58:02:8E:6D:85:42:52
Certificate issuer: /CN=937f12abaf613973feb3073d8ce637f1b00cbfa9
Certificate serial: 1A01395C
Authority key identifier: 93:7F:12:AB:AF:61:39:73:FE:B3:07:3D:8C:E6:37:F1:B0:0C:BF:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k38Sq69hOXP-swc9jOY38bAMv6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/At3URRFSXz_kgGWhkFgCjm2FQlI.roa
Signing time: Sat 01 Jan 2022 10:59:54 +0000
ROA not before: Sat 01 Jan 2022 10:59:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15533
IP address blocks: 79.140.128.0/20 maxlen: 24
212.84.40.0/21 maxlen: 24
84.51.224.0/19 maxlen: 24
82.195.128.0/19 maxlen: 24
212.78.224.0/19 maxlen: 24
212.84.40.10/32 maxlen: 32
2001:1bd8::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 436287836 (0x1a01395c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=937f12abaf613973feb3073d8ce637f1b00cbfa9
Validity
Not Before: Jan 1 10:59:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02ddd44511525f3fe48065a19058028e6d854252
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:51:c7:c4:41:99:74:f8:a2:3f:8b:50:48:2a:
b3:c6:0d:76:0e:fd:8f:9b:8c:b7:25:1f:86:76:b4:
c6:2f:ad:bd:ed:39:65:c6:65:12:c1:c6:27:20:8f:
cb:ea:3e:69:ed:e1:79:f0:33:c3:a3:bf:ed:ab:07:
4c:df:e2:cd:0b:cb:61:85:17:17:2e:f3:37:d3:bd:
c6:d3:96:aa:53:6b:5f:ec:20:da:c4:4d:e3:fc:04:
54:97:52:3b:d4:59:94:a4:de:cd:21:cb:5c:84:c0:
b7:ef:1d:59:97:c6:93:61:d3:e2:4e:aa:c6:f3:4c:
1a:6c:0e:aa:87:8e:44:b9:b1:53:ab:7e:f2:db:d3:
0f:c0:28:a2:aa:ff:44:d3:b7:25:d1:1f:29:07:d5:
05:4f:8f:ab:2f:f7:4c:77:1e:76:84:52:ac:53:c5:
47:6f:e5:2a:90:84:47:81:79:25:e7:a4:3a:50:8a:
d0:41:80:d3:dc:f4:89:f3:4d:f7:d1:ba:16:47:47:
5c:6f:c1:e9:3c:7c:e9:5f:0c:97:c5:f3:e8:1b:c6:
ec:90:e8:ed:22:7e:8c:2c:79:b1:80:37:78:cc:af:
13:b2:95:87:a1:c1:79:3b:d0:9a:20:7c:cc:98:28:
d6:f8:5c:b1:ca:88:5a:05:b6:c8:7f:53:91:d7:a8:
50:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:DD:D4:45:11:52:5F:3F:E4:80:65:A1:90:58:02:8E:6D:85:42:52
X509v3 Authority Key Identifier:
keyid:93:7F:12:AB:AF:61:39:73:FE:B3:07:3D:8C:E6:37:F1:B0:0C:BF:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k38Sq69hOXP-swc9jOY38bAMv6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/At3URRFSXz_kgGWhkFgCjm2FQlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/k38Sq69hOXP-swc9jOY38bAMv6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.140.128.0/20
82.195.128.0/19
84.51.224.0/19
212.78.224.0/19
212.84.40.0/21
IPv6:
2001:1bd8::/32
Signature Algorithm: sha256WithRSAEncryption
90:9f:52:38:42:9d:ee:51:13:aa:a7:40:26:b8:37:ff:18:30:
31:a3:11:52:62:ac:b3:fd:e5:c4:05:ea:04:52:6b:43:04:06:
0e:37:d2:2a:fa:2a:c4:d2:a2:25:4d:68:08:c9:d7:1b:f1:71:
08:fc:bd:9b:58:99:1a:94:fd:2f:06:0b:29:c7:34:b4:1e:70:
83:2a:8f:86:a1:5d:83:ef:1c:30:03:b0:e8:6c:b2:59:05:73:
33:7f:83:47:5e:8e:37:e1:a0:f5:b8:ac:81:cd:02:86:eb:bc:
21:31:de:d2:43:b6:fd:f2:77:e6:7e:d0:c3:21:59:fb:7f:e3:
ae:11:3a:df:1e:98:80:51:99:0f:24:c6:cc:91:af:91:1a:fd:
ac:83:69:f6:af:c4:d7:fa:62:b1:56:b6:3a:a7:d8:5d:b8:4e:
4c:43:ec:d7:0b:6e:bf:a9:cf:38:d8:9e:30:55:6c:fe:19:aa:
c7:aa:8d:5c:38:ec:97:cc:b8:0e:c8:5a:6c:5e:fc:d7:07:65:
45:18:64:a9:01:5f:0a:42:2d:a0:33:a9:3e:d1:44:4a:3a:67:
3c:05:fc:6e:59:b8:e8:b4:5b:cb:ad:99:94:cd:ae:53:e2:c7:
6b:42:11:d6:ae:c8:19:58:0a:55:85:98:30:98:44:ff:a4:da:
75:4f:59:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEGgE5XDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzdmMTJhYmFmNjEzOTczZmViMzA3M2Q4Y2U2MzdmMWIwMGNiZmE5MB4XDTIyMDEw
MTEwNTk1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDJkZGQ0NDUxMTUy
NWYzZmU0ODA2NWExOTA1ODAyOGU2ZDg1NDI1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9Rx8RBmXT4oj+LUEgqs8YNdg79j5uMtyUfhna0xi+tve05
ZcZlEsHGJyCPy+o+ae3hefAzw6O/7asHTN/izQvLYYUXFy7zN9O9xtOWqlNrX+wg
2sRN4/wEVJdSO9RZlKTezSHLXITAt+8dWZfGk2HT4k6qxvNMGmwOqoeORLmxU6t+
8tvTD8Aooqr/RNO3JdEfKQfVBU+Pqy/3THcedoRSrFPFR2/lKpCER4F5JeekOlCK
0EGA09z0ifNN99G6FkdHXG/B6Tx86V8Ml8Xz6BvG7JDo7SJ+jCx5sYA3eMyvE7KV
h6HBeTvQmiB8zJgo1vhcscqIWgW2yH9TkdeoUNECAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBQC3dRFEVJfP+SAZaGQWAKObYVCUjAfBgNVHSMEGDAWgBSTfxKrr2E5c/6z
Bz2M5jfxsAy/qTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2szOFNxNjloT1hQLXN3YzlqT1kzOGJBTXY2ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjQvOTVlOTQ5LWJmMzQtNDEyMi04ZmE4LWExYWU1ODkyZDQyMS8x
L0F0M1VSUkZTWHpfa2dHV2hrRmdDam0yRlFsSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjQv
OTVlOTQ5LWJmMzQtNDEyMi04ZmE4LWExYWU1ODkyZDQyMS8xL2szOFNxNjloT1hQ
LXN3YzlqT1kzOGJBTXY2ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBE+MgAMEBVLDgAMEBVQz4AMEBdRO
4AMEA9RUKDANBAIAAjAHAwUAIAEb2DANBgkqhkiG9w0BAQsFAAOCAQEAkJ9SOEKd
7lETqqdAJrg3/xgwMaMRUmKss/3lxAXqBFJrQwQGDjfSKvoqxNKiJU1oCMnXG/Fx
CPy9m1iZGpT9LwYLKcc0tB5wgyqPhqFdg+8cMAOw6GyyWQVzM3+DR16ON+Gg9bis
gc0Chuu8ITHe0kO2/fJ35n7QwyFZ+3/jrhE63x6YgFGZDyTGzJGvkRr9rINp9q/E
1/pisVa2OqfYXbhOTEPs1wtuv6nPONieMFVs/hmqx6qNXDjsl8y4DshabF781wdl
RRhkqQFfCkItoDOpPtFESjpnPAX8blm46LRby62ZlM2uU+LHa0IR1q7IGVgKVYWY
MJhE/6TadU9ZsA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:41 2024 by rpki-client on console-fra.rpki-client.org