Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/cMmi6DvzOOpZplWpvHQ1d9klJig.roa
File: cMmi6DvzOOpZplWpvHQ1d9klJig.roa (raw, json)
Hash identifier: mpc3teZKv3ib/A8eedcD1TEDUgIEYXasCgNhmp0RXVg=
Subject key identifier: 70:C9:A2:E8:3B:F3:38:EA:59:A6:55:A9:BC:74:35:77:D9:25:26:28
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 36D4511B
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/cMmi6DvzOOpZplWpvHQ1d9klJig.roa
Signing time: Mon 23 May 2022 08:51:04 +0000
ROA not before: Mon 23 May 2022 08:51:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43160
IP address blocks: 5.40.191.0/24 maxlen: 24
89.140.40.0/23 maxlen: 24
62.82.238.0/24 maxlen: 24
5.40.128.0/24 maxlen: 24
89.140.197.0/24 maxlen: 24
89.140.112.0/24 maxlen: 24
62.175.202.0/24 maxlen: 24
62.82.84.0/24 maxlen: 24
84.124.116.0/24 maxlen: 24
89.140.120.0/24 maxlen: 24
89.140.122.0/24 maxlen: 24
5.40.86.0/24 maxlen: 24
5.40.32.0/23 maxlen: 23
5.40.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 919884059 (0x36d4511b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: May 23 08:51:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70c9a2e83bf338ea59a655a9bc743577d9252628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e4:4f:ae:a1:5b:27:4c:92:aa:80:e1:6c:61:
38:8b:b2:dd:58:1a:52:bc:f8:c7:07:2e:a2:37:fc:
39:ac:78:1f:db:f7:71:89:ad:3b:79:e4:f3:7e:d5:
b7:58:b8:61:44:b8:80:a5:94:03:1f:f5:4e:b1:df:
06:92:50:e6:7c:ce:3c:73:4d:6a:5d:8a:20:a7:04:
e2:2a:04:a9:8b:e0:45:0a:3f:00:61:f2:36:44:a8:
2f:42:aa:e0:9f:fe:9a:51:4e:9d:6d:21:c6:74:57:
98:44:5c:9e:06:98:56:cf:53:8e:a4:13:e9:7d:00:
3a:ac:4b:67:82:4b:a9:c7:c4:d3:73:85:b5:5e:be:
2e:22:11:ac:38:85:0e:f9:7b:6b:79:7f:53:64:52:
b4:57:a2:6b:a9:a2:e8:8c:fb:59:86:62:7e:14:08:
23:9b:d3:88:84:06:13:ee:e1:71:53:ff:34:af:78:
68:24:ea:07:d9:45:bd:e3:8c:d4:be:1f:05:c2:e8:
8a:5a:92:20:8f:cc:75:f2:5f:d7:25:3f:fe:a1:06:
17:e6:1c:3f:8a:7b:08:23:19:74:9b:a0:8a:88:fd:
58:1d:8e:57:b9:9f:f7:5a:bb:77:35:0d:7f:50:70:
e7:0f:05:e5:89:e8:1e:47:02:f7:7b:12:72:33:53:
79:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:C9:A2:E8:3B:F3:38:EA:59:A6:55:A9:BC:74:35:77:D9:25:26:28
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/cMmi6DvzOOpZplWpvHQ1d9klJig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.40.32.0/23
5.40.86.0/24
5.40.128.0/24
5.40.191.0/24
5.40.252.0/24
62.82.84.0/24
62.82.238.0/24
62.175.202.0/24
84.124.116.0/24
89.140.40.0/23
89.140.112.0/24
89.140.120.0/24
89.140.122.0/24
89.140.197.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:c1:8c:78:7e:48:85:af:12:4e:91:ba:90:f4:a9:05:5f:20:
94:c9:49:b2:3a:4f:72:40:a2:37:5d:64:49:bf:f2:b1:f0:ea:
48:3c:6c:1e:42:ab:d0:34:a8:8a:61:9b:3a:ec:b8:e6:b0:27:
3b:5c:92:c0:4c:2f:d1:62:4d:d6:a2:85:43:32:df:45:e9:ce:
3e:b0:f1:cc:5e:fb:71:1f:3c:91:f3:da:d8:a5:c9:d4:22:b9:
88:ff:c2:88:44:7d:f4:e9:47:58:54:1d:71:46:f1:52:9a:47:
5f:1b:a3:13:02:3c:22:4b:5a:3f:8f:f9:69:6b:43:66:7d:72:
27:bf:5e:c7:3a:11:ba:fa:34:27:68:9f:c7:5b:94:5d:a1:ec:
76:c0:91:90:ba:31:5b:fa:34:88:b6:a5:fc:26:78:c6:96:ea:
30:9e:99:0c:17:13:70:4e:cd:7c:50:60:93:22:40:fe:4c:e9:
49:e7:bc:71:61:69:93:8a:ba:80:9a:26:bf:e4:ba:b1:0e:29:
b2:0b:4f:aa:2b:73:2b:9b:8a:0f:60:5b:89:ce:4f:80:93:ad:
ca:f3:89:27:8b:31:32:d4:25:34:42:c8:19:eb:8f:c6:22:90:
6e:16:9a:f2:f1:27:d3:75:30:9e:f9:70:ee:f5:c5:e8:46:12:
92:38:ed:d0
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIENtRRGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDM0ZjE2ODYxMDI4NzZjNjIxNmJjZWEyOGE1ZTUwMmVjMGQ3YjZiMB4XDTIyMDUy
MzA4NTEwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzBjOWEyZTgzYmYz
MzhlYTU5YTY1NWE5YmM3NDM1NzdkOTI1MjYyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjkT66hWydMkqqA4WxhOIuy3VgaUrz4xwcuojf8Oax4H9v3
cYmtO3nk837Vt1i4YUS4gKWUAx/1TrHfBpJQ5nzOPHNNal2KIKcE4ioEqYvgRQo/
AGHyNkSoL0Kq4J/+mlFOnW0hxnRXmERcngaYVs9TjqQT6X0AOqxLZ4JLqcfE03OF
tV6+LiIRrDiFDvl7a3l/U2RStFeia6mi6Iz7WYZifhQII5vTiIQGE+7hcVP/NK94
aCTqB9lFveOM1L4fBcLoilqSII/MdfJf1yU//qEGF+YcP4p7CCMZdJugioj9WB2O
V7mf91q7dzUNf1Bw5w8F5YnoHkcC93sScjNTea0CAwEAAaOCAlcwggJTMB0GA1Ud
DgQWBBRwyaLoO/M46lmmVam8dDV32SUmKDAfBgNVHSMEGDAWgBTUNPFoYQKHbGIW
vOoopeUC7A17azAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFEVHhhR0VDaDJ4aUZyenFLS1hsQXV3TmUycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvNzI2YmI0LTVkODctNDAyZC05MWNlLTU3MTJkOTVhZTYzOC8x
L2NNbWk2RHZ6T09wWnBsV3B2SFExZDlrbEppZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
NzI2YmI0LTVkODctNDAyZC05MWNlLTU3MTJkOTVhZTYzOC8xLzFEVHhhR0VDaDJ4
aUZyenFLS1hsQXV3TmUycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBt
BggrBgEFBQcBBwEB/wReMFwwWgQCAAEwVAMEAQUoIAMEAAUoVgMEAAUogAMEAAUo
vwMEAAUo/AMEAD5SVAMEAD5S7gMEAD6vygMEAFR8dAMEAVmMKAMEAFmMcAMEAFmM
eAMEAFmMegMEAFmMxTANBgkqhkiG9w0BAQsFAAOCAQEAfsGMeH5Iha8STpG6kPSp
BV8glMlJsjpPckCiN11kSb/ysfDqSDxsHkKr0DSoimGbOuy45rAnO1ySwEwv0WJN
1qKFQzLfRenOPrDxzF77cR88kfPa2KXJ1CK5iP/CiER99OlHWFQdcUbxUppHXxuj
EwI8IktaP4/5aWtDZn1yJ79exzoRuvo0J2ifx1uUXaHsdsCRkLoxW/o0iLal/CZ4
xpbqMJ6ZDBcTcE7NfFBgkyJA/kzpSee8cWFpk4q6gJomv+S6sQ4psgtPqitzK5uK
D2Bbic5PgJOtyvOJJ4sxMtQlNELIGeuPxiKQbhaa8vEn03Uwnvlw7vXF6EYSkjjt
0A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:57 2023 by rpki-client on console-fra.rpki-client.org