Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/N64dZ2yeZVRE69K3pfJDgkbKjYs.roa
File: N64dZ2yeZVRE69K3pfJDgkbKjYs.roa (raw, json)
Hash identifier: MPq+YdGJ6PPEEVdsFRnsVc5NiOCLgnBNvd00c1Tln7Y=
Subject key identifier: 37:AE:1D:67:6C:9E:65:54:44:EB:D2:B7:A5:F2:43:82:46:CA:8D:8B
Certificate issuer: /CN=b307c87e7b6e294f2700790eef19e82939d85cd6
Certificate serial: 01833D718FC8D533D5963C5736B6720396FE
Authority key identifier: B3:07:C8:7E:7B:6E:29:4F:27:00:79:0E:EF:19:E8:29:39:D8:5C:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/swfIfntuKU8nAHkO7xnoKTnYXNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/N64dZ2yeZVRE69K3pfJDgkbKjYs.roa
Signing time: Wed 14 Sep 2022 19:19:56 +0000
ROA not before: Wed 14 Sep 2022 19:19:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212330
IP address blocks: 45.113.239.0/24 maxlen: 24
103.229.80.0/24 maxlen: 24
77.81.176.0/24 maxlen: 24
185.16.25.0/24 maxlen: 24
193.3.137.0/24 maxlen: 24
94.176.40.0/24 maxlen: 24
86.111.151.0/24 maxlen: 24
86.111.150.0/24 maxlen: 24
185.113.104.0/24 maxlen: 24
31.223.185.0/24 maxlen: 24
185.113.106.0/24 maxlen: 24
86.105.220.0/24 maxlen: 24
2a10:fa42::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3d:71:8f:c8:d5:33:d5:96:3c:57:36:b6:72:03:96:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b307c87e7b6e294f2700790eef19e82939d85cd6
Validity
Not Before: Sep 14 19:19:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=37ae1d676c9e655444ebd2b7a5f2438246ca8d8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:dd:01:47:47:a9:4e:37:40:31:92:cd:6f:40:
3a:93:e1:9f:bf:ed:69:ef:3f:81:6f:35:34:d7:f9:
0b:b2:1f:9d:0b:40:22:ef:9c:15:ea:d3:02:f4:2c:
9f:70:48:15:cf:5f:68:a7:8e:86:58:fc:cb:22:35:
49:c7:b9:59:ed:2d:02:d5:ff:88:d6:75:65:e6:50:
23:ae:ad:4b:6f:de:f5:b4:05:f0:14:9b:1f:33:60:
00:14:68:15:ca:8b:ff:d7:ab:48:3f:41:4f:45:f6:
01:96:c5:f5:fe:c1:e6:e9:9c:f6:45:3a:b0:83:42:
bf:e5:00:61:ed:21:8b:8f:89:e2:1e:5f:ac:a7:34:
ac:ae:c8:c8:43:ce:fd:df:6c:2c:ac:2f:90:4e:57:
77:d2:41:c8:0f:64:ab:ec:e7:32:5b:29:e1:c0:22:
92:25:41:83:a4:87:27:e9:75:62:84:55:54:a0:16:
98:25:86:5a:35:c8:82:50:c1:ec:f7:24:e2:f1:0b:
d9:86:2b:30:d7:b7:ed:c8:63:b2:2c:96:9b:75:36:
de:01:4d:fa:e1:78:2a:63:08:a0:77:f8:df:f1:84:
ee:13:00:54:bb:fa:73:a9:4e:3d:22:e2:de:0f:37:
cf:8d:61:de:33:17:34:f4:96:84:3d:19:99:ad:06:
97:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:AE:1D:67:6C:9E:65:54:44:EB:D2:B7:A5:F2:43:82:46:CA:8D:8B
X509v3 Authority Key Identifier:
keyid:B3:07:C8:7E:7B:6E:29:4F:27:00:79:0E:EF:19:E8:29:39:D8:5C:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/swfIfntuKU8nAHkO7xnoKTnYXNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/N64dZ2yeZVRE69K3pfJDgkbKjYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/swfIfntuKU8nAHkO7xnoKTnYXNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.185.0/24
45.113.239.0/24
77.81.176.0/24
86.105.220.0/24
86.111.150.0/23
94.176.40.0/24
103.229.80.0/24
185.16.25.0/24
185.113.104.0/24
185.113.106.0/24
193.3.137.0/24
IPv6:
2a10:fa42::/32
Signature Algorithm: sha256WithRSAEncryption
27:08:89:81:d1:ed:a7:48:f8:ea:93:04:fc:9c:46:78:f2:21:
f9:d1:ab:bb:03:2b:03:64:cf:f7:28:89:5f:de:30:10:c3:ed:
0c:03:30:41:3d:52:1f:72:61:43:a2:51:19:80:10:a1:a2:79:
01:a3:42:3d:5b:6e:70:1e:1f:2b:04:aa:40:ae:32:b7:e1:6a:
9e:47:09:6a:f0:9a:aa:5e:e3:a2:d0:da:28:da:62:8f:d2:f9:
11:b8:10:00:2c:0e:8c:5e:bf:99:74:ea:a4:7e:92:66:a3:46:
83:8b:d1:85:f0:90:67:0b:11:21:4c:5c:2e:89:d0:7d:2f:45:
10:41:74:8b:1f:7e:b7:73:1d:e1:20:3c:3f:c0:45:01:a0:79:
a7:43:cd:7b:91:91:83:78:21:08:03:04:ae:91:f0:fc:d8:8e:
b3:99:04:70:cd:f0:3b:41:98:7f:04:8d:59:04:06:a1:08:d3:
29:07:5e:34:ab:f0:2b:7a:f7:f7:9a:71:f8:8b:fe:3e:cd:29:
06:99:bf:23:54:f1:01:5e:63:4e:58:ed:4e:42:69:70:9d:a4:
a2:e6:32:f3:10:02:25:1c:7e:3a:14:50:20:1f:6a:c2:7a:1b:
d2:e0:a4:bc:3e:0c:8e:9d:c3:5b:2a:44:5e:99:0b:44:7d:e9:
f1:bb:3c:30
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYM9cY/I1TPVljxXNrZyA5b+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMDdjODdlN2I2ZTI5NGYyNzAwNzkwZWVmMTllODI5Mzlk
ODVjZDYwHhcNMjIwOTE0MTkxOTU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2FlMWQ2NzZjOWU2NTU0NDRlYmQyYjdhNWYyNDM4MjQ2Y2E4ZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt90BR0epTjdAMZLNb0A6k+Gfv+1p
7z+BbzU01/kLsh+dC0Ai75wV6tMC9CyfcEgVz19op46GWPzLIjVJx7lZ7S0C1f+I
1nVl5lAjrq1Lb971tAXwFJsfM2AAFGgVyov/16tIP0FPRfYBlsX1/sHm6Zz2RTqw
g0K/5QBh7SGLj4niHl+spzSsrsjIQ87932wsrC+QTld30kHID2Sr7OcyWynhwCKS
JUGDpIcn6XVihFVUoBaYJYZaNciCUMHs9yTi8QvZhisw17ftyGOyLJabdTbeAU36
4XgqYwigd/jf8YTuEwBUu/pzqU49IuLeDzfPjWHeMxc09JaEPRmZrQaX3QIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFDeuHWdsnmVUROvSt6XyQ4JGyo2LMB8GA1UdIwQY
MBaAFLMHyH57bilPJwB5Du8Z6Ck52FzWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3dmSWZudHVLVThuQUhrTzd4bm9LVG5ZWE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9kYTY0MmEtYTZhYi00NzA1LTk1ODct
NjQ5NDVhNGY4ZTEyLzEvTjY0ZFoyeWVaVlJFNjlLM3BmSkRna2JLallzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9kYTY0MmEtYTZhYi00NzA1LTk1ODctNjQ5NDVhNGY4ZTEy
LzEvc3dmSWZudHVLVThuQUhrTzd4bm9LVG5ZWE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQAH9+5AwQA
LXHvAwQATVGwAwQAVmncAwQBVm+WAwQAXrAoAwQAZ+VQAwQAuRAZAwQAuXFoAwQA
uXFqAwQAwQOJMA0EAgACMAcDBQAqEPpCMA0GCSqGSIb3DQEBCwUAA4IBAQAnCImB
0e2nSPjqkwT8nEZ48iH50au7AysDZM/3KIlf3jAQw+0MAzBBPVIfcmFDolEZgBCh
onkBo0I9W25wHh8rBKpArjK34WqeRwlq8JqqXuOi0Noo2mKP0vkRuBAALA6MXr+Z
dOqkfpJmo0aDi9GF8JBnCxEhTFwuidB9L0UQQXSLH363cx3hIDw/wEUBoHmnQ817
kZGDeCEIAwSukfD82I6zmQRwzfA7QZh/BI1ZBAahCNMpB140q/Arevf3mnH4i/4+
zSkGmb8jVPEBXmNOWO1OQmlwnaSi5jLzEAIlHH46FFAgH2rCehvS4KS8PgyOncNb
KkRemQtEfenxuzww
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:42 2024 by rpki-client on console-ams.rpki-client.org