Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/V1Qf1c7fMRKes7HXzP4tWPexoi4.roa
File: V1Qf1c7fMRKes7HXzP4tWPexoi4.roa (raw, json)
Hash identifier: czegMHjm32cSPEqj4CG6Pe/iHIBVDEfG5QiX1Hr+dcI=
Subject key identifier: 57:54:1F:D5:CE:DF:31:12:9E:B3:B1:D7:CC:FE:2D:58:F7:B1:A2:2E
Certificate issuer: /CN=ac7cc334f51d2b6eb4e27d6d56b9bce3e85560cc
Certificate serial: 0183132916DF94B92D9BAD88828C71BC9AB0
Authority key identifier: AC:7C:C3:34:F5:1D:2B:6E:B4:E2:7D:6D:56:B9:BC:E3:E8:55:60:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rHzDNPUdK2604n1tVrm84-hVYMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/V1Qf1c7fMRKes7HXzP4tWPexoi4.roa
Signing time: Tue 06 Sep 2022 14:16:43 +0000
ROA not before: Tue 06 Sep 2022 14:16:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47902
IP address blocks: 185.100.108.0/22 maxlen: 24
93.189.184.0/21 maxlen: 24
82.193.32.0/19 maxlen: 24
31.223.240.0/20 maxlen: 24
46.19.232.0/21 maxlen: 24
46.254.232.0/21 maxlen: 24
185.202.184.0/22 maxlen: 24
2a02:9a8::/29 maxlen: 48
2a03:6800::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:13:29:16:df:94:b9:2d:9b:ad:88:82:8c:71:bc:9a:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac7cc334f51d2b6eb4e27d6d56b9bce3e85560cc
Validity
Not Before: Sep 6 14:16:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=57541fd5cedf31129eb3b1d7ccfe2d58f7b1a22e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:19:da:97:11:82:98:d9:7f:f7:cb:db:62:95:
43:af:44:3d:12:53:36:ce:dc:df:f7:cc:41:a3:ae:
0b:d9:60:d2:46:18:ad:d5:6b:aa:47:4a:63:b0:eb:
01:ec:20:a7:64:01:a2:37:5c:c9:f6:15:8b:32:d0:
17:b6:2a:9a:df:61:25:dc:15:a4:c2:6c:28:92:d7:
ca:b7:a2:c6:ae:8d:6f:e3:92:60:6c:79:31:c6:b8:
e7:c7:c4:d6:5c:38:0a:cc:17:e1:5a:a1:ed:3b:8b:
ae:67:e0:08:5f:b3:2c:41:1b:3a:8c:48:ef:8b:4b:
ff:7b:cb:7c:4b:9e:74:2e:f3:9a:aa:94:68:6b:60:
39:ec:d6:4f:8a:03:75:7f:ad:2b:d5:38:7e:ba:15:
63:06:79:af:4d:50:d3:f7:32:51:0c:1f:77:5b:ab:
42:53:1b:59:96:aa:73:20:a2:f5:fc:a6:1d:59:1b:
9c:84:26:f6:a2:a9:72:f4:18:49:60:a9:68:c6:ad:
61:6d:94:60:ef:a5:fd:7d:0b:3c:f6:73:29:85:95:
74:4e:11:6a:8d:c6:34:ec:95:fe:bd:50:14:18:f2:
3c:4d:ca:11:a4:0d:30:bd:a1:ad:52:65:ba:bb:83:
f7:ec:6d:d3:c7:b4:73:95:5b:8d:01:88:2a:3b:74:
df:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:54:1F:D5:CE:DF:31:12:9E:B3:B1:D7:CC:FE:2D:58:F7:B1:A2:2E
X509v3 Authority Key Identifier:
keyid:AC:7C:C3:34:F5:1D:2B:6E:B4:E2:7D:6D:56:B9:BC:E3:E8:55:60:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHzDNPUdK2604n1tVrm84-hVYMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/V1Qf1c7fMRKes7HXzP4tWPexoi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/rHzDNPUdK2604n1tVrm84-hVYMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.240.0/20
46.19.232.0/21
46.254.232.0/21
82.193.32.0/19
93.189.184.0/21
185.100.108.0/22
185.202.184.0/22
IPv6:
2a02:9a8::/29
2a03:6800::/29
Signature Algorithm: sha256WithRSAEncryption
2f:35:07:92:4d:5c:e6:03:b0:59:c5:cd:f7:be:75:27:75:29:
52:cc:7c:c4:d3:26:47:a3:7f:43:be:53:e3:8a:66:64:c2:a0:
79:dc:1f:a4:1f:96:22:84:d6:ac:53:54:e1:cc:e7:d8:96:03:
59:87:2b:a6:3e:c7:25:89:7b:10:7a:53:84:19:b0:35:9d:d8:
bd:ab:0a:04:0c:84:7b:96:56:ea:50:1c:df:61:1d:66:fb:0f:
14:08:1b:79:1c:90:ce:19:e4:f4:04:4a:5a:cb:59:6c:5e:1e:
35:95:d8:a4:c6:6b:7f:d4:61:9b:4a:7c:15:08:a5:2c:47:f6:
e1:21:9a:5e:2b:64:87:cf:ee:57:56:97:23:05:be:e6:34:3f:
57:a9:b8:dd:22:84:e2:c9:a0:ec:dc:90:79:44:ba:a1:c3:8b:
52:40:5b:c8:26:9e:b0:b0:5a:e5:df:f3:42:01:5d:b9:09:bf:
6d:e3:e6:58:7e:c4:b3:c4:e9:b1:93:13:76:36:ae:5f:28:2d:
67:ff:22:89:69:c9:f9:71:0f:ed:08:54:a6:d8:4b:8f:35:01:
ef:62:dc:13:7b:98:08:62:3d:90:82:cd:5e:4d:10:06:73:8d:
5b:a6:95:dc:3b:83:92:49:1b:47:91:e3:d8:1d:64:85:e0:8d:
a5:e0:fb:e3
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYMTKRbflLktm62IgoxxvJqwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjN2NjMzM0ZjUxZDJiNmViNGUyN2Q2ZDU2YjliY2UzZTg1
NTYwY2MwHhcNMjIwOTA2MTQxNjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzU0MWZkNWNlZGYzMTEyOWViM2IxZDdjY2ZlMmQ1OGY3YjFhMjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhnalxGCmNl/98vbYpVDr0Q9ElM2
ztzf98xBo64L2WDSRhit1WuqR0pjsOsB7CCnZAGiN1zJ9hWLMtAXtiqa32El3BWk
wmwoktfKt6LGro1v45JgbHkxxrjnx8TWXDgKzBfhWqHtO4uuZ+AIX7MsQRs6jEjv
i0v/e8t8S550LvOaqpRoa2A57NZPigN1f60r1Th+uhVjBnmvTVDT9zJRDB93W6tC
UxtZlqpzIKL1/KYdWRuchCb2oqly9BhJYKloxq1hbZRg76X9fQs89nMphZV0ThFq
jcY07JX+vVAUGPI8TcoRpA0wvaGtUmW6u4P37G3Tx7RzlVuNAYgqO3TfCQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFFdUH9XO3zESnrOx18z+LVj3saIuMB8GA1UdIwQY
MBaAFKx8wzT1HStutOJ9bVa5vOPoVWDMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckh6RE5QVWRLMjYwNG4xdFZybTg0LWhWWU13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9kZDU1ZTgtZmViZC00OWQwLWE1YTct
MWNmMTViMmJhN2JlLzEvVjFRZjFjN2ZNUktlczdIWHpQNHRXUGV4b2k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9kZDU1ZTgtZmViZC00OWQwLWE1YTctMWNmMTViMmJhN2Jl
LzEvckh6RE5QVWRLMjYwNG4xdFZybTg0LWhWWU13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQEH9/wAwQD
LhPoAwQDLv7oAwQFUsEgAwQDXb24AwQCuWRsAwQCucq4MBQEAgACMA4DBQMqAgmo
AwUDKgNoADANBgkqhkiG9w0BAQsFAAOCAQEALzUHkk1c5gOwWcXN9751J3UpUsx8
xNMmR6N/Q75T44pmZMKgedwfpB+WIoTWrFNU4czn2JYDWYcrpj7HJYl7EHpThBmw
NZ3YvasKBAyEe5ZW6lAc32EdZvsPFAgbeRyQzhnk9ARKWstZbF4eNZXYpMZrf9Rh
m0p8FQilLEf24SGaXitkh8/uV1aXIwW+5jQ/V6m43SKE4smg7NyQeUS6ocOLUkBb
yCaesLBa5d/zQgFduQm/bePmWH7Es8TpsZMTdjauXygtZ/8iiWnJ+XEP7QhUpthL
jzUB72LcE3uYCGI9kILNXk0QBnONW6aV3DuDkkkbR5Hj2B1kheCNpeD74w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:23 2024 by rpki-client on console-ams.rpki-client.org