Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/95cd2d-0d52-4b07-b76b-d853e7842b3a/1/no7PbsRNUlkqxZYiwSvqInWa9jw.roa
File: no7PbsRNUlkqxZYiwSvqInWa9jw.roa (raw, json)
Hash identifier: wpSWMLbpZaioN7OGXb/ADQW5/+HFmC7cV3E3Hqhrha0=
Subject key identifier: 9E:8E:CF:6E:C4:4D:52:59:2A:C5:96:22:C1:2B:EA:22:75:9A:F6:3C
Certificate issuer: /CN=1cf31e958a6fa85dfd517ea5a2167a359ce02691
Certificate serial: 0183AC61348F24F84317013AE153830F1AAE
Authority key identifier: 1C:F3:1E:95:8A:6F:A8:5D:FD:51:7E:A5:A2:16:7A:35:9C:E0:26:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HPMelYpvqF39UX6lohZ6NZzgJpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/95cd2d-0d52-4b07-b76b-d853e7842b3a/1/no7PbsRNUlkqxZYiwSvqInWa9jw.roa
Signing time: Thu 06 Oct 2022 08:19:55 +0000
ROA not before: Thu 06 Oct 2022 08:19:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34724
IP address blocks: 62.182.152.0/22 maxlen: 22
139.28.12.0/22 maxlen: 22
185.31.32.0/22 maxlen: 22
185.68.60.0/22 maxlen: 22
95.214.204.0/22 maxlen: 22
193.34.64.0/22 maxlen: 22
2a05:9300::/29 maxlen: 29
2a00:b720::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ac:61:34:8f:24:f8:43:17:01:3a:e1:53:83:0f:1a:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cf31e958a6fa85dfd517ea5a2167a359ce02691
Validity
Not Before: Oct 6 08:19:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e8ecf6ec44d52592ac59622c12bea22759af63c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ec:35:6e:2d:bb:69:4d:9c:ca:80:92:b5:63:
66:cf:d7:38:0d:4a:88:7e:84:22:08:eb:38:96:4c:
1b:e8:84:c6:2b:ab:aa:dc:d4:77:9d:9f:6d:f4:bc:
3d:6a:44:3b:54:98:4d:0c:43:db:0f:91:b5:a5:92:
96:7b:96:65:03:2b:a0:a4:92:3d:c1:b0:f9:4e:8d:
01:aa:e2:2a:aa:50:f7:29:5d:3d:84:71:b3:18:cf:
40:78:69:1c:ed:1c:04:9f:99:e7:ea:fe:1c:66:56:
d8:50:2a:f5:59:5a:e7:02:33:39:48:ac:2e:a0:31:
ba:ae:e0:d7:51:e2:5b:1f:4d:e7:a9:8f:62:14:67:
b9:ee:32:ee:af:42:3c:3b:4e:95:5b:ca:f9:0a:26:
4b:42:e6:4b:14:10:e5:c4:4a:3d:4f:12:18:5a:60:
54:83:f2:72:9e:ed:7a:ce:9e:62:e9:d0:75:2a:fd:
ab:d0:c8:36:b9:0f:c7:67:b9:c1:d8:52:d1:9d:df:
69:86:cf:ee:59:96:bf:e5:4f:94:ed:79:9e:e6:bd:
c1:ed:f3:9a:6d:b6:d1:03:e3:58:e4:a8:2c:44:9e:
45:f8:f0:c1:00:8b:3f:84:50:12:ec:64:d0:88:e8:
c2:8a:e1:b8:99:53:04:c5:a0:4e:0d:a4:c0:7c:da:
54:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:8E:CF:6E:C4:4D:52:59:2A:C5:96:22:C1:2B:EA:22:75:9A:F6:3C
X509v3 Authority Key Identifier:
keyid:1C:F3:1E:95:8A:6F:A8:5D:FD:51:7E:A5:A2:16:7A:35:9C:E0:26:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPMelYpvqF39UX6lohZ6NZzgJpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/95cd2d-0d52-4b07-b76b-d853e7842b3a/1/no7PbsRNUlkqxZYiwSvqInWa9jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/95cd2d-0d52-4b07-b76b-d853e7842b3a/1/HPMelYpvqF39UX6lohZ6NZzgJpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.152.0/22
95.214.204.0/22
139.28.12.0/22
185.31.32.0/22
185.68.60.0/22
193.34.64.0/22
IPv6:
2a00:b720::/29
2a05:9300::/29
Signature Algorithm: sha256WithRSAEncryption
72:0d:15:d6:13:93:45:c6:36:4a:9d:45:e8:98:23:8b:21:fd:
db:7e:1e:d4:1c:5b:94:9c:d9:d7:b8:00:e1:93:88:e6:81:2e:
da:66:11:ae:d0:d2:07:52:a2:24:ff:1f:b0:64:c6:9f:1b:cd:
7b:cb:a6:16:24:1f:a0:cc:2a:7e:be:6a:cd:1d:35:5e:6d:81:
b6:dd:ad:19:66:ec:82:70:fe:7f:36:d6:37:c5:cb:80:11:fc:
99:32:66:ae:3b:28:ab:2a:a4:c8:98:4c:97:1e:22:11:50:ba:
53:3c:04:46:fb:f1:0a:6d:83:38:4a:22:19:4c:54:4a:fa:86:
24:6f:42:7f:d5:d9:a0:e8:68:09:05:29:29:cc:cf:71:31:b8:
54:e0:8e:31:3e:0e:fe:fc:5d:5b:4b:76:60:b0:bd:9a:cc:65:
2f:d0:58:d2:62:1c:f1:ab:1b:27:fc:be:ef:7e:7d:9c:53:20:
c3:eb:b0:3c:ec:35:6d:e4:82:60:9c:93:e1:9a:9d:03:58:52:
74:1b:94:83:d9:9d:90:0f:ea:1e:d9:dc:06:42:c3:eb:5c:e3:
4a:49:8c:93:7a:b5:27:ba:07:1b:1b:20:35:ef:5b:1b:cc:52:
a5:99:b8:41:da:9f:67:6c:3c:f9:21:a1:4c:e7:fb:98:67:ad:
46:5c:e3:80
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYOsYTSPJPhDFwE64VODDxquMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZjMxZTk1OGE2ZmE4NWRmZDUxN2VhNWEyMTY3YTM1OWNl
MDI2OTEwHhcNMjIxMDA2MDgxOTU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZThlY2Y2ZWM0NGQ1MjU5MmFjNTk2MjJjMTJiZWEyMjc1OWFmNjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuw1bi27aU2cyoCStWNmz9c4DUqI
foQiCOs4lkwb6ITGK6uq3NR3nZ9t9Lw9akQ7VJhNDEPbD5G1pZKWe5ZlAyugpJI9
wbD5To0BquIqqlD3KV09hHGzGM9AeGkc7RwEn5nn6v4cZlbYUCr1WVrnAjM5SKwu
oDG6ruDXUeJbH03nqY9iFGe57jLur0I8O06VW8r5CiZLQuZLFBDlxEo9TxIYWmBU
g/Jynu16zp5i6dB1Kv2r0Mg2uQ/HZ7nB2FLRnd9phs/uWZa/5U+U7Xme5r3B7fOa
bbbRA+NY5KgsRJ5F+PDBAIs/hFAS7GTQiOjCiuG4mVMExaBODaTAfNpUEwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFJ6Oz27ETVJZKsWWIsEr6iJ1mvY8MB8GA1UdIwQY
MBaAFBzzHpWKb6hd/VF+paIWejWc4CaRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFBNZWxZcHZxRjM5VVg2bG9oWjZOWnpnSnBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS85NWNkMmQtMGQ1Mi00YjA3LWI3NmIt
ZDg1M2U3ODQyYjNhLzEvbm83UGJzUk5VbGtxeFpZaXdTdnFJbldhOWp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS85NWNkMmQtMGQ1Mi00YjA3LWI3NmItZDg1M2U3ODQyYjNh
LzEvSFBNZWxZcHZxRjM5VVg2bG9oWjZOWnpnSnBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCPraYAwQC
X9bMAwQCixwMAwQCuR8gAwQCuUQ8AwQCwSJAMBQEAgACMA4DBQMqALcgAwUDKgWT
ADANBgkqhkiG9w0BAQsFAAOCAQEAcg0V1hOTRcY2Sp1F6JgjiyH9234e1BxblJzZ
17gA4ZOI5oEu2mYRrtDSB1KiJP8fsGTGnxvNe8umFiQfoMwqfr5qzR01Xm2Btt2t
GWbsgnD+fzbWN8XLgBH8mTJmrjsoqyqkyJhMlx4iEVC6UzwERvvxCm2DOEoiGUxU
SvqGJG9Cf9XZoOhoCQUpKczPcTG4VOCOMT4O/vxdW0t2YLC9msxlL9BY0mIc8asb
J/y+7359nFMgw+uwPOw1beSCYJyT4ZqdA1hSdBuUg9mdkA/qHtncBkLD61zjSkmM
k3q1J7oHGxsgNe9bG8xSpZm4QdqfZ2w8+SGhTOf7mGetRlzjgA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:21 2024 by rpki-client on console-ams.rpki-client.org