Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/UUz4XRzQfmuUOAWJ8XfiMsgEvTo.roa
File: UUz4XRzQfmuUOAWJ8XfiMsgEvTo.roa (raw, json)
Hash identifier: sqfxuIH3kIMBiVLiXGhn2PutUiVTfnV1FJZrL6owjJs=
Subject key identifier: 51:4C:F8:5D:1C:D0:7E:6B:94:38:05:89:F1:77:E2:32:C8:04:BD:3A
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 0182DB173CECE05F526CF8F077E36D2FD7FB
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/UUz4XRzQfmuUOAWJ8XfiMsgEvTo.roa
Signing time: Fri 26 Aug 2022 16:58:29 +0000
ROA not before: Fri 26 Aug 2022 16:58:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43350
IP address blocks: 185.135.212.0/22 maxlen: 24
45.43.88.0/22 maxlen: 24
198.105.96.0/22 maxlen: 24
198.105.104.0/22 maxlen: 24
198.105.112.0/24 maxlen: 24
198.105.114.0/23 maxlen: 24
198.105.113.0/24 maxlen: 24
155.254.40.0/22 maxlen: 22
155.254.44.0/22 maxlen: 24
155.254.50.0/23 maxlen: 24
155.254.52.0/22 maxlen: 24
155.254.56.0/22 maxlen: 24
45.43.92.0/22 maxlen: 24
185.53.131.0/24 maxlen: 24
185.53.128.0/24 maxlen: 24
185.53.130.0/24 maxlen: 24
185.53.129.0/24 maxlen: 24
185.83.219.0/24 maxlen: 24
185.83.218.0/24 maxlen: 24
185.83.216.0/24 maxlen: 24
185.83.217.0/24 maxlen: 24
107.181.137.0/24 maxlen: 24
107.181.156.0/22 maxlen: 22
91.210.64.0/22 maxlen: 24
103.206.232.0/22 maxlen: 24
94.177.5.0/24 maxlen: 24
43.239.88.0/22 maxlen: 22
87.239.252.0/23 maxlen: 24
2a02:2ca0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:db:17:3c:ec:e0:5f:52:6c:f8:f0:77:e3:6d:2f:d7:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Aug 26 16:58:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=514cf85d1cd07e6b94380589f177e232c804bd3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e0:dc:da:2a:5b:a1:1a:7c:89:a6:e9:2e:5b:
5a:a0:60:81:6c:c3:64:53:9c:09:3d:5f:f9:81:20:
2d:67:26:a6:55:b1:08:24:50:54:46:aa:3f:ea:cd:
da:ea:6a:fd:49:88:79:84:4f:e8:ed:08:7c:d2:82:
9a:4f:56:c5:12:2b:5a:de:c1:06:d0:3e:04:21:7d:
72:cb:42:77:76:96:d5:0c:92:9f:9d:9b:54:88:d3:
dd:33:80:54:56:47:ef:d1:50:43:19:9d:0c:06:c8:
e3:a9:f3:70:83:a1:19:50:92:a1:fe:ee:fc:b8:a1:
f5:99:88:c6:ce:c6:dd:29:27:c2:8a:bd:81:32:1b:
02:01:01:9c:be:ad:fc:d0:df:24:dc:be:88:4e:32:
08:21:0d:49:c2:75:1f:a9:01:e2:8c:97:fb:f8:40:
fa:47:bf:49:0f:69:f7:61:59:49:5f:bd:1f:ae:9d:
8d:e2:0d:a1:1f:c1:7d:5c:e8:8b:e0:d5:f9:5d:ad:
a2:19:ec:47:2a:9b:0d:9d:86:ec:b1:e5:f6:db:32:
0f:98:fe:2d:47:7c:5d:fc:0f:99:be:f6:da:58:27:
18:eb:13:7d:9b:7d:80:e8:ed:36:56:a3:a2:65:44:
49:54:83:51:a4:ae:38:1c:0e:4b:31:2d:d7:8b:fc:
8f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:4C:F8:5D:1C:D0:7E:6B:94:38:05:89:F1:77:E2:32:C8:04:BD:3A
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/UUz4XRzQfmuUOAWJ8XfiMsgEvTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.239.88.0/22
45.43.88.0/21
87.239.252.0/23
91.210.64.0/22
94.177.5.0/24
103.206.232.0/22
107.181.137.0/24
107.181.156.0/22
155.254.40.0/21
155.254.50.0-155.254.59.255
185.53.128.0/22
185.83.216.0/22
185.135.212.0/22
198.105.96.0/22
198.105.104.0/22
198.105.112.0/22
IPv6:
2a02:2ca0::/29
Signature Algorithm: sha256WithRSAEncryption
62:a7:8c:f9:17:ed:cc:d5:92:7c:c9:de:35:41:5f:85:ed:09:
83:09:44:19:10:e1:47:3c:3d:69:5d:08:41:6d:2e:f3:f6:b4:
9e:05:be:9d:d5:ae:19:26:a1:cc:ef:6d:3b:35:b0:9b:b3:ea:
7f:d4:28:0b:f6:6a:cb:01:ec:bc:2e:41:3c:e4:20:80:c0:62:
1f:3e:21:c8:83:66:dc:7f:16:12:a5:3d:4e:46:4b:7a:ef:a0:
eb:60:de:6b:0e:f7:4c:54:d5:87:46:02:cd:f5:b2:4e:23:ab:
31:1b:ce:91:22:4e:22:6b:49:bb:9d:b4:ce:49:92:e1:a2:1c:
e0:16:01:dd:69:0b:27:78:ad:d9:b6:08:c8:14:62:ff:e8:7a:
a1:63:37:b3:d6:f5:55:00:0a:03:e2:fe:36:6a:69:b2:1a:79:
af:3f:64:f4:db:b3:8d:21:67:09:7e:4b:88:41:52:3f:20:b7:
e8:a8:f7:04:2f:e0:61:37:68:32:cf:f5:41:93:62:fd:f3:a7:
7a:23:b9:1e:06:33:28:44:0c:4c:99:ad:af:bd:ec:0c:e4:48:
ac:f2:d4:da:0d:e4:4b:e7:75:a4:ca:ae:58:37:27:4e:bc:93:
4a:7d:3f:ac:cc:84:9b:3b:75:e8:bf:8e:32:8c:ac:19:c2:13:
25:24:4d:6c
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAYLbFzzs4F9SbPjwd+NtL9f7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjIwODI2MTY1ODI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTRjZjg1ZDFjZDA3ZTZiOTQzODA1ODlmMTc3ZTIzMmM4MDRiZDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeDc2ipboRp8iabpLltaoGCBbMNk
U5wJPV/5gSAtZyamVbEIJFBURqo/6s3a6mr9SYh5hE/o7Qh80oKaT1bFEita3sEG
0D4EIX1yy0J3dpbVDJKfnZtUiNPdM4BUVkfv0VBDGZ0MBsjjqfNwg6EZUJKh/u78
uKH1mYjGzsbdKSfCir2BMhsCAQGcvq380N8k3L6ITjIIIQ1JwnUfqQHijJf7+ED6
R79JD2n3YVlJX70frp2N4g2hH8F9XOiL4NX5Xa2iGexHKpsNnYbsseX22zIPmP4t
R3xd/A+ZvvbaWCcY6xN9m32A6O02VqOiZURJVINRpK44HA5LMS3Xi/yP2QIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFFFM+F0c0H5rlDgFifF34jLIBL06MB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvVVV6NFhSelFmbXVVT0FXSjhYZmlNc2dFdlRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MG4EAgABMGgDBAIr71gD
BAMtK1gDBAFX7/wDBAJb0kADBABesQUDBAJnzugDBABrtYkDBAJrtZwDBAOb/igw
DAMEAZv+MgMEApv+OAMEArk1gAMEArlT2AMEArmH1AMEAsZpYAMEAsZpaAMEAsZp
cDANBAIAAjAHAwUDKgIsoDANBgkqhkiG9w0BAQsFAAOCAQEAYqeM+RftzNWSfMne
NUFfhe0JgwlEGRDhRzw9aV0IQW0u8/a0ngW+ndWuGSahzO9tOzWwm7Pqf9QoC/Zq
ywHsvC5BPOQggMBiHz4hyINm3H8WEqU9TkZLeu+g62Deaw73TFTVh0YCzfWyTiOr
MRvOkSJOImtJu520zkmS4aIc4BYB3WkLJ3it2bYIyBRi/+h6oWM3s9b1VQAKA+L+
Nmppshp5rz9k9NuzjSFnCX5LiEFSPyC36Kj3BC/gYTdoMs/1QZNi/fOneiO5HgYz
KEQMTJmtr73sDORIrPLU2g3kS+d1pMquWDcnTryTSn0/rMyEmzt16L+OMoysGcIT
JSRNbA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:13 2023 by rpki-client on console-ams.rpki-client.org