Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/SSu40OfZk-oRw9_kPZdslMdfxzk.roa
File: SSu40OfZk-oRw9_kPZdslMdfxzk.roa (raw, json)
Hash identifier: xDKR9SVMv3OoHvhWaArVJadIRH45x/p05jrmhA/FMec=
Subject key identifier: 49:2B:B8:D0:E7:D9:93:EA:11:C3:DF:E4:3D:97:6C:94:C7:5F:C7:39
Certificate issuer: /CN=61b534437503668815add93cd17d0ad3e1b1a877
Certificate serial: 0C515FBB
Authority key identifier: 61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/SSu40OfZk-oRw9_kPZdslMdfxzk.roa
Signing time: Fri 25 Mar 2022 08:54:16 +0000
ROA not before: Fri 25 Mar 2022 08:54:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50266
IP address blocks: 82.172.0.0/17 maxlen: 17
143.178.0.0/17 maxlen: 24
87.210.0.0/16 maxlen: 24
94.157.0.0/16 maxlen: 24
62.250.128.0/17 maxlen: 24
87.208.0.0/16 maxlen: 24
81.59.0.0/17 maxlen: 17
87.209.0.0/16 maxlen: 24
143.177.0.0/16 maxlen: 24
87.212.0.0/16 maxlen: 24
31.20.0.0/16 maxlen: 24
143.178.128.0/17 maxlen: 24
31.21.0.0/16 maxlen: 24
143.179.0.0/16 maxlen: 16
31.187.128.0/17 maxlen: 24
82.174.0.0/16 maxlen: 24
62.166.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 206659515 (0xc515fbb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b534437503668815add93cd17d0ad3e1b1a877
Validity
Not Before: Mar 25 08:54:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=492bb8d0e7d993ea11c3dfe43d976c94c75fc739
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:80:46:85:32:1a:3d:4f:1e:66:fd:db:34:3d:
c6:a2:ce:7f:c8:12:20:64:5d:6d:30:8c:92:3e:b3:
a4:3e:7b:ff:12:e6:89:f2:61:2f:e9:9b:84:ad:54:
05:b2:ea:49:93:35:89:ca:2c:52:bd:23:00:af:ea:
ce:41:e7:6b:d7:0f:e4:10:2f:d1:24:e9:22:0a:2d:
94:76:74:df:b6:d4:f6:98:e1:af:44:80:55:10:03:
bd:d6:92:5c:27:cf:96:52:fc:3a:d6:65:7f:6f:4b:
22:f6:6d:f8:37:69:25:81:c0:22:bb:a7:aa:bb:36:
cd:89:bd:cc:18:0f:a2:4b:0d:2a:fc:c8:e1:1f:44:
a4:79:aa:94:41:d2:17:3d:83:9e:c4:00:28:35:0a:
99:81:f3:62:07:00:c8:30:95:3d:3f:96:2a:4c:66:
2b:dd:17:72:03:ec:0a:17:17:84:41:fa:05:8b:fe:
7a:f8:26:65:f8:da:d1:0f:0b:70:eb:d3:f7:ae:f2:
7e:55:f1:ee:8f:b0:13:2a:80:3c:29:33:4e:c1:e0:
81:54:cf:e3:67:95:a0:bf:6a:5f:5d:4d:50:88:f0:
8f:6f:d4:d3:63:3a:82:87:5d:9b:77:d0:45:db:4a:
fe:65:5a:11:b4:a8:41:6e:93:e9:19:18:d0:b9:cb:
0d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:2B:B8:D0:E7:D9:93:EA:11:C3:DF:E4:3D:97:6C:94:C7:5F:C7:39
X509v3 Authority Key Identifier:
keyid:61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/SSu40OfZk-oRw9_kPZdslMdfxzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/YbU0Q3UDZogVrdk80X0K0-GxqHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.20.0.0/15
31.187.128.0/17
62.166.128.0/17
62.250.128.0/17
81.59.0.0/17
82.172.0.0/17
82.174.0.0/16
87.208.0.0-87.210.255.255
87.212.0.0/16
94.157.0.0/16
143.177.0.0-143.179.255.255
Signature Algorithm: sha256WithRSAEncryption
b0:3a:a8:b3:b2:ca:e6:0b:a4:97:44:83:d8:70:95:3c:fa:0f:
67:f5:7e:43:75:0d:1c:40:86:5c:61:23:8f:2f:5b:66:18:3d:
d1:06:36:ae:c2:96:bf:a7:2e:24:39:9d:59:95:17:81:08:27:
20:64:ec:34:da:da:d7:f9:a1:30:c8:21:cb:a9:3a:c7:d5:c3:
bf:c2:15:fc:9e:00:33:62:df:22:3f:28:ae:59:ba:da:3a:71:
df:4d:85:50:77:83:14:4b:d7:ed:1a:ac:20:e2:3c:e1:a6:6b:
08:a1:6a:f5:5b:b6:af:a3:bd:3f:80:e3:23:56:72:27:34:d9:
e4:95:0d:20:fd:5d:b8:f6:4b:79:ed:83:3e:07:43:c5:f0:6b:
83:49:7a:2b:9b:5f:e0:83:4c:13:1b:78:64:93:d6:05:8b:b2:
b0:69:ea:14:84:56:05:75:94:ff:76:aa:e6:87:46:82:36:3c:
55:c3:47:2a:65:08:1d:b7:73:34:3f:01:02:44:d0:87:7a:02:
c2:ce:d1:b8:e5:40:18:e5:b0:1c:4f:dc:b6:76:ac:a3:67:fc:
a7:e2:a1:d8:60:08:35:2a:2c:d5:c5:79:79:ca:5e:24:ba:73:
70:99:b3:d2:1f:21:a7:ec:a2:85:91:df:c1:8d:81:f8:1b:69:
ab:55:bb:be
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIEDFFfuzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MWI1MzQ0Mzc1MDM2Njg4MTVhZGQ5M2NkMTdkMGFkM2UxYjFhODc3MB4XDTIyMDMy
NTA4NTQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDkyYmI4ZDBlN2Q5
OTNlYTExYzNkZmU0M2Q5NzZjOTRjNzVmYzczOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKSARoUyGj1PHmb92zQ9xqLOf8gSIGRdbTCMkj6zpD57/xLm
ifJhL+mbhK1UBbLqSZM1icosUr0jAK/qzkHna9cP5BAv0STpIgotlHZ037bU9pjh
r0SAVRADvdaSXCfPllL8OtZlf29LIvZt+DdpJYHAIrunqrs2zYm9zBgPoksNKvzI
4R9EpHmqlEHSFz2DnsQAKDUKmYHzYgcAyDCVPT+WKkxmK90XcgPsChcXhEH6BYv+
evgmZfja0Q8LcOvT967yflXx7o+wEyqAPCkzTsHggVTP42eVoL9qX11NUIjwj2/U
02M6goddm3fQRdtK/mVaEbSoQW6T6RkY0LnLDYECAwEAAaOCAk0wggJJMB0GA1Ud
DgQWBBRJK7jQ59mT6hHD3+Q9l2yUx1/HOTAfBgNVHSMEGDAWgBRhtTRDdQNmiBWt
2TzRfQrT4bGodzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1liVTBRM1VEWm9nVnJkazgwWDBLMC1HeHFIYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmUvYzFhY2Q2LTIzMGEtNGUzNi1hNThmLWY1NTVlMmU2OGExMC8x
L1NTdTQwT2Zaay1vUnc5X2tQWmRzbE1kZnh6ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUv
YzFhY2Q2LTIzMGEtNGUzNi1hNThmLWY1NTVlMmU2OGExMC8xL1liVTBRM1VEWm9n
VnJkazgwWDBLMC1HeHFIYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBj
BggrBgEFBQcBBwEB/wRUMFIwUAQCAAEwSgMDAR8UAwQHH7uAAwQHPqaAAwQHPvqA
AwQHUTsAAwQHUqwAAwMAUq4wCgMDBFfQAwMAV9IDAwBX1AMDAF6dMAoDAwCPsQMD
Ao+wMA0GCSqGSIb3DQEBCwUAA4IBAQCwOqizssrmC6SXRIPYcJU8+g9n9X5DdQ0c
QIZcYSOPL1tmGD3RBjauwpa/py4kOZ1ZlReBCCcgZOw02trX+aEwyCHLqTrH1cO/
whX8ngAzYt8iPyiuWbraOnHfTYVQd4MUS9ftGqwg4jzhpmsIoWr1W7avo70/gOMj
VnInNNnklQ0g/V249kt57YM+B0PF8GuDSXorm1/gg0wTG3hkk9YFi7KwaeoUhFYF
dZT/dqrmh0aCNjxVw0cqZQgdt3M0PwECRNCHegLCztG45UAY5bAcT9y2dqyjZ/yn
4qHYYAg1KizVxXl5yl4kunNwmbPSHyGn7KKFkd/BjYH4G2mrVbu+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:41 2024 by rpki-client on console-ams.rpki-client.org