Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/U5XbdneBkuBuj4xUIokEB4GdScw.roa
File: U5XbdneBkuBuj4xUIokEB4GdScw.roa (raw, json)
Hash identifier: WPPnP9WoKts4AK7COVBeifnXqdqAXIWVrq5vdNmdtHo=
Subject key identifier: 53:95:DB:76:77:81:92:E0:6E:8F:8C:54:22:89:04:07:81:9D:49:CC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01850BEFF5C6DD7398564371F5B309E49852
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/U5XbdneBkuBuj4xUIokEB4GdScw.roa
Signing time: Tue 13 Dec 2022 14:42:33 +0000
ROA not before: Tue 13 Dec 2022 14:42:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38337
IP address blocks: 45.88.66.0/24 maxlen: 24
194.180.49.0/24 maxlen: 24
185.225.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0b:ef:f5:c6:dd:73:98:56:43:71:f5:b3:09:e4:98:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 13 14:42:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5395db76778192e06e8f8c5422890407819d49cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:03:b1:47:a2:06:56:3a:0d:9e:a8:00:64:d8:
d8:e1:af:e3:2b:19:9c:c6:c6:f8:6e:bb:cf:5f:cd:
1e:9a:dc:25:51:b5:78:52:22:47:2b:5e:1e:ca:74:
8d:11:33:24:3d:3f:f8:16:32:b9:3b:8a:7f:e4:11:
27:69:a2:d2:f1:73:55:c4:ce:a2:ec:dd:2d:5f:0b:
f3:af:8b:2b:81:66:47:ef:29:de:47:23:7b:bf:0a:
a3:47:8f:09:47:a6:9a:d1:24:8b:84:38:a3:64:fd:
3e:aa:9b:f4:2c:dc:20:ef:81:32:26:ab:34:d7:f6:
2c:30:77:27:53:83:81:21:cf:f8:5c:8c:c0:97:18:
c4:31:dc:ad:e0:50:27:58:d9:d6:23:17:15:f8:32:
83:f1:72:aa:38:61:66:71:9b:ea:25:4d:5d:af:66:
a5:17:9d:fa:d9:ab:86:f8:ab:8e:1b:d6:0a:61:01:
04:f2:b2:9a:fb:87:e7:e6:1d:18:16:1a:a5:f6:1b:
ef:2c:d1:f7:81:71:24:f5:8e:d2:d3:6d:e6:8c:d3:
9d:75:8b:fb:91:1e:93:f5:a5:b5:a5:3b:23:e5:3b:
1d:c5:71:1d:a0:e6:e9:25:92:eb:94:b1:00:bb:9a:
50:70:d8:b8:2f:36:f3:f4:1f:0b:06:b8:8d:97:b6:
22:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:95:DB:76:77:81:92:E0:6E:8F:8C:54:22:89:04:07:81:9D:49:CC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/U5XbdneBkuBuj4xUIokEB4GdScw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.66.0/24
185.225.75.0/24
194.180.49.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:5c:51:5d:28:b1:54:e5:94:09:22:a6:5e:af:4e:36:19:41:
ef:f3:09:cf:76:6d:d7:9f:58:c3:39:e8:eb:f8:a5:94:98:a5:
d6:73:a8:08:52:db:1c:eb:d1:74:51:be:46:fa:e0:c0:7b:13:
2c:ef:3f:54:5b:fc:08:d6:ca:08:b6:a4:01:5a:08:7e:f9:cd:
42:e7:11:32:92:ef:cc:b3:7e:33:47:25:2e:d7:a4:e8:16:04:
ee:43:6e:af:10:db:32:95:fd:1f:78:a4:8b:e7:b1:e7:3e:5e:
c3:b4:db:25:c8:a5:52:66:26:35:a2:b6:3b:0f:ca:88:7d:0d:
bb:44:d9:98:55:d3:9c:94:c1:de:36:fa:2f:46:93:08:09:6e:
53:43:8e:60:52:70:f4:be:7f:0c:34:fb:e2:30:11:34:cd:36:
02:bf:97:4a:5a:be:5e:3e:b4:3a:6b:8e:fe:68:4b:60:0b:01:
73:53:a5:8b:16:36:a6:75:77:89:00:44:11:da:4f:7a:6a:2a:
b2:56:8c:b6:a0:bc:ac:d8:ac:6f:ea:b2:18:19:f6:dc:44:7d:
1b:d9:8d:81:3e:29:a7:7a:5c:a3:71:89:b8:8e:d4:d1:91:68:
13:25:27:8d:1f:a3:49:dd:aa:1a:19:3e:d7:a3:70:f5:21:7f:
17:a6:8f:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYUL7/XG3XOYVkNx9bMJ5JhSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMjEzMTQ0MjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzk1ZGI3Njc3ODE5MmUwNmU4ZjhjNTQyMjg5MDQwNzgxOWQ0OWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwOxR6IGVjoNnqgAZNjY4a/jKxmc
xsb4brvPX80emtwlUbV4UiJHK14eynSNETMkPT/4FjK5O4p/5BEnaaLS8XNVxM6i
7N0tXwvzr4srgWZH7yneRyN7vwqjR48JR6aa0SSLhDijZP0+qpv0LNwg74EyJqs0
1/YsMHcnU4OBIc/4XIzAlxjEMdyt4FAnWNnWIxcV+DKD8XKqOGFmcZvqJU1dr2al
F5362auG+KuOG9YKYQEE8rKa+4fn5h0YFhql9hvvLNH3gXEk9Y7S023mjNOddYv7
kR6T9aW1pTsj5TsdxXEdoObpJZLrlLEAu5pQcNi4Lzbz9B8LBriNl7YiDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFOV23Z3gZLgbo+MVCKJBAeBnUnMMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVTVYYmRuZUJrdUJ1ajR4VUlva0VCNEdkU2N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVhCAwQA
ueFLAwQAwrQxMA0GCSqGSIb3DQEBCwUAA4IBAQBMXFFdKLFU5ZQJIqZer042GUHv
8wnPdm3Xn1jDOejr+KWUmKXWc6gIUtsc69F0Ub5G+uDAexMs7z9UW/wI1soItqQB
Wgh++c1C5xEyku/Ms34zRyUu16ToFgTuQ26vENsylf0feKSL57HnPl7DtNslyKVS
ZiY1orY7D8qIfQ27RNmYVdOclMHeNvovRpMICW5TQ45gUnD0vn8MNPviMBE0zTYC
v5dKWr5ePrQ6a47+aEtgCwFzU6WLFjamdXeJAEQR2k96aiqyVoy2oLys2Kxv6rIY
GfbcRH0b2Y2BPimnelyjcYm4jtTRkWgTJSeNH6NJ3aoaGT7Xo3D1IX8Xpo/r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:08 2024 by rpki-client on console-fra.rpki-client.org