Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/uSLwOn6XkMjXwPfp9clevgkAaKE.roa
File: uSLwOn6XkMjXwPfp9clevgkAaKE.roa (raw, json)
Hash identifier: RRaLu7knKBDIDljjK+fUWPiT2t6R99dFWYZ23fX1xlQ=
Subject key identifier: B9:22:F0:3A:7E:97:90:C8:D7:C0:F7:E9:F5:C9:5E:BE:09:00:68:A1
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0182B0C9421890482420085115CA973356B3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/uSLwOn6XkMjXwPfp9clevgkAaKE.roa
Signing time: Thu 18 Aug 2022 11:49:15 +0000
ROA not before: Thu 18 Aug 2022 11:49:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8100
IP address blocks: 178.215.237.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
193.42.34.0/23 maxlen: 24
193.25.218.0/23 maxlen: 24
193.25.217.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b0:c9:42:18:90:48:24:20:08:51:15:ca:97:33:56:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 18 11:49:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b922f03a7e9790c8d7c0f7e9f5c95ebe090068a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:8e:12:eb:c6:62:d0:16:50:26:ab:67:09:dd:
87:45:27:1d:86:d1:23:d7:64:9e:f0:92:9f:35:a2:
c0:1f:8d:14:c3:25:e1:db:92:d7:9d:ad:d7:14:74:
d5:ed:d8:ed:45:d1:bd:64:b8:f6:b1:66:09:56:49:
25:45:a5:ed:26:97:2e:d6:9b:a4:39:76:a8:e0:04:
f9:cc:35:ee:d8:e8:60:37:fd:e0:08:d9:51:2e:89:
67:e7:8a:27:92:aa:30:43:88:e2:cc:80:a6:d9:e3:
ff:fa:3a:d2:07:f7:35:0b:bd:e1:d3:90:a9:04:d9:
fb:05:c6:51:9f:d1:e2:a9:1b:33:d4:13:76:0e:47:
85:a7:ed:98:b3:e6:3e:d8:85:53:5a:2c:82:7d:73:
4f:d9:4d:ad:6f:39:ac:af:12:06:ae:19:55:9f:be:
8e:71:64:53:d3:8c:37:95:f8:84:29:d7:98:8b:04:
5e:32:87:c6:43:64:d2:2a:0e:1e:61:8e:f2:a5:61:
d4:c7:6f:48:f4:4b:fd:5d:b2:8d:6b:c2:4e:89:9d:
27:d4:00:89:1c:42:17:67:2f:8f:c4:da:b4:98:46:
83:6f:74:3e:c9:54:f8:f2:31:ce:55:a0:2d:e1:c6:
9d:dd:13:9f:44:f0:e2:69:40:85:3e:99:77:c8:a0:
32:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:22:F0:3A:7E:97:90:C8:D7:C0:F7:E9:F5:C9:5E:BE:09:00:68:A1
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/uSLwOn6XkMjXwPfp9clevgkAaKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.206.239.0/24
178.215.237.0-178.215.238.255
193.25.217.0-193.25.219.255
193.42.34.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:cf:d2:43:8a:00:32:8a:04:06:a3:60:9b:74:04:c3:86:57:
29:9d:82:e6:34:10:df:c4:d0:4d:53:ac:27:ea:25:e8:5e:13:
ea:93:56:24:5a:d9:bd:c8:f4:1c:27:e1:fb:3b:a8:ef:5d:44:
0d:97:c0:58:47:f9:65:c2:bc:73:ad:6a:9a:07:2e:34:dd:f8:
77:97:51:46:a6:ff:f0:7e:86:f0:bb:15:73:8d:ec:af:a7:f7:
21:0c:2a:4d:e6:fb:b3:11:88:15:cb:95:39:be:30:8e:be:3c:
40:ed:80:a5:9b:26:e3:d7:0d:b5:5b:1c:38:ec:a8:93:57:d3:
92:41:58:93:1b:d1:6b:b0:06:36:55:72:d9:00:24:c3:b8:ec:
52:ca:8d:4e:5f:63:53:40:90:5d:21:ae:73:ac:ec:83:f2:7f:
81:81:db:ac:1d:e1:f7:36:20:5a:ef:5c:65:54:9c:f7:72:35:
22:b1:ea:e7:43:11:5b:9d:43:bb:d1:58:84:b2:9b:91:a5:fe:
5c:8d:cc:be:b9:91:09:cf:fe:6f:d5:33:d6:a5:72:f6:2e:d0:
e8:c0:28:ec:d2:03:6e:c9:a0:9b:7e:70:10:76:64:be:e3:4b:
78:f5:5d:fc:05:56:e4:9a:a3:40:40:3b:95:c3:98:7e:76:e1:
20:d0:a1:87
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYKwyUIYkEgkIAhRFcqXM1azMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwODE4MTE0OTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTIyZjAzYTdlOTc5MGM4ZDdjMGY3ZTlmNWM5NWViZTA5MDA2OGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Y4S68Zi0BZQJqtnCd2HRScdhtEj
12Se8JKfNaLAH40UwyXh25LXna3XFHTV7djtRdG9ZLj2sWYJVkklRaXtJpcu1puk
OXao4AT5zDXu2OhgN/3gCNlRLoln54onkqowQ4jizICm2eP/+jrSB/c1C73h05Cp
BNn7BcZRn9HiqRsz1BN2DkeFp+2Ys+Y+2IVTWiyCfXNP2U2tbzmsrxIGrhlVn76O
cWRT04w3lfiEKdeYiwReMofGQ2TSKg4eYY7ypWHUx29I9Ev9XbKNa8JOiZ0n1ACJ
HEIXZy+PxNq0mEaDb3Q+yVT48jHOVaAt4cad3ROfRPDiaUCFPpl3yKAy4wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFLki8Dp+l5DI18D36fXJXr4JAGihMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdVNMd09uNlhrTWpYd1BmcDljbGV2Z2tBYUtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAbc7vMAwD
BACy1+0DBACy1+4wDAMEAMEZ2QMEAsEZ2AMEAcEqIjANBgkqhkiG9w0BAQsFAAOC
AQEAPM/SQ4oAMooEBqNgm3QEw4ZXKZ2C5jQQ38TQTVOsJ+ol6F4T6pNWJFrZvcj0
HCfh+zuo711EDZfAWEf5ZcK8c61qmgcuNN34d5dRRqb/8H6G8LsVc43sr6f3IQwq
Teb7sxGIFcuVOb4wjr48QO2ApZsm49cNtVscOOyok1fTkkFYkxvRa7AGNlVy2QAk
w7jsUsqNTl9jU0CQXSGuc6zsg/J/gYHbrB3h9zYgWu9cZVSc93I1IrHq50MRW51D
u9FYhLKbkaX+XI3MvrmRCc/+b9Uz1qVy9i7Q6MAo7NIDbsmgm35wEHZkvuNLePVd
/AVW5JqjQEA7lcOYfnbhINChhw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:43 2023 by rpki-client on console-ams.rpki-client.org