Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/299984-6d7d-45e3-b6fd-bc917c9235d2/1/CLu3SgOPeIowNVOez2hCak9zg1w.roa
File: CLu3SgOPeIowNVOez2hCak9zg1w.roa (raw, json)
Hash identifier: szyi4f3rpx10NaEN9/5HWP8JeXJp1wIiAPi2vpvBxJE=
Subject key identifier: 08:BB:B7:4A:03:8F:78:8A:30:35:53:9E:CF:68:42:6A:4F:73:83:5C
Certificate issuer: /CN=4bf203d6ae6698e09f255780b88accdcd94675a1
Certificate serial: 09DF84
Authority key identifier: 4B:F2:03:D6:AE:66:98:E0:9F:25:57:80:B8:8A:CC:DC:D9:46:75:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S_ID1q5mmOCfJVeAuIrM3NlGdaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/299984-6d7d-45e3-b6fd-bc917c9235d2/1/CLu3SgOPeIowNVOez2hCak9zg1w.roa
Signing time: Wed 23 Feb 2022 12:16:05 +0000
ROA not before: Wed 23 Feb 2022 12:16:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59605
IP address blocks: 151.248.111.0/24 maxlen: 24
151.248.106.0/24 maxlen: 24
151.248.108.0/24 maxlen: 24
151.248.107.0/24 maxlen: 24
151.248.110.0/24 maxlen: 24
151.248.109.0/24 maxlen: 24
151.248.96.0/20 maxlen: 20
151.248.96.0/21 maxlen: 21
151.248.97.0/24 maxlen: 24
151.248.98.0/24 maxlen: 24
151.248.104.0/24 maxlen: 24
151.248.99.0/24 maxlen: 24
151.248.105.0/24 maxlen: 24
151.248.101.0/24 maxlen: 24
151.248.103.0/24 maxlen: 24
185.201.192.0/22 maxlen: 22
2a02:f040::/29 maxlen: 29
2a02:f040:7::/48 maxlen: 48
2a02:f040:1::/48 maxlen: 48
2a02:f040:c::/48 maxlen: 48
2a02:f040:a::/48 maxlen: 48
2a02:f040:5::/48 maxlen: 48
2a02:f040::/48 maxlen: 48
2a02:f040:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 647044 (0x9df84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bf203d6ae6698e09f255780b88accdcd94675a1
Validity
Not Before: Feb 23 12:16:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=08bbb74a038f788a3035539ecf68426a4f73835c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:26:ce:6d:87:17:f6:5b:fe:74:53:36:6b:dd:
eb:71:6b:2a:6b:42:b5:74:d4:e3:cf:fb:8c:63:7e:
a9:b3:48:e6:b3:c4:45:7b:c1:70:0d:15:11:30:2c:
5e:0a:a5:08:80:77:4b:42:c0:d8:71:a8:b3:5d:48:
4e:15:fe:ec:49:c1:db:91:f7:20:3b:c0:cd:38:a2:
ac:88:ba:4f:7c:35:4e:3d:bd:f4:58:7d:ac:67:68:
6c:e8:f0:88:eb:96:73:45:7f:c8:12:93:81:55:1a:
44:bd:50:0f:03:f7:3c:2b:1d:08:d5:c5:74:bc:94:
d9:7e:e8:29:60:4d:31:40:0d:55:dd:b4:a1:25:27:
cf:2b:dd:de:4d:58:89:c8:57:5d:7c:f5:a8:92:72:
9c:70:d1:db:94:5b:28:e9:c2:7a:a2:12:a6:5a:60:
ee:bf:f3:e0:e0:79:b0:56:29:7f:d9:51:58:43:3c:
11:8b:4e:3a:ff:b8:08:2e:03:a9:b0:d3:74:9a:8c:
54:45:f4:17:90:bf:7c:e0:45:a9:66:c1:8e:6e:f4:
90:df:61:ba:30:0d:0f:57:a9:c0:31:99:e4:fa:7a:
10:aa:7f:af:28:d4:ce:00:44:d8:ae:5a:46:f9:04:
77:7c:19:ce:89:0e:37:1e:14:69:c5:86:74:0f:2c:
9b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:BB:B7:4A:03:8F:78:8A:30:35:53:9E:CF:68:42:6A:4F:73:83:5C
X509v3 Authority Key Identifier:
keyid:4B:F2:03:D6:AE:66:98:E0:9F:25:57:80:B8:8A:CC:DC:D9:46:75:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S_ID1q5mmOCfJVeAuIrM3NlGdaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/299984-6d7d-45e3-b6fd-bc917c9235d2/1/CLu3SgOPeIowNVOez2hCak9zg1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/299984-6d7d-45e3-b6fd-bc917c9235d2/1/S_ID1q5mmOCfJVeAuIrM3NlGdaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.248.96.0/20
185.201.192.0/22
IPv6:
2a02:f040::/29
Signature Algorithm: sha256WithRSAEncryption
24:66:87:e8:bb:c9:76:c0:47:95:ef:94:92:6b:d7:c4:a7:9a:
e2:87:74:11:e5:43:fa:9b:0a:92:cc:4b:67:11:d8:18:45:6b:
d3:b3:f1:c9:da:48:aa:01:3e:8d:17:3b:63:cb:74:8c:d7:34:
df:c1:23:78:25:11:b3:0b:16:34:2c:94:23:5e:d4:11:7e:f2:
8c:39:09:e1:8a:e6:0b:e0:67:04:ef:2b:5f:ce:47:26:a3:79:
9b:b0:48:7d:50:fe:26:c5:21:b6:bd:b9:95:70:2a:c1:4a:a2:
22:f4:b1:65:1e:2c:d4:9b:f7:fb:c9:6c:c5:aa:a8:1d:34:28:
2a:9d:d3:81:8e:f5:58:f0:dd:5d:dc:74:6b:a5:8d:cb:f9:93:
9d:0b:d3:01:1b:2f:ba:55:7d:c0:a5:e7:df:b4:7c:31:50:f8:
aa:02:c5:7b:ce:bb:a7:a2:e6:4c:87:0a:4e:8b:bd:16:7f:ca:
9a:10:89:84:9e:ff:e3:18:ae:04:cf:a2:1f:92:ff:bb:a1:4f:
fa:cc:2b:d5:b1:3f:41:5b:b6:89:c7:eb:fa:9e:47:d7:f8:7f:
01:cb:77:62:c5:46:4e:fc:18:03:3f:91:1a:68:07:7b:10:81:
96:e6:49:f9:75:c8:49:67:bb:af:c7:65:2a:11:ad:39:c5:66:
e8:b9:66:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIDCd+EMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRi
ZjIwM2Q2YWU2Njk4ZTA5ZjI1NTc4MGI4OGFjY2RjZDk0Njc1YTEwHhcNMjIwMjIz
MTIxNjA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwOGJiYjc0YTAzOGY3
ODhhMzAzNTUzOWVjZjY4NDI2YTRmNzM4MzVjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtCbObYcX9lv+dFM2a93rcWsqa0K1dNTjz/uMY36ps0jms8RF
e8FwDRURMCxeCqUIgHdLQsDYcaizXUhOFf7sScHbkfcgO8DNOKKsiLpPfDVOPb30
WH2sZ2hs6PCI65ZzRX/IEpOBVRpEvVAPA/c8Kx0I1cV0vJTZfugpYE0xQA1V3bSh
JSfPK93eTViJyFddfPWoknKccNHblFso6cJ6ohKmWmDuv/Pg4HmwVil/2VFYQzwR
i046/7gILgOpsNN0moxURfQXkL984EWpZsGObvSQ32G6MA0PV6nAMZnk+noQqn+v
KNTOAETYrlpG+QR3fBnOiQ43HhRpxYZ0DyybBQIDAQABo4ICHjCCAhowHQYDVR0O
BBYEFAi7t0oDj3iKMDVTns9oQmpPc4NcMB8GA1UdIwQYMBaAFEvyA9auZpjgnyVX
gLiKzNzZRnWhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
U19JRDFxNW1tT0NmSlZlQXVJck0zTmxHZGFFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wNy8yOTk5ODQtNmQ3ZC00NWUzLWI2ZmQtYmM5MTdjOTIzNWQyLzEv
Q0x1M1NnT1BlSW93TlZPZXoyaENhazl6ZzF3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8y
OTk5ODQtNmQ3ZC00NWUzLWI2ZmQtYmM5MTdjOTIzNWQyLzEvU19JRDFxNW1tT0Nm
SlZlQXVJck0zTmxHZGFFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQG
CCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEl/hgAwQCucnAMA0EAgACMAcDBQMq
AvBAMA0GCSqGSIb3DQEBCwUAA4IBAQAkZofou8l2wEeV75SSa9fEp5rih3QR5UP6
mwqSzEtnEdgYRWvTs/HJ2kiqAT6NFztjy3SM1zTfwSN4JRGzCxY0LJQjXtQRfvKM
OQnhiuYL4GcE7ytfzkcmo3mbsEh9UP4mxSG2vbmVcCrBSqIi9LFlHizUm/f7yWzF
qqgdNCgqndOBjvVY8N1d3HRrpY3L+ZOdC9MBGy+6VX3ApefftHwxUPiqAsV7zrun
ouZMhwpOi70Wf8qaEImEnv/jGK4Ez6Ifkv+7oU/6zCvVsT9BW7aJx+v6nkfX+H8B
y3dixUZO/BgDP5EaaAd7EIGW5kn5dchJZ7uvx2UqEa05xWbouWZK
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:58 2023 by rpki-client on console-ams.rpki-client.org