Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/sbUzY4kZxfaCtWKgswpiKdaNWqM.roa
File: sbUzY4kZxfaCtWKgswpiKdaNWqM.roa (raw, json)
Hash identifier: C2OEXFzOCjF2/pG6yivvn3S+DGnbolXq27AC06n/mo4=
Subject key identifier: B1:B5:33:63:89:19:C5:F6:82:B5:62:A0:B3:0A:62:29:D6:8D:5A:A3
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01837DEC671C31CCEEB20621CBFE5F0B61BE
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/sbUzY4kZxfaCtWKgswpiKdaNWqM.roa
Signing time: Tue 27 Sep 2022 07:49:48 +0000
ROA not before: Tue 27 Sep 2022 07:49:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13194
IP address blocks: 85.254.71.0/24 maxlen: 24
85.254.75.0/24 maxlen: 24
85.254.76.0/24 maxlen: 24
85.254.73.0/24 maxlen: 24
85.254.74.0/24 maxlen: 24
85.254.76.0/22 maxlen: 22
85.254.74.0/23 maxlen: 23
85.254.141.0/24 maxlen: 24
85.254.151.0/24 maxlen: 24
85.254.149.0/24 maxlen: 24
85.254.152.0/22 maxlen: 22
85.254.170.0/24 maxlen: 24
85.254.176.0/23 maxlen: 23
80.81.61.0/24 maxlen: 24
85.254.84.0/23 maxlen: 23
85.254.80.0/22 maxlen: 22
85.254.94.0/24 maxlen: 24
85.254.98.0/23 maxlen: 23
85.254.96.0/22 maxlen: 22
85.254.96.0/23 maxlen: 23
85.254.92.0/22 maxlen: 22
85.254.92.0/23 maxlen: 23
85.254.95.0/24 maxlen: 24
85.254.92.0/24 maxlen: 24
85.254.93.0/24 maxlen: 24
85.254.104.0/21 maxlen: 21
85.254.103.0/24 maxlen: 24
85.254.101.0/24 maxlen: 24
85.254.102.0/24 maxlen: 24
85.254.100.0/24 maxlen: 24
85.254.112.0/21 maxlen: 21
85.254.124.0/23 maxlen: 23
85.254.128.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7d:ec:67:1c:31:cc:ee:b2:06:21:cb:fe:5f:0b:61:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Sep 27 07:49:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b1b533638919c5f682b562a0b30a6229d68d5aa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:35:60:e5:00:3b:09:7c:62:ae:cd:47:7a:da:
39:33:6e:bf:f7:ce:f3:16:a4:f6:9b:2f:8b:1e:c6:
ff:61:61:fa:2b:4a:4c:92:ac:02:23:9c:0a:bd:65:
d6:92:2e:9c:c7:59:94:b5:55:60:0d:28:bf:88:8c:
e8:54:84:49:0d:a3:5c:67:f7:24:9c:f8:34:7d:6c:
43:d8:c5:22:5a:28:67:b8:5a:ea:1a:b6:e0:fa:5b:
99:da:0e:d7:68:97:76:ad:70:7c:7c:91:32:c2:dc:
cc:5a:45:62:75:13:25:38:6e:67:e4:1b:27:01:0b:
9d:9a:94:77:d9:7d:c2:7c:f0:48:f5:a5:be:9f:61:
c4:4a:f9:87:b4:34:3c:8d:27:e0:7a:7c:69:8c:a0:
46:73:41:71:c3:09:7e:9e:b8:91:f5:67:7a:2f:f6:
71:20:25:b8:75:73:88:cd:e5:0e:fa:a0:ec:24:19:
ff:cc:d5:46:66:e5:99:ac:0f:c3:5e:92:aa:1b:4c:
73:48:eb:ff:3d:95:fe:08:58:fc:54:9e:fd:f3:d2:
ef:d8:ab:ff:48:0e:8b:c0:2d:31:a9:d6:4d:60:65:
ea:d3:c1:43:13:59:ab:f6:0c:3a:c3:c2:af:76:e3:
c1:cf:60:5e:73:87:17:7d:5f:92:5b:ce:e9:ff:0f:
d4:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:B5:33:63:89:19:C5:F6:82:B5:62:A0:B3:0A:62:29:D6:8D:5A:A3
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/sbUzY4kZxfaCtWKgswpiKdaNWqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.61.0/24
85.254.71.0/24
85.254.73.0-85.254.85.255
85.254.92.0-85.254.119.255
85.254.124.0/23
85.254.128.0/22
85.254.141.0/24
85.254.149.0/24
85.254.151.0-85.254.155.255
85.254.170.0/24
85.254.176.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:7e:6f:11:4c:d7:dc:ac:1b:6b:e0:81:75:af:25:46:69:47:
6e:87:ba:05:c4:61:87:c2:e2:ff:19:50:c4:20:34:d4:d2:25:
d0:bf:e9:d3:65:71:1d:4e:54:7f:e4:4e:09:5f:77:d0:43:34:
de:f7:cb:f0:f7:51:ff:03:6c:d4:e9:4f:a5:f1:e9:97:16:45:
9d:13:c0:c6:34:aa:05:12:bf:5a:e3:ef:30:83:0a:fa:a5:e2:
b0:64:b0:13:11:ce:78:88:20:94:ea:13:8d:d6:d0:89:df:97:
27:e9:ae:2f:3e:fd:90:d1:64:f1:9c:e8:bf:35:de:8c:9a:d5:
2c:c3:15:96:fe:81:ad:24:55:b9:6a:f8:15:ac:92:39:b6:9c:
2b:72:0e:29:de:4d:28:89:26:df:83:04:8c:04:4e:cb:62:8e:
bc:e9:11:a2:8a:ec:f8:ef:a6:41:c4:23:1a:1a:b0:fb:44:72:
f9:17:b3:21:50:68:e5:f7:8e:61:c7:2d:a5:71:28:cf:95:c7:
1a:b5:56:28:63:12:ab:b1:4f:4e:1c:89:3d:29:73:21:a0:86:
90:f9:73:d8:f5:aa:39:68:56:87:a6:d0:ba:97:8c:0c:75:bd:
73:10:86:7d:ad:5e:23:d0:69:c9:90:07:89:50:2b:73:8a:f4:
04:ab:c0:e0
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYN97GccMczusgYhy/5fC2G+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjIwOTI3MDc0OTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWI1MzM2Mzg5MTljNWY2ODJiNTYyYTBiMzBhNjIyOWQ2OGQ1YWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjVg5QA7CXxirs1Heto5M26/987z
FqT2my+LHsb/YWH6K0pMkqwCI5wKvWXWki6cx1mUtVVgDSi/iIzoVIRJDaNcZ/ck
nPg0fWxD2MUiWihnuFrqGrbg+luZ2g7XaJd2rXB8fJEywtzMWkVidRMlOG5n5Bsn
AQudmpR32X3CfPBI9aW+n2HESvmHtDQ8jSfgenxpjKBGc0Fxwwl+nriR9Wd6L/Zx
ICW4dXOIzeUO+qDsJBn/zNVGZuWZrA/DXpKqG0xzSOv/PZX+CFj8VJ7989Lv2Kv/
SA6LwC0xqdZNYGXq08FDE1mr9gw6w8KvduPBz2Bec4cXfV+SW87p/w/UIQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFLG1M2OJGcX2grVioLMKYinWjVqjMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvc2JVelk0a1p4ZmFDdFdLZ3N3cGlLZGFOV3FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAUFE9AwQA
Vf5HMAwDBABV/kkDBAFV/lQwDAMEAlX+XAMEA1X+cAMEAVX+fAMEAlX+gAMEAFX+
jQMEAFX+lTAMAwQAVf6XAwQCVf6YAwQAVf6qAwQBVf6wMA0GCSqGSIb3DQEBCwUA
A4IBAQArfm8RTNfcrBtr4IF1ryVGaUduh7oFxGGHwuL/GVDEIDTU0iXQv+nTZXEd
TlR/5E4JX3fQQzTe98vw91H/A2zU6U+l8emXFkWdE8DGNKoFEr9a4+8wgwr6peKw
ZLATEc54iCCU6hON1tCJ35cn6a4vPv2Q0WTxnOi/Nd6MmtUswxWW/oGtJFW5avgV
rJI5tpwrcg4p3k0oiSbfgwSMBE7LYo686RGiiuz476ZBxCMaGrD7RHL5F7MhUGjl
945hxy2lcSjPlccatVYoYxKrsU9OHIk9KXMhoIaQ+XPY9ao5aFaHptC6l4wMdb1z
EIZ9rV4j0GnJkAeJUCtzivQEq8Dg
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:38 2023 by rpki-client on console-ams.rpki-client.org