Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/61facc-669f-4456-963f-1e436dcb85c5/1/rpYlxNFdCC58f6WggdEpI4ib204.roa
File: rpYlxNFdCC58f6WggdEpI4ib204.roa (raw, json)
Hash identifier: zrqFYmCLuA/Odm/B4hR78tI0hhmDsKlod7a6EG2Q1dk=
Subject key identifier: AE:96:25:C4:D1:5D:08:2E:7C:7F:A5:A0:81:D1:29:23:88:9B:DB:4E
Certificate issuer: /CN=21c394c9b3a36b69f9ee5f8936a2f51b95eaceb4
Certificate serial: 08D87E6A
Authority key identifier: 21:C3:94:C9:B3:A3:6B:69:F9:EE:5F:89:36:A2:F5:1B:95:EA:CE:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IcOUybOja2n57l-JNqL1G5XqzrQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/61facc-669f-4456-963f-1e436dcb85c5/1/rpYlxNFdCC58f6WggdEpI4ib204.roa
Signing time: Tue 19 Apr 2022 21:15:48 +0000
ROA not before: Tue 19 Apr 2022 21:15:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51569
IP address blocks: 83.139.202.0/23 maxlen: 24
83.139.212.0/24 maxlen: 24
83.139.213.0/24 maxlen: 24
83.139.217.0/24 maxlen: 24
83.139.218.0/24 maxlen: 24
83.139.219.0/24 maxlen: 24
83.139.214.0/24 maxlen: 24
83.139.215.0/24 maxlen: 24
83.139.216.0/24 maxlen: 24
83.139.224.0/20 maxlen: 24
83.139.220.0/24 maxlen: 24
83.139.221.0/24 maxlen: 24
83.139.244.0/24 maxlen: 24
83.139.245.0/24 maxlen: 24
83.139.242.0/24 maxlen: 24
83.139.243.0/24 maxlen: 24
85.31.160.0/21 maxlen: 24
45.132.208.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148405866 (0x8d87e6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21c394c9b3a36b69f9ee5f8936a2f51b95eaceb4
Validity
Not Before: Apr 19 21:15:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae9625c4d15d082e7c7fa5a081d12923889bdb4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a0:e4:f1:1e:96:82:d8:64:df:35:68:c5:a1:
7e:00:f8:3c:75:9e:aa:e5:6c:10:95:b5:97:aa:8e:
92:3c:2e:ec:79:40:38:f4:aa:4c:3f:9a:16:77:7a:
a1:b6:c0:12:aa:41:8c:fb:49:c9:da:b5:cd:99:f9:
bb:58:d5:5a:96:e4:b5:1d:c4:a7:54:41:12:de:0b:
3a:21:0a:b8:05:88:b9:9e:39:73:94:13:d0:db:d7:
80:69:c3:ed:ca:a9:0d:4a:9b:b7:a4:1a:a1:c1:1b:
64:e1:dc:74:13:05:36:87:af:4e:e3:f0:d6:30:80:
0d:39:3c:14:24:49:42:fb:eb:12:d3:44:fc:44:8e:
52:90:1b:ad:5b:ad:49:4b:0f:f5:78:33:95:d4:a7:
c6:51:4f:c7:78:d7:51:79:47:0e:52:ec:12:94:cb:
ac:f4:7a:c3:f3:f1:c3:82:7a:b4:ce:12:3a:f9:f1:
3b:eb:07:0e:2b:92:52:18:bd:a7:cd:bc:be:96:f9:
30:ac:f4:30:29:b5:89:95:d7:34:15:d1:46:7a:fe:
45:fa:d4:32:1a:85:ea:07:70:1e:93:36:e3:a6:6b:
2d:58:34:09:ff:ea:86:d8:77:1a:82:c2:ba:ae:51:
26:df:fa:ce:2f:14:38:5d:e9:77:13:61:4b:4c:c7:
33:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:96:25:C4:D1:5D:08:2E:7C:7F:A5:A0:81:D1:29:23:88:9B:DB:4E
X509v3 Authority Key Identifier:
keyid:21:C3:94:C9:B3:A3:6B:69:F9:EE:5F:89:36:A2:F5:1B:95:EA:CE:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IcOUybOja2n57l-JNqL1G5XqzrQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/61facc-669f-4456-963f-1e436dcb85c5/1/rpYlxNFdCC58f6WggdEpI4ib204.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/61facc-669f-4456-963f-1e436dcb85c5/1/IcOUybOja2n57l-JNqL1G5XqzrQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.208.0/22
83.139.202.0/23
83.139.212.0-83.139.221.255
83.139.224.0/20
83.139.242.0-83.139.245.255
85.31.160.0/21
Signature Algorithm: sha256WithRSAEncryption
14:3e:4e:df:f6:c0:1a:0a:7f:22:34:a8:ca:72:9f:24:47:ee:
d2:47:74:81:9d:83:d8:10:c3:20:7c:23:e2:4c:3c:8d:7a:45:
5b:bf:2c:bc:63:5d:75:70:db:4e:88:67:b4:8c:1d:29:6e:cd:
37:68:8f:03:6c:f2:1e:9a:2c:68:39:5e:bc:3c:e0:d4:a4:11:
75:42:ac:46:ff:50:d2:2f:d5:32:dd:07:15:35:07:f8:37:7c:
01:4c:c9:04:f9:a2:43:30:ea:0e:ac:e0:95:2a:09:d4:66:e2:
a8:05:1c:53:01:d8:c3:28:ec:fd:e0:78:69:99:f1:4c:1f:55:
e4:28:dd:b0:be:ee:e1:32:21:32:89:93:05:ff:0f:85:52:99:
eb:5e:ce:b4:d3:a7:2f:90:54:fa:f1:5f:cb:04:46:e2:dd:b6:
d1:d8:fc:40:29:22:81:35:10:a8:55:2d:38:91:cc:09:59:ee:
5c:02:4f:7e:f1:4c:df:59:3d:c8:aa:29:b6:e4:63:d8:24:e5:
3b:3c:97:2b:c3:6f:21:d8:4a:8d:07:10:cd:3f:be:ff:a8:72:
9b:1b:a2:f1:2a:e9:75:20:2f:f7:6c:cd:2c:32:86:2c:f2:50:
ff:da:3c:57:38:91:ad:69:88:9e:33:54:fb:7d:40:d8:68:50:
1b:fb:41:c5
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIECNh+ajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MWMzOTRjOWIzYTM2YjY5ZjllZTVmODkzNmEyZjUxYjk1ZWFjZWI0MB4XDTIyMDQx
OTIxMTU0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWU5NjI1YzRkMTVk
MDgyZTdjN2ZhNWEwODFkMTI5MjM4ODliZGI0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOg5PEeloLYZN81aMWhfgD4PHWequVsEJW1l6qOkjwu7HlA
OPSqTD+aFnd6obbAEqpBjPtJydq1zZn5u1jVWpbktR3Ep1RBEt4LOiEKuAWIuZ45
c5QT0NvXgGnD7cqpDUqbt6QaocEbZOHcdBMFNoevTuPw1jCADTk8FCRJQvvrEtNE
/ESOUpAbrVutSUsP9XgzldSnxlFPx3jXUXlHDlLsEpTLrPR6w/Pxw4J6tM4SOvnx
O+sHDiuSUhi9p828vpb5MKz0MCm1iZXXNBXRRnr+RfrUMhqF6gdwHpM246ZrLVg0
Cf/qhth3GoLCuq5RJt/6zi8UOF3pdxNhS0zHMx0CAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBSuliXE0V0ILnx/paCB0SkjiJvbTjAfBgNVHSMEGDAWgBQhw5TJs6Nrafnu
X4k2ovUblerOtDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ljT1V5Yk9qYTJuNTdsLUpOcUwxRzVYcXpyUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvNjFmYWNjLTY2OWYtNDQ1Ni05NjNmLTFlNDM2ZGNiODVjNS8x
L3JwWWx4TkZkQ0M1OGY2V2dnZEVwSTRpYjIwNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
NjFmYWNjLTY2OWYtNDQ1Ni05NjNmLTFlNDM2ZGNiODVjNS8xL0ljT1V5Yk9qYTJu
NTdsLUpOcUwxRzVYcXpyUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwOgQCAAEwNAMEAi2E0AMEAVOLyjAMAwQCU4vUAwQB
U4vcAwQEU4vgMAwDBAFTi/IDBAFTi/QDBANVH6AwDQYJKoZIhvcNAQELBQADggEB
ABQ+Tt/2wBoKfyI0qMpynyRH7tJHdIGdg9gQwyB8I+JMPI16RVu/LLxjXXVw206I
Z7SMHSluzTdojwNs8h6aLGg5Xrw84NSkEXVCrEb/UNIv1TLdBxU1B/g3fAFMyQT5
okMw6g6s4JUqCdRm4qgFHFMB2MMo7P3geGmZ8UwfVeQo3bC+7uEyITKJkwX/D4VS
metezrTTpy+QVPrxX8sERuLdttHY/EApIoE1EKhVLTiRzAlZ7lwCT37xTN9ZPciq
KbbkY9gk5Ts8lyvDbyHYSo0HEM0/vv+ocpsbovEq6XUgL/dszSwyhizyUP/aPFc4
ka1piJ4zVPt9QNhoUBv7QcU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:09 2023 by rpki-client on console-fra.rpki-client.org