Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/So8xABZEV5EFrHihB8jwvoidxC8.roa
File: So8xABZEV5EFrHihB8jwvoidxC8.roa (raw, json)
Hash identifier: lpCzKPDYczb++fKtSuzxb1Y81Rv7gnDuLgOvGKW+mbM=
Subject key identifier: 4A:8F:31:00:16:44:57:91:05:AC:78:A1:07:C8:F0:BE:88:9D:C4:2F
Certificate issuer: /CN=33fe80aea100e98c0da5d1ffef98b371d11edda2
Certificate serial: 11C41718
Authority key identifier: 33:FE:80:AE:A1:00:E9:8C:0D:A5:D1:FF:EF:98:B3:71:D1:1E:DD:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M_6ArqEA6YwNpdH_75izcdEe3aI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/So8xABZEV5EFrHihB8jwvoidxC8.roa
Signing time: Wed 18 May 2022 15:07:17 +0000
ROA not before: Wed 18 May 2022 15:07:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31214
IP address blocks: 5.11.64.0/20 maxlen: 20
178.210.0.0/19 maxlen: 19
109.111.128.0/19 maxlen: 19
194.50.12.0/22 maxlen: 22
185.234.120.0/22 maxlen: 22
91.109.128.0/19 maxlen: 19
185.251.216.0/22 maxlen: 22
37.60.208.0/20 maxlen: 20
213.149.0.0/19 maxlen: 19
185.238.76.0/22 maxlen: 22
31.192.128.0/19 maxlen: 19
185.16.136.0/22 maxlen: 22
83.219.128.0/19 maxlen: 19
2a03:5800::/32 maxlen: 32
2a06:50c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 298063640 (0x11c41718)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33fe80aea100e98c0da5d1ffef98b371d11edda2
Validity
Not Before: May 18 15:07:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4a8f31001644579105ac78a107c8f0be889dc42f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:8c:1c:f5:37:5b:35:22:f6:2c:94:f6:cb:57:
62:db:af:10:9e:45:11:ab:b7:bc:f5:9b:0c:12:90:
b4:96:ce:f8:6a:ae:43:54:41:8b:fa:7d:f7:57:59:
cd:ec:1e:e1:ee:ab:cf:cb:e0:ce:30:3c:58:6f:da:
32:b4:82:e4:d2:50:77:3b:79:b8:b7:26:31:94:d0:
4d:46:af:b4:fd:91:b5:e7:dc:67:e8:a2:7d:39:36:
28:e3:89:0e:6e:58:1f:6d:c4:96:b9:7f:14:1f:ec:
c9:5e:5d:4c:f3:27:a4:db:44:5c:52:15:de:87:64:
21:87:18:a2:88:58:16:89:03:a5:71:67:4b:c3:b1:
41:4a:34:d4:4f:bb:3f:32:f7:fa:49:40:e4:a0:8c:
31:d1:bf:c9:df:51:aa:5e:b4:a4:89:4f:06:ff:df:
3e:3f:ea:29:9c:e8:99:32:04:39:0a:d9:3f:58:1e:
ef:10:5f:1f:90:30:7a:95:19:d5:47:82:a1:b8:35:
5f:cf:6e:d2:46:11:e2:e4:7a:b4:90:48:74:87:5f:
23:83:9e:55:8e:25:c2:12:b9:24:5b:e6:89:b4:e7:
3f:9d:05:1c:1f:74:de:c5:6a:1e:74:d5:d0:42:98:
5b:50:e5:fa:39:fc:a7:67:1e:da:58:7c:6c:38:d4:
74:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:8F:31:00:16:44:57:91:05:AC:78:A1:07:C8:F0:BE:88:9D:C4:2F
X509v3 Authority Key Identifier:
keyid:33:FE:80:AE:A1:00:E9:8C:0D:A5:D1:FF:EF:98:B3:71:D1:1E:DD:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M_6ArqEA6YwNpdH_75izcdEe3aI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/So8xABZEV5EFrHihB8jwvoidxC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/M_6ArqEA6YwNpdH_75izcdEe3aI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.64.0/20
31.192.128.0/19
37.60.208.0/20
83.219.128.0/19
91.109.128.0/19
109.111.128.0/19
178.210.0.0/19
185.16.136.0/22
185.234.120.0/22
185.238.76.0/22
185.251.216.0/22
194.50.12.0/22
213.149.0.0/19
IPv6:
2a03:5800::/32
2a06:50c0::/32
Signature Algorithm: sha256WithRSAEncryption
87:e4:e0:59:bc:1a:0c:36:96:6b:af:08:99:ba:a1:a1:82:b7:
93:1c:df:b3:60:a2:90:47:b4:b7:27:bb:3c:c1:d1:0f:90:94:
22:9c:5f:6e:a0:d8:de:f3:08:be:30:df:e4:15:b8:0a:f4:1c:
6a:46:81:8a:02:94:68:51:ac:56:25:90:22:d7:41:5a:d1:2e:
24:0b:8c:7b:d8:76:9c:05:1a:a1:dd:cb:64:3c:c9:c2:c2:09:
cd:21:b5:85:89:da:40:75:8c:b8:2f:ad:1e:2d:38:19:a5:8a:
7a:45:7d:c0:6b:04:22:7f:b9:ea:08:0a:fe:21:d0:87:45:2b:
90:42:6a:0d:f3:24:3a:fd:83:b6:34:bc:24:b9:91:4c:27:ef:
7b:0d:95:62:b0:cd:4e:a9:9e:9c:31:a3:4c:3a:73:76:8d:63:
2a:fb:a9:ab:6c:ae:a7:43:a2:ce:62:b7:70:6a:6e:c7:79:61:
74:e4:50:ad:65:4f:22:82:92:e3:3b:05:d4:bf:f9:18:85:40:
32:46:90:1e:c3:f6:15:de:0a:f4:30:ea:3a:71:90:be:20:2d:
f8:b0:1a:71:ff:8b:f3:0d:0d:b4:b7:a4:3d:6b:e7:ce:35:6f:
50:01:14:3e:33:99:93:65:b3:10:1a:d2:9c:d6:47:59:6f:91:
82:28:bf:33
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIEEcQXGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
M2ZlODBhZWExMDBlOThjMGRhNWQxZmZlZjk4YjM3MWQxMWVkZGEyMB4XDTIyMDUx
ODE1MDcxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGE4ZjMxMDAxNjQ0
NTc5MTA1YWM3OGExMDdjOGYwYmU4ODlkYzQyZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPWMHPU3WzUi9iyU9stXYtuvEJ5FEau3vPWbDBKQtJbO+Gqu
Q1RBi/p991dZzewe4e6rz8vgzjA8WG/aMrSC5NJQdzt5uLcmMZTQTUavtP2Rtefc
Z+iifTk2KOOJDm5YH23Elrl/FB/syV5dTPMnpNtEXFIV3odkIYcYoohYFokDpXFn
S8OxQUo01E+7PzL3+klA5KCMMdG/yd9Rql60pIlPBv/fPj/qKZzomTIEOQrZP1ge
7xBfH5AwepUZ1UeCobg1X89u0kYR4uR6tJBIdIdfI4OeVY4lwhK5JFvmibTnP50F
HB903sVqHnTV0EKYW1Dl+jn8p2ce2lh8bDjUdLcCAwEAAaOCAmcwggJjMB0GA1Ud
DgQWBBRKjzEAFkRXkQWseKEHyPC+iJ3ELzAfBgNVHSMEGDAWgBQz/oCuoQDpjA2l
0f/vmLNx0R7dojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01fNkFycUVBNll3TnBkSF83NWl6Y2RFZTNhSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvODAyNTI1LTVjMmMtNDU2NC1iYTVhLTZjZDY1OWFjYmYwNy8x
L1NvOHhBQlpFVjVFRnJIaWhCOGp3dm9pZHhDOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
ODAyNTI1LTVjMmMtNDU2NC1iYTVhLTZjZDY1OWFjYmYwNy8xL01fNkFycUVBNll3
TnBkSF83NWl6Y2RFZTNhSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB9
BggrBgEFBQcBBwEB/wRuMGwwVAQCAAEwTgMEBAULQAMEBR/AgAMEBCU80AMEBVPb
gAMEBVttgAMEBW1vgAMEBbLSAAMEArkQiAMEArnqeAMEArnuTAMEArn72AMEAsIy
DAMEBdWVADAUBAIAAjAOAwUAKgNYAAMFACoGUMAwDQYJKoZIhvcNAQELBQADggEB
AIfk4Fm8Ggw2lmuvCJm6oaGCt5Mc37NgopBHtLcnuzzB0Q+QlCKcX26g2N7zCL4w
3+QVuAr0HGpGgYoClGhRrFYlkCLXQVrRLiQLjHvYdpwFGqHdy2Q8ycLCCc0htYWJ
2kB1jLgvrR4tOBmlinpFfcBrBCJ/ueoICv4h0IdFK5BCag3zJDr9g7Y0vCS5kUwn
73sNlWKwzU6pnpwxo0w6c3aNYyr7qatsrqdDos5it3Bqbsd5YXTkUK1lTyKCkuM7
BdS/+RiFQDJGkB7D9hXeCvQw6jpxkL4gLfiwGnH/i/MNDbS3pD1r5841b1ABFD4z
mZNlsxAa0pzWR1lvkYIovzM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:00 2023 by rpki-client on console-ams.rpki-client.org